update on jailbreaking progress

Discussion in 'iPod touch' started by RadicalxEdward, Oct 4, 2007.

  1. RadicalxEdward

    RadicalxEdward New Member

    Joined:
    Sep 17, 2007
    Messages:
    135
    Likes Received:
    0
    The Vunerability

    Mobile Safari on the iPod Touch and on the iPhone has a vunerability which could allow arbitary code execution. The vunerability is belived to be due to this problem, which is over a year old.

    Currently there is a malformed TIFF file (tinyurl.com/ywjoxl) which will cause MobileSafari on all firmware versions of the iPod Touch and iPhone to crash. This file originated from the exploit that was used on the PSP


    Current Status

    Currently the Dev Team is working on a proof of concept which will hopefully lead to a jailbreak. The problem they are facing is writing a payload using raw ARM opcode without causing safari to crash.

    The eventual target is to modify /etc/fstab so that /media will be mounted without the noexec flag. This should allow another payload to execute arbitary code without being restricted to a maximum size around the 50Byte mark.
  2. Mustachio

    Mustachio New Member

    Joined:
    Sep 16, 2007
    Messages:
    206
    Likes Received:
    0
    dont understand any of that, but if its progress, cool.
  3. RadicalxEdward

    RadicalxEdward New Member

    Joined:
    Sep 17, 2007
    Messages:
    135
    Likes Received:
    0
    It means they want to crash safari in a very specific way in order to cause it to execute their own code.
  4. nintendodude

    nintendodude New Member

    Joined:
    Sep 15, 2007
    Messages:
    1,280
    Likes Received:
    2
    thats cool, i wonder how a TIFF image is supposed to help us unlock the iPoT though...
  5. cowboyshootist

    cowboyshootist New Member

    Joined:
    Sep 16, 2007
    Messages:
    259
    Likes Received:
    0
    Device:
    iPhone 3GS (Black)
    You replace the TIFF image with executable code so that when the image is loaded you get code in memory instead. Then you have to cause the application to read those memory locations and execute the code.

    The concept is pretty straightforward, the impelmentation, on the other hand, can be fairly complex.
  6. 1337chaos

    1337chaos Well-Known Member

    Joined:
    Sep 27, 2007
    Messages:
    1,375
    Likes Received:
    26
    Device:
    4G iPod touch
    see tiff images have always been a problem... because you can hide code in the images themselves. the 2.0 psp's first discovered that tiff images could be used to exploit the system. just from one picture, you could change one number. from a 2.0 to a 1.0, making the psp think it was a 1.0, and therefore letting you run the 1.5 update to go from 2.0 > 1.5. if the same thing can be done here (however tiff decoders have been patched since then) it might lead to a breakthrough. if only that damn dev team wouldnt have told apple about that giant web browser exploit

    Please Register or Log in to view images

  7. Mustachio

    Mustachio New Member

    Joined:
    Sep 16, 2007
    Messages:
    206
    Likes Received:
    0
    Ahh i see... yea, so apple knows about the exploit... they would have found out sooner or later, in the meantime there is nothing they can do without releasing a new firmware, so... for the time being, rock on.
  8. sitric

    sitric New Member

    Joined:
    Sep 30, 2007
    Messages:
    70
    Likes Received:
    0
    well. i am happy that we are getting some help from the PSP hacking community.... i've been active in that community for a long time and it is by far the most active community i've seen.
  9. danbolsom

    danbolsom New Member

    Joined:
    Sep 15, 2007
    Messages:
    29
    Likes Received:
    0
    Doooooooooooood

    awsome I am so pumped for the final release of the jailbreaker!!!! when I saw this I was like DOOOOOOOOOD!!!! lol yeah. I never thought that apple would be as stupid as sony to allow a TIFF exploit

    You would think that one company would learn from another companies mistakes but who is complaining this PWNS soooon many Noobs lol

    Please Register or Log in to view images

    Please Register or Log in to view images

    Please Register or Log in to view images

    Please Register or Log in to view images

  10. Beemer

    Beemer New Member

    Joined:
    Sep 15, 2007
    Messages:
    111
    Likes Received:
    0
    Lets hope.

Share This Page