AT+stkprof

From The iPhone Wiki
Revision as of 18:56, 3 January 2009 by Oranav (talk | contribs) (Exploit)
Jump to: navigation, search

Used as an injection vector for the first iPhone 3G unlock payload.

Credit

geohot

Exploit

There is a stack-based buffer overflow in the at+stkprof command that allows unsigned code execution on the iPhone 3G baseband.

Implementation

The dev team used this exploit in the first public iPhone 3G unlock called yellowsn0w. It can be downloaded from Cydia, and is a daemon that will run in the background. It will inject their payload whenever the baseband is reset.

The source code is also available here [1]