Difference between revisions of "AT+XLOG Vulnerability"

From The iPhone Wiki
Jump to: navigation, search
m (AT+XLOG Exploit moved to AT+XLOG Vulnerability: "Exploit" can be interpreted as the implementation, which is incorrect in this case.)
m
Line 5: Line 5:
   
 
==Exploit==
 
==Exploit==
There is a buffer overflow in the AT+XLOG=1,"..." command, which allows unsigned code execution on the [[X-Gold 608]].
+
There is a stack overflow in the AT+XLOG=1,"..." command, which allows unsigned code execution on the [[X-Gold 608]].
   
 
==Implementation==
 
==Implementation==

Revision as of 01:19, 12 July 2009

Used as an injection vector for the current iPhone 3G and iPhone 3GS unlock payload - ultrasn0w. Currently available in all baseband versions until 04.26.08.

Credit

Oranav

Exploit

There is a stack overflow in the AT+XLOG=1,"..." command, which allows unsigned code execution on the X-Gold 608.

Implementation

The exploit is used in ultrasn0w.