close
  • Ko chevron_right

    Un kext vulnérable pour apprendre à exploiter les OS d’Apple

    news.movim.eu / Korben · Sunday, 31 January, 2021 - 08:00 · 1 minute

Connaissez-vous les kext sous macOS ? Il s’agit des Kernel Extensions… Si je devais prendre un GROS raccourci (On se calme les pinailleurs psychorigides !), je dirais que c’est un peu comme les drivers Windows ou les modules de noyau sous Linux.

Ça se charge avant le chargement complet de l’OS et ça permet d’agir de manière assez bas niveau sur le système. Bref, pour les adeptes du reverse engineering et de l’exploitation de macOS, le kext, c’est le nerf de la guerre.

C’est pourquoi le développeur ant4gonist a mis au point un kext pour iOS / macOS qui contient des vulnérabilités et permet ainsi d’apprendre à exploiter le noyau de macOS / iOS.

Voici les types de vulnérabilités proposées :

#define CRASH             0x1#define HEAP_OVERFLOW     0x2#define INFO_LEAK         0x3#define BUFFER_OVERFLOW   0x4#define USE_AFTER_FREE    0x5   //todo#define INTEGER_OVERFLOW  0x6   //todo#define DOUBLE_FETCH      0x7

La mise en place peut se faire simplement sous macOS, mais également sous iOS en utilisant checkra1n qui permet de jailbreaker l’appareil iOS.

Ensuite, y’a plus qu’à suivre la documentation se trouvant ici pour apprendre à exploiter l’OS proprement.


Une banque qui s’adapte à vous, ça change tout

La Pour vos Cartes VISA Classic et Premier
toujours gratuites

Des process simples, 100 % en ligne, sécurisés et toute la gamme de produits dont vous avez besoin au meilleur prix !

Puisqu’une question ne peut rester sans réponse :

Nos conseillers clients sont disponibles par email ou par téléphone du lundi au vendredi de 8h à 19h et le samedi de 8h45 à 16h30.

Retrouvez également toutes les réponses à vos questions directement en ligne 24h/24.

Des questions pour ouvrir votre compte, joignez nos conseillers commerciaux par tchat.

eprenez la main sur la gestion de vos finances. Retrouvez tous vos services en ligne 7j/7, 24h/24 et même à partir de votre mobile :

Ouverture de vos comptes simple, rapide et 100 % en ligne.
Augmentation instantanée des plafonds de votre Carte Bancaire. (Réservé aux clients de plus de 3 mois. Sous réserve d’éligibilité)
Personnalisation de vos notifications pour suivre en temps réel les opérations sur votre compte.

En savoir plus


KorbensBlog-UpgradeYourMind?d=yIl2AUoC8zAKorbensBlog-UpgradeYourMind?i=9hB_Ok1YkZo:UDa-tznpkK4:D7DqB2pKExkKorbensBlog-UpgradeYourMind?i=9hB_Ok1YkZo:UDa-tznpkK4:GG6oivYVkFsKorbensBlog-UpgradeYourMind?d=qj6IDK7rITsKorbensBlog-UpgradeYourMind?i=9hB_Ok1YkZo:UDa-tznpkK4:gIN9vFwOqvQKorbensBlog-UpgradeYourMind?d=7Q72WNTAKBA
  • Ar chevron_right

    Why Facebook and Apple are going to war over privacy

    news.movim.eu / ArsTechnica · Thursday, 28 January, 2021 - 23:35

Tim Cook

Enlarge / Apple CEO Tim Cook delivers a speech on privacy at a virtual conference. (credit: CPDP )

Today, Apple announced plans to finally roll out its previously delayed change in policy on apps' use of IDFA (ID for Advertisers) to track users for targeted advertising. The feature will be in the next beta release of iOS 14 (the company just rolled out the public release of iOS 14.4 this week) and will reach all iOS devices supported by iOS 14 "in early spring."

Apple made the announcement with a white paper and Q&A targeted at its users. To illustrate the benefits Apple claims the change will offer to users, the document describes in detail a typical scenario where a father and daughter would have data about them tracked and updated while doing normal, everyday things in the current digital ecosystem.

