The iPhone Wiki is no longer updated. Visit this article on The Apple Wiki for current information. |
Difference between revisions of "AT+XLOG Vulnerability"
m |
|||
Line 6: | Line 6: | ||
==Exploit== |
==Exploit== |
||
There is a stack overflow in the AT+XLOG=1,"..." command, which allows unsigned code execution on the [[X-Gold 608]]. |
There is a stack overflow in the AT+XLOG=1,"..." command, which allows unsigned code execution on the [[X-Gold 608]]. |
||
+ | |||
+ | at+xlog=1,"jjjjjjjjjjjjjjjjjjjjjjjjjjjj44445555PPPP" |
||
+ | j's are junk |
||
+ | R4 = 4 |
||
+ | R5 = 5 |
||
+ | PC = P |
||
==Implementation== |
==Implementation== |
Revision as of 17:46, 12 July 2009
Used as an injection vector for the current iPhone 3G and iPhone 3GS unlock payload - ultrasn0w. Currently available in all baseband versions until 04.26.08.
Credit
Exploit
There is a stack overflow in the AT+XLOG=1,"..." command, which allows unsigned code execution on the X-Gold 608.
at+xlog=1,"jjjjjjjjjjjjjjjjjjjjjjjjjjjj44445555PPPP" j's are junk R4 = 4 R5 = 5 PC = P
Implementation
The exploit is used in ultrasn0w.