+ Reply
Page 1 of 10 123 ... LastLast
Results 1 to 20 of 186

Your favorite Apple, iPhone, iPad, iOS, Jailbreak, and Cydia site.


Thread: Russian Hacker Figures Out Way to Obtain In-App Purchases for Free

is a discussion within the

iPhone News

forums, a part of the

General iPhone

section;
...
  1. #1
    MMi Staff Writer Phillip Swanson's Avatar
    Join Date
    Apr 2011
    Location
    Michigan
    Posts
    1,342
    Thanks
    0
    Thanked 79 Times in 46 Posts

    Default Russian Hacker Figures Out Way to Obtain In-App Purchases for Free



    A Russian hacker has successfully figured out a method to obtain in-app purchases from iOS apps for free.

    The “in-app proxy” method is simple, doesn’t require a jailbreak, and allows users to install in-app content for free. The hack works on all iOS devices 3.0-6.0. We do not condone the stealing of content in any form, and this story, like the 9to5Mac piece, is being written to alert the developer community. The hack is already gaining massive amounts of traction, and hopefully a fix is released soon.

    The three-step process involves installing a CA certificate, installing an in-appstore.com certificate, and changing the DNS record.hacker. Once the user completes the process they are met with the message pictured above instead of Apple’s purchase confirmation.

    A great deal of information is also processed through the developers servers as part of the process including:

    • Restriction level of app
    • ID of app
    • ID of version
    • GUID of your idevice
    • Quantity of in-app purchase
    • Offer name of in-app purchase
    • Language you are using
    • Identifier of application
    • Version of application
    • Your locale


    We do not recommend anyone use this process, and we will not provide information on the specifics of the hack. Developers, Apple, fix this. Now.


    Source: 9to5Mac

  2. #2
    H4CK3R's Avatar
    Join Date
    Jan 2012
    Location
    java.lang.IllegalStateException: Location unknown.
    Posts
    5,781
    Thanks
    61
    Thanked 261 Times in 250 Posts

    Wow Apple, wow...... -_-

    Apple fails at securing stuff like this.
    Great minds discuss ideas.
    Average minds discuss events.
    Small minds discuss people.

  3. #3
    iPhone? More like MyPhone
    Join Date
    Jul 2007
    Posts
    151
    Thanks
    3
    Thanked 7 Times in 6 Posts

    this is old news... and i know for a fact he is not the first. i know this site doesn't promote pirated software, but there is a known repo that has had this download for months..

  4. #4
    iPhone? More like MyPhone
    Join Date
    Jun 2008
    Posts
    257
    Thanks
    11
    Thanked 2 Times in 2 Posts

    If you don't condone it then don't write about it...

    It's akin to writing a barebones article how to make a IDE and then saying "but don't do it!"

    I wouldn't have known about this if not for this post.

  5. #5
    iPhone? More like MyPhone
    Join Date
    Jul 2008
    Location
    De
    Posts
    112
    Thanks
    22
    Thanked 3 Times in 3 Posts

    I think I saw something like this the other day.

    It didn't look very complicated either

  6. #6
    Peanut Brain confucious's Avatar
    Join Date
    Oct 2008
    Location
    Woking
    Posts
    10,168
    Thanks
    134
    Thanked 878 Times in 797 Posts

    Are people really stupid enough to install stuff from Russian hackers on their phones?
    He who asks a question looks foolish for 5 minutes. He who doesn't ask a question remains foolish forever.

  7. #7
    Green Apple Glocknine's Avatar
    Join Date
    Feb 2009
    Posts
    72
    Thanks
    0
    Thanked 4 Times in 4 Posts

    Appstore hackable? No way!!! <<<<< that what the apple fanboi brigade will gonna say!!

  8. #8
    Livin the iPhone Life bigboyz's Avatar
    Join Date
    Feb 2009
    Location
    North East Coast
    Posts
    1,453
    Thanks
    2
    Thanked 150 Times in 108 Posts

    This is a hack site..you promote everything else yet pick and choose what hacks we SHOULD and SHOULD not implement. Heres some matches kid..oh by the way don't set a fire while I leave you alone to play with the matches. SILLY!!

  9. #9
    Green Apple Home Skillet's Avatar
    Join Date
    Jul 2008
    Location
    Alexandria, VA
    Posts
    46
    Thanks
    3
    Thanked 14 Times in 6 Posts

    This is like saying "don't look down"...

  10. #10
    H4CK3R's Avatar
    Join Date
    Jan 2012
    Location
    java.lang.IllegalStateException: Location unknown.
    Posts
    5,781
    Thanks
    61
    Thanked 261 Times in 250 Posts

    Quote Originally Posted by Glocknine View Post
    Appstore hackable? No way!!! <<<<< that what the apple fanboi brigade will gonna say!!
    Anything can be hacked. If you don't believe that, then you don't know what hacking is.
    Great minds discuss ideas.
    Average minds discuss events.
    Small minds discuss people.

  11. #11
    Green Apple
    Join Date
    Apr 2011
    Posts
    95
    Thanks
    65
    Thanked 15 Times in 10 Posts

    Quote Originally Posted by bigboyz View Post
    This is a hack site..you promote everything else yet pick and choose what hacks we SHOULD and SHOULD not implement. Heres some matches kid..oh by the way don't set a fire while I leave you alone to play with the matches. SILLY!!
    +1 on this. Kinda hypocritical IMO.
    Basically going against your values and beliefs to get an interesting story out.

  12. #12
    iPhone? More like MyPhone ccoltmanm's Avatar
    Join Date
    Jun 2010
    Location
    Chicago
    Posts
    112
    Thanks
    1
    Thanked 0 Times in 0 Posts

    This should not be posted. No information here will lead to people chaning the way they deal with in app purchases because it is an apple/itunes problem.

    Way to spread the piracy.

  13. #13
    Livin the iPhone Life thazsar's Avatar
    Join Date
    Jan 2010
    Location
    Dallas, TX
    Posts
    3,171
    Thanks
    59
    Thanked 819 Times in 485 Posts

    Quote Originally Posted by bigboyz View Post
    This is a hack site..you promote everything else yet pick and choose what hacks we SHOULD and SHOULD not implement. Heres some matches kid..oh by the way don't set a fire while I leave you alone to play with the matches. SILLY!!
    Don't pull out the 'ban hammer' moderators BUT...

    MMI, BigBoss, etc. definitely restrict what kind of tweaks they'll release. I assume it's based off of Sauriks rules. In essence, they will only provide what can safely be installed on your devices instead of letting us choose what we want to do.

    For some, that's good!!! For others, well...it's like they created their own Apple App Store w/ a filtering process...

    Just thought you all should know!

  14. #14
    Starbucks Artist mmaboi21's Avatar
    Join Date
    Jan 2011
    Location
    Bakersfield CA.
    Posts
    2,388
    Thanks
    158
    Thanked 207 Times in 160 Posts

    Those of you who have no self control are probably going to try this... And fail. Makes no difference whether it's posted or not... This is the Internet people! Google anything and you will find it.

  15. #15
    iPhone? More like MyPhone
    Join Date
    Jun 2012
    Posts
    108
    Thanks
    1
    Thanked 4 Times in 3 Posts

    Quote Originally Posted by bigboyz View Post
    This is a hack site..you promote everything else yet pick and choose what hacks we SHOULD and SHOULD not implement. Heres some matches kid..oh by the way don't set a fire while I leave you alone to play with the matches. SILLY!!
    These are exactly my thoughts about this site.

  16. #16
    iPhone? More like MyPhone rukavuda's Avatar
    Join Date
    Nov 2009
    Location
    im my house
    Posts
    160
    Thanks
    8
    Thanked 2 Times in 2 Posts

    Why tell people about it and give the basic terms of what is used if you don't condone it ?

    Seems silly mmi
    http://img687.imageshack.us/img687/9020/gagaxq.jpg

  17. #17
    H4CK3R's Avatar
    Join Date
    Jan 2012
    Location
    java.lang.IllegalStateException: Location unknown.
    Posts
    5,781
    Thanks
    61
    Thanked 261 Times in 250 Posts

    Quote Originally Posted by thazsar View Post
    Don't pull out the 'ban hammer' moderators BUT...

