Is you iPhone jailbroken?

Nov 04, 2009 13:47

If you've jailbroken your iPhone and installed SSH, you should probably change your root password.

From a maillist I'm on:
> Change your root password from alpine to something else, if you haven't
> already. It looks like this Dutch kid hacked people's jailbroken iPhones by
> sshing as root with the default password:
> http://arstechnica.com/apple/news/2009/11/dutch-hacker-holds-jailbroken-iphones-hostage-for-5.ars
>
> I don't have an iPhone so I can't test this stuff myself, but I'm guessing
> that they don't have firewalls, and if you have a 3G data plan your ssh port
> is wide open to the internet. So anyone that knows the AT&T IP address range
> for iPhones can scan for port 22, and then try logging in as root, with the
> default password alpine.
>
> You can change your password by ssh'ing into your phone like so:
>
> ssh root@YOUR_IPHONES_IP
>
> Or from your iPhone, if you have the terminal app installed, open the
> terminal and type:
>
> su
>
> The default password is alpine. Once you're logged in, just type:
>
> passwd
>
> And you can change your password.
>
> Also, I was playing with my iPod Touch and found some interesting things.
> If you are ssh'd into an iPhone or iPod Touch,
> /private/var/mobile/Applications/ contains all of the apps installed on the
> device, and all the private data for them. So, for example, on my iPod
> Touch,
>
> /private/var/mobile/Applications/27201D0E-D41A-4198-9FC0-185868FC28ED/AIM
> Free.app/
>
> is where the AIM app is installed, and
>
>
> /private/var/mobile/Applications/27201D0E-D41A-4198-9FC0-185868FC28ED/Documents/Accounts.accounts
>
> is where I found my saved AIM password, in plaintext. Also,
>
> /User/Library/Cookies/Cookies.plist
>
> contains all my mobile Safari cookies, including the saved ones for logging
> into Gmail.
>
> There's normally a lot more info than this that can be found on iPhones, so
> change your password if you haven't already.
Previous post Next post
Up