• Your favorite

    Apple

    ,

    iPhone

    ,

    iPad

    ,

    iOS

    ,
    Jailbreak
    , and
    Cydia
    site.
  • Hacker Victory Declared at Pwn2Own Hacking Contest


    Here's how it all went down at the fourth annual Pwn2Own hacking contest in Vancouver last night. The iPhone fell. And from the looks of it, the Apple device hardly even put up a fight. And on Wednesday, the Pwn2Own hacker contest resulted in Vincenzo Iozzo and Ralf Weinmann winning $15,000 for their mad hacking skills.

    Highlighting the kind of behavior that keeps internet security experts awake at night, the hack attack in question came on the very first day of the contest - hardly enough time to work up a good sweat. This is the fourth consecutive year that the platforms on display were targeted by hackers, although this year's efforts were arguably the most impressive in contest history. Last year, the iPhone was not successfully hacked.

    Iozzo and Ralf Weinmann created what's being called an "undisclosed attack" on the iPhone's mobile Safari browser. Essentially, they cooked up a website that made a visiting iPhone dump a copy of its SMS database. Hacker Charlie Miller (the first to hack the iPhone three years ago) was quoted in various online media reports calling this hack the first "fully functioning" iPhone attack since the 2008 release of the device's second version.

    The Pwn2Own contest, which is reviled by some and revered by others, handsomely rewards (with cash and prizes) hackers for their exploit code. A total of $100,000 in prizes is on the line this year... and there are plenty of hackers returning to the stage and some angling for the first time to make a name for themselves at an event that is tantamount to the Superbowl for hackers.

    Still on tap for the three-day hack fest are: MacBook Pro, Internet Explorer, Google's Chrome browser, Firefox, BlackBerry, a Nexus One and a Nokia E72.

    Image via MaximumPC
    This article was originally published in forum thread: Hacker Victory Declared at Pwn2Own Hacking Contest started by Michael Essany View original post
    Comments 21 Comments
    1. GellBrake'rrrr's Avatar
      GellBrake'rrrr -
      Can I have some of that money??? PLEASE...
    1. shadow25's Avatar
      shadow25 -
      What?

      Stop using Safari! They might get your TEXT MESSAGES!

      What the hell would a hacker want with my text messages? Oh noes! He's reading about how much I hate the fact I have to wake up at 5am for work!

      What good would the normal person's text messages do them? Most people don't send their credit cards, or passwords by text message.

      I'd hate to be whoever has to sift through the millions of text messages looking for something that probably isn't there.
    1. confucious's Avatar
      confucious -
      As I've just said in the members news thread - Apple will patch this so one less exploit for us to use.

      Quote Originally Posted by shadow25 View Post
      What?

      Stop using Safari! They might get your TEXT MESSAGES!
      Text messages are stored in a system DB - if they can get to that then they can get to just about anything.

      It could have proved very useful if they'd told the JB community rather than Apple.
    1. steve-z17's Avatar
      steve-z17 -
      Scary stuff.
    1. wgm214's Avatar
      wgm214 -
      maybe they could use this for th 3.1.3 jailbreak that everyones been crying about. the exploits gonna get burned anyway by the time 3.2/4.0 hits but at least it could be used in the meantime. AND its userland, which hasnt been around since 1.1.x...this jailbreak would be even quicker than blackra1n
    1. confucious's Avatar
      confucious -
      Except, apart from those that did it, the only people who will be told the details are Apple....
    1. hitman10's Avatar
      hitman10 -
      Don't think windows is any better because they are not. What I dislike about my MB is that i have a piece of blue tape covering my webcam because if they can get into safari, preview, and office whos stopping them from viewing your cam? it is always faced at you, those are about some of the only programs i do use regularly. And how am i supposed to know im safe. Really just dont be stupid think for yourself for a min. If some random guy can break into safari plus indcluding all the people that made safari and the glitch they probably made to access w/e they want to though the internet. so really do i care safari got hacked? or that Mac osx has major security flaws. I think we are all f**ked soon enough when we start seeing viruses.
    1. thecork's Avatar
      thecork -
      If you had an exploit and you had a choice between $15000 and releasing it to the community? Lets be honest, most people would choose the 15k. And by doing so, the exploit gets sent to Apple, so your outta luck people.
    1. Bruno615's Avatar
      Bruno615 -
      Quote Originally Posted by hitman10 View Post
      Don't think windows is any better because they are not. What I dislike about my MB is that i have a piece of blue tape covering my webcam because if they can get into safari, preview, and office whos stopping them from viewing your cam? it is always faced at you, those are about some of the only programs i do use regularly. And how am i supposed to know im safe. Really just dont be stupid think for yourself for a min. If some random guy can break into safari plus indcluding all the people that made safari and the glitch they probably made to access w/e they want to though the internet. so really do i care safari got hacked? or that Mac osx has major security flaws. I think we are all f**ked soon enough when we start seeing viruses.
      As part of the hardware, the camera can't be used without the green light coming on. So unless you are seeing the green light, you are not being watched. Not exactly a solution, but that should help the paranoia a little.
    1. Comedy's Avatar
      Comedy -
      Not necessarily out f luck though. If they go responsible disclosure 'rules' then they'll inform apple and leave enough time for them to fix it before making it public. It should still go public and anyone who hasn't installed apples fix will be able to use it.

