1. rasputinj's Avatar
    I was thinking of doing a paper for grad school on the tiff exploit of iphone 1.1.1 firmware. I was looking for more info on the hack.

    I believe the the tiff file made from code similiar to this: http://pastebin.ca/726279
    puts a payload like shown here :
    http://metasploit.com/svn/framework3...mle/vibrate.rb

    this is after the buffer overflow has been achieved.

    The payload opens a 2nd AFC interface, that the rest of the jailbreak takes from there.

    What I am looking for is more info on the tiff exploit, payload file, and how the 2nd AFC interface is setup.
    2007-10-17 08:19 AM
LINK TO POST COPIED TO CLIPBOARD