The iPhone Wiki is no longer updated. Visit this article on The Apple Wiki for current information. |
Difference between revisions of "Talk:OpenSharedCacheFile"
Awesomebing1 (talk | contribs) (Info) |
|||
(5 intermediate revisions by 3 users not shown) | |||
Line 1: | Line 1: | ||
Does this allow root access? Also, could we add that it was patched in 6.1.3/6.1.4 (possibly 6.1.6, I'll test that)? --[[User:Awesomebing1|Awesomebing1]] ([[User talk:Awesomebing1|talk]]) 02:13, 23 March 2015 (UTC) |
Does this allow root access? Also, could we add that it was patched in 6.1.3/6.1.4 (possibly 6.1.6, I'll test that)? --[[User:Awesomebing1|Awesomebing1]] ([[User talk:Awesomebing1|talk]]) 02:13, 23 March 2015 (UTC) |
||
+ | :[http://www.cvedetails.com/cve/CVE-2013-3950/ CVE Details] stands, that the last vulnerable version is 6.1.3. I don't think, that this vulnerability can cause any privilege escalations. --[[User:Rzhikharevich|Rzhikharevich]] ([[User talk:Rzhikharevich|talk]]) 17:16, 23 March 2015 (UTC) |
||
+ | ::I don't know for sure, but since the only changed files are various executables (e.g recompiling stuff) and the OpenSSL fix, there's nothing else changed. I will test this in a bit. --[[User:Awesomebing1|Awesomebing1]] ([[User talk:Awesomebing1|talk]]) 17:17, 23 March 2015 (UTC) |
||
+ | :::Well, I ran it. Turns out you actually have to put 2000 As. Ugh. Anyway, it outputs |
||
+ | <pre>dyld: stack buffer overrun |
||
+ | Trace/BPT trap: 5</pre> |
||
+ | |||
+ | Not sure if that means if it was patched. I'm guessing it means it does, since in the presentation I was copying off it said it Segementation Faulted.--[[User:Awesomebing1|Awesomebing1]] ([[User talk:Awesomebing1|talk]]) 22:20, 23 March 2015 (UTC) |
||
+ | |||
+ | <sjeezpwn>yes this is patched, when i said 1024 A's, that was just a guess, you have to try around 30-40 times to see where the PC register is, once you know where PC is you need to insert your shellcode right after |
Latest revision as of 22:33, 24 March 2015
Does this allow root access? Also, could we add that it was patched in 6.1.3/6.1.4 (possibly 6.1.6, I'll test that)? --Awesomebing1 (talk) 02:13, 23 March 2015 (UTC)
- CVE Details stands, that the last vulnerable version is 6.1.3. I don't think, that this vulnerability can cause any privilege escalations. --Rzhikharevich (talk) 17:16, 23 March 2015 (UTC)
- I don't know for sure, but since the only changed files are various executables (e.g recompiling stuff) and the OpenSSL fix, there's nothing else changed. I will test this in a bit. --Awesomebing1 (talk) 17:17, 23 March 2015 (UTC)
- Well, I ran it. Turns out you actually have to put 2000 As. Ugh. Anyway, it outputs
- I don't know for sure, but since the only changed files are various executables (e.g recompiling stuff) and the OpenSSL fix, there's nothing else changed. I will test this in a bit. --Awesomebing1 (talk) 17:17, 23 March 2015 (UTC)
dyld: stack buffer overrun Trace/BPT trap: 5
Not sure if that means if it was patched. I'm guessing it means it does, since in the presentation I was copying off it said it Segementation Faulted.--Awesomebing1 (talk) 22:20, 23 March 2015 (UTC)
<sjeezpwn>yes this is patched, when i said 1024 A's, that was just a guess, you have to try around 30-40 times to see where the PC register is, once you know where PC is you need to insert your shellcode right after