What it took to hack the iPhone
The same Safari bug is also on Mac OS X and Windows, say researchers
Computerworld - The iPhone vulnerability that could let hackers steal data or commandeer the device also exists in the desktop edition of Apple Inc.'s Mac OS X operating system, the exploit's researchers said today.
Charles Miller, one of the three researchers from Baltimore-based Independent Security Evaluators (ISE) who found the bug and wrote proof-of-concept exploits, confirmed that the vulnerability in the iPhone version of Safari is also present in the desktop version of the browser. Safari is included with all Mac OS X installations.
The Windows version of Safari is also vulnerable. "[But] it may or may not be exploitable there," Miller said.
Miller, Jake Honoroff and Joshua Mason found the Safari flaw using what Miller described as "fuzzing" techniques. Fuzzing, a tactic commonly used by vulnerability researchers, drops random data into applications or operating system components to see if -- and where -- breakdowns occur. Typically, the process is automated with a fuzzer, software that hammers on application inputs.
Not that the iPhone made it easy. The lack of debugger, for example, required that Miller and the others turn to alternatives, including the Mac OS X crash reporter, which logs all crashes, for ways to probe the iPhone. "The crash reports contained the contents of registers and what libraries were loaded," giving the team some clues, Miller said. Others they gleaned by examining the phone's core applications, which they could pull off the device only using iPhoneInterface. That program, part of the results of a group effort at the iPhone Dev Wiki, lets researchers and hackers modify the phone.
"Between the crash reports and the core files, we had a good picture of the application when it crashed," said Miller. "We found a few crashes that stuck out from the rest."
With iPhoneInterface and another program named Jailbreak -- Miller called them "hacking tools" -- the three researchers were able to pull Safari off the iPhone, disassemble it on a Mac desktop machine, and modify it so that would crash at the code location where the researchers wanted. "It was trial and error," Miller admitted. Testing required the application to be returned to the iPhone, where it was run, generating another crash report.
"It was like 'fuzzing' for an exploit," said Miller.
Although the three are withholding details until Aug. 2, when Miller will reveal more at the Black Hat security conference, one security expert is betting that the Safari vulnerability is a buffer overflow bug. "The methods and results described [by the ISE researchers] hint at a buffer overflow," said Andrew Storms, director of security operations at nCircle Network Security Inc. "But it's not entirely clear if they were intentionally crashing the application to get crash dumps to disassemble the code and look for flaws in general, or if the application crashed due to being fuzzed and hence the fuzzing activity reveled the bug."
- EndPoint Interactive eGuide In this eGuide, Network World, Computerworld, and CIO examine two endpoint trends - BYOD and collaboration - and offer tips and advice on...
- Mobile First: Securing Information Sprawl Learn how the partnership between Box and MobileIron can help you execute a "mobile first" strategy that manages and secures both mobile apps...
- Cybersecurity Imperatives: Reinvent your Network Security The Rise of CyberSecurity
- Surescripts Case Study- Securing Keys and Certificates Surescripts implemented Venafi's Trust Protection Platform™ to secure digital keys and certificates, ensure the privacy and confidentiality of electronic clinical information for its...
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities.
- Deep Dive into Advanced Networking and Security with Hybrid Cloud Security and networking are among the top concerns when moving workloads to the cloud. VMware vCloud® Hybrid Service™ enables you to extend your... All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!