Metasploit Includes Exploit For iPhone 1.1.1- Using Same Vulnerability As Jailbreak

Filed under Apple, Non-Geek, Vulnerabilities by rmogull | 7 comments



H D Moore published details on exploiting the iPhone today using the same vulnerability as the jailbreaks/unlockers. It takes advantage of a vulnerability in the libtiff library for processing TIFF image files.

The exploit is now in Metasploit, which means someone with only the technical skills of an ex-analyst can exploit you via email or a web page with a special image file.

Apple will hopefully patch this quickly. The bad news is that it will kill all current attempts to load custom applications on the iPhone, but since it’s now remotely exploitable the risk outweighs the reward.

Libtiff is a common library and this vulnerability was not unknown.

This demonstrates a big problem in locking down a popular system like the iPhone or the Sony PSP- the same techniques needed to customize the device can often be used to exploit the security. For a wildly popular device like the iPhone it seems to make sense to open it up to legitimate, safe developers.

This also proves that the excuse of locking the system down to protect the phone network (AT&T) is total bollocks, since it’s far from a perfectly secure system to start.

Yes, I’m biased- I want custom apps on the iPhone I’ll probably eventually buy. Doesn’t mean I’m wrong…

Posted on October 16

7 comments

  1. Pepper Oct 16

    Rich,

    I think your argument is more than a little stretched.

    First, nothing is “a perfectly secure system to start.”, but that’s not a reason to just give up on security!

    Second, I think you’re saying that because non-security-interested hackers (clear hats?) like the iPhone Dev Team are motivated to help find exploits, this is a much riskier situation than when we just have white and black hats (and blue hats?) looking for breakage. I don’t believe clear hats really change the equation that much — I’m sure lots of people are working on breaking iPhones this month, and we can only hope (if not really believe) they’re all publishing so Apple can fix their bugs.

  2. rmogull Oct 17

    It’s totally stretched- and I’m biased :) But they just announced they are opening it up in Feb, so I’m happy.

  1. Software Kit for iPhone, iPod Touch Applications Set for February 2008
  2. ippimail.com » Blog Archive » Software Kit for iPhone, iPod Touch Applications Set for February 2008
  3. Software Kit for iPhone, iPod touch Applications Set for February 2008
  4. ippimail.com » Blog Archive » iPhone Software Development Kit Set for February 2008
  5. iPhone Software Development Kit Set for February 2008

Leave a reply

Related Posts

Network Security Podcast, Episode 81
Metasploit Is Ready For Your iPhone Exploits
It’s Time to Turn Off WiFi and Bluetooth When Not In Use (Mac or PC)