Pod2G is known for discovering vulnerabilities in iPhone which have been used for JailBreak purposes. He had made many tethered JailBreak untethered merely with his exploit finding capabilities. The iPhone hacker has found a flaw in the SMS system of iPhone which existed since the very first version of iPhone software and persists even now in iOS 6 Beta 4. Unfotunately, no one took a notice of it and bewared people about it before.
When we send an SMS from the Messages applications, it’s sent via carrier in the form of the PDU (Protocol Description Unit) which is a protocol to send text messages. However, it’s not limited to smartphones. Many HTTP request are sent in PDU for the compression. Due to the fact that this is the medium for the delivery, the text message contains two numbers – one is the original no. and other one is reply-to number.
Some smartphones where the implementation is properly done shows both original as well as reply-to no’s. Whereas, in case of iPhone, you are showed only original no. and not the reply-to no. Hence, anyone could send you SMS from the original no. and when you would reply to the text message, it would be sent to the reply-to number which is not shown to you. This could lead to phishing in iPhone. Suppose, if someone send you SMS from Bank, asking you about confidential information and changes the reply-to number, all of the information would be diverted to some other recipient.
Needless to say, that data could be used for any purpose. This reply-to no. is included in User Data Header (UDH) which isn’t even checked by your carrier at the time of sending SMS to the recipient. We really hope Apple would have taken notice of this issue and it would be fixed on priority in upcoming major release of iOS or through any minor firmware update in future.
Let’s know your thoughts in comment section.