...::: C&M News by Ress - Druckansicht :::...

Drucken (Bereits 238 mal)


Corona: Pod2g gibt Informationen zum iOS 5 untethered Jailbreak

(6. Januar 2012/16:15)
Pod2g, Urheber der aktuellsten untethered Jailbreak Methode "Corona", gibt in seinem neuesten Blogartikel nähere Infos dazu, wie er sich auf die Suche nach Exploits (Sicherheitslücken) machte, mit welchen Tools er den Corona Exploit fand, und was beim Ausnützen eines Kernel Exploits eigentlich vor sich geht.


Zitat:
Now that Corona was released by the iPhone Dev Team and the Chronic Dev Team, I can give details about how it works.

1. the user land exploit

Apple has fixed all previous known ways of executing unsigned binaries in iOS 5.0. Corona does it another way.

By the past, the trick security researchers used was to include the untethering payload as a data page (as opposed to a code page) in the Mach-O binary. The advantage of a data page was that the Macho-O loader didnÂ’t check its authenticity. ROP is used so that code execution happens without writing executable code but rather by utilizing existing signed code in the dyld cacheÂ…


https://ress.at/corona-pod2g-gibt-informationen-zum-ios-5-untethered-jailbreak-news06012012161514.html
© by RessServerWorks, 2024