lmfao Posted February 29, 2012 Posted February 29, 2012 Didnt know what category to exactly post in but is that a possiblity with the android browser, I hear that passwords are saved in text file format would it be possible to send a target a link and get access to the stored passwords on the phone? Quote
Mr-Protocol Posted February 29, 2012 Posted February 29, 2012 There is probably a way, but nothing that you can find via google. There used to be an app-store exploit with iOS that would give the app owner a meterpreter shell because iOS would run the unsigned code. That was fixed in iOS 5.0.1 though. Quote
lmfao Posted February 29, 2012 Author Posted February 29, 2012 There is probably a way, but nothing that you can find via google. There used to be an app-store exploit with iOS that would give the app owner a meterpreter shell because iOS would run the unsigned code. That was fixed in iOS 5.0.1 though. hmm yeah, I figured google would block all searches regarding the topic. Im sure there is a way, if you or anyone finds anything out regarding the subject please do let me know. I've been looking and wondering for a while. Quote
Mr-Protocol Posted February 29, 2012 Posted February 29, 2012 Not that google would block the searches. It's like the golden egg, not sure anyone would know except professional security types that will let the company know to patch it before it's released. Quote
digip Posted February 29, 2012 Posted February 29, 2012 If there are currently flaws in the wild, this is the guy to ask: https://twitter.com/#!/theKos He writes a lot of XSS stuff for devices and operating systems, that execute in programs locally on the device to access local resources, vs strictly website related flaws. Hes found XSS vulns in everything from skype to the gmail app for iphones and google maps for android phones. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.