Your favorite Apple, iPhone, iPad, iOS, Jailbreak, and Cydia site.
Thread: Think About this!is a discussion within the
General iPhone Chatforums, a part of the
Hey this is a horrible idea, hey yesterday I figured out how unsafe jailbreaking is... Most people dont understand how jailbreaking works... I figured this out by analyzing the fact...
04-15-2010, 09:15 AM #1Think About this!
Hey this is a horrible idea, hey yesterday I figured out how unsafe jailbreaking is... Most people dont understand how jailbreaking works... I figured this out by analyzing the fact that the ipad was jailbroken yesterday.
First of all jailbreaking is just finding a weak spot in an app that is installed and runs as root such as Mobile Safari, mobile Mail or after your jailbroken any of the apps that are installed in the /Applications folder.... not the /var/mobile/Applications folder these are ran under the mobile user. So once the exploit is found for example an old exploit mobilesafari_libtiff (that over buffers safari) a script is made that abuses and breaks into the system using the exploit as a door... After this is done a program what I call a window program is installed in most cases Cydia, Rock, Installer.app this window program is the hackers window into the root file structure. Once this program is installed it runs as root and has the ability to install other programs that will run as root.. Thus the danger. A hacker doesnt need your password to hack into your system and steal all your information or to create a virus that will kill us all.. All he would need is to make a trojan that is sent from the device when connected to a hotspot and that targets a specific jailbroken app...
In the perfect case this trojan would target cydia because most of us have it. So if you are infected with this trojan keylogger and go to a public wifi and someone else is there with a jailbroken device with cydia the trojan runs the exploit script on the remote device and once root is gained it installs the keylogger and exec files on that device thus spreading.... If someone like me or a more experienced hacker was to create a virus that runs an exploiting script on cydia which im sure has some weak spot... They could really really F us all up seriously! I dont know why I even posted this up here I am giving other people Ideas opps....
Time to go expl0it hunting
04-15-2010, 11:45 AM #2
bah.. its ok we still like you.. but we know this, and to be honest i dont care there is nothing on my phone that i wouldnt show any one any ways, you want my contact list, want my email, pft, take it. there has been a few viruses but nothing a restore wouldnt fix. Why are you so upset? we have a safari hack thanks to a jailbreakHey! A Restore Never Hurts It's True!
04-15-2010, 11:52 AM #3
I'm not understanding. Jailbreaking doesn't inherently increase your risk for a virus or an attack. Someone already displayed they can break into a non-jailbroken device at one of those hacking conferences with that SMS bug which Apple patched (kinda) with the next firmware update. Finally you still need a means to deliver the virus.. you can't just plant it on any device on a an open network. A virus requires some sort of user interface... such as going to a website with malicious code or downloading an executable file.. etc.
04-15-2010, 12:09 PM #4
I am not against jailbroken,,, I love it.. I just wanted to point out the dangers....
These applications are not running in a sandbox account
Which is mobile... So poor coding endangers us... I myself dont have any serious information other then my credit card in the appstore.app which APPLE already has encrypted for me, but nothing else.... But it is possible to exploit poor code fairly easily and since they are not running in sandbox take control of the phone...
Their are no serious viruses because no one has really really taken the time to become a jerk....
anyone going to DEF CON from here?
Last edited by victis; 04-15-2010 at 12:12 PM.