digg

Facebook Connect Join Digg About

iPhone Root Password Cracked

hackint0sh.org The root and another "mobile" account password of iPhone OSX 1.0, have been obtained from a passwd file and been cracked by the famous fellows from hackint0sh.org. The hash turned out to be old plain 1979 DES. Sadly this is not of any use so far, as the iPhone does not (yet) present us with a nice and tidy login screen to explore it's system.

Who dugg this? Made popular Jul 2, 2007

Digg DudeWhat is Digg?

Digg is a place for people to discover and share content from anywhere on the web. Digg surfaces the best stuff as submitted and voted on by the community. Take the Tour to learn more.

206 Comments

show profanity settings
expand all
  • inactive, on 10/11/2007, -8/+210I wonder what ATT is gonna do when people start running bittorrent clients on their edge network?
  • Gryffydd, on 10/11/2007, -17/+174"...explore it is system." ???

    English...RIP
  • z00k, on 10/11/2007, -12/+106http://www.youtube.com/watch?v=k6C_HjWr3Nk
    "Breaking in to the pentagon computer, double click on yes... Password protected, 20 million possible chances. Erm... Jeff ... Hey!"
    --Eddie Izzard
  • inactive, on 10/11/2007, -3/+77All i want is skype on the thing and use on wifi network. Screw Att and cell.
  • likwidtek, on 10/11/2007, -5/+63yeah... I mean... the blazing speeds... totally worth it....

  • ayeroxor, on 10/11/2007, -12/+60"the iPhone does not (yet) present us with a nice and tidy login screen to explore it's system."

    Screenshot: http://tinyurl.com/m476
  • erric, on 10/11/2007, -4/+52One of the first things I did was scan the phone when I had it connected to my wireless network at home:

    PORT STATE SERVICE VERSION
    20827/tcp filtered unknown
    36702/tcp filtered unknown
    37527/tcp filtered unknown
    38930/tcp filtered unknown
    41231/tcp filtered unknown
    56385/tcp filtered unknown
    57701/tcp filtered unknown
    62078/tcp open tcpwrapped

    So, there are listening services, but they are being filtered and least one NMAP believes is under the influence of TCP Wrappers.
  • vrillusions, on 10/11/2007, -3/+43A password that no one knows what to do with... kinda sounds like that AACS key
  • miletwo, on 10/11/2007, -14/+52@LL ur c3l ph0n3z R b3l0ng 2 us!
  • Polyroy, on 10/11/2007, -0/+34Having seen this evolve from the Full-Disclosure mailing list I find it rather sad that this 'hackint0sh' group takes credit for something they apparently do not even understand. The passwd file was obtained by grepping through some files from the posted firmware, but they didn't even mention the full passwd file. The results were posted on Full-Disclosure and apparently got cracked in an instant, no surprises there.

    Here it is, judge for yourself how useful this actually is:
    # Note that this file is consulted when the system is running in single-user
    # mode. At other times this information is handled by lookupd. By default,
    # lookupd gets information from NetInfo, so this file will not be consulted
    # unless you have changed lookupd's configuration.
    nobody:*:-2:-2::0:0:Unprivileged User:/var/empty:/usr/bin/false
    root:XUU7aqfpey51o:0:0::0:0:System Administrator:/var/root:/bin/sh
    mobile:/smx7MYTQIi2M:501:0::0:0:Mobile User:/var/mobile:/bin/sh
    daemon:*:1:1::0:0:System Services:/var/root:XUU7aqfpey51o
    unknown:*:99:99::0:0:Unknown User:/var/empty:/usr/bin/false

    It is very probable that this file is never actually used by any kind of software (at least not by the user). A lot remains when recycling code. I even saw some obscure references to all kind of Linux filesystems.
  • dicerandom, on 10/11/2007, -11/+43DES? Seriously? Who the heck uses DES?

