Talk:OpenSharedCacheFile

From The iPhone Wiki
Revision as of 22:33, 24 March 2015 by Sjeezpwn (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Does this allow root access? Also, could we add that it was patched in 6.1.3/6.1.4 (possibly 6.1.6, I'll test that)? --Awesomebing1 (talk) 02:13, 23 March 2015 (UTC)

CVE Details stands, that the last vulnerable version is 6.1.3. I don't think, that this vulnerability can cause any privilege escalations. --Rzhikharevich (talk) 17:16, 23 March 2015 (UTC)
I don't know for sure, but since the only changed files are various executables (e.g recompiling stuff) and the OpenSSL fix, there's nothing else changed. I will test this in a bit. --Awesomebing1 (talk) 17:17, 23 March 2015 (UTC)
Well, I ran it. Turns out you actually have to put 2000 As. Ugh. Anyway, it outputs
dyld: stack buffer overrun
Trace/BPT trap: 5

Not sure if that means if it was patched. I'm guessing it means it does, since in the presentation I was copying off it said it Segementation Faulted.--Awesomebing1 (talk) 22:20, 23 March 2015 (UTC)

<sjeezpwn>yes this is patched, when i said 1024 A's, that was just a guess, you have to try around 30-40 times to see where the PC register is, once you know where PC is you need to insert your shellcode right after