openSSH default password - Help Please

Discussion in 'Jailbreaks and iOS Hacks' started by iPoodOverZune, May 18, 2010.

  1. iPoodOverZune macrumors regular

    iPoodOverZune

    Joined:
    Jan 13, 2007
    Location:
    LOST
    #1
    If default password via openSSH on jailbroken/unlocked phone has not been changed from alpine, what data can somebody potentially hack? I came to know a would-be-malicious-person (WBMP) could hack into iTunes account (and may create havoc with charges). But other than that, can somebody access any information via openSSH on your phone, like passwords of other applications used? Or install a keylogger on your phone? Or hack into router/other computers through your iPhones openSSH.

    I have changed the default password, but after two weeks or so, and I am wondering if there is a potential and I should change all my passwords before something bad happens. :(
     
  2. -aggie- macrumors P6

    -aggie-

    Joined:
    Jun 19, 2009
    Location:
    Where bunnies are welcome.
    #2
    I'm somewhat confused by your post, maybe because of the English.

    If you've changed the mobile and root passwords on your phone, no one can "hack" anything.

    However, you say you changed your default password (you didn't say passwords, there are two), so why would you want to change them again? No need to do that.
     
  3. -tWv- macrumors 68000

    -tWv-

    Joined:
    May 11, 2009
    Location:
    Ohio
    #3
    Well if you just use sbssettings and download the SSH toggle, you can just turn off the SSH while it is not in use, and only have it on when you need it. So even if you leave the default password the same, you would only be vulnerable for the short time you are using it, which would normally be at home or something, and would not a problem.
     
  4. -aggie- macrumors P6

    -aggie-

    Joined:
    Jun 19, 2009
    Location:
    Where bunnies are welcome.
    #4
    I didn't want to get into that with the previous post, since it may confuse the OP, but you really don't want to turn off openSSH. If anything ever goes wrong, you have NO access to your phone, which is one of the purposes of openSSH.
     
  5. -tWv- macrumors 68000

    -tWv-

    Joined:
    May 11, 2009
    Location:
    Ohio
    #5
    very true

    OP: all you need to do is follow the instructions on cydia in order to change both your root and mobile password via mobileterminal and you should be fine.
     
  6. iPoodOverZune thread starter macrumors regular

    iPoodOverZune

    Joined:
    Jan 13, 2007
    Location:
    LOST
    #6
    Thanks for the responses. I did change default password with MobileTerminal (downloaded from Cydia). So which are the two passwords? I mean is there a separate root and mobile password? And what have I changed with the following commands:
    In MobileTerminal, I typed
    >su root
    >password (typed alpine)
    then changed password by
    >passwd
    that prompted for new one. And then I exited from the Terminal app.
    I also installed SBSettings and turned off SSH altogether.
    So is there anything else that I can too. I mean if I changed root password with this one, now do I need to do with the mobile password as well.
     
  7. iPoodOverZune thread starter macrumors regular

    iPoodOverZune

    Joined:
    Jan 13, 2007
    Location:
    LOST
    #7
    Please HELP!!

    Folks,

    I figured my iTunes account did get hacked and some gift cards and songs were purchased. So looks like someone might have accessed my iPhone through openSSH. Can anyone help to answer these questions:-

    1) Besides getting iTunes account credentials, is it possible to also access other username n passwords from other apps on the iPhone? I mean how easy it would have been?

    2) Any possibility of someone installing any kind of keylogger or other malicious app on iPhone that I cannot figure out and will still work to call back home, even though root/mobile password has been changed.

    3) Is there anyway, by using iPhone as a bot, someone would be able to access my iMac and other compounds on my network (through a router with 128-bit WPA encryption) and thus install other malicious softwares, or get access to files?

    4) Does iTune store keep track of what IPs items were purchased from, so the culprit could be tracked?

    I was so stupid to not know this openSSH thing before jailbreaking, but learnt a lesson. Should I restore my iPhone afresh (and MacOSX as well) to make sure no malicious app (or software) has been installed.

