The pwn2own Competition has long been an integral part of the CanSecWest Security Conference and calls for the participating in it to hackers regularly for vulnerabilities in browsers and operating systems to find and exploit them. Capable heads who manage different computers or installed on their browsers will chop $ 5000 prize money – for vulnerabilities in the iPhone or in Mobile Safari and have been Initiated to $ 15,000Vincenzo Iozzo and Ralf Philipp Weinmann devoted to the iPhone hacks and obtained – without physical access to the device, and without the use of a Jailbreaks – access to the SMS database of the iPhone. One Safari visit to a website fronting their hack was all that was required for it to appropriate and stealth upload the entirety of the SMS folder in 20 seconds. Weinmann also said that, they could have developed the hack further so that it was more stable and could steal contacts and other sensitive data.
According to statement made by the Musclenerd iPhone DEV team could be the one appointed by Iozzo and Weinmann code, including the browser-based jailbreak we used back in October 2007. According to Musclenerd this bug in iPhone Safari would allow a quick jailbreak the device simply by connecting to an external website created for this purpose
A publication of the vulnerabilities is not expected, at least, before the next iPhone software update. Traditionally vulnerabilities found on the CanSecWest Security Conference are first passed to the producers of the affected units and land only weeks later in the network. SMS exploit has been passed to Apple so that they can engineer it out in a future firmware update. In short: The next iPhone update is on it’s way.
>>> Update <<<
Small details have now been announced for the iPhone exploit "This year, Iozzo and Weinmann had to put in extra effort to bypass the" code signing "and data execution prevention ( DEP) technologies that prevent arbitrary code from running on the phone as well as defeat straightforward exploitation of buffer and heap overflow bugs. In order to achieve this result, they chained existing code bits in a technique commonly known as return-into-libc " or "return-oriented-programming."
It is the first time that this technique has been publicly demonstrated on a real-world telephone. The attack allowed them to execute code on the iPhone when a user visits a malicious website. The demonstrated attack code steals the SMS database from the phone, albeit other attack payloads are easily possible. " In addition to the SMS database could theoretically as others are resorting to e-mail, address book and stored on the iPhone photos.