|
The iPhone Wiki is no longer updated. Visit this article on The Apple Wiki for current information. |
Difference between revisions of "AT+stkprof"
ChronicDev (talk | contribs) m (AT+stkprof Injection Vector moved to AT+stkprof Exploit) |
m (→Exploit) |
||
| Line 5: | Line 5: | ||
==Exploit== |
==Exploit== |
||
| − | There is a stack-based buffer overflow in the at+stkprof command that allows unsigned code execution on the [X-Gold 608|iPhone 3G baseband] |
+ | There is a stack-based buffer overflow in the at+stkprof command that allows unsigned code execution on the [[X-Gold 608|iPhone 3G baseband]]. |
==Implementation== |
==Implementation== |
||
Revision as of 18:56, 3 January 2009
Used as an injection vector for the first iPhone 3G unlock payload.
Credit
Exploit
There is a stack-based buffer overflow in the at+stkprof command that allows unsigned code execution on the iPhone 3G baseband.
Implementation
The dev team used this exploit in the first public iPhone 3G unlock called yellowsn0w. It can be downloaded from Cydia, and is a daemon that will run in the background. It will inject their payload whenever the baseband is reset.
The source code is also available here [1]