Apple's document goes on to explain Apple's stated philosophy on user data protection and privacy, and it announces the release window for this upcoming change. The document explains the change this way:

Read 25 remaining paragraphs | Comments

index?i=Sx8FrG5cg1Q:EF52KaIxRRo:V_sGLiPBpWUindex?i=Sx8FrG5cg1Q:EF52KaIxRRo:F7zBnMyn0Loindex?d=qj6IDK7rITsindex?d=yIl2AUoC8zA
  • Ar chevron_right

    iOS 14.4 and iPadOS 14.4 adds new camera features, fixes bunches of bugs

    news.movim.eu / ArsTechnica · Tuesday, 26 January, 2021 - 20:03

The 2020 iPad Air—one of several devices supported by today

Enlarge / The 2020 iPad Air—one of several devices supported by today's new software releases. (credit: Samuel Axon )

Today, Apple began rolling out iOS 14.4 and iPadOS 14.4 to supported iPhone, iPad, and iPod touch devices. The company also pushed watchOS 7.3 to Apple Watches and tvOS 14.4 to Apple TVs.

iOS 14.4/iPadOS 14.4 is a somewhat small feature update. New additions in the release notes include the ability to read smaller QR codes with the iPhone cameras, notifications to tell users "when the camera of your iPhone is unable to be verified as a new, genuine Apple camera," and a number of bug fixes.

Here are Apple's full iOS 14.4 release notes:

Read 6 remaining paragraphs | Comments

index?i=VEQTWUdGyNk:ZkX8w1jcvs0:V_sGLiPBpWUindex?i=VEQTWUdGyNk:ZkX8w1jcvs0:F7zBnMyn0Loindex?d=qj6IDK7rITsindex?d=yIl2AUoC8zA
  • Ar chevron_right

    Xbox cloud gaming service hits iOS, Windows PCs in spring 2021

    news.movim.eu / ArsTechnica · Wednesday, 9 December, 2020 - 17:17

This demonstration of Microsoft

Enlarge / This demonstration of Microsoft's Project xCloud as played with a Razer Kishi controller, attached to a standard Android smartphone, could be a hint of what's to come to iOS devices in Spring of 2021. (credit: Microsoft)

In a blog post today outlining everything from upcoming games to plans for Xbox Series X/S, Microsoft announced that Xbox cloud gaming will come to iOS mobile devices and Windows PCs in spring of 2021.

On Windows PCs, the games will stream through the Xbox app or a Web browser, whereas the service will be limited to the mobile Web browser on iOS devices.

Microsoft's game streaming features require an Xbox Game Pass Ultimate subscription, which also includes an on-demand library of downloadable games for both Xbox platforms and Windows PCs, the EA Play downloadable game library, as well Xbox Live Gold, the company's online multiplayer service.

Read 7 remaining paragraphs | Comments

index?i=LPVrP0xSdzo:5oh6ZrUXKog:V_sGLiPBpWUindex?i=LPVrP0xSdzo:5oh6ZrUXKog:F7zBnMyn0Loindex?d=qj6IDK7rITsindex?d=yIl2AUoC8zA
  • Nu chevron_right

    Le Xbox Game Pass sera disponible au printemps sur iPhone et iPad (grâce à une web app)

    news.movim.eu / Numerama · Wednesday, 9 December, 2020 - 15:48

Microsoft a officialisé un nouveau jalon dans le développement du Xbox Game Pass. Grâce à la technologie de streaming, le catalogue accessible par abonnement sera disponible sur iOS dès le printemps prochain. [Lire la suite]

Abonnez-vous à notre chaîne YouTube pour ne manquer aucune vidéo !

L'article Le Xbox Game Pass sera disponible au printemps sur iPhone et iPad (grâce à une web app) est apparu en premier sur Numerama .

