AT+XAPP Vulnerability

From The iPhone Wiki
Revision as of 15:58, 22 June 2010 by Sherif hashim (talk | contribs) (New page: Used as an injection vector for the current iPhone 3G and iPhone 3GS unlock payloads‭ - ‬ultrasn0w 0.93‭. ‬Currently available in all baseband versions until 05.13.04‭.‬ ‭ ==...)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Used as an injection vector for the current iPhone 3G and iPhone 3GS unlock payloads‭ - ‬ultrasn0w 0.93‭. ‬Currently available in all baseband versions until 05.13.04‭.‬ ‭

Credit

sherif_hashim ‭

Exploit

There is a stack overflow in the AT+XAPP‭="..." ‬command‭, ‬which allows unsigned code execution on the X-Gold 608‭.‬

at+xapp‭="‬00000000000000000000000000000000000000000000000000000‭"‬

applying a string more than 52‭ ‬characters will trigger the overflow ‭

Implementation

The exploit is used by the dev team in ultrasn0w 0.93‭ which is able to unlock 4.26.08‭, ‬5.11.07‭, ‬5.12.01‭ ‬and 5.13.04‭ ‬BB firmwares


Category‭: ‬Baseband Exploits