What's new
Apple iPad Forum 🍎

Welcome to the Apple iPad Forum, your one stop source for all things iPad. Register a free account today to become a member! Once signed in, you'll be able to participate on this site by adding your own topics and posts, as well as connect with other members through your own private inbox!

Security Warning! Both Jailbroken and Non Jailbroken devices..

MikesTooLz

iPF Novice
Joined
May 7, 2010
Messages
2,361
Reaction score
20
Location
Miami, FL
Website
Weather.Team
Right now the PDF exploit that jailbreakme.com is using to jailbreak your device is a HUGE security issue. Right now you could brows to a website set up by an attacker that would install a virus onto your device the same way jailbreakme.com can execute their own code and jailbreak your device. You should open Cydia as soon as possible and install the package named "PDF Loading Warner"
5MSy7.gif


After installing this patch, when ever a website tries to open a PDF file you will get a warning message giving you the option to continue and open the pdf or cancle. After installing this patch go back to jailbreakme.com and test that the patch is working by sliding the jailbreak me bar as if you were going to jailbreak the device. Instead of the jailbreak starting you should get a popup that looks like this.
4o4sy.jpg



This doesnt completely block the security hole, it just prompts you when a PDF is loading in safari so that a website cant just load one without you knowing. If you have not jailbroken your device, now might be a good time to do it. Even if it just to apply this patch so that your device is not vulnerable to websites that may try to attack it. Apple should put out an updated iOS real soon to fix this. within the next few days, but until then be careful with the websites you visit if you don't apply this patch.
 
Last edited:

ch4rly

iPF Noob
Joined
Jul 30, 2010
Messages
30
Reaction score
0
Quite funny that you need to jailbreake to make your device safe :D

I installed the warner, but it also warns me when opening PDFs in iBooks, on each page change twice, what is really annoying. Is the exploit not only a safari issue?
Is there an workaround or update planned for that?
Thanks in advance!
 
OP
MikesTooLz

MikesTooLz

iPF Novice
Joined
May 7, 2010
Messages
2,361
Reaction score
20
Location
Miami, FL
Website
Weather.Team
Quite funny that you need to jailbreake to make your device safe :D

I installed the warner, but it also warns me when opening PDFs in iBooks, on each page change twice, what is really annoying. Is the exploit not only a safari issue?
Is there an workaround or update planned for that?
Thanks in advance!


Yeah the bug is in apples PDF reader so it effects both affair and iBooks. However in iBooks you shouldn't have an bad PDFs loaded. Don't know if a fix will be made to make th warning not show in iBook.

I'm sure once apple putes out a quick patched iOS update someone will make a patch for 3.2.1 and you can then just remove the warning package.
 

DawgBone

iPF Noob
Joined
May 20, 2010
Messages
16
Reaction score
0
Can't you just change the password for Mobile and SSH and no longer be vulnerable?

I would assume that an attacker would have to have elevated privileges to exploit any code on the device... Even if you opened the .pdf.....

They would have to bank on the users' not changing the default "alpine" password....
 
Last edited:
OP
MikesTooLz

MikesTooLz

iPF Novice
Joined
May 7, 2010
Messages
2,361
Reaction score
20
Location
Miami, FL
Website
Weather.Team
Can't you just change the password for Mobile and SSH and no longer be vulnerable?

I would assume that an attacker would have to have elevated privileged to exploit any code on the device... Even if you opened the .pdf.....

They would have to bank on the users' not changing the default "alpine" password....

100% wrong.


what your talking about is for users who jailbreak and then install openSSH and leave the default password.

right now everyone and be attacked by this pdf bug.
How do you think the jailbreak website is able to run custom code and jailbreak your device?
 

DawgBone

iPF Noob
Joined
May 20, 2010
Messages
16
Reaction score
0
Can't you just change the password for Mobile and SSH and no longer be vulnerable?

I would assume that an attacker would have to have elevated privileged to exploit any code on the device... Even if you opened the .pdf.....

They would have to bank on the users' not changing the default "alpine" password....

100% wrong.

How do you think the jailbreak website is able to run custom code and jailbreak your device?

I "thought" that they just found a hole to inject code.... I figured that they wouldn't have been able to execute it, without knowing root's PW.... and thus why they can run their exploit, being that everyone knows all stock IDevices' root PW's.....

and why I was asking....

I don't think(or at least I haven't read it) @Comex has published exactly how he is doing this, although he has mentioned the general method...

BTW.. the jailbreakme.com JB does install OpenSSH....
 
Last edited:
OP
MikesTooLz

MikesTooLz

iPF Novice
Joined
May 7, 2010
Messages
2,361
Reaction score
20
Location
Miami, FL
Website
Weather.Team
Can't you just change the password for Mobile and SSH and no longer be vulnerable?

I would assume that an attacker would have to have elevated privileged to exploit any code on the device... Even if you opened the .pdf.....

They would have to bank on the users' not changing the default "alpine" password....

100% wrong.

How do you think the jailbreak website is able to run custom code and jailbreak your device?

