Page 1 of 10 123 ... LastLast
Results 1 to 20 of 186

Your favorite Apple, iPhone, iPad, iOS, Jailbreak, and Cydia site.


Thread: Russian Hacker Figures Out Way to Obtain In-App Purchases for Free

  1. #1
    Default Russian Hacker Figures Out Way to Obtain In-App Purchases for Free



    A Russian hacker has successfully figured out a method to obtain in-app purchases from iOS apps for free.

    The “in-app proxy” method is simple, doesn’t require a jailbreak, and allows users to install in-app content for free. The hack works on all iOS devices 3.0-6.0. We do not condone the stealing of content in any form, and this story, like the 9to5Mac piece, is being written to alert the developer community. The hack is already gaining massive amounts of traction, and hopefully a fix is released soon.

    The three-step process involves installing a CA certificate, installing an in-appstore.com certificate, and changing the DNS record.hacker. Once the user completes the process they are met with the message pictured above instead of Apple’s purchase confirmation.

    A great deal of information is also processed through the developers servers as part of the process including:


    • Restriction level of app
    • ID of app
    • ID of version
    • GUID of your idevice
    • Quantity of in-app purchase
    • Offer name of in-app purchase
    • Language you are using
    • Identifier of application
    • Version of application
    • Your locale



    We do not recommend anyone use this process, and we will not provide information on the specifics of the hack. Developers, Apple, fix this. Now.


    Source: 9to5Mac

  2. #2
    H4CK3R's Avatar
    Join Date
    Jan 2012
    Location
    java.lang.IllegalStateException: Location unknown.
    Posts
    5,840
    Thanks
    63
    Thanked 268 Times in 256 Posts

    Wow Apple, wow...... -_-

    Apple fails at securing stuff like this.
    Great minds discuss ideas.
    Average minds discuss events.
    Small minds discuss people.

  3. #3
    this is old news... and i know for a fact he is not the first. i know this site doesn't promote pirated software, but there is a known repo that has had this download for months..

  4. #4
    If you don't condone it then don't write about it...

    It's akin to writing a barebones article how to make a IDE and then saying "but don't do it!"

    I wouldn't have known about this if not for this post.

  5. #5
    iPhone? More like MyPhone
    Join Date
    Jul 2008
    Location
    De
    Posts
    131
    Thanks
    27
    Thanked 8 Times in 8 Posts

    I think I saw something like this the other day.

    It didn't look very complicated either

  6. #6
    Are people really stupid enough to install stuff from Russian hackers on their phones?
    He who asks a question looks foolish for 5 minutes. He who doesn't ask a question remains foolish forever.

  7. #7
    Appstore hackable? No way!!! <<<<< that what the apple fanboi brigade will gonna say!!

  8. #8
    Livin the iPhone Life bigboyz's Avatar
    Join Date
    Feb 2009
    Location
    North East Coast
    Posts
    1,719
    Thanks
    2
    Thanked 245 Times in 163 Posts

    This is a hack site..you promote everything else yet pick and choose what hacks we SHOULD and SHOULD not implement. Heres some matches kid..oh by the way don't set a fire while I leave you alone to play with the matches. SILLY!!

  9. #9
    Green Apple Home Skillet's Avatar
    Join Date
    Jul 2008
    Location
    Alexandria, VA
    Posts
    46
    Thanks
    3
    Thanked 14 Times in 6 Posts

    This is like saying "don't look down"...

  10. #10
    H4CK3R's Avatar
    Join Date
    Jan 2012
    Location
    java.lang.IllegalStateException: Location unknown.
    Posts
    5,840
    Thanks
    63
    Thanked 268 Times in 256 Posts

    Quote Originally Posted by Glocknine View Post
    Appstore hackable? No way!!! <<<<< that what the apple fanboi brigade will gonna say!!
    Anything can be hacked. If you don't believe that, then you don't know what hacking is.
    Great minds discuss ideas.
    Average minds discuss events.
    Small minds discuss people.

  11. #11
    Quote Originally Posted by bigboyz View Post
    This is a hack site..you promote everything else yet pick and choose what hacks we SHOULD and SHOULD not implement. Heres some matches kid..oh by the way don't set a fire while I leave you alone to play with the matches. SILLY!!
    +1 on this. Kinda hypocritical IMO.
    Basically going against your values and beliefs to get an interesting story out.

  12. #12
    This should not be posted. No information here will lead to people chaning the way they deal with in app purchases because it is an apple/itunes problem.

    Way to spread the piracy.

  13. #13
    If I had a nickel... thazsar's Avatar
    Join Date
    Jan 2010
    Location
    Dallas, TX
    Posts
    4,687
    Thanks
    809
    Thanked 2,841 Times in 1,229 Posts

    Quote Originally Posted by bigboyz View Post
    This is a hack site..you promote everything else yet pick and choose what hacks we SHOULD and SHOULD not implement. Heres some matches kid..oh by the way don't set a fire while I leave you alone to play with the matches. SILLY!!
    Don't pull out the 'ban hammer' moderators BUT...

    MMI, BigBoss, etc. definitely restrict what kind of tweaks they'll release. I assume it's based off of Sauriks rules. In essence, they will only provide what can safely be installed on your devices instead of letting us choose what we want to do.

    For some, that's good!!! For others, well...it's like they created their own Apple App Store w/ a filtering process...

    Just thought you all should know!

