It's been out just three days, but already the Apple iPhone has been taken apart both literally and figuratively. The latest: inquisitive Apple fans have hacked into the firmware and discovered the master root password to the smart phone.
The information came from an an official Apple iPhone restore image (rename as a zip file and extract). The archive contains two .dmg disk images: a password encrypted system image and an unencrypted user image. By delving into the unencrypted image inquisitive hackers were able to discover that all iPhones ship with predefined passwords to the accounts 'mobile' and 'root', the last of which being the name of the privileged administration account on UNIX based systems.
Hackers used the simple UNIX program 'strings' to extract a list of human readable character strings from the disk image, which contained a list of user accounts and their corresponding encrypted passwords (equivalent to the /etc/passwd file on UNIX and Linux systems). A call was then made out on the Full Disclosure mailing list for someone to run the popular password cracking tool John the Ripper on the encrypted passwords.
It took one replier just sixteen seconds to extract the passwords for both accounts -- both passwords were simple six letter words of lower case letters.
Having the passwords will not do anybody any good for the moment. The iPhone has no console or terminal access, so there is no way to log in as either account. In fact, nobody even seems certain that the accounts access the machine at all, some Internet commentators suggesting that the password file was left over from early development work, or was intentionally included to throw hackers off the scent.
iPhone root password cracked in three days
By Nick Gibson | 2007/07/03 16:56:16
Latest posts
News and features
- Latest
- Popular
- Features
- Most Discussed
-
Browse safely in Internet Explorer
2010/01/25 11:35:44
-
2010/01/28 08:43:04
-
2010/01/22 11:02:54
Most popular tags
apple
attacks
browser
browsers
china
chrome
development tools
employee
enterprise software
extensions
filter
firefox
freeware
func
google
hardware
html5
human resources
internet
internet explorer
javascript
jobs
linux
market share
microsoft
microsoft office
mozilla
office
office 2010
open source
open-source software
operating systems
performance
productivity
security
software
tablet
toni bowers
tool
unix
video
web 2.0
windows
windows 7
What's on?
-
Broadband + home phone + PlayStation®3 in a single package price!
1
luke.anderson - 03/07/07
Nice hat Nick, and quality first blog post!
» Report offensive content
2
Poetic Justice - 04/07/07
So much for Apple being the most secure OS in the world. Welcome to Microsoft's world, Jobs.
» Report offensive content
3
Ed - 04/07/07
Too bad this isn't the password for the running account - only single user mode (assuming it's anything like OS X).
Haven't these idiots heard of netinfo?
» Report offensive content
4
bithead - 04/07/07
It doesn't look like a security problem in the OS itself, just the company itself.
» Report offensive content
5
crossbonez - 04/07/07
...just goes to show you how much of an iHole Mr. Jobs is.
» Report offensive content
6
ATTENTION EVERYBODY - 04/07/07
SAY SOMETHING STUPID ABOUT COMPUTER SCIENCE AND PROVE YOU'RE A MORON
» Report offensive content
7
Jim Jones - 04/07/07
The best part about this is that they now have the unencrypted code that the iphone uses... Now they can start playing with an Arm emulator and see where it goes.... :-)
» Report offensive content
8
erroneus - 04/07/07
Hahaha... "iHole"? Now that's just funny right there.
Just wait, there will be an applet created to open a terminal window and connect to a bluetooth keyboard and mouse. Once that happens, geeks everywhere will be buying iPhone.
Frankly, I don't count myself in those numbers... not yet anyway.
» Report offensive content
9
d1donly - 04/07/07
Humm.. it uses wifi right? Can't you get it's ip when it logs onto the network and attempt ssh to it's ip? Let me know how that goes....
» Report offensive content
10
ben - 04/07/07
iPwned
» Report offensive content
11
Vim - 04/07/07
Nice... except it probably has root disabled (like OS X has by default), and in that case will most likely need an admin password ('mobile' account is probably not admin either) to enable said root or allow sudo access.
It's seemingly one step towards pwnage, but quite likely a long way off in reality ;)
» Report offensive content
12
Eric Kimminau - 04/07/07
http://www.apple.com/macosx/features/security/
http://developer.apple.com/internet/security/securityintro.html
http://docs.info.apple.com/article.html?artnum=106439
http://www.vnutz.com/content/exploit/Nessus_Apple_OSX_Server_Default_Vulnerabilities.html
» Report offensive content
13
Yankee Yob - 04/07/07
I guess this "by developers for developers" site shows why there's no decent software coming out of Australia.
» Report offensive content
14
be3n - 04/07/07
everyone seems to forget that the iPhone doen't run any services. I mean if I could ssh in as root, I would be interested. Until the I fill this under useless hacks.
» Report offensive content
15
Jeremy Langhans - 04/07/07
hmm... guess i'll wait to get me one of them ;-)
~jer
» Report offensive content
16
Preston - 04/07/07
"So much for Apple being the most secure OS in the world. Welcome to Microsoft's world, Jobs."
Uh, huh? The password is useless, and it's for local access to a file on a physical device you have in your hand.
I love when the bitter Microsoft fanbois come out to play. It's proof that Apple really is kicking their butts. How were Vista's sales again? Ouch.
» Report offensive content
17
generalapathy - 04/07/07
"How were Vista's sales again? Ouch." ? How long did it take to crack the ultra secure Safari when it came to PC? Not long. Apple would get hacked as much as PC if there were a real presence of Apple's to be hacked. Don't confuse unpopularity with security.
» Report offensive content
18
asv - 04/07/07
why is it You want to hack a $600 phone, so you can do what??
make a call, knowing that if anything happens to your phone, there is know where to go, because of warrenty. Now who is the idiot???
If you don't like the phone- don't buy it. Why aren't anyone trying to hack nokia n95, or the blackberry???
