Difference between revisions of "Talk:Incomplete Codesign Exploit"

From The iPhone Wiki
Jump to: navigation, search
m (added a \n)
Line 3: Line 3:
 
Somehow, once you stick a dynamic library or other goody with some sort of "incomplete codesign" magic in the right location and add a startup service, iOS will execute it. Perhaps Apple has no way to fix this without breaking other things?
 
Somehow, once you stick a dynamic library or other goody with some sort of "incomplete codesign" magic in the right location and add a startup service, iOS will execute it. Perhaps Apple has no way to fix this without breaking other things?
 
[[User:Iemit737|Iemit737]] 00:23, 10 October 2010 (UTC)
 
[[User:Iemit737|Iemit737]] 00:23, 10 October 2010 (UTC)
  +
 
AFAIK IncompleteCodesignExploit is an exploit in WWDR Cert Checking that allows ppl to create fake entitlements. Obviously I'm not sure it works in this way. --[[User:Qwertyoruiop|Qwertyoruiop]] 00:41, 10 October 2010 (UTC)
 
AFAIK IncompleteCodesignExploit is an exploit in WWDR Cert Checking that allows ppl to create fake entitlements. Obviously I'm not sure it works in this way. --[[User:Qwertyoruiop|Qwertyoruiop]] 00:41, 10 October 2010 (UTC)

Revision as of 00:42, 10 October 2010

This has to be one of the most puzzling exploits in iOS. Since it was revealed in 3.1.3/3.2, Apple has yet to close it in 4.0, 4.02, or 4.1 or even 4.2 betas.

Somehow, once you stick a dynamic library or other goody with some sort of "incomplete codesign" magic in the right location and add a startup service, iOS will execute it. Perhaps Apple has no way to fix this without breaking other things? Iemit737 00:23, 10 October 2010 (UTC)

AFAIK IncompleteCodesignExploit is an exploit in WWDR Cert Checking that allows ppl to create fake entitlements. Obviously I'm not sure it works in this way. --Qwertyoruiop 00:41, 10 October 2010 (UTC)