Full Disclosure mailing list archives
Re: Fwd: Iphone
From: T Biehn <tbiehn () gmail com>
Date: Sun, 14 Jun 2009 14:38:35 -0400
Randal, I'm going to assume you're thinking of the mayhem-prone ActiveX object/embed tags... No this is not how they work. It's fairly obvious why it doesn't work that way. They are standard e-mail attachments, the iphone mail proggy (though an unknown mechanism) recognizes it has a reader enabled for them, and offers that as an option. It's very doubtful, when you take into account the surround, that this is an exploitable vector. Think I'm taking a logical leap? You are, for example, hopeful that some file type has a registered viewer that allows you to change settings... Nothing on the iPhone works this way, this would not be the case, the programmers would basically have to be arsed to write insecure code (a backdoor) rather than necessity & ignorance breeding insecure code. You will have much more luck working against Safari and the PDF Viewer and providing links and malicious attachments. -Travis On Sun, Jun 14, 2009 at 9:37 AM, RandallM<randallm () fidmail com> wrote:
Curious, any one on the list familiar with iPhone processes used for email hypertxt and picture view through email? What processes are used and called? Is it the basic same as IE and windows? Are there any documents written (going to google in a bit). There are a lot of "fun" features of the IPhone called and uses by apps that I was curious if could be reached through email not for havoc but fun. Of course that would also open a can of worms I suppose. It's an iPhone thing _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Fwd: Iphone RandallM (Jun 14)
- Re: Fwd: Iphone T Biehn (Jun 14)