Apple iPhone Unlocked Again – 1.1.2 and 1.1.3 Firmware

Once again Apple iPhone has been unlocked by a determined youngster, the same who was amongst the first to unlock it last year winning himself a rather nice car and a few 8gb iPhones.

It just shows nothing is infallible, all he needed to find was a writable memory address and he was pretty much done (he used a much higher range of registers than previously).

A teen hacker known for his deftness with iPhones has figured out how to unlock models running the latest firmware versions by cracking a protection that has frustrated hackers for weeks.

The breakthrough by George Hotz, aka Geohot, means people who have bought a recent iPhone will once again be able to use it on the phone network of their choice. Apple makes as much as $400 for every handset that’s activated on an approved network, so its developers have worked hard to prevent the so-called unlocking of iPhones.

A very smart young man indeed, just showing 1 person can indeed defeat the security of a huge multi-national billion dollar company.

And he’s done it twice.

The latest salvo was fired late last week, following a 24-hour hacking spree by Geohot that was broken up by only three hours of sleep. It turns out the latest firmware contained modifications to the device’s memory registers to prevent unlocking. Geohot worked around those changes by finding another, much higher register that was vulnerable.

“I guess Apple thought big numbers were harder to guess,” he wrote.

He then found a way to install his custom-built code by exploiting a flaw that allowed him to erase a range of memory addresses where security software is stored.

An amazing 27% of iPhones are running on unauthorized networks which means they are cracked. Of course Apple will soon come out with a new firmware update that negates this problem….but then the game will just start all over again.

And no one doubt Geohot or someone like him will break it again.

If you want to know how to do it check out step-by-step instructions here from iClarified here.

Source: The Register

Posted in: Apple, Exploits/Vulnerabilities, Secure Coding

, , , , , , ,

Latest Posts:

Socialscan - Command-Line Tool To Check For Email And Social Media Username Usage Socialscan – Command-Line Tool To Check For Email And Social Media Username Usage
socialscan is an accurate command-line tool to check For email and social media username usage on online platforms, given an email address or username,
CFRipper - CloudFormation Security Scanning & Audit Tool CFRipper – CloudFormation Security Scanning & Audit Tool
CFRipper is a Python-based Library and CLI security analyzer that functions as an AWS CloudFormation security scanning and audit tool
CredNinja - Test Credential Validity of Dumped Credentials or Hashes CredNinja – Test Credential Validity of Dumped Credentials or Hashes
CredNinja is a tool to quickly test credential validity of dumped credentials (or hashes) across an entire network or domain very efficiently.
assetfinder - Find Related Domains and Subdomains assetfinder – Find Related Domains and Subdomains
assetfinder is a Go-based tool to find related domains and subdomains that are related to a given domain from a variety of sources including Facebook and more.
Karkinos - Beginner Friendly Penetration Testing Tool Karkinos – Beginner Friendly Penetration Testing Tool
Karkinos is a light-weight Beginner Friendly Penetration Testing Tool, which is basically a 'Swiss Army Knife' for pen-testing and/or hacking CTF's.
Aclpwn.Py - Exploit ACL Based Privilege Escalation Paths in Active Directory Aclpwn.Py – Exploit ACL Based Privilege Escalation Paths in Active Directory is a tool that interacts with BloodHound< to identify and exploit ACL based privilege escalation paths.

9 Responses to Apple iPhone Unlocked Again – 1.1.2 and 1.1.3 Firmware

  1. James C February 18, 2008 at 10:32 am #

    I hate Apple to the core.

  2. Sir Henry February 18, 2008 at 3:14 pm #

    lol…I love Apple for different reasons. The iPhone and being solely available to AT&T customers is a bit unnerving, but it would appear people who have a similar loathe or disdain are doing wonderful things in the efforts of subverting this union.

  3. eM3rC February 18, 2008 at 9:54 pm #

    I personally love Apple. Although I use a windows computer (soon to be linux), I still believe that OSX is one of the best OSs out there for the general public. If anyone is interested in installing OSX on there computer or have any other Apple hacking requests, check out the insanely mac forums. They are by far the best forum out there for that kind of stuff.

  4. zupakomputer February 18, 2008 at 10:13 pm #

    I’ve always liked Apple, ever since using their all-in-one monitor plus computer units from the old days of black and white displays. I spent many a happy time using MacPaint when I was learning Clarisworks at school. But anyway – phones.

