A security researcher has found that certain Wi-Fi networks with the percentage symbol (%) in their name can turn off Wi-Fi on iPhones and other iOS devices. Carl Schou tweeted that if an iPhone comes within range of a network called% secretclub% power, the device will not be able to use the WiFi or related features and even after resetting the network settings the error may still show WiFi. the device is unusable.
You can permanently turn off WiFi on any iOS device by hosting a public WiFi called% secretclub% power
Resetting the network settings does not guarantee that functionality will be restored.#infosec # 0day
– Carl Schou (@vm_call) 4th July 2021
A few weeks ago, Schou and his non-profit group, Secret clubreverse engineering software for research purposes, found that when an iPhone is connected to a network with the SSiD name% p% s% s% s% s% n it would cause a bug in the iOS network stack that would disable its Wi-Fi, and system network functions like AirDrop would become unusable.
9to5 Mac offered a possible explanation for the strange bug:
the ‘%[character]’Syntax is often used in programming languages to format variables into an output string. In C, the specifier ‘% n’ means to store the number of characters written in the format string in a variable that is passed to the string format function. The Wi-Fi subsystem is likely to pass the Wi-Fi network name (SSID) uncleaned to an internal library that does the string formatting, which in turn causes an arbitrary memory write and buffer overflow. This leads to memory corruption and the iOS watchdog kills the process, effectively disabling Wi-Fi for the user.
We reached out to Apple to see if they were working on a fix and will update when we hear from them. But 9to5 Mac Notes, the error can probably be avoided by not connecting to Wi-Fi networks with percent symbols in their names.