April 23, 2024
Charlie Miller Wins Pwn2Own With Safari Based iPhone Exploit

Charlie Miller Wins Pwn2Own With Safari Based iPhone Exploit

Posted March 10, 2011 at 9:16pm by iClarified
Charlie Miller has won Pwn2Own again using a Safari based iPhone exploit, according to a ZDNET report.

Miller partnered with colleague Dion Blazakis from Independent Security Evaluators on the winning exploit.

The attack simply required that the target iPhone surfs to a rigged web site. On first attempt at the drive-by exploit, the iPhone browser crashed but once it was relaunched, Miller was able to hijack the entire address book.


Miller told ZDNet that the attack works perfectly on iOS 4.2.1 but currently doesn't work on iOS 4.3 because he hasn't bypassed DEP and ASLR.

"If you update your iPhone today, the [MobileSafari] vulnerability is still there, but the exploit won't work. I'd have to bypass DEP and ASLR for this exploit to work," Miller said.

It's unclear whether this exploit could result in workable jailbreak. Earlier today, I0n1c posted a video demonstrating an untethered jailbreak on iOS 4.3.

Read More



Charlie Miller Wins Pwn2Own With Safari Based iPhone Exploit
Follow iClarified
Add Comment
Would you like to be notified when someone replies or adds a new comment?
Yes (All Threads)
Yes (This Thread Only)
No
iClarified Icon
Notifications
Would you like to be notified when we post a new Apple news article or tutorial?
Yes
No
Comments (1)
You must login or register to add a comment...
Add Comment
?
? - March 10, 2011 at 10:17pm
Nerds, gotta love them
Reply · Like
Recent. Read the latest Apple News.
RECENT
Proton Announces Dark Web Monitoring for Credential Leaks
Proton Announces Dark Web Monitoring for Credential Leaks
Apple Nears Deal With FIFA for Rights to New Tournament
Apple Nears Deal With FIFA for Rights to New Tournament
LeBron James Seen With New Beats Pill Speaker? [Video]
LeBron James Seen With New Beats Pill Speaker? [Video]
Apple Has Allegedly Ordered Capacitive Button Components for iPhone 16
Apple Has Allegedly Ordered Capacitive Button Components for iPhone 16
Apple Has Allegedly Stopped Production of FineWoven Accessories
Apple Has Allegedly Stopped Production of FineWoven Accessories
More News
Tutorials. Help is here.
TUTORIALS
Where to Download macOS Monterey
Where to Download macOS Ventura
AppleTV Firmware Download Locations
Where To Download iPad Firmware Files From
Where To Download iPhone Firmware Files From
More Tutorials
Deals. Save on Apple devices and accessories.
DEALS
Anker Sale Offers Up to 50% Off Power Banks, Chargers, Smart Locks, More
Anker Sale Offers Up to 50% Off Power Banks, Chargers, Smart Locks, More
New 15-inch M3 MacBook Air On Sale for $149.01 Off! [Lowest Price Ever]
New 15-inch M3 MacBook Air On Sale for $149.01 Off! [Lowest Price Ever]
Apple 96W USB-C Power Adapter On Sale for 49% Off [Deal]
Apple 96W USB-C Power Adapter On Sale for 49% Off [Deal]
T-Mobile Offers Free Blink Security Camera System With 5G Home or Small Business Internet
T-Mobile Offers Free Blink Security Camera System With 5G Home or Small Business Internet
AirPods Pro 2 With USB-C On Sale for $189! [Deal]
AirPods Pro 2 With USB-C On Sale for $189! [Deal]
More Deals