+ Reply
Results 1 to 18 of 18

Your favorite Apple, iPhone, iPad, iOS, Jailbreak, and Cydia site.


Thread: Safari Vulnerability discovered in iOS 5.1 - Allows URL Spoofing

is a discussion within the

iPhone News

forums, a part of the

General iPhone

section;
...
  1. #1
    MMi Staff Writer Akshay Masand's Avatar
    Join Date
    Sep 2011
    Location
    New York City
    Posts
    3,630
    Thanks
    3
    Thanked 116 Times in 102 Posts

    Default Safari Vulnerability discovered in iOS 5.1 - Allows URL Spoofing


    If you are using an iPad, iPhone, or iPod Touch running Safari on iOS 5.1, than you should be cautious of a security issue that involves address bar spoofing. The issue was discovered by David Vieira-Kurz of MajorSecurity, and involves “an error within the handling of URLs when using javascript’s window open() method.” This can be exploited by malicious sites to display custom URLs, potentially fooling users into supplying personal information to a malicious website (since the Safari address bar can display a totally different address than the website that is actually being displayed.

    MajorSecurity has notified Apple of the issue and it is at the point where it is likely just a matter of time before a patch is available to fix the problem. While Apple works on a fix for the issue, it is probably a good idea to avoid opening untrusted links and think twice about sending personal information to any website that asks for it through Safari on your iOS device.

    The security firm also created a sample web page to show the vulnerability in action. If you are interested in checking it out, open the following URL on your iOS device (one with iOS 5.1 installed):


    Click the demo at the top of the page and you will see a site that very closely resembles Apple’s official site but is actually hosted by MajorSecurity.

    Source: TheNextWeb

    Twitter: @AkshayMasand

  2. #2
    Green Apple
    Join Date
    Sep 2009
    Posts
    44
    Thanks
    2
    Thanked 0 Times in 0 Posts

    Not sure if I completely understand this. I'm on an iPhone 4 iOS 5.0.1 and clicked the linked and it showed up like it does in the picture. So does that mean that 5.0.1 has the same security flaw?

    Oh and I have to do this sorry but,
    FIRST!!!

  3. #3
    My iPhone is a Part of Me
    Join Date
    Nov 2008
    Posts
    622
    Thanks
    21
    Thanked 36 Times in 35 Posts

    Quote Originally Posted by smoothcreak View Post
    Not sure if I completely understand this. I'm on an iPhone 4 iOS 5.0.1 and clicked the linked and it showed up like it does in the picture. So does that mean that 5.0.1 has the same security flaw?
    Was just about to ask the same the same thing. Minus the puerile part at the end ;p

  4. #4
    Green Apple
    Join Date
    Apr 2010
    Location
    Denver
    Posts
    83
    Thanks
    8
    Thanked 9 Times in 7 Posts

    Quote Originally Posted by smoothcreak View Post
    Not sure if I completely understand this. I'm on an iPhone 4 iOS 5.0.1 and clicked the linked and it showed up like it does in the picture. So does that mean that 5.0.1 has the same security flaw?

    Oh and I have to do this sorry but,
    FIRST!!!
    Chances are, every version of iOS (or iPhone OS) have this flaw, so your phone has this vulnerability. However, just like how iOS 4.0 patched the PDF exploit, there will most likely be a jb tweak released to patch this problem without having to update.

  5. #5
    Super Moderator Cer0's Avatar
    Join Date
    Apr 2008
    Location
    MN/WI
    Posts
    13,987
    Thanks
    388
    Thanked 1,139 Times in 889 Posts

    Quote Originally Posted by rayzeur22 View Post
    Chances are, every version of iOS (or iPhone OS) have this flaw, so your phone has this vulnerability. However, just like how iOS 4.0 patched the PDF exploit, there will most likely be a jb tweak released to patch this problem without having to update.
    And before Apple addresses it too.

  6. #6
    What's Jailbreak?
    Join Date
    Jan 2008
    Posts
    14
    Thanks
    2
    Thanked 1 Time in 1 Post
    Did you check the address bar on safari? I believe that in ios5.1 you will see apple.com as the address on the sample. Im also on 5.0.1 and i see the correct address from majorsecurity

  7. #7
    My iPhone is a Part of Me
    Join Date
    Nov 2008
    Posts
    622
    Thanks
    21
    Thanked 36 Times in 35 Posts

    Quote Originally Posted by emer_cvt View Post
    Did you check the address bar on safari? I believe that in ios5.1 you will see apple.com as the address on the sample. Im also on 5.0.1 and i see the correct address from majorsecurity
    Did you hit the demo button at the top? It reloads the web page as if it's from apple but states at the top
    Still hosted by major security

  8. #8
    iPhone? More like MyPhone
    Join Date
    Nov 2011
    Posts
    190
    Thanks
    1
    Thanked 14 Times in 13 Posts

    iPhone 4s 5.0.1 when I do the demo if you minimize it u can see it say untitled but has the www.apple.com website below . And original apple.com will say apple .Seems like a patch is needed .nice to know .jailbreakme would be nicccceee .

