Metasploit adds iPhone/iPod Touch hacks

Exploits are released based on a recent TIFF image-rendering flaw.

As reported in ComputerWorld, security researcher H.D. Moore has included several iPhone and iPod Touch exploits in the latest Metasploit tool. The free tool is used by professional pen-testers and criminal hackers alike. The new exploits take advantage of a flaw in the TIFF image-rendering library and are similar to flaws used by the iPhone Dev Team.

"This exploit is rock solid. It's very reliable, as reliable as the WMF [Windows Metafile] exploits in Windows. You can send it in an e-mail; you can embed it in a Web page," Moore told ComputerWorld.

Even if Apple fixes the flaw, which it is expected to do soon, Moore says that criminals can still exploit it by rolling the firmware back to a prepatched version. A Trojan in 2005 used a similar firmware rollback on the Sony PlayStation Portable.

Moore has previously written in his blog how any successful hack on a iPhone will give the attacker root access to the entire phone. In the past, adding exploits to Metaploit has been a shortcut to the wild attacks.

Featured Video
This content is rated TV-MA, and is for viewers 18 years or older. Are you of age?
Sorry, you are not old enough to view this content.

Man flies 54-propeller superdrone, almost flips it, Ep. 217

This week on Crave, we walk you through a futuristic new automated restaurant in San Francisco, get navigation directions from the sultry voice of Stephen Colbert on Waze, and fly a drone with 54 propellers that can carry a full-grown man. It's the Crave show!

by Stephen Beacham