Jump to content

Welcome to NulledBlog
Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more. If you already have an account, login here - otherwise create an account for free today!
Photo

CVE-2016-1764 - Apple iMessage Exploit


  • Please log in to reply
35 replies to this topic

#1
Metahuman

  • Offline
  • Member

  • Posts:
    49
    Reputation:
    3
    Joined:
    18 Mar, 2016

Hi guys! This is the PoC for CVE-2016-1764, the vulnerability which was released last week for Apple iMessage. Messages (iMessage) for OS X from Apple, implements its user interface using an embedded version of WebKit, furthermore Messages on OS X will render any URI as a clickable HTML <a href= link. An attacker can create a simple JavaScript URI (e.g., java-script: ) which when clicked grants the attacker initial JavaScript execution (XSS) in the context of the application DOM. Though the embedded WebKit library used by Messages for OS X executes in an applewebda-ta:// origin, an attacker can still read arbitrary files using XMLHttpRequest (XHR) GET requests to a file:// URI since there is no same-origin policy (SOP) implemented. By abusing XHR to read files an attacker can upload a victim’s entire chat history and attachments to a remote server as fast as the victims Internet connect will allow; the only user interaction required is clicking on a single link in chat. Furthermore, if SMS forwarding is enabled the attacker can also recover messages sent to/from the victim's iPhone.

Hidden Content
You'll be able to see the hidden content once you reply to this topic.


  • 1

#2
HoytG

  • Offline
  • Addicted

  • Posts:
    171
    Reputation:
    0
    Joined:
    14 Apr, 2015

ty


  • 0

#3
gellertlevente

  • Offline
  • Advanced Member

  • Posts:
    125
    Reputation:
    0
    Joined:
    20 Jul, 2015

thanks bro :)


  • 0

#4
Verrine

  • Offline
  • ₆⁶₆

  • Posts:
    32
    Reputation:
    0
    Joined:
    18 Feb, 2016

Thanks bro. :) Cheers.


  • 0

#5
aahgfdjhgrhgh

  • Offline
  • Drone Artist

  • Posts:
    125
    Reputation:
    18
    Joined:
    17 Mar, 2016

Yo, I probably won't ever use this, but after reading that, that's actually really smart yo. Good shit.


  • 0

#6
root202

  • Offline
  • Lurker

  • Posts:
    1
    Reputation:
    0
    Joined:
    16 Apr, 2016

Looks great, can't wait to check it out.


  • 0

#7
lookdeft

  • Offline
  • New Member

  • Posts:
    10
    Reputation:
    1
    Joined:
    15 Apr, 2016

TY


  • 0

#8
manymony

  • Offline
  • Advanced Member

  • Posts:
    137
    Reputation:
    4
    Joined:
    02 Mar, 2016

check this miracle


  • 0

#9
ziopaperino

  • Offline
  • Advanced Member

  • Posts:
    129
    Reputation:
    0
    Joined:
    15 Apr, 2016

ty


  • 0

#10
archon0201

  • Offline
  • Lurker

  • Posts:
    4
    Reputation:
    0
    Joined:
    09 Apr, 2016

ty


  • 0


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users