Lothar informed me about a strange behaviour of the iPhone running OS 3. It seems like the iPhone is automatically opening a browser when joining a network. (See video of the whole probleme here: http://www.vimeo.com/5466236)
The iPhone tries to do the following:
1. DNS querries for www.apple.com
2. Opening http://www.apple.com/library/test/success.html
When both are successful, then fine... the phone gets back "success" and everything is ok.
When both are failing... thats fine as well because then the phone assumes that the internet connection is not up and running.
BUT <-- isn't there always a BUT?! If the phone can succcessfully querry the name but get back any different content than "Success" it assumes that there is a captive portal which requires you to authenticate first to get access to the internet. This is true for many hotspots etc... so Apple was thinking.. damn thats annoying for the user... lets open up Safari automatically if this special case comes into place :-) Usability kills security .... together with karmetasploit its a very evil thing. Get Iphones cookies, accounts and maybe even system control... depending on the bugs you have left to test. You can see the whole thing as a video @vimeo http://www.vimeo.com/5466236 .... now lets find some new safari bugs :-)
And thank you lothar for the fish.
Not: Türkçeye çevirisini yapıcam...
0 yorum:
Yorum Gönder