• Your favorite

    Apple

    ,

    iPhone

    ,

    iPad

    ,

    iOS

    ,
    Jailbreak
    , and
    Cydia
    site.
  • Russian Hacker Figures Out Way to Obtain In-App Purchases for Free



    A Russian hacker has successfully figured out a method to obtain in-app purchases from iOS apps for free.

    The “in-app proxy” method is simple, doesn’t require a jailbreak, and allows users to install in-app content for free. The hack works on all iOS devices 3.0-6.0. We do not condone the stealing of content in any form, and this story, like the 9to5Mac piece, is being written to alert the developer community. The hack is already gaining massive amounts of traction, and hopefully a fix is released soon.

    The three-step process involves installing a CA certificate, installing an in-appstore.com certificate, and changing the DNS record.hacker. Once the user completes the process they are met with the message pictured above instead of Apple’s purchase confirmation.

    A great deal of information is also processed through the developers servers as part of the process including:

    • Restriction level of app
    • ID of app
    • ID of version
    • GUID of your idevice
    • Quantity of in-app purchase
    • Offer name of in-app purchase
    • Language you are using
    • Identifier of application
    • Version of application
    • Your locale


    We do not recommend anyone use this process, and we will not provide information on the specifics of the hack. Developers, Apple, fix this. Now.


    Source: 9to5Mac
    This article was originally published in forum thread: Russian Hacker Figures Out Way to Obtain In-App Purchases for Free started by Phillip Swanson View original post
    Comments 185 Comments
    1. kraziebone's Avatar
      kraziebone -
      Quote Originally Posted by Senyaichiya View Post
      If you don't condone it then don't write about it...

      It's akin to writing a barebones article how to make a IDE and then saying "but don't do it!"

      I wouldn't have known about this if not for this post.
      This is a ridiculous ignorant argument. Ignoring something does not make it go away. Reporting on news in and of itself does not promote the actions of what they are reporting on. Sorry but this is nothing like writing an article on how to make an IDE but since you went down that path it's more like writing an article about people who are making IDE's and making the community aware.
    1. CrAcKzZZ's Avatar
      CrAcKzZZ -
      I might be a bit late on this but this is what i think:

      This is the News section of Modmyi, and this is news, so there should be no problem with people complaining about how this shouldn't be posted and other crap. And for whoever made that comment on giving a child matches and then telling them not to light anything on fire, this is different because, first of all, this is just News, information, that's it. Idk if this is a good example, but say a terrorist saw something about how theres a new kind of explosive which is dangerous and stuff, on a News channel and decides to find out about it and use it, you wouldn't blame the channel for reporting something like that. IMO its the same for this.
    1. znbl's Avatar
      znbl -
      Quote Originally Posted by Simon View Post
      This is a modding site. It is for people that want to mod their device and install things to make their device their own without the limitations Apple puts on their OS. It is not a theft site. Their is a big difference between hacking something to make it the way you like it and hacking something to steal things.
      Just to clear this up (as many people just don't understand the difference), it's called piracy, not theft. Theft is taking something real, tangible (e.g., a physical object.) Piracy is obtaining a copy of something you are not entitled to. In the former, you are depriving someone of a single tangible object, which is not the case in the latter. It doesn't make it any better, mind you, and I do not conduce it. It's just no excuse to call an orange a lemon.
    1. kraziebone's Avatar
      kraziebone -
      I can't believe so many people think that mmi should not have written this article even though it was all over other news sites? I guess here at mmi we go by the modo "What you don't know wont hurt you"?
    1. H4CK3R's Avatar
      H4CK3R -
      Quote Originally Posted by znbl View Post
      Just to clear this up (as many people just don't understand the difference), it's called piracy, not theft. Theft is taking something real, tangible (e.g., a physical object.) Piracy is obtaining a copy of something you are not entitled to. In the former, you are depriving someone of a single tangible object, which is not the case in the latter. It doesn't make it any better, mind you, and I do not conduce it. It's just no excuse to call an orange a lemon.
      I could care less what it's called, it's theft. Think about it: Someone spends their hard time on something and then to have it pirated and distributed. That's still theft.
    1. znbl's Avatar
      znbl -
      Quote Originally Posted by H4CK3R View Post
      I could care less what it's called, it's theft. Think about it: Someone spends their hard time on something and then to have it pirated and distributed. That's still theft.
      You can't just ignore the definitions of words just because you feel it should be the same. You wouldn't call a cat and a racoon the same thing, even if they are similar in many aspects. You recognize they are still two distinct things, right? So why is this so difficult?

