Re: [Dailydave] iPhone Roadblock

["mOses[at]networksamurai" <trklisted () networksamurai org>]

 From what I understand of the phone it is running a native version of 
OS X. Which may mean to say its running the underlying BSD kernel of 
'Darwin' with a modified Aqua (which is their impementation of XWindows) 
on top. As with any type of blackbox testing you must go with the 
'knowns' to find the 'unknowns' (yai!!). Learn what the points of 
ingress are from the device it self, i.e. is safari still vulnerable and 
maybe can be used as a gateway into the directory structure? Or can you 
write code to use safari in that manner? If not then you must take a 
closer look inside the phone. One thing is certain, at some point a 
developer needed a way into the phone to do proper debugging, maybe not 
a JTAG interface on this device but some type of 'shell'. I have seen 
certain sites where people have taken apart the device and have started 
to peer into it.

I do know that their no SDK for the device but it does have a fully 
functional Safari browser which will allow for AJAX.... so quick start 
coding ;0

m

matthew wollenweber wrote:
> I'm one of the lucky (or possibly crazy) people that managed to get an 
> iPhone yesterday. If you're curious, I'm very happy with it so far. 
> I'm not an Apple nut that buys all things Apple, but after years of 
> "smartphones" that never seemed quite right, the iPhone really seems 
> to have hit the mark. My biggest worry was that it used Edge rather 
> than 3G. While at some points this is noticeable, the caching and 
> windowing mechanisms really make up for the difference. On the whole 
> it's the best smartphone experience I've had. But you can read all the 
> reviews in a more appropriate forum...
>
> I'm really interested in hacking up my iPhone. Anything with a *nix OS 
> underneath is just too tempting to leave alone. Unfortunately Apple 
> threw a curve ball that's outside my skill set. The iPhone doesn't 
> mount as a harddrive. I couldn't find any options in iTunes and in 
> linux I only got:
>
> Jun 30 21:25:42 lothlorien kernel: usb 1-4: new full speed USB device 
> using ehci_hcd and address 15
> Jun 30 21:25:42 lothlorien kernel: usb 1-4: Product: iPhone
> Jun 30 21:25:42 lothlorien kernel: usb 1-4: Manufacturer: Apple Inc.
> Jun 30 21:25:42 lothlorien kernel: usb 1-4: SerialNumber: XYZ123456789
> Jun 30 21:25:42 lothlorien kernel: usb 1-4: configuration #1 chosen 
> from 3 choices
>
> USB device drivers aren't my thing. Anyone have any suggestions on how 
> to get the thing mounted or to go about figuring out how to do so?
>
> Thanks for any help.
>
> -- 
> Matthew  Wollenweber
> mwollenweber () gmail com <mailto:mwollenweber () gmail com> | 
> mjw () cyberwart com <mailto:mjw () cyberwart com>
> www.cyberwart.com <http://www.cyberwart.com>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Dailydave mailing list
> Dailydave () lists immunitysec com
> http://lists.immunitysec.com/mailman/listinfo/dailydave
>   
> ------------------------------------------------------------------------
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/