  14. #14
    Starbucks Artist mmaboi21's Avatar
    Join Date
    Jan 2011
    Location
    Bakersfield CA.
    Posts
    2,405
    Thanks
    163
    Thanked 207 Times in 160 Posts

    Those of you who have no self control are probably going to try this... And fail. Makes no difference whether it's posted or not... This is the Internet people! Google anything and you will find it.

  15. #15
    Quote Originally Posted by bigboyz View Post
    This is a hack site..you promote everything else yet pick and choose what hacks we SHOULD and SHOULD not implement. Heres some matches kid..oh by the way don't set a fire while I leave you alone to play with the matches. SILLY!!
    These are exactly my thoughts about this site.

  16. #16
    iPhone? More like MyPhone rukavuda's Avatar
    Join Date
    Nov 2009
    Location
    im my house
    Posts
    161
    Thanks
    8
    Thanked 2 Times in 2 Posts

    Why tell people about it and give the basic terms of what is used if you don't condone it ?

    Seems silly mmi
    http://img687.imageshack.us/img687/9020/gagaxq.jpg

  17. #17
    H4CK3R's Avatar
    Join Date
    Jan 2012
    Location
    java.lang.IllegalStateException: Location unknown.
    Posts
    5,840
    Thanks
    63
    Thanked 268 Times in 256 Posts

    Quote Originally Posted by thazsar View Post
    Don't pull out the 'ban hammer' moderators BUT...

    MMI, BigBoss, etc. definitely restrict what kind of tweaks they'll release. I assume it's based off of Sauriks rules. In essence, they will only provide what can safely be installed on your devices instead of letting us choose what we want to do.

    For some, that's good!!! For others, well...it's like they created their own Apple App Store w/ a filtering process...

    Just thought you all should know!
    saurik doesn't restrict them, at all. He doesn't support it, but it's not like he can really enforce it since there's thousands of repos out there.
    Great minds discuss ideas.
    Average minds discuss events.
    Small minds discuss people.

  18. #18
    Superbad Modder-ator Simon's Avatar
    Join Date
    Nov 2007
    Location
    Bermuda
    Posts
    46,697
    Thanks
    6,939
    Thanked 15,464 Times in 7,082 Posts

    Quote Originally Posted by pakitos View Post
    These are exactly my thoughts about this site.
    Quote Originally Posted by bigboyz View Post
    This is a hack site..you promote everything else yet pick and choose what hacks we SHOULD and SHOULD not implement. Heres some matches kid..oh by the way don't set a fire while I leave you alone to play with the matches. SILLY!!
    This is a modding site. It is for people that want to mod their device and install things to make their device their own without the limitations Apple puts on their OS. It is not a theft site. Their is a big difference between hacking something to make it the way you like it and hacking something to steal things.

    Quote Originally Posted by Illmatic636 View Post
    +1 on this. Kinda hypocritical IMO.
    Basically going against your values and beliefs to get an interesting story out.
    Quote Originally Posted by rukavuda View Post
    Why tell people about it and give the basic terms of what is used if you don't condone it ?

    Seems silly mmi
    It is a legimitate story and is on pretty much every idevice site there is today, regardless of their stance on the subject. We are not telling people how to do it or that they should do it. It is just something that is obviously news worthy. When you watch the news on TV and they have news stories about people being murdered does it mean they are telling people to go do the same?

  19. #19
    iPhoneaholic iGamers's Avatar
    Join Date
    Jun 2011
    Location
    Riverside, California, United States
    Posts
    479
    Thanks
    24
    Thanked 81 Times in 61 Posts

    Quote Originally Posted by Simon View Post
    This is a modding site. It is for people that want to mod their device and install things to make their device their own without the limitations Apple puts on their OS. It is not a theft site. Their is a big difference between hacking something to make it the way you like it and hacking something to steal things.





    It is a legimitate story and is on pretty much every idevice site there is today, regardless of their stance on the subject. We are not telling people how to do it or that they should do it. It is just something that is obviously news worthy. When you watch the news on TV and they have news stories about people being murdered does it mean they are telling people to go do the same?
    Nicely put, But this hack is a completely new one, there have been similar ones which only work on apps that don't have to communicate with a server to verify the app purchase, well at least that's what I believe, however I wouldn't trust this new hack for all the people contemplating trying it, you don't know what other information your sending, it says above you send your location, maybe you also send your apple ID and password, these no telling what other information is being transferred

  20. #20
    Quote Originally Posted by bigboyz View Post
    This is a hack site..you promote everything else yet pick and choose what hacks we SHOULD and SHOULD not implement. Heres some matches kid..oh by the way don't set a fire while I leave you alone to play with the matches. SILLY!!
    You couldn't be more wrong. There is absolutely nothing illegal or even wrong about jailbreaking a phone, and the US government has even said so. Jailbreaking a phone is no different than modifying a sports car with a 550 HP engine instead of the 350 HP factory engine. Now if you choose to use that stronger engine to tear up the interstate at 150 MPH then you're doing illegal stuff...but nothing is wrong with having the stronger engine.

    Likewise, jailbreaking a phone is nothing more than personalizing a device you own. Now if you use the jailbreak or any other hack to illegally download or install items that should be paid for then you are in the wrong.

    Next time you get a speeding ticket you should sue the manufacturer of your car because they gave you the ability to drive so fast.

  21. The Following User Says Thank You to AUZambo For This Useful Post:

    Simon (07-13-2012)

Page 1 of 10 123 ... LastLast
Posting Permissions
  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •