Difference between revisions of "AT+XAPP Vulnerability"

Revision as of 16:54, 22 June 2010

Used as an injection vector for the current iPhone 3G and iPhone 3GS unlock payloads‭ - ‬ultrasn0w 0.93‭. ‬Currently available in all baseband versions until 05.13.04‭.‬ ‭

Credit

sherif_hashim ‭

Exploit

There is a stack overflow in the AT+XAPP‭="..." ‬command‭, ‬which allows unsigned code execution on the X-Gold 608‭.‬

at+xapp‭="‬00000000000000000000000000000000000000000000000000000‭"‬

applying a string of more than 52‭ ‬characters will trigger the overflow ‭

Implementation

The exploit was used by iPhone Dev Team in Ultrasn0w 0.93‭ which is able to unlock 4.26.08‭, ‬5.11.07‭, ‬5.12.01‭ ‬and 5.13.04‭ ‬BB firmwares

Category‭: ‬Baseband Exploits

Revision as of 16:39, 22 June 2010 (view source) Sherif hashim (talk \| contribs) (→‎Exploit) ← Older edit		Revision as of 16:54, 22 June 2010 (view source) Sherif hashim (talk \| contribs) (→‎Implementation) Newer edit →
Line 19:		Line 19:


−	The exploit is used by ~~the~~ ~~dev~~ ~~team~~ in [[Ultrasn0w]] 0.93‭ which is able to unlock 4.26.08‭, ‬5.11.07‭, ‬5.12.01‭ ‬and 5.13.04‭ ‬BB firmwares	+	The exploit was used by [[iPhone Dev Team]] in [[Ultrasn0w]] 0.93‭ which is able to unlock 4.26.08‭, ‬5.11.07‭, ‬5.12.01‭ ‬and 5.13.04‭ ‬BB firmwares

	----		----

Difference between revisions of "AT+XAPP Vulnerability"

Revision as of 16:54, 22 June 2010

Credit

Exploit

Implementation

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Miscellaneous

Tools