{"id":2232,"date":"2009-11-03T14:52:48","date_gmt":"2009-11-03T22:52:48","guid":{"rendered":"http:\/\/www.perivision.net\/wordpress\/?p=2232"},"modified":"2009-11-03T18:04:25","modified_gmt":"2009-11-04T02:04:25","slug":"hackers-breaking-into-a-jailbroken-iphone-and-how-to-stop-them","status":"publish","type":"post","link":"https:\/\/www.perivision.net\/wordpress\/2009\/11\/hackers-breaking-into-a-jailbroken-iphone-and-how-to-stop-them\/","title":{"rendered":"Hackers breaking into a jailbroken iphones and how to stop them"},"content":{"rendered":"
\"hackedIphone\"<\/a>

(Credit: Tweakers.net)<\/p><\/div>\n

Saw this story via CNET.\u00a0 I was a bit concerned till I read how the hack was done.\u00a0 A bit of background information though, seems a hacker got in to a few jailbroken iphone running T-Mobile in the Netherlands.\u00a0 Basically, it puts a message on your phone saying you have been hacked and to learn how to fix the problem, you had to pay the guy 5 euros ($7.36), to get the fix. To get to the fix you had to go to a website after paying via paypal.<\/p>\n

The way this guy is getting in is pretty easy.\u00a0 He simply scans open ports looking for SSH running using the default password of ‘alpine’.\u00a0 Once he SSH’s in, he has pretty much full control of your phone.\u00a0 So how do you stop this?\u00a0 2 Ways.\u00a0 First CHANGE YOUR BLOODY PASSWORD!\u00a0 I mean really.\u00a0 Change it.\u00a0 Second, and what I do, turn SSH off.\u00a0 I never have it running unless I need to get into the phone and do something.\u00a0 But wait Chris, how do I do that?\u00a0 I do not even know how to put ‘putty’ on my windows system. Putty is a SSH client for windows BTW.\u00a0 Turning off SSH is easy to do. Remember my top 10 jailbreak apps?\u00a0 Well, SBSetting is number 1 for a reason.\u00a0 There is a nice button there called SSH.\u00a0 Click on it.\u00a0 SSH is now off.\u00a0 Your welcome. \ud83d\ude42<\/p>\n

After the story broke, it seems the guy changed his mind because the fix has been posted here<\/a>.\u00a0 Here is the fix.<\/p>\n

1. Get an SSH program like putty for windows.
\n2. SSH to your iPhone. (If you haven’t done that before it may take a while, and after that there might come a warning about a key fingerprint. You can just accept that). Login using username “root” and password “alpine”. (this is the default password)
\n3. There’s a few commands you have to execute, best is to just copy them:<\/p>\n

rm \/System\/Library\/LaunchDaemons\/com.apple.syslog.plist
\nchown mobile \/private\/var\/mobile\/Library\/LockBackground.jpg
\nchmod 666 \/private\/var\/mobile\/Library\/LockBackground.jpg
\nmv \/private\/var\/mobile\/Documents\/LockBackground.backup.jpg \/private\/var\/mobile\/Library\/LockBackground.jpg<\/p>\n

4. That’s everything to remove my stuff. Now there’s one command left to make sure this won’t happen again! Again in putty or any ssh client type: “passwd”. You’ll then be asked for a new password, you can change this into anything you want. The safer the better of course (:<\/p>\n

The reason you have to change this password is that it’s default is alpine at ALL iPhones. So if anyone knows that (and all hackers do) they can access your iPhone. Now you’ve changed it this isn’t possible anymore!<\/p>\n

Related Posts<\/H3>