  • Ar chevron_right

    iPhone zero-click Wi-Fi exploit is one of the most breathtaking hacks ever

    news.movim.eu / ArsTechnica · Wednesday, 2 December, 2020 - 02:34 · 1 minute

The screen on the iPhone 12 Pro Max

Enlarge / That's a lot of screen. (credit: Samuel Axon)

Earlier this year, Apple patched one of the most breathtaking iPhone vulnerabilities ever: a memory corruption bug in the iOS kernel that gave attackers remote access to the entire device—over Wi-Fi, with no user interaction required at all. Oh, and exploits were wormable—meaning radio-proximity exploits could spread from one near-by device to another, once again, with no user interaction needed.

This Wi-Fi packet of death exploit was devised by Ian Beer, a researcher at Project Zero, Google’s vulnerability research arm. In a 30,000-word post published on Tuesday afternoon, Beer described the vulnerability and the proof-of-concept exploit he spent six months developing single handedly. Almost immediately, fellow security researchers took notice.

Beware of dodgy Wi-Fi packets

“This is a fantastic piece of work,” Chris Evans, a semi-retired security researcher and executive and the founder of Project Zero, said in an interview. “It really is pretty serious. The fact you don’t have to really interact with your phone for this to be set off on you is really quite scary. This attack is just you’re walking along, the phone is in your pocket, and over Wi-Fi someone just worms in with some dodgy Wi-Fi packets.”

Read 6 remaining paragraphs | Comments

index?i=4pZeWYGPBS0:B84_OrtKSJw:V_sGLiPBpWUindex?i=4pZeWYGPBS0:B84_OrtKSJw:F7zBnMyn0Loindex?d=qj6IDK7rITsindex?d=yIl2AUoC8zA
  • Ar chevron_right

    Apple lowers its cut of App Store revenues for some developers

    news.movim.eu / ArsTechnica · Wednesday, 18 November, 2020 - 17:20

Screenshot of App Store icon.

Enlarge / Apple's App Store. (credit: Silas Stein/picture alliance via Getty Images )

In one of the biggest changes to the App Store model ever, Apple today announced that the majority of third-party developers releasing apps and games on the company's App Store will see a reduction in Apple's cut of revenues from 30% to 15%. The company calls it the App Store Small Business Program, and it aims to improve the company's standing in public perception and antitrust battles while minimally impacting its own bottom line.

The program is opt-in, and any developer whose combined revenue across all their apps was less than $1 million in the previous year (or any developers new to the App Store) can apply and be accepted. The revenue measure at play here includes not just app purchases, but in-app purchase (IAP) and subscriptions revenue.

If during the course of the year the developer surpasses the $1 million threshold, the 30% rate will kick back into effect for the remainder of that year. If the developer falls below the threshold again, they'll receive the 15% rate once more the following year.

Read 4 remaining paragraphs | Comments

index?i=lQem1vaXxeg:70j9El8Vv5c:V_sGLiPBpWUindex?i=lQem1vaXxeg:70j9El8Vv5c:F7zBnMyn0Loindex?d=qj6IDK7rITsindex?d=yIl2AUoC8zA
  • Ar chevron_right

    iPhone 12 mini, iPhone 12 Pro Max hands-on: How they compare with the 12 and 12 Pro

    news.movim.eu / ArsTechnica · Friday, 13 November, 2020 - 16:31

Two weeks ago, we published a double-review of the iPhone 12 and iPhone 12 Pro —but those two phones were only half of Apple's new lineup. The extra-small iPhone 12 mini and extra-large iPhone 12 Pro Max are out today, and we've spent some time with both of them.

We'll go over the key differences between these two models and the phones we already reviewed—and only those key differences. Consider this a short supplement to the previously published iPhone 12 review; unless otherwise noted here, everything we wrote about the 12 applies to the 12 mini, and the same goes for the 12 Pro and 12 Pro Max.

For the most part, size is the only difference between these phones and the two 6.1-inch devices that shipped before. But there are some other differences—most notably, the iPhone 12 Pro Max has some camera improvements, which we'll talk about.

Read 22 remaining paragraphs | Comments

index?i=mUj6ivXMXkM:fk8KKXA80tw:V_sGLiPBpWUindex?i=mUj6ivXMXkM:fk8KKXA80tw:F7zBnMyn0Loindex?d=qj6IDK7rITsindex?d=yIl2AUoC8zA