Uncategorized 07.05.2007 Comments Off
Just three days after official release date, there are few cracks available for the most desired gadget in the world.
First, coming from famous DVD John, he wrote on his blog that he managed to crack the AT&T activation, so you can freely use iPod and WIFI without activating device with network operator. Still there is no option to use phone without activation but it’s just a mater of time.
And second one is about how to get root password for osX operating system of the smart phone.
The information is extracted from Apple iPhone restore image (rename as a zip file and extract). The archive contains two .dmg disk images: a password encrypted system image and an unencrypted user image. By delving into the unencrypted image inquisitive hackers were able to discover that all iPhones ship with predefined passwords to the accounts ‘mobile’ and ‘root’, the last of which being the name of the privileged administration account on UNIX based systems.
Hackers used the simple UNIX program ‘strings’ to extract a list of human readable character strings from the disk image, which contained a list of user accounts and their corresponding encrypted passwords (equivalent to the /etc/passwd file on UNIX and Linux systems). A call was then made out on the Full Disclosure mailing list for someone to run the popular password cracking tool John the Ripper on the encrypted passwords.
It took one replier just sixteen seconds to extract the passwords for both accounts — both passwords were simple six letter words of lower case letters.
Having the passwords will not do anybody any good for the moment. The iPhone has no console or terminal access, so there is no way to log in as either account. In fact, nobody even seems certain that the accounts access the machine at all, some Internet commentators suggesting that the password file was left over from early development work, or was intentionally included to throw hackers off the scent.