Your favorite Apple, iPhone, iPad, iOS, Jailbreak, and Cydia site.
12-06-2011, 05:56 AM #1...Just found a way to ssh into an ipad 2 on iOS 5.0 without JB
Edited post because it turned out to be nothing. My bad
Last edited by Bubba1982; 12-12-2011 at 08:22 AM.
12-06-2011, 08:33 PM #2
12-06-2011, 08:35 PM #3
Yeah, How? I would love to read this pm....
12-06-2011, 08:40 PM #4
12-06-2011, 09:53 PM #5
I'll send info to y'all via pm when I get home. Am out picking up kids atm. Also I can get into everything including the root folder. The reason I don't just throw all the info up on here is that the method I'm using requires an app from the AppStore and I don't want it to get immediately removed.
12-06-2011, 10:50 PM #6
I would love some info as well
12-07-2011, 12:41 AM #7
Please PM me as I would like to know if it works, if we can ssh it , we can jailbreak it as well, thanks
12-07-2011, 01:00 AM #8
Ok so here's my question can you modify anything outside of /var/mobile or anything at all? If you can modify or add files to say /root/ then you may be on to something. If not you don't have root and you can only basically just look at it, which is pointless unless you can copy files to your computer which might make retrieving Siri token one step closer without a jailbreak. Gotta love unix permissions.
If you pm me the instructions, ill tell you what's going on and why.
On a side note the first thing that comes to mind is another sleeper app that uses the security exploit recently brought to light after the dev got a sleeper in the AppStore that was basically a Trojan. Apple quickly pulled the app when the dev went public with it after notifying apple. (supposedly 3weeks before putting app live) Which lost him his dev privledges.
12-07-2011, 02:01 AM #9
How tits would it be if there was an app in the app store that allowed us to break in?And it will be like a taco inside a taco within a Taco Bell that's inside a KFC that's within a mall that's inside your dream! Springboard screwy after reboot? Here is the fix
12-07-2011, 02:15 AM #10
12-07-2011, 03:13 AM #11
ok, so rather than explain how I got into the iPad 2 to mess around with it & in the process possibly wreck what may OR may not(probably the case) be a viable hole for something bigger. I have forwarded the info on to one of the mods as I am sure that they'll know what to do with the info should it even turn out to be worthwhile.
Here's what I will say though. I can get into the root folder(infact every folder). I can move around a lot of the files on the ipad(including things outside of /mobile/var) aswell as copy alot off of it and some onto it. Unfortunately what I can't do is add/remove anything from the root folder though. More tan likely the info I have passed on will be utterly useless, but we'll see.
Last edited by Bubba1982; 12-07-2011 at 03:15 AM.
12-07-2011, 03:41 AM #12
It's worthless if you can't get root which you didn't. What tells me that is the fact you can't modify anything in /root/. There are lots of areas that are "owned" by mobile hence why you can copy to and from those directories.(once again unix permissions at play here) The mods should post what's going on exactly but I'm gonna guess and say most will have no idea(or how to check for that matter, no offense mods). I'd like to know what app to make sure I don't have it, if I did it'd be gone with a quickness. It's not from the jb dev's that's for sure. I'm just curious what your communicating with since ssh isn't available without a jailbreak and root privledges. Something's listening and responding on that port, if what you say is true.
12-07-2011, 04:19 AM #13
Actually looking into it right now. One of our mods knows how to handle the information being handled and what to do with it to test. I asked Bubba to contact him if out of all the mods we have.
Was a no-go from other mod. No permissions outside the main ftp location provided. Even one level up is blocked from uploading a test file.
Looks to be a dead end unless you want to shoot some suggestions for us to try JailbreakR. Willing to try for ya.
Last edited by Cer0; 12-07-2011 at 04:51 AM.
12-07-2011, 05:00 AM #14
ok so have spoken with one of the mods, who was actually quite surprised that the app was even allowed out of the usual sandbox area. unfortunately because I can't write to the root directory it's a bust
however just so you know I wasn't yanking ya chain here's the pic showing that I did actually manage to get to the root directory.
12-07-2011, 08:14 AM #15
The only thing I can think of is maybe trying to extract the token for Siri from a 4s or even extract decryption key for the firmware. From the looks of your screen shot though your missing some stuff from / so I'm gonna go with chances of that are slim. Ssh/sftp are really hard to exploit (if even at all) so you guys are right about it being a bust. Will someone pm me the app so I can run a port scan and a finger on it just to see what is actually listening. I also wouldn't say it's out of the sandbox it allows for some sort of exchange only in the allowed directory. Could have something to do with wifi sync too you never know. I'm gonna fiddle around with my iPad and 4s and I'll let you guys know what I came up with.
So where's orbyorb when he's needed? Jk orby. I would like to hear his input on this.
Last edited by -JailbreakeR-; 12-07-2011 at 08:17 AM.
12-07-2011, 03:56 PM #16
Orby is the one I sent the info onto
But I'll flick you a pm with it as well.
12-07-2011, 07:41 PM #17
Can you PM me the app?
12-07-2011, 07:50 PM #18
12-11-2011, 05:18 PM #19
Can u pm me please
12-12-2011, 08:21 AM #20
Seriously, it turned out to be nothing.