Andrew Kunesh, September 19, 2012
While iOS is a pretty secure mobile operating system, some kinks can always appear. At this year’s Pwn2Own event, two hackers earned a pretty $30,000 after finding an exploit. Joost Pol and Daan Keuper found a WebKit exploit on a fully updated iPhone 4S that gave them unauthorized access to photos, contact information and other info. The hackers spent three weeks working with this exploit and found that the hack still works with iOS 6. The pair has confirmed that their exploit will not allow them to view SMS messages or emails.
If you’d like to view the specifics of the hack, here’s a quote from ZDnet:
[quote]The exploit itself took some jumping around. With the WebKit bug, which was not a use-after-free flaw, the researchers had to trigger a use-after-free scenario and then abuse that to trigger a memory overwrite. Once that was achieved, Pol and Keuper used that memory overwrite to cause a read/write gadget, which provided a means to read/write to the memory of the iPhone. “Once we got that, we created a new function to run in a loop and used JIT to execute the code without signing,” Keuper explained.[/quote]
Let’s hope this security flaw is fixed in iOS 6.0.1.Follow @macgasm