Hacking the iPhone

Apple released some new iPhone firmware today. Fortunately, they left in all of the loopholes for hacking your own apps into it. The last time I hacked my phone, it took about half a day. This time, it took about 13 minutes (10 of which were waiting for something to download.) This is all it took:

That’s me typing one command, then me selecting #3. Later on, that was me holding down buttons to reset the phone. From that point, you’re given an application on the phone itself for installing additional packages:



For future reference, when installing the OpenSSH package…
The root password is: dottie
Code to generate a new hash is: perl -e 'print crypt("MYPASSWORD", "XX");'

I wonder how many people install OpenSSH without knowing what it is, and without changing passwords and disabling accounts.

Posted in: Gadgets iPhone Software

3 thoughts on “Hacking the iPhone”

  1. That’s like the future! That’s like Blade Runner, man!
    Does that leave all of the original phone software so the phone still works?
    With openssh installed, does that mean that you can log into it from the interweb? Or perhaps try to host scan AT&T’s subnets on 22 to find such phones?

  2. Pr0k: Yes, all of the original iPhone software is intact and working, it just adds the ability to install extra stuff and get to a bash prompt. A “refresh to factory defaults” will revert it back to its original condition. I haven’t yet tried it on AT&T, but with T-Mobile, each phone was pretty isolated. Not only could you not see anyone on your subnet (only the gateway), you could only make outbound connections. Connections from the internet into your phone were blocked at the router. With AT&T, I ASSUME it works the same, but I might be making an BUTT out of YOU and I by assuming that AT&T does things competently.

    Vortech: I tweaked my terminal a bit for the screengrab. It’s usually about 30-40% transparent, but still green-on-black. One of these days, I am considering upgrading it by a few years to good ol’ amber-on-black.

Leave a Reply

Your email address will not be published. Required fields are marked *