+ Reply
Page 1 of 2 12 LastLast
Results 1 to 20 of 22

Your favorite Apple, iPhone, iPad, iOS, Jailbreak, and Cydia site.


Thread: Hacker Victory Declared at Pwn2Own Hacking Contest

is a discussion within the

iPhone News

forums, a part of the

General iPhone

section;
Here's how it all went down at the fourth annual Pwn2Own hacking contest in Vancouver last night. The iPhone fell. And from the looks of it, the Apple device hardly
...
  1. #1
    MMi Staff Writer Michael Essany's Avatar
    Join Date
    Aug 2009
    Location
    Valparaiso, Indiana
    Posts
    3,685
    Thanks
    17
    Thanked 1,475 Times in 562 Posts

    Default Hacker Victory Declared at Pwn2Own Hacking Contest


    Here's how it all went down at the fourth annual Pwn2Own hacking contest in Vancouver last night. The iPhone fell. And from the looks of it, the Apple device hardly even put up a fight. And on Wednesday, the Pwn2Own hacker contest resulted in Vincenzo Iozzo and Ralf Weinmann winning $15,000 for their mad hacking skills.

    Highlighting the kind of behavior that keeps internet security experts awake at night, the hack attack in question came on the very first day of the contest - hardly enough time to work up a good sweat. This is the fourth consecutive year that the platforms on display were targeted by hackers, although this year's efforts were arguably the most impressive in contest history. Last year, the iPhone was not successfully hacked.

    Iozzo and Ralf Weinmann created what's being called an "undisclosed attack" on the iPhone's mobile Safari browser. Essentially, they cooked up a website that made a visiting iPhone dump a copy of its SMS database. Hacker Charlie Miller (the first to hack the iPhone three years ago) was quoted in various online media reports calling this hack the first "fully functioning" iPhone attack since the 2008 release of the device's second version.

    The Pwn2Own contest, which is reviled by some and revered by others, handsomely rewards (with cash and prizes) hackers for their exploit code. A total of $100,000 in prizes is on the line this year... and there are plenty of hackers returning to the stage and some angling for the first time to make a name for themselves at an event that is tantamount to the Superbowl for hackers.

    Still on tap for the three-day hack fest are: MacBook Pro, Internet Explorer, Google's Chrome browser, Firefox, BlackBerry, a Nexus One and a Nokia E72.

    Image via MaximumPC

  2. The Following User Says Thank You to Michael Essany For This Useful Post:

    jcbhome (03-26-2010)

  3. #2
    miPhone's better than yours GellBrake'rrrr's Avatar
    Join Date
    Feb 2009
    Location
    D-town Tejas
    Posts
    490
    Thanks
    317
    Thanked 79 Times in 53 Posts

    Can I have some of that money??? PLEASE...

  4. #3
    iPhone? More like MyPhone
    Join Date
    Dec 2009
    Posts
    240
    Thanks
    4
    Thanked 26 Times in 24 Posts

    What?

    Stop using Safari! They might get your TEXT MESSAGES!

    What the hell would a hacker want with my text messages? Oh noes! He's reading about how much I hate the fact I have to wake up at 5am for work!

    What good would the normal person's text messages do them? Most people don't send their credit cards, or passwords by text message.

    I'd hate to be whoever has to sift through the millions of text messages looking for something that probably isn't there.

  5. The Following User Says Thank You to shadow25 For This Useful Post:

    creolesoul (03-25-2010)

  6. #4
    Peanut Brain confucious's Avatar
    Join Date
    Oct 2008
    Location
    Woking
    Posts
    10,262
    Thanks
    139
    Thanked 911 Times in 827 Posts

    As I've just said in the members news thread - Apple will patch this so one less exploit for us to use.

    Quote Originally Posted by shadow25 View Post
    What?

    Stop using Safari! They might get your TEXT MESSAGES!
    Text messages are stored in a system DB - if they can get to that then they can get to just about anything.

    It could have proved very useful if they'd told the JB community rather than Apple.
    Last edited by confucious; 03-25-2010 at 02:17 AM. Reason: Automerged Doublepost
    He who asks a question looks foolish for 5 minutes. He who doesn't ask a question remains foolish forever.