      http://www.merriam-webster.com/dictionary/theft:
      1
      a : the act of stealing; specifically : the felonious taking and removing of personal property with intent to deprive the rightful owner of it

      b : an unlawful taking (as by embezzlement or burglary) of property
      They key phrase here "talking of property." Making a copy, by any definition, it not the taking of property. "Intellectual property" is not a property that can be "taken", but something that is copied (both legitimately as well as illegally.) It is two distinct concepts. Like I said previous, the fact that it's merely a copy doesn't make it any more right. Just stop using the wrong word. You wouldn't call an oak a pine. You wouldn't call a sheep a goat. So, again, why is this any different for you?
    1. mmaboi21's Avatar
      mmaboi21 -
      Quote Originally Posted by znbl View Post
      Just to clear this up (as many people just don't understand the difference), it's called piracy, not theft. Theft is taking something real, tangible (e.g., a physical object.) Piracy is obtaining a copy of something you are not entitled to. In the former, you are depriving someone of a single tangible object, which is not the case in the latter. It doesn't make it any better, mind you, and I do not conduce it. It's just no excuse to call an orange a lemon.

      Your still taking something that you didn't pay for. Copy or not it's still theft because it does not belong to you...
    1. znbl's Avatar
      znbl -
      Quote Originally Posted by mmaboi21 View Post
      Your still taking something that you didn't pay for. Copy or not it's still theft because it does not belong to you...
      You're not "taking" it, you're copying it. It's not the same thing. Both are wrong, but stop using the wrong term, why is this so hard? Should we start calling magenta green? How about calling a skyscraper a house? You wouldn't do that normally, right? Why? Because words have definitions. All I'm asking is to stop ignore them here just because it's convenient or you're too lazy to actually look up and understand what things actually mean and wish to remain ignorant, even if it's popular.
    1. mmaboi21's Avatar
      mmaboi21 -
      Quote Originally Posted by znbl View Post
      You can't just ignore the definitions of words just because you feel it should be the same. You wouldn't call a cat and a racoon the same thing, even if they are similar in many aspects. You recognize they are still two distinct things, right? So why is this so difficult?

      http://www.merriam-webster.com/dictionary/theft:


      They key phrase here "talking of property." Making a copy, by any definition, it not the taking of property. "Intellectual property" is not a property that can be "taken", but something that is copied (both legitimately as well as illegally.) It is two distinct concepts. Like I said previous, the fact that it's merely a copy doesn't make it any more right. Just stop using the wrong word. You wouldn't call an oak a pine. You wouldn't call a sheep a goat. So, again, why is this any different for you?
      Bro seriously, save your lawyer talk for the court room. We don't care about specifics because we have common sense.
      Taking something that does not belong to you is wrong. Period.
    1. szr's Avatar
      szr -
      Quote Originally Posted by mmaboi21 View Post
      Bro seriously, save your lawyer talk for the court room. We don't care about specifics because we have common sense.
      Taking something that does not belong to you is wrong. Period.
      It was already stated that this was wrong, that wasn't the argument at hand above. Common sense isn't an excuse to shore up popular definitions that may in fact be inaccurate.
    1. H4CK3R's Avatar
      H4CK3R -
      Quote Originally Posted by znbl View Post
      You can't just ignore the definitions of words just because you feel it should be the same. You wouldn't call a cat and a racoon the same thing, even if they are similar in many aspects. You recognize they are still two distinct things, right? So why is this so difficult?

      http://www.merriam-webster.com/dictionary/theft:

      They key phrase here "talking of property." Making a copy, by any definition, it not the taking of property. "Intellectual property" is not a property that can be "taken", but something that is copied (both legitimately as well as illegally.) It is two distinct concepts. Like I said previous, the fact that it's merely a copy doesn't make it any more right. Just stop using the wrong word. You wouldn't call an oak a pine. You wouldn't call a sheep a goat. So, again, why is this any different for you?
      It's depriving the owner / developer of their product which they made. It doesn't have to be an object to be theft.

      If I stole your identity and it's referred to as 'Identity Theft' then how is it theft if I didn't steal an object? You're making no sense whatsoever.
    1. Robert A Petersen's Avatar
      Robert A Petersen -
      Quote Originally Posted by Glocknine View Post
      Appstore hackable? No way!!! <<<<< that what the apple fanboi brigade will gonna say!!
      This DOESN'T hack the AppStore at all. All paid apps in the AppStore still have to be paid for. What this does is enable "IN APP" purchases to be free. So if, while in an App you see something like "Tap here to buy add-on WHATEVER", THAT becomes free. So free extras INSIDE apps. An App on the AppStore still costs whatever it always has.
    1. mmaboi21's Avatar
      mmaboi21 -
      Quote Originally Posted by znbl View Post
      You're not "taking" it, you're copying it. It's not the same thing. Both are wrong, but stop using the wrong term, why is this so hard? Should we start calling magenta green? How about calling a skyscraper a house? You wouldn't do that normally, right? Why? Because words have definitions. All I'm asking is to stop ignore them here just because it's convenient or you're too lazy to actually look up and understand what things actually mean and wish to remain ignorant, even if it's popular.
      So because your OCD enough to look up the definition instead of using common sense(what this world desperately needs) doesn't mean it makes a difference. Yes, technically tangible things is theft but it doesn't waver from the fact that it doesnt belong to you. Which is why we are generalizing while using common sense to pass a correct judgment on what is in fact stealing and theft.

