Rickrolling worm infects jailbroken iPhones lol

Discussion in 'Jailbreaks and iOS Hacks' started by macshill, Nov 8, 2009.

  1. stab244 macrumors member

    Joined:
    Nov 2, 2009
    #2
    Haha... Wow... I guess some people have nothing better to do with their time.
     
  2. rdowns macrumors Penryn

    rdowns

    Joined:
    Jul 11, 2003
  3. dhlizard macrumors G4

    dhlizard

    Joined:
    Mar 16, 2009
    Location:
    The Jailbreak Community
    #4
    Hummmmm..... :rolleyes:

    And to think, I never wondered where he was after all these years, and then he shows up in Australia ??

    Better in their iPhones than in ours (Oh wait, I changed both my passwords)
     
  4. Compile 'em all macrumors 601

    Compile 'em all

    Joined:
    Apr 6, 2005
    #5
    bravo! :rolleyes:
     
  5. jav6454 macrumors P6

    jav6454

    Joined:
    Nov 14, 2007
    Location:
    1 Geostationary Tower Plaza
    #6
    People, the cure is simple, change your passwords if you plan to install OpenSSH... or make an SSH tunnel out of your phone.
     
  6. hellomoto4 macrumors 6502a

    hellomoto4

    Joined:
    Jul 11, 2008
    Location:
    Australia
    #7
    I got rickrolled :(
    Serves me right for not changing default SSH password, I'm glad it was nothing worse!

    Oh well, fixed now. And password changed ;)
     
  7. medicscott macrumors 6502a

    medicscott

    Joined:
    Aug 9, 2009
    Location:
    san diego
  8. Nermal Moderator

    Nermal

    Staff Member

    Joined:
    Dec 7, 2002
    Location:
    New Zealand
    #10
    This works on Optus because users have public IP addresses by default. I'm assuming that AT&T uses NAT, which would explain why this hasn't been seen in the US (or other countries, for that matter).
     
  9. Applejuiced macrumors Westmere

    Applejuiced

    Joined:
    Apr 16, 2008
    Location:
    At the iPhone hacks section.
    #11
    We're going to be seeing more and more exploits/worms by people taking advantage of the stock userid and password to gain acess to iphones.
    Everyone who JB's their iphone should change the password ASAP if they plan to use OpenSSH.
     
  10. dalvin200 macrumors 68040

    Joined:
    Mar 24, 2006
    Location:
    Nottingham, UK
    #12
    i dont actually plan on using SSH (my wifes iphone), but it was installed as part of the pwnage process..

    is there a way to simply de-activate it? i'd heard one of boss pref's did this, but each time you re-start your phone, you must switch it off in boss prefs again..

    i tried to change the default pw via my mac using terminal.. but i kept getting some weird error like below..

    reading around the web i either have to edit the hosts file (do not want to do).. or simply trash it.. but what effect does trashing it have? will it affect anything? any other wireless devices?

    thanks

    Code:
    @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
    @ WARNING: POSSIBLE DNS SPOOFING DETECTED! @
    @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
    The RSA host key for ******************.net has changed,
    and the key for the according IP address xx.xx.xxx.xxx
    is unknown. This could either mean that
    DNS SPOOFING is happening or the IP address for the host
    and its host key have changed at the same time.
    @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
    @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
    @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
    IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
    Someone could be eavesdropping on you right now (man-in-the-middle attack)!
    It is also possible that the RSA host key has just been changed.
    The fingerprint for the RSA key sent by the remote host is
    xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx.
    Please contact your system administrator.
    Add correct host key in /Users/user/.ssh/known_hosts to get rid of this message.
    Offending key in /Users/user/.ssh/known_hosts:5
    RSA host key for **************.net has changed and you have requested strict checking.
    Host key verification failed.
     
