![]() At the time of writing this post, Dropbox have said they are going to address the problem and 1Password have gone one step further and rewritten the way the user details are stored so this exploit cannot be used anymore and have submitted the update to Apple for approval before it’s released. The same vulnerability has also been found in Dropbox, LinkedIn, Tumblr, Vimeo and 1Password. In case you weren’t aware a security flaw was found by Gareth Wright earlier this week that allows your Facebook login key to be copied form one iOS device to another and essentially allow a 3rd party access to your account without needing to know your account email address or password. I do not condone using the methods below to gain access to anybody’s accounts without their prior permission, I hold no responsibility if using the information in this post lands you in trouble with your ex partner, current partner, your boss, the police, your kids, etc. ![]() You do not need to have a jailbroken iPhone or iPad for this to work. This method was confirmed as working as of 10th April 2012 using the latest iOS xxx and current Facebook (v.4110.0), Dropbox (v1.4.6) and LinkedIn (v35) iOS apps. ![]() ![]() NOTE: The process outlined below will not work if you have iTunes set to encrypt your iOS backups. ![]() This post details the step-by-step method required to extract a plist/OAuth token from a standard (non encrypted) iTunes backup of any iOS device (iPod Touch, iPhone and iPad) and then copy this onto another device to automatically log in using those creditials. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |