GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → jankais3r → Ios Mail.app Inject Kit

jankais3r / Ios Mail.app Inject Kit

Licence: mit
iOS 8.3 Mail.app inject kit

Labels

iosproof-of-concept

Projects that are alternatives of or similar to Ios Mail.app Inject Kit

beep-beep
Fictional p2p protocol
Stars: ✭ 34 (-90.45%)
Mutual labels:  proof-of-concept
steamstatus
A quick and dirty POC website to view the status of Steam CM servers. Precursor to steamstat.us
Stars: ✭ 67 (-81.18%)
Mutual labels:  proof-of-concept
hardware-attacks-state-of-the-art
Microarchitectural exploitation and other hardware attacks.
Stars: ✭ 29 (-91.85%)
Mutual labels:  proof-of-concept
savjeecoin-frontend
Angular app to visualize & interact with a blockchain
Stars: ✭ 55 (-84.55%)
Mutual labels:  proof-of-concept
advisories
Advisories and Proofs of Concept by BlackArrow
Stars: ✭ 17 (-95.22%)
Mutual labels:  proof-of-concept
clean-ddd-php-poc-contacts
A simple contact manager API to demonstrate the concepts of Clean Architecture and DDD with PHP 7.4+.
Stars: ✭ 31 (-91.29%)
Mutual labels:  proof-of-concept
keras-semantic-segmentation-example
Example of semantic segmentation in Keras
Stars: ✭ 53 (-85.11%)
Mutual labels:  proof-of-concept
Crookedstylesheets
Webpage tracking only using CSS (and no JS)
Stars: ✭ 3,269 (+818.26%)
Mutual labels:  proof-of-concept
embernati-upload-demo
workmanw.github.io/embernati-upload-demo
Stars: ✭ 42 (-88.2%)
Mutual labels:  proof-of-concept
ReflectivePELoader
Reflective PE loader for DLL injection
Stars: ✭ 130 (-63.48%)
Mutual labels:  proof-of-concept
hacker
Hack on your project easily. A liftoff proof-of-concept.
Stars: ✭ 21 (-94.1%)
Mutual labels:  proof-of-concept
cryptographic-protocols-arduino-and-PC
This project demonstrates how cryptographic protocols can be implemented for the case when an Arduino board and a PC communicate. Primitives implemented: AES, RSA and Diffie–Hellman key exchange.
Stars: ✭ 46 (-87.08%)
Mutual labels:  proof-of-concept
order-management-system
Ecommerce demo microservice platform, a proof of concept for microservices architecture
Stars: ✭ 15 (-95.79%)
Mutual labels:  proof-of-concept
cordentity-poc-supply-chain
A proof of concept for cordentity
Stars: ✭ 20 (-94.38%)
Mutual labels:  proof-of-concept
mesh-botnet
🐍 Proof-of-concept python IRC botnet for orchestrating macOS computers (harmless due to SIP & Gatekeeper)
Stars: ✭ 73 (-79.49%)
Mutual labels:  proof-of-concept
Defeat-Defender-V1.2
Powerful batch script to dismantle complete windows defender protection and even bypass tamper protection ..Disable Windows-Defender Permanently....Hack windows. POC
Stars: ✭ 885 (+148.6%)
Mutual labels:  proof-of-concept
busysteg
👻 Hide information content into busy areas of images, optimally
Stars: ✭ 62 (-82.58%)
Mutual labels:  proof-of-concept
Recyclerviewitemdecorations
ItemDecoration for Android Recyclerview
Stars: ✭ 351 (-1.4%)
Mutual labels:  proof-of-concept
container-image-sign-and-verify-with-cosign-and-opa
This is just a proof-of-concept project that aims to sign and verify container images using cosign and OPA (Open Policy Agent)
Stars: ✭ 54 (-84.83%)
Mutual labels:  proof-of-concept
react-mvp
Model-View-Presenter Proof of Concept in React
Stars: ✭ 38 (-89.33%)
Mutual labels:  proof-of-concept
View All Similar Projects ➔

iOS 8.3 Mail.app inject kit

Back in January 2015 I stumbled upon a bug in iOS's mail client, resulting in <meta http-equiv=refresh> HTML tag in e-mail messages not being ignored. This bug allows remote HTML content to be loaded, replacing the content of the original e-mail message. JavaScript is disabled in this UIWebView, but it is still possible to build a functional password "collector" using simple HTML and CSS.

It was filed under Radar #19479280 back in January, but the fix was not delivered in any of the iOS updates following 8.1.2. Therefore I decided to publish the proof of concept code here.

Demo: https://www.youtube.com/watch?v=9wiMG-oqKf0

Update 2015-06-30:

The exploit got a nice CVE-2015-3710 sticker and was fixed by Apple in iOS 8.4 and OS X 10.10.4. Kudos to Apple for prompt response once it was published publicly.

Usage

  1. Edit the e-mail address you would like to use for password collection in framework.php
  2. Upload index.php, framework.php and mydata.txt to your server
  3. Send an e-mail containing HTML code from email.html to the research subject
    • Don't forget to change the modal-username GET parameter value to the e-mail address of the recipient
    • You can use https://putsmail.com for testing purposes

Credits

License

MIT

Notes

  • The code detects that the research subject has already visited the page in the past (using cookies) and it stops displaying the password prompt to reduce suspicion.
  • The e-mail address and password are submitted via GET to framework.php, which then saves them to the mydata.txt file, sends them out via e-mail to the specified "collector" e-mail address and then returns the research subject back to Mail.app using redirect to message://dummy.
  • The password field has autofocus enabled. We then use focus detection to hide the login dialog once the password field loses its focus (e.g. after the subject clicks on OK and submits the password).
  • Why even bother with this redirect nonsense when you can put <form> directly inside the HTML e-mail?
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].