  7. #5
    Livin the iPhone Life steve-z17's Avatar
    Join Date
    Sep 2007
    Location
    Utah
    Posts
    2,234
    Thanks
    91
    Thanked 141 Times in 121 Posts

    Scary stuff.

  8. #6
    iPhone? More like MyPhone wgm214's Avatar
    Join Date
    Aug 2008
    Posts
    286
    Thanks
    20
    Thanked 11 Times in 10 Posts

    maybe they could use this for th 3.1.3 jailbreak that everyones been crying about. the exploits gonna get burned anyway by the time 3.2/4.0 hits but at least it could be used in the meantime. AND its userland, which hasnt been around since 1.1.x...this jailbreak would be even quicker than blackra1n
    Wanna-be coder/iphone user since '08

  9. #7
    Peanut Brain confucious's Avatar
    Join Date
    Oct 2008
    Location
    Woking
    Posts
    10,262
    Thanks
    139
    Thanked 911 Times in 827 Posts

    Except, apart from those that did it, the only people who will be told the details are Apple....
    He who asks a question looks foolish for 5 minutes. He who doesn't ask a question remains foolish forever.

  10. #8
    My iPhone is a Part of Me hitman10's Avatar
    Join Date
    Sep 2007
    Location
    I live in a house
    Posts
    505
    Thanks
    37
    Thanked 44 Times in 28 Posts

    Don't think windows is any better because they are not. What I dislike about my MB is that i have a piece of blue tape covering my webcam because if they can get into safari, preview, and office whos stopping them from viewing your cam? it is always faced at you, those are about some of the only programs i do use regularly. And how am i supposed to know im safe. Really just dont be stupid think for yourself for a min. If some random guy can break into safari plus indcluding all the people that made safari and the glitch they probably made to access w/e they want to though the internet. so really do i care safari got hacked? or that Mac osx has major security flaws. I think we are all f**ked soon enough when we start seeing viruses.

  11. #9
    Green Apple
    Join Date
    Jun 2009
    Posts
    50
    Thanks
    0
    Thanked 5 Times in 4 Posts

    If you had an exploit and you had a choice between $15000 and releasing it to the community? Lets be honest, most people would choose the 15k. And by doing so, the exploit gets sent to Apple, so your outta luck people.

  12. #10
    What's Jailbreak?
    Join Date
    Oct 2007
    Posts
    21
    Thanks
    2
    Thanked 0 Times in 0 Posts

    Quote Originally Posted by hitman10 View Post
    Don't think windows is any better because they are not. What I dislike about my MB is that i have a piece of blue tape covering my webcam because if they can get into safari, preview, and office whos stopping them from viewing your cam? it is always faced at you, those are about some of the only programs i do use regularly. And how am i supposed to know im safe. Really just dont be stupid think for yourself for a min. If some random guy can break into safari plus indcluding all the people that made safari and the glitch they probably made to access w/e they want to though the internet. so really do i care safari got hacked? or that Mac osx has major security flaws. I think we are all f**ked soon enough when we start seeing viruses.
    As part of the hardware, the camera can't be used without the green light coming on. So unless you are seeing the green light, you are not being watched. Not exactly a solution, but that should help the paranoia a little.

  13. #11
    Green Apple
    Join Date
    Feb 2009
    Posts
    73
    Thanks
    2
    Thanked 9 Times in 8 Posts

    Not necessarily out f luck though. If they go responsible disclosure 'rules' then they'll inform apple and leave enough time for them to fix it before making it public. It should still go public and anyone who hasn't installed apples fix will be able to use it.

    I personally would prefer if it didn't, not for my benefit but it'll get a lot of abuse no doubt once it does.. All you have to do it buld a decent payload and have an admob account.. instant access to nearly all iphones out there.

    I guess $15,000 is fair for this exploit. If it were sold to someone with ill intentions they'd have paid a lot more.

  14. #12
    Green Apple victis's Avatar
    Join Date
    Jan 2010
    Location
    florida, usa
    Posts
    80
    Thanks
    0
    Thanked 14 Times in 9 Posts

    true... i have hacked into various computers via metasploit and when i get access I have used stealthy VNC to see if they have a webcam program.... I have turned it on and been able to see them hahaha.... this only really cant be detected if they have one of those webcams without the light.... if they have a laptop or a devices that has a light then they are most likly retarded lol and just dont notice that the webcam light is on.

