Charlie Miller Hacked iPhone 4 & Wins Pwn2Own Contest 2011

Advertisement

by casey on March 11, 2011

Charlie Miller did it again. The security expert who is famous for exploiting Apple Safari browser for the last 3 years has hacked the iPhone 4 security at the Pwn2Own hacking event. Miller has won the contest for the 4th time one after another.

@dionthegod has tweeted:

@0xcharlie @dancaselden and I won the iPhone PWN2OWN. What a pain in the ass — glad it wasn’t iOS 4.3 (vuln still there, tho) :)

Note that iPhoen 4 device which they hacked into was not running the latest iOS 4.3 final version. Most likely it was the golden master version. But it does not really matter and the exploit was able to work on the final version as well.

Miller iPhone 4 hack

ZDNET reports that “the attack simply required that the target iPhone surfs to a rigged web site. On first attempt at the drive-by exploit, the iPhone browser crashed but once it was relaunched, Miller was able to hijack the entire address book. Miller partnered with colleague Dion Blazakis to successfully exploit the Apple device using a MobileSafari flaw to swipe the iPhone 4?s address book.”

They were rewarded:

  • the same iPhone 4 device
  • a cash price of $15,000 USD
  • A 20,000 ZDI reward points are also given to them making them eligible to qualify for Silver Standing which requires $5,000 USD cash payment.
  • 15% monetary bonus on all ZDI submission in 2011
  • 25% reward point bonus on all ZDI submissions in 2011
  • Paid travel and registration to DEFCON Conference in Las Vegas

We congratulate @dionthegod, @0xcharlie and @dancaselden for getting this success.

You may also like to see:

Stay tuned to VeryRite.com to get more updates from the technology world.

Follow us on TWITTER or Like Facebook Page to stay connected to get daily Internet News.

VeryRite
We Write Very Rite

Previous post:

Next post: