CNET también está disponible en español.

Ir a español

Don't show this again

Kamala Harris is Biden’s VP pick 2020 Perseid meteor shower Qualcomm wins in FTC lawsuit appeal Weekly $400 unemployment benefit Mozilla cutting 250 jobs Google Maps returns to the Apple Watch

Metasploit adds iPhone/iPod Touch hacks

Exploits are released based on a recent TIFF image-rendering flaw.

As reported in ComputerWorld, security researcher H.D. Moore has included several iPhone and iPod Touch exploits in the latest Metasploit tool. The free tool is used by professional pen-testers and criminal hackers alike. The new exploits take advantage of a flaw in the TIFF image-rendering library and are similar to flaws used by the iPhone Dev Team.

"This exploit is rock solid. It's very reliable, as reliable as the WMF [Windows Metafile] exploits in Windows. You can send it in an e-mail; you can embed it in a Web page," Moore told ComputerWorld.

Even if Apple fixes the flaw, which it is expected to do soon, Moore says that criminals can still exploit it by rolling the firmware back to a prepatched version. A Trojan in 2005 used a similar firmware rollback on the Sony PlayStation Portable.

Moore has previously written in his blog how any successful hack on a iPhone will give the attacker root access to the entire phone. In the past, adding exploits to Metaploit has been a shortcut to the wild attacks.