WhatsApp fxxed
by james5829726 - May 15, 2019 at 04:21 AM
#1
WhatsApp was fxxed up. Anybody have details?
#2
(May 15, 2019 at 04:21 AM)james5829726 Wrote: WhatsApp was fxxed up. Anybody have details?

If IOS apps are sandboxed, I don't get how executing a buffer overlow can lead to root when the apps are supposed to use random memory addresses and non-executable memory?
#3
All exposed about this exploit is pretty weird.. Been looking in every forum and no one seems to know anything about it, besides publicly available information.
#4
(May 15, 2019 at 02:19 PM)geshem Wrote:
(May 15, 2019 at 04:21 AM)james5829726 Wrote: WhatsApp was fxxed up. Anybody have details?

If IOS apps are sandboxed, I don't get how executing a buffer overlow can lead to root when the apps are supposed to use random memory addresses and non-executable memory?

I'm pretty sure utilizing the phone functionality requires portions of the code to operate outside of the sandbox, which is likely what was being exploited. I think the phone system is basically part of the kernel.
#5
According to media, it was due to something from the Israel company NSO. So maybe monitoring private smart phones is becoming legitimate in some places Smile
#6
(May 16, 2019 at 04:09 AM)james5829726 Wrote: According to media, it was due to something from the Israel company NSO. So maybe monitoring private smart phones is becoming legitimate in some places Smile

governments have been able to "force" private companies to hand over user data with warrants for ages. All legitimate and above board.
#7
(May 29, 2019 at 11:15 PM)plastic Wrote:
(May 16, 2019 at 04:09 AM)james5829726 Wrote: According to media, it was due to something from the Israel company NSO. So maybe monitoring private smart phones is becoming legitimate in some places Smile

governments have been able to "force" private companies to hand over user data with warrants for ages. All legitimate and above board.

I upgraded the app on my phone because i wanted the larger stickers mentioned in the release notes ;-)
#8
Unless you're worth targeting, I wouldn't worry about it. Just update WhatsApp and carry on.
#9
(May 30, 2019 at 03:12 PM)HairyPineapple Wrote: Unless you're worth targeting, I wouldn't worry about it. Just update WhatsApp and carry on.

u never know whether u r worth or not, or what of u is.

Possibly Related Threads…
Thread Author Replies Views Last Post
Exploiting WhatsApp geshem 0 121 February 06, 2020 at 04:17 PM
Last Post: geshem
New RCE vulnerability in Whatsapp BlackGuruX 8 278 November 21, 2019 at 09:40 PM
Last Post: plastic
Facebook suing NSO over WhatsApp hack geshem 7 260 November 10, 2019 at 11:44 AM
Last Post: b33r

 Users browsing this thread: 1 Guest(s)