    MMI, BigBoss, etc. definitely restrict what kind of tweaks they'll release. I assume it's based off of Sauriks rules. In essence, they will only provide what can safely be installed on your devices instead of letting us choose what we want to do.

    For some, that's good!!! For others, well...it's like they created their own Apple App Store w/ a filtering process...

    Just thought you all should know!
    saurik doesn't restrict them, at all. He doesn't support it, but it's not like he can really enforce it since there's thousands of repos out there.
    Great minds discuss ideas.
    Average minds discuss events.
    Small minds discuss people.

  18. #18
    Superbad Modder-ator Simon's Avatar
    Join Date
    Nov 2007
    Location
    Bermuda
    Posts
    45,593
    Thanks
    6,248
    Thanked 14,162 Times in 6,637 Posts

    Quote Originally Posted by pakitos View Post
    These are exactly my thoughts about this site.
    Quote Originally Posted by bigboyz View Post
    This is a hack site..you promote everything else yet pick and choose what hacks we SHOULD and SHOULD not implement. Heres some matches kid..oh by the way don't set a fire while I leave you alone to play with the matches. SILLY!!
    This is a modding site. It is for people that want to mod their device and install things to make their device their own without the limitations Apple puts on their OS. It is not a theft site. Their is a big difference between hacking something to make it the way you like it and hacking something to steal things.

    Quote Originally Posted by Illmatic636 View Post
    +1 on this. Kinda hypocritical IMO.
    Basically going against your values and beliefs to get an interesting story out.
    Quote Originally Posted by rukavuda View Post
    Why tell people about it and give the basic terms of what is used if you don't condone it ?

    Seems silly mmi
    It is a legimitate story and is on pretty much every idevice site there is today, regardless of their stance on the subject. We are not telling people how to do it or that they should do it. It is just something that is obviously news worthy. When you watch the news on TV and they have news stories about people being murdered does it mean they are telling people to go do the same?

  19. #19
    iPhoneaholic iGamers's Avatar
    Join Date
    Jun 2011
    Location
    Riverside, California, United States
    Posts
    479
    Thanks
    24
    Thanked 80 Times in 60 Posts

    Quote Originally Posted by Simon View Post
    This is a modding site. It is for people that want to mod their device and install things to make their device their own without the limitations Apple puts on their OS. It is not a theft site. Their is a big difference between hacking something to make it the way you like it and hacking something to steal things.





    It is a legimitate story and is on pretty much every idevice site there is today, regardless of their stance on the subject. We are not telling people how to do it or that they should do it. It is just something that is obviously news worthy. When you watch the news on TV and they have news stories about people being murdered does it mean they are telling people to go do the same?
    Nicely put, But this hack is a completely new one, there have been similar ones which only work on apps that don't have to communicate with a server to verify the app purchase, well at least that's what I believe, however I wouldn't trust this new hack for all the people contemplating trying it, you don't know what other information your sending, it says above you send your location, maybe you also send your apple ID and password, these no telling what other information is being transferred

  20. #20
    iPhoneaholic AUZambo's Avatar
    Join Date
    Jul 2010
    Posts
    469
    Thanks
    47
    Thanked 38 Times in 28 Posts

    Quote Originally Posted by bigboyz View Post
    This is a hack site..you promote everything else yet pick and choose what hacks we SHOULD and SHOULD not implement. Heres some matches kid..oh by the way don't set a fire while I leave you alone to play with the matches. SILLY!!
    You couldn't be more wrong. There is absolutely nothing illegal or even wrong about jailbreaking a phone, and the US government has even said so. Jailbreaking a phone is no different than modifying a sports car with a 550 HP engine instead of the 350 HP factory engine. Now if you choose to use that stronger engine to tear up the interstate at 150 MPH then you're doing illegal stuff...but nothing is wrong with having the stronger engine.

    Likewise, jailbreaking a phone is nothing more than personalizing a device you own. Now if you use the jailbreak or any other hack to illegally download or install items that should be paid for then you are in the wrong.

    Next time you get a speeding ticket you should sue the manufacturer of your car because they gave you the ability to drive so fast.

  21. The Following User Says Thank You to AUZambo For This Useful Post:

    Simon (07-13-2012)

+ Reply
Page 1 of 10 123 ... LastLast
Posting Permissions
  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts