[Secgeeks] Re: iPhone fuzzing and such..

B Potter gdead at shmoo.com
Mon Jul 2 22:56:47 EDT 2007 

/Library/Logs/CrashReporter/MobileDevice contains any crash info  
collected from the iPhone.  It's all just ASCII stuff, not actually  
cores.

later

bruce

On Jul 2, 2007, at 10:40 PM, matthew wollenweber wrote:

> How'd you manage to get the crash dumps? On screen errors or can  
> you grab core files?
>
> On 7/2/07, B Potter <gdead at shmoo.com > wrote:
> I've managed to lock mine a number of times already by mucking  
> around with the contacts DB.  Nothing spectacular, but still  
> required a hard reset of the device.  Also, Safari has crashed a  
> number of times for me, but the crash dumps haven't been all that  
> interesting.
>
> All in all, I'm uber impressed with the overall device.  And I'm  
> not really worried about 1.0 bugs, but I do think there are a TON  
> of security issues with this critter.  Seems like a good exercise  
> in hacking an imbedded device as it's a target rich environment.
>
> later
>
> bruce
>
>
> On Jul 2, 2007, at 10:19 PM, matthew wollenweber wrote:
>
>> Dave,
>>
>> There's a bit of discussion going on DailyDave and Full-Disclosure  
>> regarding the iPhone. I started a thread there myself. The iPhone  
>> is nice, but it won't mount as a hard drive -- so even limited  
>> knowledge about the state of the device isn't possible at present.  
>> The current state of things seems to be ripping apart the backup  
>> image. Finding bugs on a v1.0 device isn't going to be hard,  
>> exploiting them will be since there's no public development kit,  
>> emulator, or drivers to access the hard drive.
>>
>> I'm still playing around with the backup images. I think fuzzing  
>> is mostly on hold until someone better with usb device drivers  
>> comes along to let us touch the internals on the actual iphone.
>>
>> On 7/2/07, David A. Cafaro <dac at cafaro.net > wrote:
>> Quick summary article on current attempts to "play" with the iPhone.
>>
>> http://www.theregister.co.uk/2007/07/03/iphone_hacking_progress/
>>
>> Anyone get one of these toys and decided to "play" with it?  I've so
>> far resisted the urge to get one myself (now if it had 3G...), I'll
>> wait for the 2nd gen at least.  I do admit the interface is slick and
>> the style is nice.  Sure beats my clunky Treo.
>>
>> Cheers,
>> David
>>
>>
>> David A. Cafaro <dac at cafaro.net >
>> Cafaro's Ramblings:   www.cafaro.net
>>
>>
>>
>>
>>
>> _______________________________________________
>> Secgeeks mailing list
>> Secgeeks at shmoo.com
>> http://lists.shmoo.com/mailman/listinfo/secgeeks
>>
>>
>>
>> -- 
>> Matthew  Wollenweber
>> mwollenweber at gmail.com | mjw at cyberwart.com
>> www.cyberwart.com
>> _______________________________________________
>> Secgeeks mailing list
>> Secgeeks at shmoo.com
>> http://lists.shmoo.com/mailman/listinfo/secgeeks
>
>
>
>
> -- 
> Matthew  Wollenweber
> mwollenweber at gmail.com | mjw at cyberwart.com
> www.cyberwart.com

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.shmoo.com/pipermail/secgeeks/attachments/20070702/c996c28e/attachment.htm

More information about the Secgeeks mailing list