    Now that there’s more internet over mobile phone network deals available, why am I not getting free internet yet at home?
    More seriously, other than using free (or ‘free’) wireless links and the like, this whole 3G and above mobile internet holds the best promise for getting online entirely anonymously.
    Yes, there’d be issues with tracking signals from the phones, but there’s ways around that.

    Magic numbers must be sought.

  5. Pantagruel February 18, 2008 at 10:40 pm #

    I personnaly like Apple but think they have really shot themselves in the foot with this Iphone lockdown. They basically create a situation where people will want to get a non restricted formware which can be used with their provider of choice and not be chained to AT&T, Vodafone, T-Mobile, whomever or just to be among the geeks proudly owning an Iphone with alternate SIM card.
    Go search the internet, find out all the restrictions imposed by Apple Inc. when using the Iphone and wonder do I really need this that badly. I for one don’t. Furthermore I do not see the advantage of flashing such a high profile gadget in public, unless you badly want to get mugged (you gotta love public transport :( ).

  6. eM3rC February 19, 2008 at 2:31 am #

    I have a really strange idea, tell me if its to far out.
    On the iPhone and Verizon Voyager they have wireless internet. What if there was some way to tap into that signal? I know it might not be DSL speed but it would none the less be free -somewhat- high speed internet.

  7. J. Lion February 19, 2008 at 5:05 pm #

    I like the iPhone but does not like AT&T – hence no iPhone. Can’t wait till they open their doors to other Service Providers.

  8. zupakomputer February 19, 2008 at 6:07 pm #

    I don’t have a mobile phone at all, life was better before those became so commonplace as everyday things. I did have one – when the only net access on them was WAP! Sadly it ain’t working, the battery’s likely dead.

    I’m all for exploiting wireless that’s available but I hate the way things have gone down that road – mobile signals give me a headache even if I’m only near someone else using a phone. They’re biologicially destructive evil things that’ll soon be the basis of way more lawsuits than any tobacco claims.

    re: the free phone internet – it’s probably the same thing I was meaning, the phones here (UK) can get online with GPRS, 3G, HSDPA and some other methods. There’s usb modems available so that you can get mobile phone internet (faster than dial up and depending on coverage gets up to about 8Mb in speed, so the ad’s say anyway) without having a phone – you just plug the modem into a usb port on a laptop or computer – these get online wherever there’s a mobile phone signal.
    But, you need a simcard or on some models a pcmcia or similar, which as with phones in general must be in some way activated for use on a network provider (O2, orange, T mobile, etc) account.

    So by magic numbers I’m meaning those dial-in numbers and account details that get you online for free; it’s a matter of knowing what to key in for the logins, or bypassing that altogether.
    It’s something you can’t really do from your own landline (surf entirely anon, or near-enough it) because at some point it’ll be logged that it’s your phone number that’s connected even if it’s just at your ISP, so then there’s the house details to go with the landline number being logged and so forth.

    What I’d certainly be doing with such a set-up would be to have the reciever antenna(e) as far away from me as possible, and a long cord jacked into the usb. Although to be fair, I’ve found WLANs to be painless by comparison to mobile phone reception thus far – I can still feel it moving through me and messing with my energy but it’s not sore.
    Mentioned the Q-link bridge at another entry here – those have quite a range. Pricey, but then they would be. Such things interest me as they can be placed in urban environments somewhat un-noticably and as long as line-of-sight and signal strengths are paid heed, can link or bounce free wireless to wherever you want.

  9. eM3rC February 21, 2008 at 3:04 am #

    Sorry to hear about your condition zupakcomputer. I starting hearing about people having these symptoms a little while back. I think it’s called electromagnetic sensitivity syndrome or something along those lines.

    There are also the issues being brought up about cellphones possibly causing cancer because of the radio waves they emit. None the less, all the radio waves we bombard our bodies with (cell phones, wireless internet, television signals, etc) can’t be good for us and it looks like people are starting to show the signs of this kind of abuse for this fairly new technology. I hope some well established scientific organization tackles this issue once and for all.

    That is awesome about the wireless internet. Thanks for indulging me! If one was not able to use the mobile phone based internet for some reason, you could always conjure up a long range wifi antenna so you could pick up signals from a decent distance. It would make it pretty hard to track you down as well because (from at least my understanding) the ability of the police to triangulate the signal would be impaired because you would be pretty far away from the location from which the signal was actually being transmitted.

    I love how these conversations go from one thing to another. First the iPhone, now mobile internet :)