{"id":24864,"date":"2011-09-14T11:37:24","date_gmt":"2011-09-14T09:37:24","guid":{"rendered":"http:\/\/www.iphone-ticker.de\/?p=24864"},"modified":"2011-09-14T13:30:06","modified_gmt":"2011-09-14T11:30:06","slug":"stefan-esser-jailbreak","status":"publish","type":"post","link":"https:\/\/www.iphone-ticker.de\/stefan-esser-jailbreak-24864\/","title":{"rendered":"Auf unterster System-Ebene: Vortragspapiere zum Jailbreak-Angriff auf iOS 4.3"},"content":{"rendered":"<p>Ohne wenigsten vier Semester im Informatik-Lesesaal eurer Wahl verbracht zu haben, d\u00fcrften euch die im Anschluss verlinkten PDF-Downloads wahrscheinlich nur zwei Fragezeichen auf die Stirn setzen &#8211; f\u00fcr die am Jailbreak interessierten iPhone-Nutzer lohnt sich der Blick in die Vortrags-Dokumente des K\u00f6lner Security-Experten <a href=\"https:\/\/www.sektioneins.de\/\">Stefan Esser<\/a> jedoch allemal. <\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"http:\/\/www.iphone-ticker.de\/wp-content\/uploads\/2011\/09\/phonehack.jpg\" alt=\"\" title=\"phonehack\" width=\"464\" height=\"184\" class=\"aligncenter size-full wp-image-24865\" srcset=\"https:\/\/images.iphone-ticker.de\/wp-content\/uploads\/2011\/09\/phonehack.jpg 464w, https:\/\/images.iphone-ticker.de\/wp-content\/uploads\/2011\/09\/phonehack-300x118.jpg 300w\" sizes=\"auto, (max-width: 464px) 100vw, 464px\" \/><\/p>\n<p>In dem PDF &#8222;Exploiting the iOS Kernel&#8220; dokumentiert Esser seine erfolgreiche Suche nach Schwachstellen im iPhone-Betriebssystem und beschreibt welche Schritt zur \u00dcbernahme des Ger\u00e4tes und zur Ver\u00f6ffentlichung des kabelungebundenen Jailbreaks f\u00fcr die iOS-Versionen 4.3.1 bis 4.3.3 gef\u00fchrt haben. <\/p>\n<blockquote><p>In this paper we revealed the integer over\ufb02ow vulnerability in the iOS kernel that drives the iOS 4.3.1-4.3.3 untethered jailbreak. This vulnerability is already closed in current beta versions of iOS 5.0 and is expected to be closed in the soon arriving iOS 4.3.4.\n<\/p><\/blockquote>\n<p>Die beiden Dokumente, sowohl das White Paper (<a href=\"https:\/\/media.blackhat.com\/bh-us-11\/Esser\/BH_US_11_Esser_Exploiting_The_iOS_Kernel_WP.pdf\">PDF-Download<\/a>) als auch die Vortragsfolien (<a href=\"https:\/\/media.blackhat.com\/bh-us-11\/Esser\/BH_US_11_Esser_Exploiting_The_iOS_Kernel_Slides.pdf\">PDF-Download<\/a>), waren Teil des Esser-Talks auf der diesj\u00e4hrigen <a href=\"http:\/\/www.blackhat.com\/html\/bh-us-11\/bh-us-11-archives.html#Esser\">Blackhat-Konferenz<\/a>. Danke Moritz.<\/p>\n<p><!--more--><\/p>\n<blockquote><p>The iPhone user land is locked down very tightly by kernel level protections. Therefore any sophisticated attack has to include a kernel exploit in order to completely compromise the device. [&#8230;] This session will introduce the audience to kernel level exploitation of iPhones. With the help of previously disclosed kernel vulnerabilities the exploitation of uninitialized kernel variables, kernel stack buffer overflows, out of bound writes and kernel heap buffer overflows will be discussed.<\/p><\/blockquote>\n","protected":false},"excerpt":{"rendered":"<a href=\"https:\/\/www.iphone-ticker.de\/stefan-esser-jailbreak-24864\/\"><img width=\"150\" height=\"150\" src=\"https:\/\/images.iphone-ticker.de\/wp-content\/uploads\/2011\/09\/phonehack-150x150.jpg\" class=\"alignright tfe wp-post-image\" alt=\"\" decoding=\"async\" loading=\"lazy\" \/><\/a><p>Ohne wenigsten vier Semester im Informatik-Lesesaal eurer Wahl verbracht zu haben, d\u00fcrften euch die im Anschluss verlinkten PDF-Downloads wahrscheinlich nur zwei Fragezeichen auf die Stirn setzen &#8211; f\u00fcr die am Jailbreak interessierten iPhone-Nutzer lohnt sich der Blick in die Vortrags-Dokumente des K\u00f6lner Security-Experten Stefan Esser jedoch allemal. In dem PDF &#8222;Exploiting the iOS Kernel&#8220; dokumentiert [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":24865,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[153],"tags":[43,5661,5659],"class_list":["post-24864","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-jailbreak","tag-hacks","tag-ios","tag-jailbreak"],"aioseo_notices":[],"rest_api_enabler":[],"_links":{"self":[{"href":"https:\/\/www.iphone-ticker.de\/apiv2\/wp\/v2\/posts\/24864","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.iphone-ticker.de\/apiv2\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.iphone-ticker.de\/apiv2\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.iphone-ticker.de\/apiv2\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.iphone-ticker.de\/apiv2\/wp\/v2\/comments?post=24864"}],"version-history":[{"count":3,"href":"https:\/\/www.iphone-ticker.de\/apiv2\/wp\/v2\/posts\/24864\/revisions"}],"predecessor-version":[{"id":24873,"href":"https:\/\/www.iphone-ticker.de\/apiv2\/wp\/v2\/posts\/24864\/revisions\/24873"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.iphone-ticker.de\/apiv2\/wp\/v2\/media\/24865"}],"wp:attachment":[{"href":"https:\/\/www.iphone-ticker.de\/apiv2\/wp\/v2\/media?parent=24864"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.iphone-ticker.de\/apiv2\/wp\/v2\/categories?post=24864"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.iphone-ticker.de\/apiv2\/wp\/v2\/tags?post=24864"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}