1. iPhone Hacking for fun and profit Term Project for CAP 6135 Malware and Software Vulnerability Noah Guilbault and Zachary Neyland

2. iPhones are Everywhere Apple has touted that they have sold more than 30 million iPhones. A significant amount of sensitive personal information is stored on an iPhone. Usernames, passwords, email, contacts, web cache The iPhone has proved to be exploitable. QuickPWN, iFuntastic, www.exploitingiphone.comwww.exploitingiphone.com YellowSn0w, Redsn0w applications Provide tethering and remove AT&T carrier

3. Fuzz testing with the iPhone Plan on using the iPhone development kit Create / Port fuzz tester used for assignment 2 to iPhone Mobile Safari has history of poor url handling Shell access has previously been obtained using malformed url Many 3 rd party iPhone applications use remote communications or url's as well Attempt to identify new / known issues on iPhone firmware versions or applications

4. Pwned iPhones and exploits Jailbreaking the iPhone is now a point and click operation. An increasing number of users are Jailbreaking the iPhone for additional capabilities Attempt to port the Assignment 1 example to the iPhone to determine the feasibility of obtaining shell access to jailbroken iPhone Additionally, perform fuzz testing on jailbroken iPhone applications to locate potential flaws.

5. A Community of Hackers & Why The iPhone Dev Team is a community of iPhone Hackers Currently developing an AppStore for jailbroken iPhones Enabled extend functionality beyond intended capabilities Tethering, non At&T carriers, speciality applications Allows applications that Apple's AppStore will not distribute.

6. Identified Resources Apple's iPhone Developer's Program http://developer.apple.com/iphone/program/ Exploiting the iPhone http://content.securityevaluators.com/iphone/ Iphone Hacks http://www.iphonehacks.com/ Iphone Dev Team Blog http://blog.iphone-dev.org/ Mobile Malware Attacks and Defense By Ken Dunham ISBN 1597492981