• Your favorite








    , and
  • Dutch Jailbroken iPhones "Gehackt"

    A Dutch hacker gained access to a number of jailbroken iPhones that were running ssh with root passwords set to default, and demanded €5 to restore them. He's since returned the money, but the incident highlights a common security issue with jailbroken phones.

    It seems likely that the hacker portscanned for ssh on the T-mobile Netherlands network in order to find jailbroken iPhones with SSH running. He then changed their wallpaper to a graphic that mimics an SMS message, reading: "Your iPhone's been hacked because it's really insecure! Please visit doiop.com/iHacked and secure your iPhone right now! Right now, I can access all your files." The website contains a link to a PayPal account, and users were told to send him €5 for instructions on how to regain access to their phones. He also left the following message:
    "If you don't pay, it's fine by me. But remember, the way I got access to your iPhone can be used by thousands of others—they can send text messages from your number (like I did), use it to call or record your calls, and actually whatever they want, even use it for their hacking activities! I can assure you, I have no intention of harming you or whatever, but, some hackers do! It's just my advice to secure your phone."
    He subsequently apologized for asking for the money, and posted the restore instructions on his website.

    The exploit is not a complicated one, and a commenter to Ars Technica noted that security researchers have done it in the past, and downloaded users' SMS databases as a "proof of concept" that the security hole exists. A Netherlands-based commenter on tweakers.net provided this pithy explanation that will probably be understandable even by readers who speak no Dutch.

    A concern that I have involves problems users have noted after changing their root passwords using the passwd utility, as the Dutch hacker directs his "victims" to do. Users have reported that after changing the password using that method and rebooting, an "Edit home screen" message appears and Springboard crashes, entering a loop and rendering the device unusable. The phone then has to be restored.

    Has anyone had success with changing passwords using passwd... and if not, did the reported workaround solve the issue?

    image via tweakers.net
    This article was originally published in forum thread: Dutch Jailbroken iPhones "Gehackt" started by Paul Daniel Ash View original post
    Comments 80 Comments
    1. ecd5000's Avatar
      ecd5000 -
      that sucks for those ppl but who in their right minds would just pay some guy for that? he should have kept the money, cause there tards for sending to him in the 1st place
    1. ronfin44's Avatar
      ronfin44 -
      Quote Originally Posted by sale666 View Post
      How dum you got to be to pay him lol...
      Restore? Change the "APLINE" ...

      I doubt any 1 has actualy fallen for this crap cause if you jailbroken your phone than i doubt your a dum ***..
      Well, if you didn't know the difference between the use of "your", and "you're", then I'm sure there are a LOT of morons out there that fell for this. lol
    1. PaperCross's Avatar
      PaperCross -
      Thanks for the heads up! Just changed my passwd and setup ssh keys so i dont have to remember it until the next jailbreak
    1. area51crypto's Avatar
      area51crypto -
      Quote Originally Posted by deth View Post
      the easy way to change the root password is
      install mobile terminal fro Cydia
      after finish install please home button to go back to Home screen
      look for mobile terminal then open
      type "su" (without quote)
      then password "alpine" (without quote)
      now you are logging as root
      type "passwd" (without quote)
      type your new password
      retype your new password

      That's it

      after the instruction try to log in then enter password "alpine"
      the system will deny it.
      hope it help.

      Greeting from Laos
      First thank you for helping people on the forum as all of us are not pros!

      A lot of people with super amount of post have only rediculed us newbies instead of trying to help!

      I thank you!

      Here is my problem!

      I open Cydia and installed mobile terminal and used home key back to start and found mobile terminal icon and touched it and the mobile terminal starts and comes on for about 1 second then disappears I have turned of iphone and back on same thing!

      Any ideas?

      Thanks From

    1. onemandivision's Avatar
      onemandivision -
      just download bossprefs and deactivate ssh when you dont use it...
    1. Meglomaniac's Avatar
      Meglomaniac -
      lol really you didnt understand that since everybody has a default root passwd everybody could xs your phone.
      i am suprised it took this long.
    1. ddonuts4's Avatar
      ddonuts4 -
      The solution; turn of ssh! Leave it on only when your going to use it!
    1. w1r3d's Avatar
      w1r3d -
      in mexico you can not ssh over 3g or edge and the biggest internet providers here give u routers with firewalls activated by default so the only way i see this hapening here is if someone left ssh on, is conected over wifi and has the port open in the firewall.
    1. s4mb4's Avatar
      s4mb4 -
      all this discussion is silly. In the US with AT&T, this is simply not possible over 3G or EDGE.
    1. HitNWakes's Avatar
      HitNWakes -
      As stated before, just use SBSettings to turn off your SSH. or uninstall SSH from Cydia. Also, to the person that said Your not going to remember to turn off SSH everytime you update firmware (it was way back) you have to turn SSH off everytime you re-boot your phone. I make it a habbit to turn it off. Leaving it on also drains your battery.
    1. area51crypto's Avatar
      area51crypto -
      Best solution I have found is from Saurik!

      Open Cydia!

      Go down on opening screen to OpenSSH Access How-To

      Just follow the instructions!

      Thanks Saurik

    1. mr.sparky's Avatar
      mr.sparky -
      All he was doing was showing people what could happen. Change your ssh pw no big deal.
    1. tattoojack's Avatar
      tattoojack -
      i changed the pass on my 3gs and never had a problem
    1. lkailburn's Avatar
      lkailburn -
      Quote Originally Posted by CaptainChaos View Post
      No. Do not turn it off. Just change your password. If you turn it off and your phone ends up in an endless reboot loop then you can't SSH into and fix it. You would have to restore.
      this is true

    1. tylersipodhelp's Avatar
      tylersipodhelp -
      thank god i dont have the iPhone
    1. n00neimp0rtant's Avatar
      n00neimp0rtant -
      Quote Originally Posted by tylersipodhelp View Post
      thank god i dont have the iPhone
      If you have SSH installed on your iPod, people can still fAck with it over wifi
    1. matthew1111's Avatar
      matthew1111 -
      I have changed my passwd to something else using passwd in terminal. It worked just fine. iTouch 2g 3.1.2
    1. YankeeSolo2213's Avatar
      YankeeSolo2213 -
      changed my password awhile back...
    1. LGgeek's Avatar
      LGgeek -
      Quote Originally Posted by pauldanielash View Post
      I kind of agree that it's pushing the definition of "hacking," though at least he used port scanning. As much as I dislike the down-defining of hacking as being "any unauthorized access of a device," there's at least some creativity in his exploit, so I'm going with the term the media is using in this case.

      It was a **** move to ask for money, but it's good that he returned it. Provided that this leads to more awareness of ssh security, no harm no foul.

      I think he makes the hacking community look bad and just adds to the FUD Apple can use to try show jailbreaking is bad. Anyone that installed SSH on their iphone but didn't change the password( been doing this since 1.4 IPHUC days) must be the same folks that leave their keys in the ignition when they go into the store.

      A lot people only read part way through guides, then complain because they have issues that were covered in the second half of the guide.
    1. brandonloves's Avatar
      brandonloves -
      This isn't the first time this has happened. Most people should have changed it already. I have the rock app from cydia, after the first exploit it notified me of my default password and allowed me to change it right then.