      I personally would prefer if it didn't, not for my benefit but it'll get a lot of abuse no doubt once it does.. All you have to do it buld a decent payload and have an admob account.. instant access to nearly all iphones out there.

      I guess $15,000 is fair for this exploit. If it were sold to someone with ill intentions they'd have paid a lot more.
    1. victis's Avatar
      victis -
      true... i have hacked into various computers via metasploit and when i get access I have used stealthy VNC to see if they have a webcam program.... I have turned it on and been able to see them hahaha.... this only really cant be detected if they have one of those webcams without the light.... if they have a laptop or a devices that has a light then they are most likly retarded lol and just dont notice that the webcam light is on.
    1. adp's Avatar
      adp -
      Quote Originally Posted by victis View Post
      true... i have hacked into various computers via metasploit and when i get access I have used stealthy VNC to see if they have a webcam program.... I have turned it on and been able to see them hahaha.... this only really cant be detected if they have one of those webcams without the light.... if they have a laptop or a devices that has a light then they are most likly retarded lol and just dont notice that the webcam light is on.
      Wow. Seems like someone needs to get a life.
    1. iPhone3G[S]'s Avatar
      iPhone3G[S] -
      @Messany- I already posted this in the user news section...
    1. cypherpunk's Avatar
      cypherpunk -
      IMHO, having an exploit like this out in the public would far outweigh the benefits of being able to jailbreak such a worthless firmware revision as 3.1.3.
    1. extremzocker's Avatar
      extremzocker -
      15k for a exploit?? who paid that? Apple?
    1. camperchuck's Avatar
      camperchuck -
      so did at&t get hacked today? cuz they are having MAJOR system wide problems. no service, no data...
    1. romeo_herman's Avatar
      romeo_herman -
      Ohh...that why Tiger Wood got hack.......
    1. alz0rz's Avatar
      alz0rz -
      Quote Originally Posted by victis View Post
      true... i have hacked into various computers via metasploit and when i get access I have used stealthy VNC to see if they have a webcam program.... I have turned it on and been able to see them hahaha.... this only really cant be detected if they have one of those webcams without the light.... if they have a laptop or a devices that has a light then they are most likly retarded lol and just dont notice that the webcam light is on.
      Holy crap. You are cool guy. Not.
    1. cheekydevil1234's Avatar
      cheekydevil1234 -
      Quote Originally Posted by hitman10 View Post
      Don't think windows is any better because they are not. What I dislike about my MB is that i have a piece of blue tape covering my webcam because if they can get into safari, preview, and office whos stopping them from viewing your cam? it is always faced at you, those are about some of the only programs i do use regularly. And how am i supposed to know im safe. Really just dont be stupid think for yourself for a min. If some random guy can break into safari plus indcluding all the people that made safari and the glitch they probably made to access w/e they want to though the internet. so really do i care safari got hacked? or that Mac osx has major security flaws. I think we are all f**ked soon enough when we start seeing viruses.
      ROFL - Dude stop smoking the green it is really starting show. Placing tape across your screens webcam ha ha ha ha ha like they said there is a big green light that comes on and if you are to involved with the porn on the screen try taking one step back. For the love of god please remove the tape, i cant stop laughing, you have made my day. Thank you
    1. rhekt's Avatar
      rhekt -
      thats kinda awesome