I "thought" that they just found a whole to inject code.... I figured that they wouldn't have been able to execute it, without knowing root's PW.... and thus why they can run their exploit, being that everyone knows all stock IDevices' root PW's.....

and why I was asking....

I don't think(or at least I haven't read it) @Comex has published exactly how he is doing this, although he has mentioned the general method...

BTW.. the jailbreakme.com JB does install OpenSSH....
No you are confused.

this has nothing to do with openSSH and there is no default password for idevices the default password gets loaded when openssh is posted.

the PDF files that hack your idevice can be downloaded directly from the website. Index of /_/
these PDF files can easily be altered to not only install Cydia after jailbreaking your ipad but also install a virus.

The only thing jailbreakme.com does is forwared you to a PDF link. Instead of downloading pdf's safari runs them and displays them in the browser. There is a bug in the PDF reader that lets a program included in the PDF file that is run when a device tries to read the PDF.
 
Last edited:

DawgBone

iPF Noob
Joined
May 20, 2010
Messages
16
Reaction score
0
100% wrong.

How do you think the jailbreak website is able to run custom code and jailbreak your device?

I "thought" that they just found a whole to inject code.... I figured that they wouldn't have been able to execute it, without knowing root's PW.... and thus why they can run their exploit, being that everyone knows all stock IDevices' root PW's.....

and why I was asking....

I don't think(or at least I haven't read it) @Comex has published exactly how he is doing this, although he has mentioned the general method...

BTW.. the jailbreakme.com JB does install OpenSSH....
No you are confused.

this has nothing to do with openSSH and there is no default password for idevices the default password gets loaded when openssh is posted.

the PDF files that hack your idevice can be downloaded directly from the website. Index of /_/
these PDF files can easily be altered to not only install Cydia after jailbreaking your ipad but also install a virus.

The only thing jailbreakme.com does is forwared you to a PDF link. Instead of downloading pdf's safari runs them and displays them in the browser. There is a bug in the PDF reader that lets a program included in the PDF file that is run when a device tries to read the PDF.

I follow.....

I was just under the impression that you would need ROOT credentials to run anything at system/root level.... Which would be easy, as Apple uses the default "alpine" password... and offers no means of changing it throughout their stock firmware....

I guess it would only be a matter of time, before Apple implements user-based security on I-Devices.... Similar to their OSX and Windows UAC....

Still... unless proven wrong, I think this is an un-needed app, as long as you change the Mobile/SSH (ie Root) password....

And even then... if it TRULY was such a vulnerability, I would imagine that CrApple, would have rushed a fix by now....
 

DawgBone

iPF Noob
Joined
May 20, 2010
Messages
16
Reaction score
0
This would be a good question to fire at @Comex on his Twitter page....

I think you're going over-board, and perhaps pushing a dead product...
 
OP
MikesTooLz

MikesTooLz

iPF Novice
Joined
May 7, 2010
Messages
2,361
Reaction score
20
Location
Miami, FL
Website
Weather.Team
E]

I follow.....

I was just under the impression that you would need ROOT credentials to run anything at system/root level.... Which would be easy, as Apple uses the default "alpine" password... and offers no means of changing it throughout their stock firmware....

I guess it would only be a matter of time, before Apple implements user-based security on I-Devices.... Similar to their OSX and Windows UAC....

Still... unless proven wrong, I think this is an un-needed app, as long as you change the Mobile/SSH (ie Root) password....

And even then... if it TRULY was such a vulnerability, I would imagine that CrApple, would have rushed a fix by now....
agian with the password thing.

OK look at it like this, For them to install cydia on your ipad they already have root access to do what ever they want. There is nothing needed to be proven, its a fact.

there is nothing to do with any passwords going on here, through that out of your head.


The password issue is ONLY IF YOUR JAILBROKEN ALREADY AND INSTALL OPENSSH!!!!

and yes apple is rushing to have a fix and update iOS. They aready said today they are done making the update and we will see it shortly in itunes.
 
Last edited:

DawgBone

iPF Noob
Joined
May 20, 2010
Messages
16
Reaction score
0
E]

I follow.....

I was just under the impression that you would need ROOT credentials to run anything at system/root level.... Which would be easy, as Apple uses the default "alpine" password... and offers no means of changing it throughout their stock firmware....

I guess it would only be a matter of time, before Apple implements user-based security on I-Devices.... Similar to their OSX and Windows UAC....

Still... unless proven wrong, I think this is an un-needed app, as long as you change the Mobile/SSH (ie Root) password....

And even then... if it TRULY was such a vulnerability, I would imagine that CrApple, would have rushed a fix by now....
agian with the password thing.

OK look at it like this, For them to install cydia on your ipad they already have root access to do what ever they want. There is nothing needed to be proven, its a fact.

and yes apple is rushing to have a fix and update iOS. They aready said today they are done making the update and we will see it shortly in itunes.

They have Root access because they know the default password.... DUHHHH!!!!

So BACK to my original post that you seem to forget, and preach an un-needed product????

Change your Mobile/SSH passwords, and you should be safe... No need to install an unknown app....
 

Most reactions

Latest posts

Top