iphone hacking

iphone hacking

Vulnerability in iPhone: Could let attackers gain complete control via Wi-Fi (Zero Click Wormable Exploit)

White hat hacker Ian Beer on 1/12/2020 disclosed details about new vulnerability “wormable” iOS bug that can control on any iphone remotely using Wi-Fi.
Using this exploit hacker can download photos, copy private messages and monitor remotely over the mobile phone.

The Zero – click exploit
Security researcher developed multiple exploits to understand the flaw, where he built wormable radio proximity exploit that allow hacker to gain control over iphone 11 pro, where he deployed the exploit using laptop, raspberry pi and some off the shelf wifi adapter to achieve arbitrary kernel memory read and write remotely, to inject the shellcode payloads into the kernel memory using victim process.

Buffer Overflow Bug:
Security researcher Beer exploited buffer overflow bug which is present in driver of AWDL, which is an apple native mesh networking protocol used to enable features like airdrop and airplay. Which has capability to give complete remote access to hackers. AWDL will get executed on remotely on locked device as well.

Proof of concept: https://github.com/synacktiv/CVE-2020-27950
Demo Video of Denial of Service Attack: https://www.youtube.com/watch?v=ikZTNSmbh00