Difference between revisions of "Timezone Vulnerability"

From The iPhone Wiki
Jump to: navigation, search
(initial page)
 
m (reference to evasi0n)
Line 1: Line 1:
 
According the the Accuvant Labs analysis, sending [[lockdownd]] a malformed [[PairRequest]] command causes [[lockdownd]] to change the permissions like <code>chmod 777 file</code> making it accessible to mobile (and all users). It isn't clear whether this vulnerability is in [[lockdownd]] or in an underlying library or framework, so more analysis of this vulnerability is necessary.
 
According the the Accuvant Labs analysis, sending [[lockdownd]] a malformed [[PairRequest]] command causes [[lockdownd]] to change the permissions like <code>chmod 777 file</code> making it accessible to mobile (and all users). It isn't clear whether this vulnerability is in [[lockdownd]] or in an underlying library or framework, so more analysis of this vulnerability is necessary.
  +
  +
== Usage ==
  +
* [[evasi0n|evasi0n jailbreak]]
   
 
== Credits ==
 
== Credits ==
Line 5: Line 8:
   
 
== References ==
 
== References ==
* [http://blog.accuvantlabs.com/blog/bthomas/evasi0n-jailbreaks-userland-component Accuvant Labs analysis]
+
* [http://blog.accuvantlabs.com/blog/bthomas/evasi0n-jailbreaks-userland-component Accuvant Labs analysis of evasi0n]
   
 
[[Category:Exploits]]
 
[[Category:Exploits]]

Revision as of 22:20, 17 February 2013

According the the Accuvant Labs analysis, sending lockdownd a malformed PairRequest command causes lockdownd to change the permissions like chmod 777 file making it accessible to mobile (and all users). It isn't clear whether this vulnerability is in lockdownd or in an underlying library or framework, so more analysis of this vulnerability is necessary.

Usage

Credits

References