1. Due to the recent site upgrade, the iPadForums (iPF) App will no longer work. The new iPadForums.net website has been designed from the ground up to work perfectly from any mobile, tablet, or desktop computer using the built in internet browser. Create a shortcut to iPadForums.net on your home screen by following these steps: Create an icon for iPadForums.net

Security Warning! Both Jailbroken and Non Jailbroken devices..

Discussion in 'iPad Hacking' started by MikesTooLz, Aug 3, 2010.

  1. MikesTooLz
    Offline

    MikesTooLz Super Moderator Staff Member

    Joined:
    May 7, 2010
    Messages:
    2,364
    Thanks Received:
    19
    Trophy Points:
    0
    Location:
    Miami, FL
    Ratings:
    +20 / 0
    Right now the PDF exploit that jailbreakme.com is using to jailbreak your device is a HUGE security issue. Right now you could brows to a website set up by an attacker that would install a virus onto your device the same way jailbreakme.com can execute their own code and jailbreak your device. You should open Cydia as soon as possible and install the package named "PDF Loading Warner"
    [​IMG]

    After installing this patch, when ever a website tries to open a PDF file you will get a warning message giving you the option to continue and open the pdf or cancle. After installing this patch go back to jailbreakme.com and test that the patch is working by sliding the jailbreak me bar as if you were going to jailbreak the device. Instead of the jailbreak starting you should get a popup that looks like this.
    [​IMG]


    This doesnt completely block the security hole, it just prompts you when a PDF is loading in safari so that a website cant just load one without you knowing. If you have not jailbroken your device, now might be a good time to do it. Even if it just to apply this patch so that your device is not vulnerable to websites that may try to attack it. Apple should put out an updated iOS real soon to fix this. within the next few days, but until then be careful with the websites you visit if you don't apply this patch.
    Last edited: Aug 4, 2010
  2. DarkLordEnron
    Offline

    DarkLordEnron iPad Fan

    Joined:
    Jul 25, 2010
    Messages:
    121
    Thanks Received:
    0
    Trophy Points:
    0
    Location:
    Va
    Ratings:
    +0 / 0
    Thanx for the heads up!
  3. MikesTooLz
    Offline

    MikesTooLz Super Moderator Staff Member

    Joined:
    May 7, 2010
    Messages:
    2,364
    Thanks Received:
    19
    Trophy Points:
    0
    Location:
    Miami, FL
    Ratings:
    +20 / 0
    better to be safe than sorry. now that this is out in the open, the bad guys can start putting out hacked websites that install virus on iDevices.
  4. ch4rly
    Offline

    ch4rly iPF Novice

    Joined:
    Jul 30, 2010
    Messages:
    30
    Thanks Received:
    0
    Trophy Points:
    0
    Ratings:
    +0 / 0
    Quite funny that you need to jailbreake to make your device safe :D

    I installed the warner, but it also warns me when opening PDFs in iBooks, on each page change twice, what is really annoying. Is the exploit not only a safari issue?
    Is there an workaround or update planned for that?
    Thanks in advance!
  5. MikesTooLz
    Offline

    MikesTooLz Super Moderator Staff Member

    Joined:
    May 7, 2010
    Messages:
    2,364
    Thanks Received:
    19
    Trophy Points:
    0
    Location:
    Miami, FL
    Ratings:
    +20 / 0

    Yeah the bug is in apples PDF reader so it effects both affair and iBooks. However in iBooks you shouldn't have an bad PDFs loaded. Don't know if a fix will be made to make th warning not show in iBook.

    I'm sure once apple putes out a quick patched iOS update someone will make a patch for 3.2.1 and you can then just remove the warning package.
  6. Hussainal
    Offline

    Hussainal iPF Novice

    Joined:
    Jun 18, 2010
    Messages:
    21
    Thanks Received:
    0
    Trophy Points:
    0
    Ratings:
    +0 / 0
    Thanks for the info..
  7. gouletjo
    Offline

    gouletjo iPF Novice

    Joined:
    May 31, 2010
    Messages:
    65
    Thanks Received:
    0
    Trophy Points:
    0
    Location:
    Canada
    Ratings:
    +0 / 0
    Thanks!! Great advice!
  8. DawgBone
    Offline

    DawgBone iPF Novice

    Joined:
    May 20, 2010
    Messages:
    16
    Thanks Received:
    0
    Trophy Points:
    0
    Ratings:
    +0 / 0
    Can't you just change the password for Mobile and SSH and no longer be vulnerable?