  11. Applejuiced macrumors Westmere

    Applejuiced

    Joined:
    Apr 16, 2008
    Location:
    At the iPhone hacks section.
    #13
    Yes, all you gotta do is go to cydia/Manage/packages/openSSH and remove it.
     
  12. hellomoto4 macrumors 6502a

    hellomoto4

    Joined:
    Jul 11, 2008
    Location:
    Australia
    #14
    How to remove:

     
  13. ViViDboarder macrumors 68040

    ViViDboarder

    Joined:
    Jun 25, 2008
    Location:
    USA
    #15
    Just trash it. It's fine. Basically your computer keeps a log of all the hosts you connect to and their addresses. This way if someone was to spoof the address of the server you were trying to connect to to steal your passwords you'd be notified before it lets you. The issue is that with Dynamic IP's this can come up a lot. Just trash your hosts file and you'll be fine. The command
    Code:
    rm ~/.ssh/known_hosts
    should do it. Then just try again. You'll be fine.
     
  14. dalvin200 macrumors 68040

    Joined:
    Mar 24, 2006
    Location:
    Nottingham, UK
    #16
    BRILLIANT... did the trick :) password changed... :D

     
  15. Gix1k macrumors 68030

    Gix1k

    Joined:
    Jun 16, 2008
  16. ViViDboarder macrumors 68040

    ViViDboarder

    Joined:
    Jun 25, 2008
    Location:
    USA
    #18
    So... Change it...
     
  17. xsecretfiles macrumors 6502

    Joined:
    Aug 1, 2008
    #19
    I'm too lazy to change my password, but I should be fine because I turned off SSH through boss prefs settings....
     
  18. dhlizard macrumors G4

    dhlizard

    Joined:
    Mar 16, 2009
    Location:
    The Jailbreak Community
    #20
    It takes all of 2 minutes, if that. How did you ever manage the chore of typing your post ? :rolleyes:
     
  19. Dustman macrumors 65816

    Dustman

    Joined:
    Apr 17, 2007
    #21
    LOL... "And here's your sign"
     
  20. ViViDboarder macrumors 68040

    ViViDboarder

    Joined:
    Jun 25, 2008
    Location:
    USA
    #22
    Yea... but sometimes it gets enabled when you respring.

    Just change it... If you're too lazy to look up how, here is the command.
    From MobileTerminal
    Code:
    passwd
    Enter your new password.
    Code:
    su root
    passwd
    Enter new password.

    If you're using SSH instead of MobileTerminal, make sure it's on and connect using:
    Code:
    ssh root@iphoneip
    Then run
    Code:
    passwd
    And enter the new password.
    Code:
    passwd mobile
    And enter the new password.

    Takes almost no time and if you care about security at all... just do it or remove OpenSSH.

    EDIT: And by the way, I recommend AGAINST removing OpenSSH. In fact I leave it enabled at all times with my changed password. My reason for doing so is that I've had certain settings I've changed or extensions I've installed that forced my phone into a reboot cycle. Because I left SSH enabled I was able to connect and fix my errors while it was booting. It saved me a restore.
     
  21. dhlizard macrumors G4

    dhlizard

    Joined:
    Mar 16, 2009
    Location:
    The Jailbreak Community
    #23
    Agreed, been there, done that, it works !
     
  22. ViViDboarder macrumors 68040

    ViViDboarder

    Joined:
    Jun 25, 2008
    Location:
    USA
    #24
    Earlier today for you right? Haha. Saw that mobilesubtrate thread. :D
     
  23. dhlizard macrumors G4

    dhlizard

    Joined:
    Mar 16, 2009
    Location:
    The Jailbreak Community
    #25
    Actually, I got lucky on that. Slowed the 3GS down a tad, but it did boot up and didn't trash my network settings.

    My nemesis (sp-?) are the tethering fixes, mods or hacks.

    No matter what I try, they just blow up my phone.

    Had to pull out the moded files like CommCenter more than once.

    Oh well.
     

Share This Page