Difference between revisions of "Talk:Incomplete Codesign Exploit"

From The iPhone Wiki
Jump to: navigation, search
(New page: This has to be one of the most puzzling exploits in iOS. Since it was revealed in 3.1.3/3.2, Apple has yet to close it in 4.0, 4.02, or 4.1 or even 4.2 betas. Somehow, once you stick a d...)
 
(i just noticed)
 
(7 intermediate revisions by 4 users not shown)
Line 3: Line 3:
 
Somehow, once you stick a dynamic library or other goody with some sort of "incomplete codesign" magic in the right location and add a startup service, iOS will execute it. Perhaps Apple has no way to fix this without breaking other things?
 
Somehow, once you stick a dynamic library or other goody with some sort of "incomplete codesign" magic in the right location and add a startup service, iOS will execute it. Perhaps Apple has no way to fix this without breaking other things?
 
[[User:Iemit737|Iemit737]] 00:23, 10 October 2010 (UTC)
 
[[User:Iemit737|Iemit737]] 00:23, 10 October 2010 (UTC)
  +
  +
AFAIK IncompleteCodesignExploit is an exploit in WWDR Cert Checking that allows ppl to create fake entitlements. Obviously I'm not sure it works in this way. --[[User:Qwertyoruiop|Qwertyoruiop]] 00:41, 10 October 2010 (UTC)
  +
  +
  +
Should we decribe it or is it better to wait until Apple fixes it? --[[User:Redart|Redart]] 07:44, 21 October 2010 (UTC)
  +
:i think it cannot be patched also the codesign need's to be patched to run jailbroken apps because codesign would kill any applications not signed by Apple --[[User:Liamchat|liamchat]] 17:56, 26 October 2010 (UTC)
  +
:It is patchable, all kernel based exploits are since it is software based. --[[User:JacobVengeance|JakeAnthraX]] 18:00, 26 October 2010 (UTC)
  +
::then why has apple not patched it because it will make all app's in the app store need updating ( to use a unique key with the Codesign ) --[[User:Liamchat|liamchat]] 18:18, 26 October 2010 (UTC)
  +
::: Weather or not Apple decides to patch it, doesn't mean it is unpatchable. Just that they are having problems doing it. --[[User:JacobVengeance|JakeAnthraX]] 18:26, 26 October 2010 (UTC)
  +
  +
i just noticed something looking at the CodeResources in the _Codesign folder and look at an app from an ipsw [http://pastebin.com/6C55pTxf] and an appstore app [http://pastebin.com/E1aSybSJ] both [[sandbox]] and this where introduced in [[firmware]] 2.x --[[User:Liamchat|liamchat]] 18:44, 26 October 2010 (UTC)

Latest revision as of 18:44, 26 October 2010

This has to be one of the most puzzling exploits in iOS. Since it was revealed in 3.1.3/3.2, Apple has yet to close it in 4.0, 4.02, or 4.1 or even 4.2 betas.

Somehow, once you stick a dynamic library or other goody with some sort of "incomplete codesign" magic in the right location and add a startup service, iOS will execute it. Perhaps Apple has no way to fix this without breaking other things? Iemit737 00:23, 10 October 2010 (UTC)

AFAIK IncompleteCodesignExploit is an exploit in WWDR Cert Checking that allows ppl to create fake entitlements. Obviously I'm not sure it works in this way. --Qwertyoruiop 00:41, 10 October 2010 (UTC)


Should we decribe it or is it better to wait until Apple fixes it? --Redart 07:44, 21 October 2010 (UTC)

i think it cannot be patched also the codesign need's to be patched to run jailbroken apps because codesign would kill any applications not signed by Apple --liamchat 17:56, 26 October 2010 (UTC)
It is patchable, all kernel based exploits are since it is software based. --JakeAnthraX 18:00, 26 October 2010 (UTC)
then why has apple not patched it because it will make all app's in the app store need updating ( to use a unique key with the Codesign ) --liamchat 18:18, 26 October 2010 (UTC)
Weather or not Apple decides to patch it, doesn't mean it is unpatchable. Just that they are having problems doing it. --JakeAnthraX 18:26, 26 October 2010 (UTC)

i just noticed something looking at the CodeResources in the _Codesign folder and look at an app from an ipsw [1] and an appstore app [2] both sandbox and this where introduced in firmware 2.x --liamchat 18:44, 26 October 2010 (UTC)