Jailbreak SSH Horrors Strike Back

Monday, August 09, 2010

Rob Fuller

D8853ae281be8cfdfa18ab73608e8c3f

Back in 2009 the “ikee” rick-rolling worm went around the iPhone world via the password of ‘alpine’ on the root account. You are now warned to change your root password when you pop into Cydia and Rock the first time. But this thing just wont stay down.

If you have jailbroken your iPad you might want to check out a little file called “master.passwd”.

In it, there is another user called ‘mobile’ which has been pointed out since 2008 (here) on the iPhone as another account to change the password of. But the media and Cydia/Rock warnings only put emphasis on ‘root’.

Many iPad and iPhone apps STILL do not use the “keyring'” and store your password in plain text or somewhere in a binary file (still plaintext), which the user “mobile” has access to.

image

Ok, “so what” you say. Since this recent jailbreak was using a website, the individuals running that site now have the IP address of freshly jailbroken iPhones and iPads. I am certainly not saying that they have any ill intentions, but sites have been broken into before, and that would be one hell of a gold mine.

Hopefully AT&T has put in blocks of some sort so that it’s customers are protected, but who knows what the other countries around the world that carry iPhones are doing.

But at the very least, if you have jailbroken your iPhone, iPod Touch or iPad, please.. please set your passwords accordingly and do not have it a simple dictionary password.

Remember, you ARE giving up some security when you jail break your phone. It is on you to make sure that you lock what you can back down.

To change your password, use 'Terminal' and log in to one account at a time and issue the "passwd" command. You can also just log in to root and issue the "passwd mobile" command to change the password of mobile

 Cross-posted from Room362

Possibly Related Articles:
6951
PDAs/Smart Phones
Wireless SSH
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.