Latest Tweets

MITM iPhone's PhotoSwap : How To Steal Hot Pics Of Chicks

PhotoSwapMITM iPhone's PhotoSwap : How To Steal Hot Pics Of Chicks is an application for the iPhone that allows you to send an anonymous photo and receive an anonymous photo back. The service is great for upbeat, healthy, family-fun photo sharing, but managed to become a cesspool for photo debauchery.

 

MITM as we have discussed earlier is a pretty good technically but using it in a iPhone is innovative. The idea is pretty good and the victim is changing from 1 person to another as soon as their images comes on the iphone.

 

You can also visit http://samy.pl/swap/ for the full details of the hack. The hack is pretty awesome and is its usability by a hacker. What happens here, explained by samy kamkar as

 

"It takes a random picture of mine and sends it out. Once I get a picture back, I then send that picture out into the ether. I get another picture back, I now send that...essentially, I'm quickly sending/receiving everyone's photos.

 

I get most, if not all, of the pictures floating through the service, and without disruption, send them back out so another anonymous person can receive them."

 

 

The vulnerability here is that when the users send the pics to another person then a hacker like us can use them to know the GPS positions of them. As my friend samy kamkar have explained here and have also experimented with it.

 

Here are some of the pics that he was able to steal from this iPhone App -

 

  

 

Note : GPS coordinates removed to protect the guilty.

 

The Most vulnerable thing to note here is that the positions of the people can be known which is a major threat for them but good for us.

 

Samy have also explained how he managed to view the GPS positions of the people through Iphone routing http://samy.pl/mapxss/ . He have shown a little bit of the whole procedure involved in it.

 

You can visit Samy's website or follow my twitter.

Previous
Next Post »
'; (function() { var dsq = document.createElement('script'); dsq.type = 'text/javascript'; dsq.async = true; dsq.src = '//' + disqus_shortname + '.disqus.com/embed.js'; (document.getElementsByTagName('head')[0] || document.getElementsByTagName('body')[0]).appendChild(dsq); })();