Few days ago, Chronic Dev Team has released a new jailbreak tweak called Corona 5.0.1 untethered jailbreak ana the new jailbreak tool called Redsn0w 0.9.10b1 has been released by iPhone Dev Team with alot of bugs, then the new Update from Corona and Redsn0w has been released with many fixes.
Today the great hacker Pod2g updated his blog to explain that how
Corona jailbreak tweak works for all users who don’t know how to use it.
As we all know Apple always tried to block any exploit discovered by the
hackers and Apple also has fixed all previous known ways of executing
unsigned binaries in iOS 5.0. Corona does it another way…
From Pod2G Blog:
From Pod2G Blog:
Thus, for Corona, I searched for a way to start unsigned code at boot without using the Mach-O loader. That’s why I looked for vulnerabilities in existing Apple binaries that I could call using standard launchd plist mechanisms.For all if you interesting there for more details abuot Pod2g and about how corona works, you can visit Pod2g blog, link above.
Using a fuzzer, I found after some hours of work that there’s a format string vulnerability in theracoon configuration parsing code! racoon is the IPsec IKE daemon (http://ipsec-tools.sourceforge.net/). It comes by default with iOS and is started when you setup an IPsec connection.
Now you got it, Corona is an anagram of racoon.
কোন মন্তব্য নেই:
একটি মন্তব্য পোস্ট করুন