    Didn't we just have an article about how this thing has a ~650MHz ARM processor? They should at *least* be using MD5 if not blowfish or one of the SHA-2s.
  • jeriqo, on 10/11/2007, -1/+32Because they don't ***** care?
  • inactive, on 10/11/2007, -2/+33You will be singing a different tune when ATT locks out hacked iPhones
  • skinfitz, on 10/11/2007, -1/+24Someone set us up the root.
  • tnoy, on 10/11/2007, -2/+24As much as the countless iPhone posts annoy me, I'd like the ones to surface to be like this. I might get one once the community adds the features that its missing.
  • GotMex, on 10/11/2007, -1/+22When you use good ol' DES and a 6 character alphanumeric password, you're just begging for it to be cracked.
  • inactive, on 10/11/2007, -16/+37I'm 'n ur iPhone hackn' uR dataz!
  • abandonedhero, on 10/11/2007, -4/+24How is it the slashdot effect if this is Digg?
  • t0ken, on 10/11/2007, -2/+20I love how no matter what kind of object or story or whatever something is there is always an angsty "who gives a *****" comment. Obviously a lot of people give a ***** because it made the front page. If it bothers you so much there is always the option to NOT click on the link to the story about the thing that you hate. It is pretty selfish to want the world to cater to your whim, and foolish to think it will.
  • gbarger, on 10/11/2007, -2/+20Maybe they wanted it to be easy. They're being crippled somewhat by AT&T's requests, but they still want their end users to end up having access to things...they just make it hard enough to appease the cell phone co.
  • Kitsune818, on 10/11/2007, -3/+21Not to mention the security of "alpine"? You think they'd have at least used a number in it.
  • SniperX, on 10/11/2007, -0/+16Just heard this from someone who has worked on debugging the iPhone over at Foxconn (not to mention it seems somewhat logical). But the way to get in and work with it is someone has to figure out a way to enable the Telnet daemon (which is included in the OS), then you can login and work using the above password.
  • inactive, on 10/11/2007, -2/+18there should not have been need for such utility in the first place. apple should have made it open in the first place. This time i would rather side MS with the open approach for Windows Mobile platform.
  • postalblowfish7, on 10/11/2007, -7/+23it's 'its'.
  • Xabora, on 10/11/2007, -0/+15Ehh.. people have found uses for that AACS Key.
  • inactive, on 10/11/2007, -12/+27Hey now, this is an Apple fanboi website and goddamnit if they spent $600 on this stupid gadget you can be sure a topic will surface every 5 minutes!!
  • mariofreak85, on 10/11/2007, -0/+15VOIP is only called out on AT&T's edge network, not your personal wifi
  • Bradl3y, on 10/11/2007, -0/+15Hmmm, yes, block all the ports that bittorrent uses, that will work great! [/sarcasm]
  • bobbyi, on 10/11/2007, -2/+16Trying to use a console with the on-screen "soft" keyboard sounds pretty painful.
  • inactive, on 10/11/2007, -6/+20who would be stupid enough to run bit torrent on the ***** speeds ATT gives.
  • skinfitz, on 10/11/2007, -0/+13Heh heh - you know I've been sitting on a zero days Safari exploit for just such an occasion. Overwrite any file anyone?
  • fowleryo, on 10/11/2007, -0/+13as have i (laptop tethered to mobile). longest download of my life.
  • goldenratiophi, on 10/11/2007, -0/+13Those are terrible passwords IMO. Both less than 8 characters, all lowercase letters.
  • pyry, on 10/11/2007, -3/+16No place to log in? I bet it just hasn't been found yet.
  • inactive, on 10/11/2007, -5/+17I already do! WM6 ftw!
  • tnoy, on 10/11/2007, -2/+14People that are long-time slashdot users are upset that another site has the same effect.
  • geminitojanus, on 10/11/2007, -0/+11Uhh it's a single-user OS on the iPhone, there's no need for good passswords or even good password algorithms.
  • LeeSoong, on 10/11/2007, -2/+13Hmm, when is that Apple iPhone Software UPDATE coming again?
  • inactive, on 10/11/2007, -1/+12And hacking the OS on the device isnt?
  • miles32, on 10/11/2007, -0/+9Excellent riposte,
    but it clearly states in paragraph 3b in article 2 of the hardcopy contract that VOIP is allowed due to federal regulations. However if they catch you on voip they will cross your traffic with someone else using voip. Thus confusing the hell out of every one.
  • inactive, on 10/11/2007, -2/+11Hey charlotte web hacked my digg account password!!!
  • inactive, on 10/11/2007, -10/+18not so secure after all.
  • pplude92, on 10/11/2007, -0/+8Dugg for the toon, but seriously...
  • signal15, on 10/11/2007, -0/+7It's probably in Apple's best interest to have this thing cracked and subsidy unlocked. They will sell a ton more devices if people can use them with any provider and do what they want with it. Maybe one of the engineers will "leak" some info anonymously.
  • flyosity, on 10/11/2007, -1/+8Seeing as how that application only allows your iPhone to SSH into another computer who is running that python script, I'm not sure I see how this helps at all. Unless of course you've already figured out how to install python scripts on your iPhone...
  • excaza, on 10/11/2007, -1/+8I agree with you mate, I don't really enjoy going to gizmodo and seeing nearly every single post within the last week on something to do with the iPhone

    garbage, I don't care
  • afx1, on 10/11/2007, -1/+8not even numeric...just alpha
  • hfactor, on 10/11/2007, -2/+9Permutation? "is" is not in the wrong place, it shouldn´t be there at all.
  • kreate, on 10/11/2007, -0/+7wow, such insight, good thing you took the time to click on the article and make such an interesting comment. if this story is so boring, stop commenting on it genius. the only thing that makes me yawn is seeing losers like you posting comments that say /yawn
  • inactive, on 10/11/2007, -3/+9Bulls eye!
  • Fetching more discussions...
    Show 51 - 100 of 208 discussions

  • Add a Comment

    Login or register to comment!
    Or, sign-in super fast with your Facebook account ...


© Digg Inc. 2009 — Content created and posted by Digg users is dedicated to the public domain | Terms of Use Updated | Privacy Policy
DIGG, DIGG IT, DUGG, DIGG THIS, Digg graphics, logos, designs, page headers, button icons, scripts, and other service names are the trademarks of Digg Inc.