How to Secure Your Jailbroken iPhone From SSH Hack

by Simon Ng on November 10, 2009



iphone-dutch-hackBy jailbreaking your iPhone, it opens up lots of opportunities to add some amazing features that you’ll never find on a normal iPhone. Just quote a few examples, jailbreaking lets you use Winterboard to change the iPhone theme. Or you can use Twidget to view your tweet on lock screen. And, jailbreaking opens the door for iPhone unlocking and full control of iPhone file system.

However, at the same time, jailbreaking may make your iPhone less secure and you need to take extra measure to secure it, especially you enable SSH on the jailbroken iPhone.

Earlier, as reported by Ars Technica, a Dutch hacker made use of the well-known root password (i.e. alpine) of iPhone and hacked into the jailbroken iPhone. The hacker does not intend to distribute any malicious code or damage your iPhone. He developed a port scanning program to identify jailbroken iPhones on T-mobile Netherlands with SSH running. When the target jailbroken iPhone is found, the program used the default root password to gain access of the iPhone. He then sent an SMS-like alert to the hacked phone that reads, “You iPhone’s been hacked because it’s really insecure! Please visit doiop.com/iHacked and secure your iPhone right now! Right now, I can access all your files.” Originally, clicking the link will direct the victim to the hacker’s site and you’ll need to pay €5 for trading with the instruction to remove the hack. Later, however, the hacker changed his mind and post the instructions for undoing the hack without any cost.

Though, this incident doesn’t do any harm on jailbroken iPhone, it signals every jailbroken iPhone users should take extra care to secure their iPhone. To prevent this kind of hack, what you need is to change the default root password. For those who have installed OpenSSH on iPhone, it’s highly recommended to follow these instructions to change the root password.

Changing the root password of iPhone

1. Go to Cydia and install “MobileTerminal” application

mobileterminal-cydia

2. Launch “Terminal” app. Type “su” and key in “alpine” as password. This will let you login as “root” user. Please note the password will not be echoed.

terminal-login-root

3. Next, type “passwd” to start changing the root password. Then key in your new password and hit return. (Note: Remember to choose a good password). You’ll need to retype your new password when “Retype new password” is prompted.

terminal-change-password

That’s it. Your root password is now changed. Make sure you remember your own password. If you use WinSCP or Cyberduck to transfer file via SSH, you will need to login with your new password instead of the default one.

cyberduck-change-password

As always, remember to leave me comment if you find any problem in changing the password or you’d like to share any tips.

 Share with Your Friends

What's Next?

If you find the post is useful, subscribe to Simon Blog using RSS or Email to get free iPhone updates. Alternatively, you can follow me on Twitter or join us on Facebook.

Related Post you'll like:

Sign up and Download Free iPhone Guide

Send

Tagged as: cydia, iPhone, iPhone Hack, iPhone Tips, jailbreak-iphone, OpenSSH, security, winterboard

{ 1 trackback }

First iPhone Virus Affected my Jailbroken iPhone 3GS — The iPhone Blogging
November 17, 2009 at 11:09 am

{ 11 comments… read them below or add one }

1 Sachin November 10, 2009 at 2:24 am

Thanks Simon!!!

Reply

2 fgabato November 10, 2009 at 4:18 am

i was able to download the MobileTerminal but once I’ve executed it, i am getting a black blank screen with the keyboard below but no type of characters are showing up on the black blank screen like the ones above here. Any suggestions why this is or what am i missing?

Reply

3 Robert November 10, 2009 at 6:40 pm

@fgabato: You wont see the characters while typing the old and new password within a ssh. Just type it and have trust in the system ;-)

Reply

4 fgabato November 10, 2009 at 10:50 pm

@robert: I agree with you in regards to not seeing the old and new password as you type it but I am not even there. I am just getting a blank screen where i don’t even see the prompt on the screen

Reply

5 Eugen November 11, 2009 at 1:41 am

yeah, I can confirm what @fgabato has, but in my case is even worse, after I start MobileTerminal I get the black screen and keyboard, and after 2 secs it crashes I guess and I get back to iphone springboard. I have a jailbreak from first version of Blackra1n, maybe this is the case. But no idea how to jailbreak using latest version of Blackra1n, I mean shall I just run latest jailbreak over existing or to restore first, or ….

Reply

6 Steve November 12, 2009 at 9:21 pm

Thanks Simon. Very straightforward.

Reply

7 iN00b November 14, 2009 at 4:22 pm

Thanks Simon.

Note to all- Works perfect on Iphone 3G with latest blackra1n + 3.1.2 firmware.

Very clear Instructions keep it up!

Reply

8 Ivan Jimenez November 16, 2009 at 2:47 pm

Hi – Could you please let me know if it’s necessary to change the root password even if I don’t have ssh installed? thanks

Reply

9 Simon Ng November 16, 2009 at 10:21 pm

@Ivan,

The virus can only infect jailbroken iPhone with SSH enabled. If you do not have SSH installed, you won’t be affected even the root password is unchanged.

Reply

10 Jim November 16, 2009 at 11:24 pm

Simon, thanks, this is good stuff. However, it is essential that people also change the password for the user mobile. It is also ‘alpine’ by default, and when a malicious hacker gets into your mobile account, he can still steal all your important information (i.e. all your personal information: address book, cookies, …).

Reply

11 Simon Ng November 16, 2009 at 11:50 pm

@Jim, thanks for your reminder. I will also remind other readers about that.

Reply

Leave a Comment

Previous post: How To Enable Internet Tethering on iPhone After Blackra1n Jailbreak

Next post: The First iPhone Virus Targets Unsecured Jailbroken iPhone

Get smart with the Thesis WordPress Theme from DIYthemes.