HD Moore takes iPhone exploits public

Noted hacker HD Moore has posted exploits for a vulnerability in Apple's iPhone, the same flaw that's been used by others to unlock the smart phone so it will work on other networks. The vulnerability, which is in the TIFF image-rendering library shared by the iPhone's Safari browser and its e-mail program, as well as by the iTunes software, leaves the iPhone wide open to attack, said Moore, who posted a second, and more robust, exploit today after debuting attack code yesterday. "This exploit is rock solid. It's very reliable, as reliable as the WMF [Windows Metafile] exploits in Windows. You can send it in an e-mail, you can embedded it in a Web page. The second exploit works on 1.0, 1.0.1, 1.0.2 and 1.1.1 iPhones," said Moore.

"I think the iPhone is pretty terrible. It's an easy platform to exploit," he said. Part of that, he went on, is because exploiting any iPhone application gives root access to the entire phone. But other security weaknesses abound, he said, in the Safari browser and in the underlying operating system (a scaled-back version of Mac OS X). Moore has added the exploits to Metasploit, the popular penetration framework, a move that in the past has meant in-the-wild attacks are not far behind. He predicted that malicious code exploiting the TIFF vulnerability would be on the loose "pretty soon."

News source: ComputerWorld

Report a problem with article
Previous Story

OS X v10.5 Leopard Available October 26, Pre-order Today

Next Story

Apple Lowers Price of DRM-Free Songs

16 Comments

Commenting is disabled on this article.

So, its actually a remote attack. I mean, you don't need to have physical access to the iPhone.
You just send a spam mail and every stupid guy opens it and gets infected. No keyboard or mouse or touch screen required. Yes, it might need some user intervention, but people won't stop surfing the web and opening e-mails just because there's a virus in the wild! Because if they stop, every single iPhone would end in a trash can. I mean, who want's an iPhone with no internet?
I was wondering... Is the attack possible inside frames? Like adverts? That would have a huge impact.

just sort of proves the whole apple security point yet again.

Noone has ever been interested in hacking apple until the iPhone came out, now people have decided they want to hack the iPhone and surprise, surprise they did it rather easily, and now all the holes are appearing, security by obscurity is not going to work for apple for much longer, once someone wants to hack somethign, it gets hacked it is plain that simple.

at least it's good it doesn't have 3g so it's gonna take longer for you to get infected LMAO

and before you all comment on iPhone security

"exploiting any iPhone application gives root access to the entire phone"

thats pretty damn bad practice, which even microsft has pretty muh stopped

I rest my case

The thing is you have to do it yourself... it doesnt work remotely like most or a lot of windows malware...

You cannot compare a hack you do yourself and you want to hack something... with remote exploits that autexecute on windows LOL

CoolBits said,
The thing is you have to do it yourself... it doesnt work remotely like most or a lot of windows malware...

You cannot compare a hack you do yourself and you want to hack something... with remote exploits that autexecute on windows LOL

Um what! did you read the article, becasue your statment is rather confusing

quote - "You can send it in an e-mail, you can embedded it in a Web page."

sounds the same as most of the windwos viruses/security holes, but at least us windows users will admit windows has it's problems instead of trying to find excuses for everything.

i think you read the first bit about thats what they used to hack the phone to unlock, but not the bit with the fact it is vulnerable to attack through exactly the same hole via web page and email. and i quote again "exploiting any iPhone application gives root access to the entire phone"

There are no excuses for security issues, nomatter how many fanboys want to make up.

whocares78 said,

Um what! did you read the article, becasue your statment is rather confusing

quote - "You can send it in an e-mail, you can embedded it in a Web page."

sounds the same as most of the windwos viruses/security holes, but at least us windows users will admit windows has it's problems instead of trying to find excuses for everything.

i think you read the first bit about thats what they used to hack the phone to unlock, but not the bit with the fact it is vulnerable to attack through exactly the same hole via web page and email. and i quote again "exploiting any iPhone application gives root access to the entire phone"

There are no excuses for security issues, nomatter how many fanboys want to make up.

now by far and large i am NO mac fanboy, but your mistaken. What they are trying to tell you is sure macs can be hacked off the face of the earth, but not remotely. It all has to be done from terminal-side (in front of the computer itself). Also you quote alot out of context.

Tzimisce said,
macs can be hacked off the face of the earth, but not remotely. It all has to be done from terminal-side (in front of the computer itself). Also you quote alot out of context.

it is vulnerable to attack through exactly the same hole via web page and email.

Web pages and emails aren't remote attack now?

Remote attack - An attack that targets a machine other than the one that the attacker is interactively logged onto

interactive logon - The process of logging on to a local computer using a keyboard.

If i am a hacker and i send you an email or even create a web page you visit I am not technically loged via the keyboard to that machine, so by the defintion it's a remote attack.

i as the hacker do not have to be looged on to your computer via a keyboard, yes you as the end user needs to click a link or open e malicious email. but my point is thats how most windows security issue are exactly the same.

Tikitiki said,
I was just gonna say that. Why is TIFF even supported anymore? I don't see it being special in anyway.

alot of photographers use TIFF images still, When I do a photoshoot, i take the images from the camera, which are 12 bit RAW files, adjust settings in Nikon capture, then export to photoshop....you know what they get exported as? thats right, TIFF's because tiffs are 16bit. After exporting to Tiff I open in Photoshop as a 16bit file, do my editing and then either save as PSD for work later on, or if it's going to email or web, then as a 8bit JPG. My high-end printing service that does my poster prints accepts color profiled tiffs as well, so i burn tiffs to cd and give to them for 24x36 prints.

This is pretty interesting, for one it shows that even with a scalled down version of OSX on the phone, they've now taired it to pieces basicaly like it was nothing. That doesn't make things look good for the full version of OSX on Macs which has a wider attack area than on the iPhone.

But I guess with all they hype and the need to hack the iPhone so it can be used on other services, they got right to it quick. While there seems to be no really need or want to hack away at the Mac at this point.