    I would assume that an attacker would have to have elevated privileges to exploit any code on the device... Even if you opened the .pdf.....

    They would have to bank on the users' not changing the default "alpine" password....
    Last edited: Aug 5, 2010
  9. MikesTooLz
    Offline

    MikesTooLz Super Moderator Staff Member

    Joined:
    May 7, 2010
    Messages:
    2,364
    Thanks Received:
    19
    Trophy Points:
    0
    Location:
    Miami, FL
    Ratings:
    +20 / 0
    100% wrong.


    what your talking about is for users who jailbreak and then install openSSH and leave the default password.

    right now everyone and be attacked by this pdf bug.
    How do you think the jailbreak website is able to run custom code and jailbreak your device?
  10. DawgBone
    Offline

    DawgBone iPF Novice

    Joined:
    May 20, 2010
    Messages:
    16
    Thanks Received:
    0
    Trophy Points:
    0
    Ratings:
    +0 / 0
    I "thought" that they just found a hole to inject code.... I figured that they wouldn't have been able to execute it, without knowing root's PW.... and thus why they can run their exploit, being that everyone knows all stock IDevices' root PW's.....

    and why I was asking....

    I don't think(or at least I haven't read it) @Comex has published exactly how he is doing this, although he has mentioned the general method...

    BTW.. the jailbreakme.com JB does install OpenSSH....
    Last edited: Aug 5, 2010
  11. MikesTooLz
    Offline

    MikesTooLz Super Moderator Staff Member

    Joined:
    May 7, 2010
    Messages:
    2,364
    Thanks Received:
    19
    Trophy Points:
    0
    Location:
    Miami, FL
    Ratings:
    +20 / 0
    No you are confused.

    this has nothing to do with openSSH and there is no default password for idevices the default password gets loaded when openssh is posted.

    the PDF files that hack your idevice can be downloaded directly from the website. Index of /_/
    these PDF files can easily be altered to not only install Cydia after jailbreaking your ipad but also install a virus.

    The only thing jailbreakme.com does is forwared you to a PDF link. Instead of downloading pdf's safari runs them and displays them in the browser. There is a bug in the PDF reader that lets a program included in the PDF file that is run when a device tries to read the PDF.
    Last edited: Aug 5, 2010
  12. DawgBone
    Offline

    DawgBone iPF Novice

    Joined:
    May 20, 2010
    Messages:
    16
    Thanks Received:
    0
    Trophy Points:
    0
    Ratings:
    +0 / 0
    I follow.....

    I was just under the impression that you would need ROOT credentials to run anything at system/root level.... Which would be easy, as Apple uses the default "alpine" password... and offers no means of changing it throughout their stock firmware....

    I guess it would only be a matter of time, before Apple implements user-based security on I-Devices.... Similar to their OSX and Windows UAC....

    Still... unless proven wrong, I think this is an un-needed app, as long as you change the Mobile/SSH (ie Root) password....

    And even then... if it TRULY was such a vulnerability, I would imagine that CrApple, would have rushed a fix by now....
  13. DawgBone
    Offline

    DawgBone iPF Novice

    Joined:
    May 20, 2010
    Messages:
    16
    Thanks Received:
    0
    Trophy Points:
    0
    Ratings:
    +0 / 0
    This would be a good question to fire at @Comex on his Twitter page....

    I think you're going over-board, and perhaps pushing a dead product...
  14. MikesTooLz
    Offline

    MikesTooLz Super Moderator Staff Member

    Joined:
    May 7, 2010
    Messages:
    2,364
    Thanks Received:
    19
    Trophy Points:
    0
    Location:
    Miami, FL
    Ratings:
    +20 / 0
    agian with the password thing.