  15. #13
    adp
    adp is offline
    Livin the iPhone Life adp's Avatar
    Join Date
    Jan 2009
    Location
    South FL
    Posts
    1,789
    Thanks
    32
    Thanked 460 Times in 321 Posts

    Quote Originally Posted by victis View Post
    true... i have hacked into various computers via metasploit and when i get access I have used stealthy VNC to see if they have a webcam program.... I have turned it on and been able to see them hahaha.... this only really cant be detected if they have one of those webcams without the light.... if they have a laptop or a devices that has a light then they are most likly retarded lol and just dont notice that the webcam light is on.
    Wow. Seems like someone needs to get a life.
    If I helped you out, please use the Thanks button ------------------------->

  16. The Following 2 Users Say Thank You to adp For This Useful Post:

    Endwaro7 (03-25-2010), k.nitsua (03-25-2010)

  17. #14
    iPhoneaholic
    Join Date
    Oct 2009
    Posts
    321
    Thanks
    15
    Thanked 32 Times in 24 Posts

    @Messany- I already posted this in the user news section...

  18. #15
    iPhone? More like MyPhone
    Join Date
    Jan 2010
    Posts
    297
    Thanks
    2
    Thanked 19 Times in 14 Posts

    IMHO, having an exploit like this out in the public would far outweigh the benefits of being able to jailbreak such a worthless firmware revision as 3.1.3.

  19. #16
    iPhoneaholic extremzocker's Avatar
    Join Date
    May 2009
    Location
    London, UK
    Posts
    436
    Thanks
    14
    Thanked 15 Times in 14 Posts

    15k for a exploit?? who paid that? Apple?

  20. #17
    Green Apple camperchuck's Avatar
    Join Date
    Sep 2007
    Location
    Bakersfield, CA
    Posts
    63
    Thanks
    4
    Thanked 2 Times in 2 Posts

    so did at&t get hacked today? cuz they are having MAJOR system wide problems. no service, no data...

  21. #18
    iPhone? More like MyPhone romeo_herman's Avatar
    Join Date
    Mar 2009
    Posts
    297
    Thanks
    2
    Thanked 42 Times in 15 Posts

    Ohh...that why Tiger Wood got hack.......

  22. #19
    What's Jailbreak?
    Join Date
    Aug 2007
    Posts
    21
    Thanks
    3
    Thanked 0 Times in 0 Posts

    Quote Originally Posted by victis View Post
    true... i have hacked into various computers via metasploit and when i get access I have used stealthy VNC to see if they have a webcam program.... I have turned it on and been able to see them hahaha.... this only really cant be detected if they have one of those webcams without the light.... if they have a laptop or a devices that has a light then they are most likly retarded lol and just dont notice that the webcam light is on.
    Holy crap. You are cool guy. Not.

  23. #20
    What's Jailbreak? cheekydevil1234's Avatar
    Join Date
    Dec 2007
    Location
    Australia
    Posts
    28
    Thanks
    0
    Thanked 2 Times in 2 Posts

    Quote Originally Posted by hitman10 View Post
    Don't think windows is any better because they are not. What I dislike about my MB is that i have a piece of blue tape covering my webcam because if they can get into safari, preview, and office whos stopping them from viewing your cam? it is always faced at you, those are about some of the only programs i do use regularly. And how am i supposed to know im safe. Really just dont be stupid think for yourself for a min. If some random guy can break into safari plus indcluding all the people that made safari and the glitch they probably made to access w/e they want to though the internet. so really do i care safari got hacked? or that Mac osx has major security flaws. I think we are all f**ked soon enough when we start seeing viruses.
    ROFL - Dude stop smoking the green it is really starting show. Placing tape across your screens webcam ha ha ha ha ha like they said there is a big green light that comes on and if you are to involved with the porn on the screen try taking one step back. For the love of god please remove the tape, i cant stop laughing, you have made my day. Thank you

Posting Permissions
  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts