目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1000

100.0%
请我们喝杯咖啡

CVE-2014-1266 PoC — Apple iOS ‘SSLVerifySignedServerKeyExchange’函数输入验证漏洞

来源
https://github.com/macressler/SSLPatch
关联漏洞
标题:Apple iOS ‘SSLVerifySignedServerKeyExchange’函数输入验证漏洞 (CVE-2014-1266)
Description:Apple iOS、Apple TV和Apple OS X都是美国苹果(Apple)公司的产品。Apple iOS是为移动设备所开发的一套操作系统;Apple TV是一款高清电视机顶盒产品;Apple OS X是为Mac计算机所开发的一套专用操作系统。 Apple iOS中的Data Security组件Secure Transport的功能的libsecurity_ssl/lib/sslKeyExchange.c文件中的‘SSLVerifySignedServerKeyExchange’函数存在安全漏洞
Description
Patch iOS SSL vulnerability (CVE-2014-1266)
介绍
# SSL Patch (CVE-2014-1266)
Copyright (c) 2014 Linus Yang

Introduction
------
__CVE-2014-1266__, or known as "`goto fail` SSL verification exploit", is a very serious SSL/TLS vulnerability of iOS and OS X. Apple issues iOS 6.1.6 and 7.0.6 to fix this problem, but ignores some users who can't or just don't want to upgrade their systems to iOS 7 (e.g. users with older devices, or iOS 7 haters :P).

Finally, here is an elegant solution, especially for iOS jailbreak users: a Cydia Substrate tweak for fixing this SSL vulnerability. This tweak is a _runtime patch_ that __won't modify any system files__, so very __safe__ to use.

To install this fix, you can
  
  * Add repo [http://yangapp.googlecode.com/svn](http://yangapp.googlecode.com/svn) to Cydia, then search and install "SSL Patch",
  * Or manually download at the [Release Tab](https://github.com/linusyang/SSLPatch/releases) and install by iFile or dpkg.

After installation, you can use Safari to verify if the fix works by visiting following sites:

  * "Goto Fail": [gotofail.com](https://gotofail.com)
  * "Adam Langley's Weblog": [imperialviolet.org](https://www.imperialviolet.org:1266) (_If Safari can't open this page, it means the fix works._)

If you find any issue after installing this tweak, just uninstall it in Cydia.

Reference
------
[Adam Langley's Writeup](https://www.imperialviolet.org/2014/02/22/applebug.html)

[Apple OpenSource Library](http://opensource.apple.com/source/Security/Security-55471/libsecurity_ssl/lib/sslKeyExchange.c)

Build
------
```Bash
git clone --recursive https://github.com/linusyang/SSLPatch.git
cd SSLPatch
make
make package # If you have dpkg-deb utilities
```

License
------
Licensed under [GPLv3](http://www.gnu.org/copyleft/gpl.html).
文件快照

 [4.0K]  /data/pocs/88ab681d8342940006080dd2c89fe3a635b5eef4
├── [ 421]  control
├── [ 47K]  internal.c
├── [ 30K]  internal.h
├── [ 394]  Makefile
├── [1.7K]  README.md
├── [  54]  SSLPatch_CVE-2014-1266.plist
├── [4.0K]  theos
└── [1.6K]  Tweak.xm

1 directory, 7 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮件到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对 POC 代码进行快照,为了长期维护,请考虑为本地 POC 付费/捐赠,感谢您的支持。