    Please, I would be very thankful for some help.
     
  8. -aggie- macrumors P6

    -aggie-

    Joined:
    Jun 19, 2009
    Location:
    Where bunnies are welcome.
    #8
    You haven’t changed your mobile password. Read the instructions again.

    Did you read what I said above. You really should leave openSSH on. You’ve set two passwords (or you will have when you follow instructions); no one is going to get on your phone, unless you picked a crap password. Use caps, number, letters and special characters (like _ or #).

    I doubt someone ssh’ed into your phone. It’s more likely someone got into your iTunes account. Why are you so sure they got in anyway? Change your iTunes password.

    I’ll let someone else assuage your fears about the rest. I don’t think it would be that easy to do any of that, especially the keylogger, but I don’t go around trying to hack people either.
     
  9. iPoodOverZune thread starter macrumors regular

    iPoodOverZune

    Joined:
    Jan 13, 2007
    Location:
    LOST
    #9
    The reason is that this all happened when I bought an iPhone. As soon as I jailbroke/unlocked and accessed iTunes account from iPhone to purchase apps, this happened. Now an iTunes account in and of itself might have gotten hacked by someone, but it has not happened for the last 4 years since the account was created. It looks it got SSH'ed somehow either at home (though I have a very secured router) or at public WiFi.

    I would love to have my fears proven wrong, since I am worried that the person might have tried to access other username/passwords for other iPhone apps, especially such as dropbox, google services, etc. Is that possible?
     
  10. iPoodOverZune thread starter macrumors regular

    iPoodOverZune

    Joined:
    Jan 13, 2007
    Location:
    LOST
    #10
    please help to answer

    Folks, can someone please take time to answer the questions in two posts above? I am really freaked out at the moment thinking about what kind of devastation this openSSH thing can cause if left on the default password.
    Should I reinstall the iphone software
     
  11. CarsonJones macrumors member

    Joined:
    May 11, 2010
    #11
    you are freaking out about something that happened 4 years ago? Change your passwords(both) you will be fine.
     
  12. -aggie- macrumors P6

    -aggie-

    Joined:
    Jun 19, 2009
    Location:
    Where bunnies are welcome.
    #12
    No, he’s not freaking about something that happened 4 years ago. He’s saying he’s had the iTunes account for 4 years and never been hacked.
     
  13. -tWv- macrumors 68000

    -tWv-

    Joined:
    May 11, 2009
    Location:
    Ohio
    #13
    OP: If you really did change your password by thoroughly reading the directions and making the passwords secure, then you should be fine. I'm pretty sure that someone would not be able to hack into your iPhone at home, so it must have happened at an area with public wifi. You don't need to reinstall the iphone software, you could just uninstall openSSH if you want to in order to avoid the problem altogether, but this will leave you with no way to access your iphone if something goes wrong. As far as I know, if you don't have openSSH installed, there is no way to access your iphone remotely (someone correct me if I'm wrong).

    If you really want to reinstall the iphone software, it will solve your problem, but I believe that having a jailbroken iphone is too useful to restore it over this issue. Just make sure that you have changed BOTH the mobile and root passwords (long, secure passwords that you can remember) and people aren't going to be able to access your phone.
     
  14. iPoodOverZune thread starter macrumors regular

    iPoodOverZune

    Joined:
    Jan 13, 2007
    Location:
    LOST
    #14
    Thank you sir. I reinstalled the software on iPhone using restore feature (jailbroken/unlocked firmware), and then restored the back up. I then changed both the passwords with Mobile terminal. Since I dont need SSH anyway, I have installed SBSettings and just turned it off altogether.

    So will it be hack-proof now in all reasonable circumstances?

    What if I connect to public WiFi with all these measures (SSH turned off; secure passwords) already in place?

    I have always wondered when Mail app or any such app that need username and password access the Web using public WiFi, aren't you revealing your credentials to all. So sometimes even without your knowledge, you might hit Mail app, etc and dang, there goes your passwords.
     

Share This Page