HD Moore takes iPhone exploits public

Vulnerability in TIFF image-rendering library shared by Safari, email and iTunes software.

Noted hacker HD Moore has publicly posted exploits that take advantage of a vulnerability in Apple's iPhone, the same flaw that's been used by others to unlock the smart phone so it will work on non-AT&T networks.

The vulnerability, which is in the TIFF image-rendering library shared by the iPhone's Safari browser and its e-mail program, as well as by the iTunes software, leaves the iPhone wide open to attack, said Moore, who posted a second, and more robust, exploit after debuting attack code early this week.

"This exploit is rock solid," Moore said in an interview. "It's very reliable, as reliable as the WMF [Windows Metafile] exploits in Windows. You can send it in an e-mail, you can embed it in a Web page."

Although the vulnerability is the same as the one leveraged by hackers such as the iPhone Dev Team to return unlock capabilities to iPhones updated to Firmware 1.1.1 last month, Moore said that's the only similarity between his work and the activities of unlockers. "I wanted an exploit that would write any arbitrary payload" to the iPhone, rather than the specialized changes made for an unlocking hack, Moore said.

He claimed success. "The second exploit works on 1.0, 1.0.1, 1.0.2 and 1.1.1 iPhones," he said, referring to the four versions of the phone's firmware released since the device's June debut.

Although he expects Apple to plug the TIFF vulnerability in the next iPhone update -- a move that many interested in unlocking the iPhone have also predicted and bemoaned -- Moore also said it wouldn't matter. Citing the history of the vulnerability, which was also present in the Sony PlayStation Portable (PSP), he said attackers will be able to exploit the flaw in the future, even if Apple fixes it.

"All they'll need to do is back port the firmware to an earlier version that's vulnerable," said Moore. "Apple has to leave a way to restore an iPhone back [to previous versions of the firmware]."

The same technique was used to hack the Sony PSP after Sony issued an update that patched the TIFF vulnerability on that video game player.

In notes posted to customers of its DeepSight threat management network, Symantec warned iPhone users of Moore's exploits and recommended they use caution when browsing the Web, handling unsolicited e-mail and dealing with suspicious or unexpected music files.

But Ollie Whitehouse, a software architect with Symantec's security response team, downplayed the iPhone's apparent insecurity. "The iPhone isn't any different from other mobile platforms," he argued. "It's only the interest from the security research community that makes it seem different."

Moore disagreed. "I think the iPhone is pretty terrible," he said, referring to its level of security. "It's an easy platform to exploit." That's true in part, he explained, because exploiting any iPhone application gives root access to the entire phone. But other security weaknesses abound, including ones in the Safari browser and in the underlying operating system -- a scaled-back version of Mac OS X -- that runs the device, he added.

Moore has added the exploits to Metasploit, the popular penetration framework, a move that in the past has meant in-the-wild attacks are not far behind. He predicted that malicious code exploiting the TIFF vulnerability would be on the loose "pretty soon."

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Gregg Keizer

Computerworld
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Matthew Stivala

HP OfficeJet 250 Mobile Printer

The HP OfficeJet 250 Mobile Printer is a great device that fits perfectly into my fast paced and mobile lifestyle. My first impression of the printer itself was how incredibly compact and sleek the device was.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?