|
|
|
|
|
|
| Re: OT:Nforce 650i chipset for native system(DAW) [message #89091 is a reply to message #89090] |
Sun, 19 August 2007 23:28   |
|
|
g
exploits for the gadget back in July.
"It will certainly make life easier" for others who write exploit code for
the iPhone, he said. "Metasploit is the go-to point-and-click [pen-testing]
interface. It's really designed to help you write exploits and deploy [them]
in ways anyone can use. Jailbreak [another development tool] was available
[at the time Miller was writing exploits]. But now [Moore] has Metasploit
where you can right away build payloads that run as executables on the iPhone."
As it is, within three days of the smartphone's July launch hackers cracked
the iPhone's firmware, finding not only that the phone runs on a Unix-like
operating system but going so far as to extract the master root and other
system passwords.
Click here to read more about security issues with the iPhone.
Moore waited until the iPhone price dropped and until the toolchain tool
for iPhone application development was released before he bought an iPhone
to pick apart.
He first installed AppTapp, an iPhone package manager that downloads applications
over Wi-Fi or EDGE. With the installer, he added OpenSSH—an open-source shell
program that provides encrypted communication using the SSH protocol—and
a VT-100 Terminal to the phone, and voila (after a "few headaches," he said),
he had shell access.
Moore says he can now generate working iPhone shellcode with a version of
Metasploit 3.
Once he had shell access, he found no
|
|
|
|
| Re: OT:Nforce 650i chipset for native system(DAW) [message #89093 is a reply to message #89091] |
Sun, 19 August 2007 23:33 |
Nappy
Messages: 198
Registered: September 2006
|
Senior Member |
|
|
otential security pitfall in that
its MobileMail application supports Microsoft Office document formats by
using the OfficeImporter framework when converting files into viewable form.
"This looks like a great target for file-format fuzzing and some late-night
reverse engineering," Moore said.
Another potential way for attackers to get into the phone is through the
mDNSResponder service, which runs by default, Moore said. The mDNSResponder,
used by iTunes for music sharing, is part of the Bonjour application suite,
which provides automatic and transparent configuration of network devices.
When the iPhone first syncs with iTunes, its host name is changed, Moore
said. The default hostname becomes "User's iPhone," with the Mac OS X user
account name filling in for "User." If the iPhone is connected to a Wi-Fi
network, the mDNS service exposes the iPhone owner's user name.
That particular security exposure hasn't yet responded to Moore's probes,
he said, making active discovery "less likely."
Moore has also been playing with the "vibrate" shellcode released by Miller
at Black Hat 2007. By the time the security show rolled around, Independent
Security Evaluators had already revealed, shortly after the smart phone's
release, that Apple's popular multifunctional device could be exploited for
data theft or snooping purposes.
At the time, Miller, Jake Honoroff and Joshua Mason created an exploit for
the iPhone's Safari Web browser wherein they used an unmodified device to
surf to a maliciously crafted drive-by download site. The site downloaded
exploit code that forced the iPhone to make an outbound connection to a server
controlled by the security firm.
The researchers showed that a compromised device then could be forced to
send out pers
|
|
|
|
| Re: OT:Nforce 650i chipset for native system(DAW) [message #89102 is a reply to message #89093] |
Mon, 20 August 2007 16:02 |
Bill L
Messages: 766
Registered: August 2006
|
Senior Member |
|
|
s for inserts in the architecture,
so wires is a big hack. Basically what I do is steal 16 words of shared
memory at the top of an ESP2 and reserve it. Then for each output wire,
I send the audio a sample at a time up to one of the reserved words of memory.
For each input wire I retrieve the audio a sample at a time from that reserved
word. It's dirt simple, but suffers from a bad side effect. There is no
shared memory BETWEEN effects chips. So say that you set up an output wire,
and an effect and an input wire, and everything works great. But then you
add another effect, and the effects engine shuffles the algos around to different
ESP2 chips to get a better allocation. Your input wire can get allocated
to one chip, the output to another. Then things no worky. The fix is to
remove the input and output wire, then add them back, and in all likelyhood
they will end up on the same chip, but its a pain.
I have a great keyed gate and a sidechain I never released because wires
is not a reliable method, and there is no other way to route from channel
to channel among inserts.
I also can't release the precision limiter because that is the property of
one of the original ensoniq guys, and I have an ironclad agreement with him
that I cannot release it, unless its for sale , and he gets a cut.
The one thing I do think we should release is matts reverb, cause nobody
has heard from here in years.
Chuck
"Mike Audet" <mike@...> wrote:
>
>No reference projects??!?!?!?!
>
>Chuck, thank you so much for all the work you did. I'm very, very aware
>that I'm blessed to have your work to look at and learn from. I'm having
>such a great time working on this stuff, and it really is a dream come true
>to be able to move PARIS forward.
>
>I've sent you a couple of emails, but I have a feeling that my messages
get
>killed by
|
|
|
|
|
|
The PARIS Forums
Search
Help
Members
Register
Login
Home
