iPhone Hacks · Hacks, Cracks, Mods, Homebrew, Utilities

Apple has officially released software version 1.0.1 for the iPhone…

After successfully decrypting the update using vfdecrypt…

Edit vfdecrypt.c putting in the key you found where it says INSERT KEY HERE. Use the same amount of characters as the hyphens in there, replacing them with parts of the key.

Now compile vfdecrypt. You can use Cygwin - use the command gcc vfdecrypt.c -lcrypto -o vfdecrypt.exe

Run vfdecrypt, passing it the name of the encrypted DMG (”694-5281-6.dmg”) and the name of an output file (say, “694-5281-6-decrypted.dmg”).

Now if you’re on Windows you need Transmac to open the DMG. If you’re on Mac you can just open it.

…Its been reported that manually copying the new/changed files to a jailbroken iPhone will result in hacked components continuing to work — SSH, jailbreak, 3rd-party compiled binaries, custom ringtones, etc… I’m sure this process will be streamlined in the future. Upgrading your iPhone via iTunes probably isn’t the best idea; that is, if you’re looking to hack it. :)

- source: cre.ations.net

iPhone v1.0.1 changelog…

Safari — CVE-ID: CVE-2007-2400

• Impact: Visiting a malicious website may allow cross-site scripting
• Description: Safari’s security model prevents JavaScript in remote web pages from modifying pages outside of their domain. A race condition in page updating combined with HTTP redirection may allow JavaScript from one page to modify a redirected page. This could allow cookies and pages to be read or arbitrarily modified. This update addresses the issue by correcting access control to window properties. Credit to Lawrence Lai, Stan Switzer, and Ed Rowe of Adobe Systems, Inc. for reporting this issue.

Safari –CVE-ID: CVE-2007-3944

• Impact: Viewing a maliciously crafted web page may lead to arbitrary code execution
• Description: Heap buffer overflows exist in the Perl Compatible Regular Expressions (PCRE) library used by the JavaScript engine in Safari. By enticing a user to visit a maliciously crafted web page, an attacker may trigger the issue, which may lead to arbitrary code execution. This update addresses the issue by performing additional validation of JavaScript regular expressions. Credit to Charlie Miller and Jake Honoroff of Independent Security Evaluators for reporting these issues.

WebCore — CVE-ID: CVE-2007-2401

• Impact: Visiting a malicious website may allow cross-site requests
• Description: An HTTP injection issue exists in XMLHttpRequest when serializing headers into an HTTP request. By enticing a user to visit a maliciously crafted web page, an attacker could trigger a cross-site scripting issue. This update addresses the issue by performing additional validation of header parameters. Credit to Richard Moore of Westpoint Ltd. for reporting this issue.

WebKit — CVE-ID: CVE-2007-3742

• Impact: Look-alike characters in a URL could be used to masquerade a website
• Description: The International Domain Name (IDN) support and Unicode fonts embedded in Safari could be used to create a URL which contains look-alike characters. These could be used in a malicious web site to direct the user to a spoofed site that visually appears to be a legitimate domain. This update addresses the issue by through an improved domain name validity check.

WebKit — CVE-ID: CVE-2007-2399

• Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution
• Description: An invalid type conversion when rendering frame sets could lead to memory corruption. Visiting a maliciously crafted web page may lead to an unexpected application termination or arbitrary code execution. Credit to Rhys Kidd of Westnet for reporting this issue.