iPhone Hacking: Can’t we just all get along?

Posted 4 months ago at 5:25 am. 0 comments

OMFG the children over at the iphone dev team have released a working unlocker for the iphone 2.0 firmware. Looks like it actually patches the official apple firmware 2.0 image before doing the upgrade (or restore) - clincher is that you need to have already ‘pwned’ the device (using winpwn or pwnagetool if you’re on a mac). Mac users get the hack for almost no effort, while windows users have to jump through a whole bunch of extra hoops to get it working.

I previously used ZiPhone to unlock my 1.1.4 phone, which worked great - but doesn’t look like the famous Mr Zibri will be releasing a ZiPhone 2.0 - looks like he’s a bit of a sulker! A recent iphone dev team rant lands a couple of massive blows, look forward to the cryptic response!

My prediction is things are gonna get nasty! Looking forward to the next episode?

So anyways, I think it’s time I did the upgrade - I’m busy getting all the pieces of the puzzle together, I’ll keep you updated :)

Life at Apt. 8A

Posted 4 months ago at 3:07 pm. 0 comments

Almost a week we’ve been in little America! Gotta admit that Brooklyn is really a special place, especially the area we are staying in Brooklyn Heights is saturated with organic food markets, great restaurants, cafes and bars - simply stunning. We’re staying on the 8th floor of an apartment building, pretty tiny living, but apparently a good size for the area and money. Checkout pictures here.

I’ve become thoroughly addicted to online shopping, especially ebay, I *WILL* find a bargain soon and it will all pay off - but in the meantime I have to continue hunting :) Got the bug after ordering a new 22″ LCD and Linksys-54g router for my study (read: desk in the kitchen) - looking forward to getting a real work environment in place. Also my internet connection is rediculous - I have the TimeWarner RoadRunner cable, and it’s really not that fast on paper, but hell it feels like a LAN, 13ms ping to almost everywhere might have something to do with it!

I’ve been keeping myself busy with writing a SQL Injection framework, well thats the idea, at the moment it’s a bunch of nasty looking python scripts but i’m slowly pulling some structure together and should have something to show y’all soon. Been testing against a couple of vulnerable ZA sites (makes me feel closer to home I suppose) as I don’t have my lab infrastructure ready here yet, promise not to break anything! ;)

All your post are belong to us

Posted 4 months, 2 weeks ago at 11:35 am. 1 comment

Visited the good ol’ post office on Saturday because I wanted to find out if they could “forward” my mail delivered to my PO Box elsewhere. They do, and it’s called their “redirection” service and it only costs R33 per month to send your mail anywhere else in South Africa - pretty good. However they should probably look at securing this, as I was able to set this up without showing any ID or any security questions asked - interested in getting your ex-wifes mail? keen on stealing your neighbours penthouse subscription? nice little tool to support the little identity theft attack you were putting together? Very worrying indeed. A complete exploit would be to implement a full man-in-the-middle attack where you could sniff the mail (via redirection to your mail box), and then somehow have it delivered to the final destination (i.e. avoiding the redirection second time) - anyone have a PO Box they are not using?