The iPhone Wiki is no longer updated. Visit this article on The Apple Wiki for current information.

AT+XAPP Vulnerability

From The iPhone Wiki
Revision as of 16:35, 10 July 2010 by Geohot (talk | contribs)
Jump to: navigation, search

Used as an injection vector for the current iPhone 3G and iPhone 3GS unlock payloads‭ - ‬ultrasn0w 0.93‭. ‬Currently available in all baseband versions until 05.13.04‭.‬ ‭

Credit


Exploit

There is a stack overflow in the AT+XAPP‭="..." ‬command‭, ‬which allows unsigned code execution on the X-Gold 608 

at+xapp="‬0000111122223333444455556666777788889999000011112222"‬

applying a string of more than 52‭ ‬characters will trigger the overflow.

It also exists on the XMM 6180

Implementation

The exploit was used by iPhone Dev Team in Ultrasn0w 0.93‭ which is able to unlock 4.26.08‭, ‬5.11.07‭, ‬5.12.01‭ ‬and 5.13.04‭ ‬BB firmwares

Retrieved from "https://www.theiphonewiki.com/w/index.php?title=AT%2BXAPP_Vulnerability&oldid=6869"