POC详情: d749c23ffe89c97999483f7f939e4c4643d008d5

来源
https://github.com/linusyang/SSLPatch
关联漏洞
标题: Apple iOS ‘SSLVerifySignedServerKeyExchange’函数输入验证漏洞 (CVE-2014-1266)
描述:Apple iOS、Apple TV和Apple OS X都是美国苹果(Apple)公司的产品。Apple iOS是为移动设备所开发的一套操作系统;Apple TV是一款高清电视机顶盒产品;Apple OS X是为Mac计算机所开发的一套专用操作系统。 Apple iOS中的Data Security组件Secure Transport的功能的libsecurity_ssl/lib/sslKeyExchange.c文件中的‘SSLVerifySignedServerKeyExchange’函数存在安全漏洞
描述
Patch iOS SSL vulnerability (CVE-2014-1266)
介绍
# SSL Patch (CVE-2014-1266)
Copyright (c) 2014 Linus Yang

Introduction
------
__CVE-2014-1266__, or known as "`goto fail` SSL verification exploit", is a very serious SSL/TLS vulnerability of iOS and OS X. Apple issues iOS 6.1.6 and 7.0.6 to fix this problem, but ignores some users who can't or just don't want to upgrade their systems to iOS 7 (e.g. users with older devices, or iOS 7 haters :P).

Finally, here is an elegant solution, especially for iOS jailbreak users: a Cydia Substrate tweak for fixing this SSL vulnerability. This tweak is a _runtime patch_ that __won't modify any system files__, so very __safe__ to use.

To install this fix, you can
  
  * Add repo [http://yangapp.googlecode.com/svn](http://yangapp.googlecode.com/svn) to Cydia, then search and install "SSL Patch",
  * Or manually download at the [Release Tab](https://github.com/linusyang/SSLPatch/releases) and install by iFile or dpkg.

After installation, you can use Safari to verify if the fix works by visiting following sites:

  * "Goto Fail": [gotofail.com](https://gotofail.com)
  * "Adam Langley's Weblog": [imperialviolet.org](https://www.imperialviolet.org:1266) (_If Safari can't open this page, it means the fix works._)

If you find any issue after installing this tweak, just uninstall it in Cydia.

Reference
------
[Adam Langley's Writeup](https://www.imperialviolet.org/2014/02/22/applebug.html)

[Apple OpenSource Library](http://opensource.apple.com/source/Security/Security-55471/libsecurity_ssl/lib/sslKeyExchange.c)

Build
------
```Bash
git clone --recursive https://github.com/linusyang/SSLPatch.git
cd SSLPatch
make
make package # If you have dpkg-deb utilities
```

License
------
Licensed under [GPLv3](http://www.gnu.org/copyleft/gpl.html).
文件快照

 [4.0K]  /data/pocs/d749c23ffe89c97999483f7f939e4c4643d008d5
├── [ 502]  control
├── [ 47K]  internal.c
├── [ 30K]  internal.h
├── [ 486]  Makefile
├── [ 16K]  minimal.c
├── [ 22K]  minimal.h
├── [1.7K]  README.md
├── [  54]  SSLPatch_CVE-2014-1266.plist
├── [4.0K]  theos
└── [2.3K]  Tweak.x

1 directory, 9 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。