It is a habit of countless modern people to find WiFi first when they go to a place. However, you should be cautious when encountering strange WiFi names (SSIDs). Recently, someone has trouble connecting to WiFi with an iPhone.
After security researcher Carl Schou tried to connect to the %p%s%s%s%s%n with an iPhone, he found that the WiFi function of the mobile phone was not available. Manually turning on the WiFi will also automatically turn off, restart the phone or change the WiFi The name is useless.
Carl Schou first tested this bug on the iPhone XS running iOS 14.4.2, and later experiments on iOS 14.6 showed that this bug still exists.
After Carl Schou announced the bug on Twitter, many netizens reproduced the problem on their iPhones. Some netizens even found that the bug would also affect the normal use of AirDrop.
However, currently Android phone users are not affected by this bug.
Although it seems nonsensical, this bug is real. Some netizens believe that this bug deserves more attention. This may be a privilege escalation vulnerability. If it is exploited, many iPhone users will be affected.
Why does the iPhone have such a bug?
After the bug was exposed, many security researchers conducted analysis and believed that input parsing problems might have caused the bug.
When a string with% appears in the WiFi name, iOS may mistake the WiFi name as a string format specifier.
In C and C-style languages, string format specifiers have specific meanings and are often processed by language compilers as variable names or commands instead of text. For example, the command printf("geeks for %ngeeks", &c); will not output %n, but will store the number of characters before %n in variable c. %n is just a format specifier, not a real text string. Therefore, the output of this command is geeks for geeks and does not contain %n.
In the same way, when the iPhone tries to connect to WiFi %p%s%s%s%s%n, the iPhone does not interpret this string of characters as text but handles them as a special string, which causes system memory damage and activates the protection mechanism To force the WiFi function to be turned off.
How to solve?
Although restarting the phone failed to solve the bug, in fact its solution is not troublesome:
Settings> General> Restore> Restore Network Settings (Settings> General> Reset> Reset Network Settings)
After that, you can reconfigure the network settings.
Of course, if you want to prevent problems before they happen, the best way is not to connect to insecure networks, especially those with% in the WiFi name. Of course, only iPhone users should pay special attention to this point.
Reference link:
- https://www.bleepingcomputer.com/news/security/iphone-bug-breaks-wifi-when-you-join-hotspot-with-unusual-name/
- https://www.zdnet.com/article/iphone-bug-makes-it-easy-for-someone-to-break-your-wi-fi-heres-the-fix-and-how-to-prevent-it/#ftag=RSSbaffb68
- https://blog.chichou.me/2021/06/20/quick-analysis-wifid/
- https://twitter.com/vm_call
**粗体** _斜体_ [链接](http://example.com) `代码` - 列表 > 引用。你还可以使用@来通知其他用户。