The "su" is if you're logging in from the terminal app on your phone, not sshing into it. The terminal starts as an privileged user.<br><br><div class="gmail_quote">On Wed, Nov 4, 2009 at 11:34 AM, Brian Johnson <span dir="ltr"><<a href="mailto:noisebridge@dogtoe.com">noisebridge@dogtoe.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">You don't need to "su" if you login to ssh as root.<br clear="all"><br>- Brian<br>
<br><br><div class="gmail_quote"><div><div></div><div class="h5">On Wed, Nov 4, 2009 at 11:10 AM, Micah Lee <span dir="ltr"><<a href="mailto:micahflee@gmail.com" target="_blank">micahflee@gmail.com</a>></span> wrote:<br>
</div></div><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"><div><div></div><div class="h5">
Change your root password from alpine to something else, if you haven't already. It looks like this Dutch kid hacked people's jailbroken iPhones by sshing as root with the default password: <a href="http://arstechnica.com/apple/news/2009/11/dutch-hacker-holds-jailbroken-iphones-hostage-for-5.ars" target="_blank">http://arstechnica.com/apple/news/2009/11/dutch-hacker-holds-jailbroken-iphones-hostage-for-5.ars</a><br>
<br>I don't have an iPhone so I can't test this stuff myself, but I'm guessing that they don't have firewalls, and if you have a 3G data plan your ssh port is wide open to the internet. So anyone that knows the AT&T IP address range for iPhones can scan for port 22, and then try logging in as root, with the default password alpine.<br>
<br>You can change your password by ssh'ing into your phone like so:<br><br>ssh root@YOUR_IPHONES_IP<br><br>Or from your iPhone, if you have the terminal app installed, open the terminal and type:<br><br>su<br><br>The default password is alpine. Once you're logged in, just type:<br>
<br>passwd<br><br>And you can change your password.<br><br>Also, I was playing with my iPod Touch and found some interesting things. If you are ssh'd into an iPhone or iPod Touch, /private/var/mobile/Applications/ contains all of the apps installed on the device, and all the private data for them. So, for example, on my iPod Touch,<br>
<br>/private/var/mobile/Applications/27201D0E-D41A-4198-9FC0-185868FC28ED/AIM Free.app/<br><br>is where the AIM app is installed, and<br><br>/private/var/mobile/Applications/27201D0E-D41A-4198-9FC0-185868FC28ED/Documents/Accounts.accounts<br>
<br>is where I found my saved AIM password, in plaintext. Also,<br><br>/User/Library/Cookies/Cookies.plist<br><br>contains all my mobile Safari cookies, including the saved ones for logging into Gmail.<br><br>There's normally a lot more info than this that can be found on iPhones, so change your password if you haven't already.<br>
<font color="#888888">
<br>Micah<br>
</font><br></div></div>_______________________________________________<br>
Noisebridge-discuss mailing list<br>
<a href="mailto:Noisebridge-discuss@lists.noisebridge.net" target="_blank">Noisebridge-discuss@lists.noisebridge.net</a><br>
<a href="https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss" target="_blank">https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss</a><br>
<br></blockquote></div><br>
</blockquote></div><br>