iPhone data interception tool released

Powered by SC Magazine
 

Marlinspike provides a good reason to update iOS 4.3.5.

A near decade old tool has been updated with man-in-the-middle attack capabilites that can intercept traffic from Apple iPhones.

The attack tool sslsniff exploits a vulnerability disclosed by researchers Gregor Kopf and Paul Kehrer yesterday which allow traffic from iOS iPhones to be intercepted.

Apple released fix iOS 4.3.5 yesterday to fix the flaw.

The BasicContraints vulnerability affecting iPhones was first identified in 2002 by independent researcher Moxie Marlinspike who developed sslsniff to exploit the flaw.

Back then, it was used to exploit certificate chain weaknesses (pdf) in Webkit browsers and Microsoft CryptoAPI, affecting the likes of Firefox, Internet Explorer, Pidgin, AIM and Microsoft Outlook.

"It validated all the signatures in a certificate chain, but failed to check whether the intermediate certificates had a valid CA BasicConstraints extension se," Marlinspike said.

"This meant that you could take any old CA-signed certificate and use it to sign any other certificate."

The Linux-based sslsniff tool was updated with iOS fingerprinting support and can be downloaded here. Run (sslsniff -a -c -f ios -h -s -w iphone.log).

Copyright © SC Magazine, Australia


iPhone data interception tool released
Tim Parkinson, CC2.0
 
 
 
Top Stories
Beyond ACORN: Cracking the infosec skills nut
[Blog post] Could the Government's cybercrime focus be a catalyst for change?
 
The iTnews Benchmark Awards
Meet the best of the best.
 
Telstra hands over copper, HFC in new $11bn NBN deal
Value of 2011 deal remains intact.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  39%
 
Your insurance company
  4%
 
A technology company (Google, Facebook et al)
  8%
 
Your telco, ISP or utility
  7%
 
A retailer (Coles, Woolworths et al)
  2%
 
A Federal Government agency (ATO, Centrelink etc)
  20%
 
An Australian law enforcement agency (AFP, ASIO et al)
  14%
 
A State Government agency (Health dept, etc)
  6%
TOTAL VOTES: 1768

Vote
Do you support the abolition of the Office of the Information Commissioner?