Softpedia
 
HomepageWindowsGamesDriversMacLinuxScripts buttonMobileHandheldNews

NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
MEET THE EDITORS >>
TRENDING TODAY
Home > News > Apple > Iworld

July 25th, 2011, 12:01 GMT · By

Jailbreak Artist Comex Nominated for Pwnie Award

SHARE:

Adjust text size:

Pwnie Awards 2011 header
Enlarge picture
iPhone Dev Team member Musclenerd is spreading the word on Twitter that his fellow hacker Comex has just been nominated to a Pwnie Award for Best Client-Side Bug.

Notorious for his jailbreaking feats on Apple’s iOS, Comex has been able to produce what is arguably the simplest jailbreak utility using a PDF exploit for which the people at pwnies.com are now crediting the hacker.

The word comes via Musclenerd, one of the more vocal iPhone Dev Team members, who informs on the microblogging service, Twitter, that Comex has been nominated for one of the categories:

“Congrats to @comex for the @PwnieAwards nomination is.gd/jriZqE (that whole nominations page is a great read!),” reads Musclenerd’s tweet.

Specifically, Comex has been nominated for “Pwnie for Best Client-Side Bug.” The award in this category goes to “the person who discovered or exploited the most technically sophisticated and interesting client-side bug.”

“These days, ‘client’ is pretty much synonymous with ‘web browser,’ but don't forget about all the media player integer overflows!”, the people at pwnies.com explain.

A description of Comex’s PDF vulnerability is also offered (reproduced below).

FreeType vulnerability in iOS (CVE-2010-1797)
Credit: Comex

Comex exploited a vulnerability in the interpreter for Type 1 font programs in the FreeType library used by MobileSafari. This exploit is a great example of programming a weird machine to exploit a modern system. Comex used his control over the interpreter to construct a highly sophisticated ROP payload at runtime and bypass the ASLR protection in iOS. Furthermore, the ROP payload exploited a kernel vulnerability to execute code in the kernel and disable code-signing. The exploit was hosted on jailbreakme.com and was successfully used by thousands of people to jailbreak their iOS devices.

The flaw has been patched in iOS 4.3.4, a recently released software update specifically tasked with closing this hole and, implicitly, erase all hacks resulted from accessing jailbreakme.com.


1,271 hits
Link to this article · Print article · Send to friend

MUST-READ RELATED ARTICLES:


OS X 10.7 Lion Supports Jailbreak Tool Seas0nPass 0.7.7
Report: $350 Contract-Free iPhone to Arrive This Year, but There’s a Catch
Jailbreak Artist Geohot Spotted at iOSDevCamp 2011
iOS 4.3.4 PwnageTool Jailbreak Released
Download iOS 4.3.4 / 4.2.9 IPSW for iPhone, iPad, iPod touch

READER COMMENTS:



No user comments yet.
Be the first to express your opinion!
Copyright © 2001-2013 Softpedia. Contact/Tip us at

WindowsGamesDriversMacLinuxScriptsMobileHandheldNews

SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   UPDATE YOUR SOFTWARE   |   ROMANIAN FORUM
© 2001 - 2013 Softpedia. All rights reserved.
Softpedia® and the Softpedia® logo are
registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use