2013年10月21日 星期一

iOS 7.0.2 被踢爆 SIM卡 ByPass 的解鎖漏洞(含示範影片)

iOS 7.0.2 被踢爆 SIM卡 ByPass 的解鎖漏洞(含示範影片)

不同於之前被揭露的螢幕解鎖漏洞,這一次是被一位資安研究員 Benjamin Kunz Mejri 在 Vulnerability Laboratory 網站上所踢爆的。

根據這一個概念驗證影片(PoC)的示範,該漏洞會在 iOS v7.0.1 & v7.0.2 的環境中被觸發,有興趣研究的請照以下的步驟自行實驗!

備註:原作者的示範影片錄製的相當不好,請記得關掉音效,並直接跳過從 01:30 開始看起。

步驟如下:
1. Turn on your iPhone and ensure you have the iOS v7.0.1 or 7.0.2 installed and Sim Lock mode is activated.

2. You will see a black notification in the middle of the display - SIM Locked.

3. Open the Calendar, and scroll down to the two hyperlinks.

4. Press the Power button and wait 2 seconds and then press one of the two hyperlinks.

5. You will be redirected via hyperlink, because of the restriction to the passcode SIM lock.

6. Press Power button again for 3 seconds and then press the Home button

7. Click cancel again in the shutdown menu but hold the Home button.

8. Open up the Control center and go to the calculator. Now a message box appears automatically with the SIM lock

9. Press the shutdown button for 3 seconds + Unlock Key + Home button.

10. The Passcode screen will pop up, but you will be again redirected to Calculator.

11. Now again press the Power button for 3 seconds the  and then press Cancel, at last press the Home button one time.

12. The Restricted Sim Lock Screen will disappear.

資料引用來源:http://thehackernews.com/2013/10/iphone-ios-702-sim-lock-screen-bypass_8.html


轉載自《網路攻防戰》