      Come back with your next statement when your done googling..
    1. iLoveWindows&iPhone's Avatar
      iLoveWindows&iPhone -
      Hahaha!! This is awesome!! Not the tweak (actually its pretty awesome) but the debate and fights going on, love it!

      Thank you modmyi for finding a acceptable way to inform us all of this! Obviously you can't write a article telling us how great this is, so you mask it by saying its to "inform the developer community"...genius! And your closing comment "fix this....now" made me literally LOL! It kinda reminds me of how the Bush administration justified going to war with Iraq!
    1. kraziebone's Avatar
      kraziebone -
      The theft vs privacy issue is getting a bit out of hand. Both of you seem right to me? They don't mean exactly the same thing but they are synonyms(that's common sense & you can look it up!)
    1. H4CK3R's Avatar
      H4CK3R -
      Quote Originally Posted by iLoveWindows&iPhone View Post
      Hahaha!! This is awesome!! Not the tweak (actually its pretty awesome) but the debate and fights going on, love it!

      Thank you modmyi for finding a acceptable way to inform us all of this! Obviously you can't write a article telling us how great this is, so you mask it by saying its to "inform the developer community"...genius! And your closing comment "fix this....now" made me literally LOL! It kinda reminds me of how the Bush administration justified going to war with Iraq!
      I think I laughed too hard at this comment lmao.

      I love to see these fights :P
    1. mmaboi21's Avatar
      mmaboi21 -
      Quote Originally Posted by iLoveWindows&iPhone View Post
      Hahaha!! This is awesome!! Not the tweak (actually its pretty awesome) but the debate and fights going on, love it!

      Thank you modmyi for finding a acceptable way to inform us all of this! Obviously you can't write a article telling us how great this is, so you mask it by saying its to "inform the developer community"...genius! And your closing comment "fix this....now" made me literally LOL! It kinda reminds me of how the Bush administration justified going to war with Iraq!
      True that! Ha it's even better when your in the middle of it
    1. Agent929's Avatar
      Agent929 -
      Quote Originally Posted by Simon View Post
      This is a modding site. It is for people that want to mod their device and install things to make their device their own without the limitations Apple puts on their OS. It is not a theft site. Their is a big difference between hacking something to make it the way you like it and hacking something to steal things.





      It is a legimitate story and is on pretty much every idevice site there is today, regardless of their stance on the subject. We are not telling people how to do it or that they should do it. It is just something that is obviously news worthy. When you watch the news on TV and they have news stories about people being murdered does it mean they are telling people to go do the same?
      Yeah and you know what? They don't go and say don't do this at home like the MMI staff do constantly. Report news, that's it. If this was on CNN I am willing to bet they would put how they do it. It really pisses me off about everybody saying "without any limitations" when indeed by not allowing access to it they are putting limitations. I don't steal **** because it's wrong and I am better than that. I am not broke either. Just please for gods sake get off your damn high horse about this ****.
    1. alanjf's Avatar
      alanjf -
      Quote Originally Posted by mmaboi21 View Post
      So because your OCD enough to look up the definition instead of using common sense(what this world desperately needs) doesn't mean it makes a difference. Yes, technically tangible things is theft but it doesn't waver from the fact that it doesnt belong to you. Which is why we are generalizing while using common sense to pass a correct judgment on what is in fact stealing and theft.

      Come back with your next statement when your done googling..
      News flash: Common sense is to use terms correctly, and not continually construe popular misconceptions as fact. Too many refuse to enlighten themselves and such want to go with flow. No one is saying (that I've seen) that piracy is right, no noe is is saying it any better than breaking in and stealing from your home. The only thing I keep seeing, in regards to this sub-thread, is an attempt to clear up a rampant misconception. Ignorance is not common sense. It's just far too common...
    1. mmaboi21's Avatar
      mmaboi21 -
      Quote Originally Posted by alanjf View Post
      News flash: Common sense is to use terms correctly, and not continually construe popular misconceptions as fact. Too many refuse to enlighten themselves and such want to go with flow. No one is saying (that I've seen) that piracy is right, no noe is is saying it any better than breaking in and stealing from your home. The only thing I keep seeing, in regards to this sub-thread, is an attempt to clear up a rampant misconception. Ignorance is not common sense. It's just far too common...
      Thanks, I feel enlightened now on common sense.