Results 1 to 20 of 20

Your favorite Apple, iPhone, iPad, iOS, Jailbreak, and Cydia site.


Thread: ...Just found a way to ssh into an ipad 2 on iOS 5.0 without JB

  1. #1
    Default ...Just found a way to ssh into an ipad 2 on iOS 5.0 without JB
    Edited post because it turned out to be nothing. My bad
    Last edited by Bubba1982; 12-12-2011 at 08:22 AM.

  2. #2
    My iPhone is a Part of Me ssemmel's Avatar
    Join Date
    Mar 2011
    Location
    FL
    Posts
    646
    Thanks
    115
    Thanked 160 Times in 114 Posts

    How?

  3. #3
    Yeah, How? I would love to read this pm....

  4. #4
    Ditto.

  5. #5
    I'll send info to y'all via pm when I get home. Am out picking up kids atm. Also I can get into everything including the root folder. The reason I don't just throw all the info up on here is that the method I'm using requires an app from the AppStore and I don't want it to get immediately removed.

  6. #6
    iPhone? More like MyPhone brianmarocco's Avatar
    Join Date
    Nov 2007
    Location
    Centennial CO
    Posts
    214
    Thanks
    5
    Thanked 14 Times in 13 Posts

    I would love some info as well

  7. #7
    Super Moderator iYeow's Avatar
    Join Date
    Feb 2008
    Location
    Vancouver, Canada
    Posts
    13,954
    Thanks
    76
    Thanked 2,758 Times in 2,647 Posts

    Please PM me as I would like to know if it works, if we can ssh it , we can jailbreak it as well, thanks

  8. #8
    iPhone? More like MyPhone
    Join Date
    Dec 2011
    Posts
    131
    Thanks
    0
    Thanked 15 Times in 15 Posts

    Ok so here's my question can you modify anything outside of /var/mobile or anything at all? If you can modify or add files to say /root/ then you may be on to something. If not you don't have root and you can only basically just look at it, which is pointless unless you can copy files to your computer which might make retrieving Siri token one step closer without a jailbreak. Gotta love unix permissions.

    If you pm me the instructions, ill tell you what's going on and why.

    On a side note the first thing that comes to mind is another sleeper app that uses the security exploit recently brought to light after the dev got a sleeper in the AppStore that was basically a Trojan. Apple quickly pulled the app when the dev went public with it after notifying apple. (supposedly 3weeks before putting app live) Which lost him his dev privledges.

  9. #9
    How tits would it be if there was an app in the app store that allowed us to break in?
    And it will be like a taco inside a taco within a Taco Bell that's inside a KFC that's within a mall that's inside your dream! Springboard screwy after reboot? Here is the fix

  10. #10
    iPhone? More like MyPhone
    Join Date
    Dec 2011
    Posts
    131
    Thanks
    0
    Thanked 15 Times in 15 Posts

    Quote Originally Posted by Imahottguy View Post
    How tits would it be if there was an app in the app store that allowed us to break in?
    Chances of a "break-in" are very slim as in jailbreaks. It's more likely it'd be a Trojan that downloads and connects to a network that does who knows what after that without tracing activity of the app. Which wouldn't necessarily need root to steal info or use the device for malicious activity. Without the name of the app for analysis (ie man in middle attack or deep digging into the app files) no one will know for sure.

  11. #11
    ok, so rather than explain how I got into the iPad 2 to mess around with it & in the process possibly wreck what may OR may not(probably the case) be a viable hole for something bigger. I have forwarded the info on to one of the mods as I am sure that they'll know what to do with the info should it even turn out to be worthwhile.

    Here's what I will say though. I can get into the root folder(infact every folder). I can move around a lot of the files on the ipad(including things outside of /mobile/var) aswell as copy alot off of it and some onto it. Unfortunately what I can't do is add/remove anything from the root folder though. More tan likely the info I have passed on will be utterly useless, but we'll see.
    Last edited by Bubba1982; 12-07-2011 at 03:15 AM.

  12. #12
    iPhone? More like MyPhone
    Join Date
    Dec 2011
    Posts
    131
    Thanks
    0
    Thanked 15 Times in 15 Posts

    It's worthless if you can't get root which you didn't. What tells me that is the fact you can't modify anything in /root/. There are lots of areas that are "owned" by mobile hence why you can copy to and from those directories.(once again unix permissions at play here) The mods should post what's going on exactly but I'm gonna guess and say most will have no idea(or how to check for that matter, no offense mods). I'd like to know what app to make sure I don't have it, if I did it'd be gone with a quickness. It's not from the jb dev's that's for sure. I'm just curious what your communicating with since ssh isn't available without a jailbreak and root privledges. Something's listening and responding on that port, if what you say is true.

  13. #13
    Actually looking into it right now. One of our mods knows how to handle the information being handled and what to do with it to test. I asked Bubba to contact him if out of all the mods we have.

    _____________
    Was a no-go from other mod. No permissions outside the main ftp location provided. Even one level up is blocked from uploading a test file.

    Looks to be a dead end unless you want to shoot some suggestions for us to try JailbreakR. Willing to try for ya.
    Last edited by Cer0; 12-07-2011 at 04:51 AM.

  14. #14
    ok so have spoken with one of the mods, who was actually quite surprised that the app was even allowed out of the usual sandbox area. unfortunately because I can't write to the root directory it's a bust
    however just so you know I wasn't yanking ya chain here's the pic showing that I did actually manage to get to the root directory.
    -root-pic.jpg

  15. #15
    iPhone? More like MyPhone
    Join Date
    Dec 2011
    Posts
    131
    Thanks
    0
    Thanked 15 Times in 15 Posts

    The only thing I can think of is maybe trying to extract the token for Siri from a 4s or even extract decryption key for the firmware. From the looks of your screen shot though your missing some stuff from / so I'm gonna go with chances of that are slim. Ssh/sftp are really hard to exploit (if even at all) so you guys are right about it being a bust. Will someone pm me the app so I can run a port scan and a finger on it just to see what is actually listening. I also wouldn't say it's out of the sandbox it allows for some sort of exchange only in the allowed directory. Could have something to do with wifi sync too you never know. I'm gonna fiddle around with my iPad and 4s and I'll let you guys know what I came up with.

    So where's orbyorb when he's needed? Jk orby. I would like to hear his input on this.
    Last edited by -JailbreakeR-; 12-07-2011 at 08:17 AM.

  16. #16
    Orby is the one I sent the info onto
    But I'll flick you a pm with it as well.

  17. #17
    My iPhone is a Part of Me ssemmel's Avatar
    Join Date
    Mar 2011
    Location
    FL
    Posts
    646
    Thanks
    115
    Thanked 160 Times in 114 Posts

    Can you PM me the app?

  18. #18
    iPhone? More like MyPhone
    Join Date
    Dec 2011
    Posts
    131
    Thanks
    0
    Thanked 15 Times in 15 Posts

    Quote Originally Posted by ssemmel View Post
    Can you PM me the app?
    It's nothing but an FTP server its nothing really.

  19. #19
    Can u pm me please

  20. #20
    Seriously, it turned out to be nothing.

Posting Permissions
  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •