[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FD] : "Glass Cage" – Zero-Click iMessage → Persistent iOS Compromise + Bricking (CVE-2025-24085 / 24201, CNVD-2025-07885)

To: Patrick <kroppoloe@xxxxxxxxxxxxx>
Subject: Re: [FD] : "Glass Cage" – Zero-Click iMessage → Persistent iOS Compromise + Bricking (CVE-2025-24085 / 24201, CNVD-2025-07885)
From: Joseph Goydish II via Fulldisclosure <fulldisclosure@xxxxxxxxxxxx>
Date: Thu, 30 Oct 2025 11:07:04 +0000

Hey Patrick, I understand the doubt.

However… what’s not slop is reproducible logs I provided a video of and the 
testable, working exploit I provided.

 Neither is the upstream patches that can be tracked from the disclosure dates 
to the cve’s listed in the report.

The exploit was caught in the wild, reversed engineered via log analysis and 
the logs provided are simply observed behavior. Please feel free to 
independently test the exploit.

Your assumptions and rhetoric do not help in why people use this mailing list, 
for good faith reporting.

-------- Original Message --------
On Thursday, 10/30/25 at 06:03 Patrick <kroppoloe@xxxxxxxxxxxxx> wrote:
This is fake and AI generated.

Sent from Proton Mail for iOS.

-------- Original Message --------
On Thursday, 10/30/25 at 02:18 josephgoyd via Fulldisclosure 
<fulldisclosure@xxxxxxxxxxxx> wrote:
The exploit I caught in the wild and the flow of the attack chain are in this 
repo: https://github.com/JGoyd/Glass-Cage-iOS18-CVE-2025-24085-CVE-2025-24201

The report was constructed via log analysis.

-------- Original Message --------
On Wednesday, 10/29/25 at 01:44 Christoph Gruber <list@xxxxxxx> wrote:
It seems, the whole account is down
--
Christoph Gruber

> Am 29.10.2025 um 03:37 schrieb Noor Christensen <kchr+fd@xxxxxxxxxxx>:
>
> On Thu Oct 2, 2025 at 11:45 PM CEST, josephgoyd via Fulldisclosure wrote:
>>> ----------------------------------------------------------------------
>>>
>>> Full Technical Disclosure:
>>>
>>> [Glass Cage iOS Attack 
>>> Chain](https://weareapartyof1.substack.com/p/glass-cage-zero-day-imessage-attack)
>
> Hi Joseph,
>
> Looks like your post with the technical details is down; I'm getting a 404 
> since
> yesterday.
>
> -- kchr
> _______________________________________________
> Sent through the Full Disclosure mailing list
> https://nmap.org/mailman/listinfo/fulldisclosure
> Web Archives & RSS: https://seclists.org/fulldisclosure/

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: https://seclists.org/fulldisclosure/
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: https://seclists.org/fulldisclosure/

Prev by Date: Re: [FD] : "Glass Cage" – Zero-Click iMessage → Persistent iOS Compromise + Bricking (CVE-2025-24085 / 24201, CNVD-2025-07885)
Next by Date: Re: [FD] 83 vulnerabilities in Vasion Print / PrinterLogic
Previous by thread: Re: [FD] : "Glass Cage" – Zero-Click iMessage → Persistent iOS Compromise + Bricking (CVE-2025-24085 / 24201, CNVD-2025-07885)
Next by thread: Re: [FD] 83 vulnerabilities in Vasion Print / PrinterLogic
Index(es):
- Date
- Thread