Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

MacRumors

macrumors bot
Original poster
Apr 12, 2001
66,634
35,944



IDG News Service reports that German researchers have demonstrated how a knowledgeable thief could bypass the iPhone's passcode locking to upload a script capable of revealing entries from the device's password keychain system, potentially giving the hacker access to sensitive passwords stored on the device.
In a video that demonstrates the attack, the researchers first jailbreak the phone using existing software tools. They then install an SSH server on the iPhone that allows software to be run on the phone.

The third step is to copy a keychain access script to the phone. The script uses system functions already in the phone to access the keychain entries and, as a final step, outputs the account details it discovers to the attacker.

The attack works because the cryptographic key on current iOS devices is based on material available within the device and is independent of the passcode, the researchers said. This means attackers with access to the phone can create the key from the phone in their possession without having to hack the encrypted and secret passcode.
According to the report, the researchers were able to obtain passwords for Gmail accounts, Microsoft Exchange accounts, voicemail access, VPN and Wi-Fi network passwords, as well as passwords for some applications.

The researchers note that gaining access to an email password makes it easy for hackers to then reset passwords for other types of accounts, while compromised passwords for corporate networks can obviously result in security issues for businesses.

The exploit obviously requires a fair amount of technical knowledge, and thus shouldn't be an issue for the vast majority of users whose devices become lost or stolen. But the exploit could be used in targeted attacks by those specifically seeking to gain access to sensitive systems.

Article Link: Researchers Demonstrate Vulnerability Allowing Theft of iPhone Passwords
 
Awesome....

Thanks for publicly posting the walk through on hacking into my iPhone. Even if it's fixed, it still plants the ideas. Come on.....
 
"In a video that demonstrates the attack, the researchers first jailbreak the phone..."


Moving on...
 
I am wondering why I can't find the pass code menu like what is shown in the video? Is it because only Deutsche version supports the alphabets as the password?
 
Wirelessly posted (Mozilla/5.0 (iPhone; U; CPU iPhone OS 4_2_1 like Mac OS X; en-us) AppleWebKit/533.17.9 (KHTML, like Gecko) Version/5.0.2 Mobile/8C148 Safari/6533.18.5)

sza, turn off simple passcode and you can use letters.
 
So, presuming you have a passcode on your iPhone (even just the 4-digit numeric code), and have it set to wipe the phone after 10 incorrect attempts, does that mean the iPhone would be safe, or can it still be jailbroken and/or hacked somehow?
 
No real surprise here. In general, if someone gains physical access to a computer or device, it's game over.
 
Not exactly an exploit ...

If some has physical access to your computer, they can do the same thing as has been noted when laptops get stolen containing customer IDs and credit card information.

This "exploit" requires physical access to the phone -- which probably means it was already lost or stolen.

As some else said, every smartphone, blackberry, etc is subject to "exploit" if someone else has physical access to it.

Moving on ..... :cool:
 
I think once they had my phone I'd be more peeved at the theft of the actual phone! Wouldn't most people change passwords after your phone has been nicked anyway??

Jim
 
If someone steals your phone it isn't necessarily hard to jailbreak a device, hell I remember that one jailbreak that was in-browser.




Inception!

So what you're telling me is,

1. Someone must first steal my iPhone (already difficult considering how deep my pockets are, or how much it's in my hands).

2. They must hurry home and jailbreak it.

3. They must download the script.

4. Once they have my passwords, they can break into my email and see all of the pictures I sent to friends, or the documents I wrote for school.

5. Once they have my passwords, they could get close to my condo and (god forbid) use my wireless internet!

6. ...all before I sit down and goto www.me.com and push two buttons to Remote Wipe.

[sarcasm]
Well jeez, I guess I'm convinced. Guess I'd better switch to Android.
[/sarcasm]

psst, I think stealing a credit card is MUCH more detrimental...
 
In other news, if you make a copy of your house key, and give it to a stranger, tell them your wifi password, and allow them to come in and install a surveillance camera, they can spy on you!

Beware!
 
So, presuming you have a passcode on your iPhone (even just the 4-digit numeric code), and have it set to wipe the phone after 10 incorrect attempts, does that mean the iPhone would be safe, or can it still be jailbroken and/or hacked somehow?

They do not even have to enter the passcode once, so it wont wipe the phone.
 
Like the article says... not something the average person needs to worry about. Lots has to happen.

I would think anyone who has sensitive information on their phone would also have it set up so if their phone is lost or stolen, they can remote wipe it clean.

Not a biggie.
 
No platform is 100% secure

Show me how it's done on a Blackberry, then.

BlackBerry Vulnerability
A new study has discovered a major security flaw in BlackBerries that can allow a hacker to take over a BlackBerry server just from sending an email. If the hacker sends an email with an infected PDF file, and the user opens the file, a virus would install malicious software on the server side, allowing the hacker to send spam and collect personal data. Users are urged to disable attachments until the problem is worked out.

Source: h__p://www.spamlaws.com/spamlaws_news48.html?p=2

:rolleyes:
 
Last edited:
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.