  9. #9
    What's Jailbreak? matt200569's Avatar
    Join Date
    Feb 2008
    Posts
    3
    Thanks
    0
    Thanked 0 Times in 0 Posts

    [QUOTE=smoothcreak;6460257]Not sure if I completely understand this. I'm on an iPhone 4 iOS 5.0.1 and clicked the linked and it showed up like it does in the picture. So does that mean that 5.0.1 has the same security flaw?

    I believe if im reading correctly the article states that the security flaw is for ios 5.1. It states that you can test the security flaw by clicking the link if you have ios 5.1 on your idevice. That would lead me to believe that 5.1 is the only software with the security issue.

  10. #10
    iPhoneaholic patoons's Avatar
    Join Date
    Feb 2010
    Location
    Long Island
    Posts
    346
    Thanks
    9
    Thanked 15 Times in 12 Posts

    does this mean jailbreakme.com can make a return???

  11. #11
    iPhone? More like MyPhone
    Join Date
    Dec 2009
    Posts
    102
    Thanks
    4
    Thanked 2 Times in 2 Posts

    Quote Originally Posted by rayzeur22 View Post
    Chances are, every version of iOS (or iPhone OS) have this flaw, so your phone has this vulnerability. However, just like how iOS 4.0 patched the PDF exploit, there will most likely be a jb tweak released to patch this problem without having to update.

    Another reason to jailbreak!

  12. #12
    My iPhone is a Part of Me
    Join Date
    Dec 2008
    Location
    New Orleans, LA
    Posts
    950
    Thanks
    56
    Thanked 81 Times in 64 Posts

    If you're ever suspicious, you can touch the address bar and then hit Go on your keyboard. That'll bring you to the real site.

  13. #13
    Livin the iPhone Life celeron's Avatar
    Join Date
    Dec 2010
    Location
    Puerto Rico
    Posts
    5,831
    Thanks
    51
    Thanked 340 Times in 323 Posts

    iOS 5.0.2 soon...lol
    If my post was good, click the button in my post

    New to jailbreaking? Have a look at my Redsn0w Guide

  14. #14
    iPhone? More like MyPhone
    Join Date
    Jan 2008
    Location
    New Jersey, USA
    Posts
    272
    Thanks
    3
    Thanked 25 Times in 21 Posts

    I'm on one of my devices with 4.3.3 and safari is spoofed... Not sure if this is a browser issue... Many servers can spoof your address bar even on desktop. One perfect example is such spoofing as let's say godaddy does. I have a website I'm hosting on my personal webspace from local ISP but they can spoof address bar to only show my domain name.

    In any case hope for a fix tweak if one is needed.
    Hit the thanks button if I helped in any way

  15. #15
    iPhoneaholic patoons's Avatar
    Join Date
    Feb 2010
    Location
    Long Island
    Posts
    346
    Thanks
    9
    Thanked 15 Times in 12 Posts

    so could this mean jailbreakme.com makes a return to jailbreak 4S?

  16. #16
    Livin the iPhone Life celeron's Avatar
    Join Date
    Dec 2010
    Location
    Puerto Rico
    Posts
    5,831
    Thanks
    51
    Thanked 340 Times in 323 Posts

    Doubtful. I've heard these exploits are easily patched by Apple. Besides, this has already been reported to Apple by MajorSecurity so it'll be patched in no time.
    If my post was good, click the button in my post

    New to jailbreaking? Have a look at my Redsn0w Guide

  17. #17
    szr
    szr is offline
    iPhone? More like MyPhone szr's Avatar
    Join Date
    Aug 2009
    Posts
    293
    Thanks
    111
    Thanked 23 Times in 19 Posts

    I concur that this happens in 5.0.1 (tested on my 4S on 5.0.1b) and appears to also occur in 4.x (tested in 4.2.1 on a 3GS.)

    The desktop versions of Safari (tested in 5.1.2, 5.0.5, and 4.0.5 Windows, 5.1.4 & 5.13 on Lion), as well as Firefox (tested in various versions from 3.x to 10.x, as well as Mozilla 1.7 and Netscape 9 thru 6) , Opera (versions 11, and 10), and Chrome (tested versions 16, 11, 8, and 4) don't appear to have this problem.

    Interestingly, Internet Explorer (Windows; tested versions 9, 8, 7, 6, and 5) does have this problem, showing Apple in the address bar, as does Opera versions 7 & 8 (not too surprising as those versions of Opera were attempting to mimic IE's behavior, perhaps a little too closely.)

  18. #18
    My iPhone is a Part of Me
    Join Date
    Dec 2010
    Posts
    762
    Thanks
    0
    Thanked 8 Times in 8 Posts

    Tried on 5.0.1 yeah I'm fine.

Posting Permissions
  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts