Hackers May Have Found A Way To Create Multiple ValidationData With One iPhone 4S

If you want Siri on your iPhone 4, iPod Touch or iPad you have to use Spire and a SiriProxy with ValidationData from an iPhone 4S. You can either set the SiriProxy server up yourself and feed it with your own iPhone 4S keys, or you can use one of the SiriProxies from our SiriProxy Server List. There are many paid servers, but there are also free ones. The most popular being “The Three Little Pigs Server“.

But there is one big problem with these SiriProxies: The ValidationData, which has to be grabbed from an iPhone 4S, only lasts 24 hours. This means that the keys on the server have to be renewed every 24 hours. This is very annoying, especially for the free SiriProxy Servers, because there have to be people who donate their keys every day.

One of the founders of The Three Little Pigs now tweeted that he found an exploit in the Siri Protocol that allows him to create multiple ValidationData with just one iPhone 4S.

@jimmykane9 explains how the process of generating the ValidationData works:

Every time an iDevice uses Siri for the first time or creates a new assistant in apple database, guzzoni replies with a property validityDuration that tells for how long the generated validation data from the iDevice are valid.
Default reply on this by apple is: 90000 sec = 25h!!!

So response from apple is:
{“class”=>”CreateSessionInfoResponse”,
“properties”=>
{“sessionInfo”=>
“\x02\b N\xF7\x88o\t!\xEE\xE4w\x83\x1AH\x1E\x81\x00\x00\x

00@\xEA\xE2\x17\x1F!\xD4\xF6%-

\xB7\x0FRr\x8D\x1D\x9D\xDF\xE1@&=\x96\xEDkf(\xC6

f\xA4\xDBl\xA5oE\xD1\x13\xE9G\xFEj\xA0\x83\xDF\xD

B\xCE\xDA\x0F\xFE’\xB7p9\x8Egz\x14\xEA\xC0\xD3[t\

xBCW\xE1\x01\xF0R]\xED\xF1\t\x87]5\xE9\x9Da{\xCC\

x0F\x12z\xCF\xA9Y\x00\x00\x006\x05\x03\x8A\xC2\xD

6w\xA6\xF5\xD8*4\\\xB8\xA2\xB2\xE7\x0F\x12O;

\x95luD\x83:\xA3\xAC,,,.\x81\xF9\xE2i\xD6\xED\xCC\x9

Ee9\xADuN\x83F[\x06\xC2\x8D2\xB2",

"validityDuration"=>90000}
And we just change the validityDuration to whatever we please

By changing the validityDuration to another value, say 15 seconds, the ValidationData will be renewed every time you use Siri and the keys are older than 15 seconds.

jimmykane9 has already added the exploit to the experimental tree of The Three Little Pigs server. In order to use the exploit, you need a jailbroken iPhone 4S:

  • Edit the config.yml file of your SiriProxy and set regenerate_interval to the time after which the iPhone4S should generate new ValidationData. A good value is 15 seconds (default is 90000 seconds)
  • On your iPhone 4S, delete /var/mobile/Library/Preferences/com.apple.assistant.plist
  • Respring
  • Connect to the server and make a request. You should see something like -> "[Exploit - SiriProxy] Command send to iPhone4S to regenerate multiple keys every 15 seconds”
  • Done. Wait 15 seconds and use Siri again! You should have another key in your DB
  • Repeat as many times you want!
  • To restore just delete the assistant.plist.
Jimmykane9 also said that this can probably also be integrated into the assistant.plist directly, but he hasn’t tested it yet.
We can’t verify if this process of generating multiple validationData with one iPhone 4S actually works, but uf it does, we could see a dramatic increase in free SiriProxy servers, because you could basically use one iPhone 4S to get thousands of older devices connected to Siri’s servers.

But even if this works without any issues, we have to keep in mind that Apple might fix this exploit, as it looks like they are now actively fighting against Spire and SiriProxies.

Follow us on twitter or like our facebook page for more updates.

via QuartzCoding


Follow us on Twitter of Like our Facebook page to get the latest news from our site:

Share this article

Share

2 thoughts on “Hackers May Have Found A Way To Create Multiple ValidationData With One iPhone 4S

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>