[Noisebridge-discuss] If you have a jailbroken iPhone with OpenSSH installed...
Micah Lee
micahflee at gmail.com
Wed Nov 4 19:40:15 UTC 2009
The "su" is if you're logging in from the terminal app on your phone, not
sshing into it. The terminal starts as an privileged user.
On Wed, Nov 4, 2009 at 11:34 AM, Brian Johnson <noisebridge at dogtoe.com>wrote:
> You don't need to "su" if you login to ssh as root.
>
> - Brian
>
>
> On Wed, Nov 4, 2009 at 11:10 AM, Micah Lee <micahflee at gmail.com> wrote:
>
>> Change your root password from alpine to something else, if you haven't
>> already. It looks like this Dutch kid hacked people's jailbroken iPhones by
>> sshing as root with the default password:
>> http://arstechnica.com/apple/news/2009/11/dutch-hacker-holds-jailbroken-iphones-hostage-for-5.ars
>>
>> I don't have an iPhone so I can't test this stuff myself, but I'm guessing
>> that they don't have firewalls, and if you have a 3G data plan your ssh port
>> is wide open to the internet. So anyone that knows the AT&T IP address range
>> for iPhones can scan for port 22, and then try logging in as root, with the
>> default password alpine.
>>
>> You can change your password by ssh'ing into your phone like so:
>>
>> ssh root at YOUR_IPHONES_IP
>>
>> Or from your iPhone, if you have the terminal app installed, open the
>> terminal and type:
>>
>> su
>>
>> The default password is alpine. Once you're logged in, just type:
>>
>> passwd
>>
>> And you can change your password.
>>
>> Also, I was playing with my iPod Touch and found some interesting things.
>> If you are ssh'd into an iPhone or iPod Touch,
>> /private/var/mobile/Applications/ contains all of the apps installed on the
>> device, and all the private data for them. So, for example, on my iPod
>> Touch,
>>
>> /private/var/mobile/Applications/27201D0E-D41A-4198-9FC0-185868FC28ED/AIM
>> Free.app/
>>
>> is where the AIM app is installed, and
>>
>>
>> /private/var/mobile/Applications/27201D0E-D41A-4198-9FC0-185868FC28ED/Documents/Accounts.accounts
>>
>> is where I found my saved AIM password, in plaintext. Also,
>>
>> /User/Library/Cookies/Cookies.plist
>>
>> contains all my mobile Safari cookies, including the saved ones for
>> logging into Gmail.
>>
>> There's normally a lot more info than this that can be found on iPhones,
>> so change your password if you haven't already.
>>
>> Micah
>>
>> _______________________________________________
>> Noisebridge-discuss mailing list
>> Noisebridge-discuss at lists.noisebridge.net
>> https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.noisebridge.net/pipermail/noisebridge-discuss/attachments/20091104/65f01ef5/attachment-0003.html>
More information about the Noisebridge-discuss
mailing list