Hacker Demos Jailbreak of iOS on iPhone X

By: Kacy Zurkus

A security researcher with the Qihoo 360 Vulcan Team, Qixun Zhao (@S0rryMybad), has revealed the second stage of an exploit chain in which he was able to remotely jailbreak the latest iOS system on iPhone X.

In a January 23 blog post, Zhao released the proof of concept (PoC) of a kernel vulnerability that can be reached in the sandbox, which he dubbed Chaos. For the benefit of beginners, he provides what he calls elaborate details on the tfp0 exploit, though he does not reveal the exploit code.

Instead, he stated, “if you want to jailbreak, you will need to complete the exploit code yourself or wait for the jailbreak community’s release. At the same time, I will not mention the exploit details of the post exploit, as this is handled by the jailbreak community.”

Zhao does demonstrate the jailbreak in a video posted to Twitter..

Following his intuition, Zhao said he believed there would be a path that would cause a leak, which he found could be exploited before iOS 12 even started in the sandbox.

Noting that the bug has been fixed in the most recent version, Zhao wrote, “As soon as I saw the code I felt that this part of the code is definitely lacking review and the quality is not high enough. After all, the code that can be directly reached in the sandbox, that means the kernel developer may not be familiar with the rules for generating MIG code. This information is more important than finding the bug in the above.”

More: https://www.infosecurity-magazine.com/news/hacker-demos-jailbreak-of-ios-on/

0-Days Found in iPhone X, Samsung Galaxy S9, Xiaomi Mi6 Phones

By: Swati Khandelwal

At Pwn2Own 2018 mobile hacking competition held in Tokyo on November 13-14, white hat hackers once again demonstrated that even the fully patched smartphones running the latest version of software from popular smartphone manufacturers can be hacked.

Three major flagship smartphones—iPhone X, Samsung Galaxy S9, and Xiaomi Mi6—were among the devices that successfully got hacked at the annual mobile hacking contest organized by Trend Micro’s Zero Day Initiative (ZDI), earning white hat hackers a total of $325,000 in reward.

Teams of hackers participated from different countries or representing different cybersecurity companies disclosed a total of 18 zero-day vulnerabilities in mobile devices made by Apple, Samsung, and Xiaomi, as well as crafted exploits that allowed them to completely take over the targeted devices.

Apple iPhone X Running iOS 12.1 — GOT HACKED!

A team of two researchers, Richard Zhu and Amat Cama, who named themselves Fluoroacetate, discovered and managed to exploit a pair of vulnerabilities in a fully patched Apple iPhone X over Wi-Fi. The duo combined a just-in-time (JIT) vulnerability in the iOS web browser (Safari) along with an out-of-bounds write bug for the sandbox escape and escalation to exfiltrate data from the iPhone running iOS 12.1.

For their demonstration, the pair chose to retrieve a photo that had recently been deleted from the target iPhone, which certainly came as a surprise to the person in the picture. The research earned them $50,000 in prize money.

More: https://thehackernews.com/2018/11/mobile-hacking-exploits.html