    OK look at it like this, For them to install cydia on your ipad they already have root access to do what ever they want. There is nothing needed to be proven, its a fact.

    there is nothing to do with any passwords going on here, through that out of your head.


    The password issue is ONLY IF YOUR JAILBROKEN ALREADY AND INSTALL OPENSSH!!!!

    and yes apple is rushing to have a fix and update iOS. They aready said today they are done making the update and we will see it shortly in itunes.
    Last edited: Aug 5, 2010
  15. DawgBone
    Offline

    DawgBone iPF Novice

    Joined:
    May 20, 2010
    Messages:
    16
    Thanks Received:
    0
    Trophy Points:
    0
    Ratings:
    +0 / 0
    They have Root access because they know the default password.... DUHHHH!!!!

    So BACK to my original post that you seem to forget, and preach an un-needed product????

    Change your Mobile/SSH passwords, and you should be safe... No need to install an unknown app....
  16. DawgBone
    Offline

    DawgBone iPF Novice

    Joined:
    May 20, 2010
    Messages:
    16
    Thanks Received:
    0
    Trophy Points:
    0
    Ratings:
    +0 / 0
    I guess you miss the fact that this JB DOES install OpenSSH... or even skipped past my post where I mentioned that this JB does install OpenSSH...
  17. MikesTooLz
    Offline

    MikesTooLz Super Moderator Staff Member

    Joined:
    May 7, 2010
    Messages:
    2,364
    Thanks Received:
    19
    Trophy Points:
    0
    Location:
    Miami, FL
    Ratings:
    +20 / 0
    It already has access to your system before can install OpenSSH. OpenSSH isn't something you can just install on any device without already gaining full access to it.



    I'm going to just stop commenting on this thread, you guys obviously don't know or want to know. Its doing what ever you THINK it does and thats it.
  18. DawgBone
    Offline

    DawgBone iPF Novice

    Joined:
    May 20, 2010
    Messages:
    16
    Thanks Received:
    0
    Trophy Points:
    0
    Ratings:
    +0 / 0

    I hate to say it... but it's only getting access through the known root credentials... The jailbreak uses stock FW from CrApple with the stock Root password.... He found a way to inject his code, and run it in a hole left open from CrApple... And is only able to execute it because stock FW has a Root PW of "alpine"...

    I'm almost 100% sure that if you JB using jailbreakme.com.... change your root password... and, for whatever reason, try to re-jailbreak without restoring.... It would fail.....

    I'm nearly 100% sure that he is depending on the Root PW to be "alpine" to run his code.... Again... like I mentioned, it would be best to ask @Comex about this....

    For all we know... this PDF Warner app is just gathering device info, and could be a "virus" in itself....
    Last edited: Aug 5, 2010
  19. DawgBone
    Offline

    DawgBone iPF Novice

    Joined:
    May 20, 2010
    Messages:
    16
    Thanks Received:
    0
    Trophy Points:
    0
    Ratings:
    +0 / 0
    How do you think he gained access to install OpenSSH?
    How do you think he got "full access to it" to manage his code?


    How about you let me rig up my website, and you leave the administrator/root password on your machine as "alpine"..... come visit my site...

    Let's see what happens to your machine......
  20. MikesTooLz
    Offline

    MikesTooLz Super Moderator Staff Member

    Joined:
    May 7, 2010
    Messages:
    2,364
    Thanks Received:
    19
    Trophy Points:
    0
    Location:
    Miami, FL
    Ratings:
    +20 / 0
    I just tested your crazy theory. Changed default password, went over to jailbreakme.com and guess what. It was still able to load the jailbreak and go through the jailbreak process again.

    Oh and by the way, OpenSSH wasn't installed by the jailbreak I had to manually install it.
    Last edited: Aug 5, 2010

Share This Page

Search tags for this page

how to change root password on unjailbroken ipad

,

ssh non jailbroken ipad