Actionscript Null pointer Exploit

[pt1989]

Fiat,
Could you please send me the info for one of the exploits? My computer science teacher wants us to do a final project, and this would be fun and useful.
thanks

dude the exploits confidentiality is more important than your CS project...
else the Archos Villains will patch it up... like it won't even matter cause I won't update and if I do it will only be to be compatible with any newer h4xs


fiat rocks.... offering a new ray of hope to those who've been foolish to update to 1.8.x

@fiat plz don't make the bugs public...
hope these bugs will either :
a.) Allow an alternative OS to be installed permanently
b.) Provide an alternate way to start up Qtopia... coz not everybody has WiFi access everywhere


again fiat u rock...

[thethirdmoose]

...i think it's pretty obvious that I'm not an archos employee...

[pt1989]

of course not Archos Employees use iPods and Windows Vista...

[fiat]

If anybody is an Archos mole it's the OpenPMA guys.. The 'hai we cracked the firmware' with no release is a pretty good indicator. If they had a firmware hack, Archos couldn't stop them, so why all the secrecy?

[dpvu]

I'd appreciate a new exploit. I had to RMA my Archos 605 and it came back with 1.8.13 on it. Since that's impossible to downgrade, I went ahead and upgraded to 2.1.

[Karl Yeurl]

The 'hai we cracked the firmware' with no release is a pretty good indicator. If they had a firmware hack, Archos couldn't stop them, so why all the secrecy?

You're not wrong =/.

Anyway, a new hack vould be appreciable : Archos's gonna release up-to-date firmwares with their new devices, that's obvious. And it would be better for the ones who didn't upgrade too : in that way, it is more likely to get new stuff for Qtopia.

Anyhow, fiat, I'm definitely lookin' after the news you'll give about these new hacks, even if I'm sure I won't get my Archos back for two months (and that I might get a firmware 1.7.x), it's always enjoyable to hear news from Archos being hacked .

See ya !
(eh, if I made a huge grammatical mistake or anything, just tell it, I'm french (not from France, eh) and I've gotta improve my English :P)

[Zavior]

So I bought an refurbished Archos 604 WiFi and it came with the newest firmware (1.6.53). After reading around the forum it seems that things have really slowed down in the last month or two. Is anyone still out there looking into new exploits? If anyone wants something tested on the newer firmware I will be happy to do it for them. Just looking to see if there is still hope!

[pt1989]

patience...

[DRINU]

patience...

why?

[pt1989]

because the people behind this simply do not have a lot of time for doing these projects... they have families and REAL jobs too...

[daithi81]

because the people behind this simply do not have a lot of time for doing these projects... they have families and REAL jobs too...

I think this is far more important than mere families.

[Zavior]

I am certainly not trying to pressure anyone into getting things done sooner. I realize that it will take time. I was just wondering if anyone was still working on it, whether something was going to be released soon or not.

[daedlus]

Here is a link to a new exploit which might lend itself to what we need:

http://www.securityfocus.com/bid/29386/discuss

Also, the previously described exploit, from what I could grok, should be just fine in doing remote code execution on a per-unit basis without the need of an internet connection. The caveat is that it would have to be re-executed at each reboot (as we currently do) and also it would not allow us to replace the original firmware, just keep doing what we are doing now except with the updated firmware.

Crafting the document to do this would be a royal pain in the rear end but is entirely possible.

[layzee]

What do you want to run with an exploit - the current public OpenPMA is more of a proof of concept. Maybe someone will help us out when the new OpenPMA arrives...

[daedlus]

What do you want to run with an exploit - the current public OpenPMA is more of a proof of concept. Maybe someone will help us out when the new version arrives...

The reason an exploit is needed is that the new firmwares for the archos gen 5 series have plugged the current exploit up, meaning people cannot install OpenPMA to begin with. Using the various holes in the flash player architecture we might be able to get remote code execution, thus replicating the GFT exploit except without the need for an internet connection.

Or something to that effect.

[Zavior]

The reason an exploit is needed is that the new firmwares for the archos gen 5 series have plugged the current exploit up, meaning people cannot install OpenPMA to begin with. Using the various holes in the flash player architecture we might be able to get remote code execution, thus replicating the GFT exploit except without the need for an internet connection.

The only problem with the flash exploit is that it would only be available to those with an x05 and the opera plug-in. Granted that this is most people; some are stuck without flash support. Also it sounds like fiat has some "easier ways" in mind. Let's hope he can come up with something or get some time to maybe pass on a little information.

[pt1989]

because the people behind this simply do not have a lot of time for doing these projects... they have families and REAL jobs too...

I think this is far more important than mere families.

it is??? i don't know i don't work with OpenPMA or anything... i'm just sayin they are humans... not coffee-code/hack-converting-machines

[daedlus]

because the people behind this simply do not have a lot of time for doing these projects... they have families and REAL jobs too...

I think this is far more important than mere families.

<-----NOTICE THIS

it is??? i don't know i don't work with OpenPMA or anything... i'm just sayin they are humans... not coffee-code/hack-converting-machines

He was being sarcastic.

[generic_username]

just for the record, you can operate some flash objects (.swf and .flv) from the file browser on the archos even without the opera plugin, you cannot as far as i know use the widgets tho.