Summary This post details the step-by-step method required to extract a plist/OAuth token from a standard (non encrypted) iTunes backup of any iOS device (iPod Touch, iPhone and iPad) and then copy this onto another device to automatically log in using those creditials. NOTE: The process outlined below will not work if you have iTunes [...]

Filed under: Apple, iPad, iPhone, Security, Technology, backup, break into, bypass, dropbox, facebook, flaw, guide, hack, hacking, hole, how to, instrucitons, ios, iPad, iPhone, itunes, linkedin, OAuth, security, tumblr, vimeo, vulnerability | 14 Comments

Following the recent findings by Gareth Wright about Facebook iOS app storing authentication keys in a plain text file that is easily accessible even on non-jailbroken devices (allowing it to simply be copied to another device to grant access to that account) we have just discovered the same security flaw is also present in the latest version [...]

Filed under: Apple, iPhone, Technology, encrypted, flaw, hash, hole, in, linked, linkedin, plist, security, vulnerability, weak | 7 Comments