iOS 7.0.3 Mobile Safari Vulnerabilities Grant Access to Facebook Credentials
Participants in the second edition of HP-sponsored Mobile Pwn2Own have highlighted two mobile Safari vulnerabilities in iOS version 7.0.3 and iOS 6.1.4. The crack, which granted access to a targeted user’s Facebook account and a photo stored on an iDevice, was demonstrated on November 13, 2013, at the PacSec Applied Security Conference in Tokyo, Japan. It didn’t defeat Apple’s sandboxing technology, though (via The Register).
The Keen Team (from Keen Cloud Tech) pointed to two vulnerabilities found in mobile Safari on an iPhone 5 running iOS 7.0.3, and another running iOS 6.1.4. None of the devices were jailbroken.
The first demonstration involved an iPhone 5 running iOS 7.0.3. The team was able to get access to the targeted user’s Facebook account by stealing a Facebook cookie that was exfiltrated and used to compromise the user’s Facebook account. The hack requires the user to click on a specific link, and from then on it took the team about five minutes to compromise the account.
The second hack was demonstrated on an iPhone 5 running iOS 6.1.4: the Safari exploit allowed the Keen team to steal a photo, due to issues with the permissions model. In order to work, the user needs to click on a link once again.
The aforementioned exploits have earned the team of eight $27,500 in prize money.
The hack obviously raises the red flag and forces us, the users, to think again about what personal information we share on mobile devices. The Pwn2Own team has warned Apple about the exploits and so fixes could be coming shortly.