• Your favorite

    Apple

    ,

    iPhone

    ,

    iPad

    ,

    iOS

    ,
    Jailbreak
    , and
    Cydia
    site.
  • Hijacking All iPhones via SMS
    Cybersecurity researchers Charlie Miller and Collin Mulliner discovered how to completely hijack any iPhone via SMS. Tomorrow (Thursday) they plan on publicize and reveal the vulnerability at the Black Hat cybersecurity conference in Las Vegas. They will be demonstrating how to send a series of SMS burst to the iPhone which will allow them to take complete control of EVERYTHNIG on the device and then propagate the attack by sending more SMS messages via the hijacked iPhone. According to Miller
    This is serious. The only thing you can do to prevent it is turn off your phone . . . Someone could pretty quickly take over every iPhone in the world with this.
    Since Apple has yet to address this iPhone vulnerability even though Miller and Mulliner notified Apple over a month ago. Miller suggests that if you receive a text message on your iPhone any time after Thursday afternoon containing only a single square character you should turn the device off immediately.

    This vulnerability should be heeded and patched by Apple asap (3.1 firmware anyone?). Miller knows his stuff, he was the first one to remotely hjack the iPhone in 2007 via the former bug in iPhone Safari -- old skool, as in jailbreakme.com old skool

    via forbes thx steven and jcrod73 for the tip
    This article was originally published in forum thread: Hijacking All iPhones via SMS started by Cody Overcash View original post
    Comments 250 Comments
    1. equlizer's Avatar
      equlizer -
      so what if we remove the Message.app? Won't that fix the problem?
    1. StealthBravo's Avatar
      StealthBravo -
      ^ Epic Idea. I will do the same
    1. Mentalikryst's Avatar
      Mentalikryst -
      Moved MobileSMS.app to /var/mobile/Documents, messages icon gone, but iPhone continues to work perfectly, without the risk of exploit.
    1. pcsrule's Avatar
      pcsrule -
      ok before anyone else goes mad with SSH and passwd on their iPhone I'd like to give you what I think about this "exploit" from a developers point of view. The square described in the post is a character that the iphone cannot display. The likelihood that this will do anything more than at the absolute most crash the messages app is extremely minimal. If your phone is unjailbroken the kernel will not execute unsigned code even through an overflow of some kind so this mythical "root access" is total BS. As for jailbroken phones, code just maybe could be executed but its very unlikely. The risk is just not there. I will sleep soundly with my iPhone on and working not afraid of it being hijacked and come Thursday when nothing happens I'll be here to say I told you so. My guess is someone just came up with this mildly believable stunt to get attention. (probably a Verizon customer). Thank you for your time and happy jailbreaking.
    1. tarekkkkk's Avatar
      tarekkkkk -
      i have an idea if someone do this to me ill just plug my iphone into the computer and start my fight back lol
    1. angiepangie's Avatar
      angiepangie -
      Just don't give random people your phone number
    1. StealthBravo's Avatar
      StealthBravo -
      Damn. I already did

      This hack may come from Google Voice
    1. angiepangie's Avatar
      angiepangie -
      ^^well that was rather smart of you.
    1. StealthBravo's Avatar
      StealthBravo -
      I shouldn't have posted my number

      oh well. In case you missed it 830-STEALTH
    1. angiepangie's Avatar
      angiepangie -
      I'll be sure to send that hack your way
    1. StealthBravo's Avatar
      StealthBravo -
      THX, much appreciated
    1. angiepangie's Avatar
      angiepangie -
      No Problem!
      Be expecting the text sometime soon.
    1. StealthBravo's Avatar
      StealthBravo -
      I just deleted my messages app and my phone app. I will have my phone in airplane mode with no sim in it. I also dunked my phone in water. I feel extremely safe at the moment
    1. angiepangie's Avatar
      angiepangie -
      You forgot to put it in the microwave!
    1. gcastro723's Avatar
      gcastro723 -
      Quote Originally Posted by StealthBravo View Post
      I just deleted my messages app and my phone app. I will have my phone in airplane mode with no sim in it. I also dunked my phone in water. I feel extremely safe at the moment
      arent 3GSes waterproof?? haha
    1. StealthBravo's Avatar
      StealthBravo -
      Quote Originally Posted by angiepangie View Post
      You forgot to put it in the microwave!
      Damn it. Ok, I will go ahead and do that. Thanks

      Quote Originally Posted by gcastro723 View Post
      arent 3GSes waterproof?? haha
      Well I did it to wash off the brake fluid I poured on my phone
    1. angiepangie's Avatar
      angiepangie -
      No problem. I don't want you to break your phone or anything like that
    1. gcastro723's Avatar
      gcastro723 -
      Quote Originally Posted by StealthBravo View Post
      Damn it. Ok, I will go ahead and do that. Thanks



      Well I did it to wash off the brake fluid I poured on my phone

      HAha alrright cool, extra-protected!

      hey i see ur from Texas, What part?
    1. StealthBravo's Avatar
      StealthBravo -
      ^ San Antonio
    1. angiepangie's Avatar
      angiepangie -
      ^^BOOOO. California pwnnss
      Even though I am not a fan of CA myself