Get a life, or get out of it!!!!
» Report offensive content
19
GSP - 04/07/07
Does the root access give elevated privileges or bypass any security features intended to prevent the installation/execution of malware? Could be an interesting angle.
PS. asv - you're only hacking the software. If you need warranty support you can reflash most devices with the factory firmware and the manufacturer is none the wiser. Also, there's plenty of hacks for the N95 and Blackberry. And why hack phones? Because operators restrict features, and because some people find it fun.
» Report offensive content
20
Jeremy - 04/07/07
asv: the reason nobody wants to hack a Nokia or Blackberry is they know the code is like reading the ramblings of a madman. Everybody knows that crap is contagious and will warp your mind. That and the hardware is shoddy...
» Report offensive content
21
anonymous - 04/07/07
> Apple would get hacked as much as PC if there were a real presence of Apple's to be hacked. Don't confuse unpopularity with security.
You'd think hackers would be attacking Apple already just for the extra 'cred' they would get by breaking into an- allegedly- far more secure system. In fact, I think they are attacking Apple. They just aren't succeeding.
» Report offensive content
22
Justice - 04/07/07
> You'd think hackers would be attacking Apple already just for the extra 'cred' they would get by breaking into an- allegedly- far more secure system. In fact, I think they are attacking Apple. They just aren't succeeding.
Aren't succeeding?... I think you mean, not bothering.
There is no "cred" in hacking an Mac. I means you have to have access to one or >choke< buy one and no self-respecting hacker would buy a Mac.
» Report offensive content
23
Joe Spammer - 04/07/07
> why is it You want to hack a $600 phone, so you can do what??
So you can build a r00tkit to "own" other peoples fones as they walk past, and turn them into spam zombies of course - exactly the same reason anyone want to hack anything these days.
» Report offensive content
24
Kiss - 04/07/07
> There is no "cred" in hacking an Mac. I means you have to have access to one or >choke< buy one and no self-respecting hacker would buy a Mac.
A real hacker would know how to hack anything, even if it means buying an eBay special Mac.
It's all about the ownage. Are you really gonna let a wee little unpopular Mac beat your ass?
» Report offensive content
25
abbad0n - 04/07/07
people don't bother infecting/hacking macs because there aren't enough of them to bother. In this day and age its all about getting the most amount of "zombie" machines you can to use as spambots or DDoS attacks for profit. it's all about making money nowadays, it's NOT about just owning a system (for 99% of hackers/malware writers).
» Report offensive content
26
Soch - 04/07/07
"How long did it take to crack the ultra secure Safari when it came to PC? "
You mean that public beta that was put out on the PC so that non-mac users would have access to the webkit so they could develop apps for the iPhone? When did apple - or anyone else - make any claims about that piece of beta software being particularly secure?
» Report offensive content
27
HubmaN - 04/07/07
In my opinion, I'm still wondering why everyone uses the word "hacker" in the wrong context. If you're talking about someone who tries to gain access to systems/files, then that's cracking. Hacking is usually solving a problem in a different way, ETHICALLY-read Stallman if you don't believe me. Although cracking is far cooler, though, it really only focuses on systems. Hacking might as well also include lockpicking, DIY "hacks", etc.
» Report offensive content
28
Fred Hamranhansenhansen - 04/07/07
If you say the iPhone has been cracked now, when it clearly hasn't, what headline are you going to use if somebody actually does gain root access?
Nobody knows if that is iPhone's root password. The iPhone has two disk images (disks stored as a single file) one is encrypted and one is not and these passwords came out of the unencrypted one, which is for user data.
Also the idea that they all have the same root password is ludicrous. They don't even work except for emergency calls until you hook them onto iTunes and let it talk to AT
» Report offensive content
29
Fred Hamranhansenhansen - 04/07/07
Your comments system is clipping ampersands ...
» Report offensive content
30
Bob - 04/07/07
Don't you just love the way some little Apple fanboy has gone through and marked all the anti-apple comments as offensive? Lol.
» Report offensive content
31
Alex - 05/07/07
So well apple-boys
This site does not exist;
http://docs.info.apple.com/article.html?artnum=61798
Its just a mock-up... and all Developers @ the apple pie do not make failures any time in their life, they know all because they can look in the future and have a djinni at their workplace.
» Report offensive content
32
madness - 05/07/07
Surely "offensive content" only refers to stuff you wouldn't want your kid to see, not just stuff you disagree with. Stop interfering whoever you are that keeps doing it......
>yes i believe i have already worked out whats going to happen next...... :)
All pub, is good pub.
» Report offensive content
33
RipperRoo - 05/07/07
i wont say anything against the Mac, its not pc to make jokes about minoritys
but i do agree with a lot thats been said, someone cracks a system then shouts about it, the flaw is patched and another is found - its the same with every os, and i bet if you compare stats on virus infections you will find on a per user basis you get about the same for results for OSX as you do for windows.
Two Words:
BIG DEAL
» Report offensive content
34
Kyle - 05/07/07
For those morons associating the ease of deciphering the image passwords to breaking into OSX: we are greatful that the passwords are no longer than 6 letters with known algorithms. Apple isn't stupid - they know that sooner or later it will be deciphered, so why bother putting up a fight?
Despite AT
» Report offensive content
35
Ev1L - 05/07/07
The Apple fan boys are so funny. They dont have a single clue about Unix systems. Yet if Steve builds it....it must be divine.
Grow up you noobs. While your Mac hides the seedy underbelly of computing from you, do not assume just because Steve gives you an interface 'you'll want to lick,' that you somehow have a superior OS.
I have a nice set of the original first release disks of OS X server--pre-Aqua.
And for the last time you morons, its 'Os ten' not 'OS X.'
» Report offensive content
36
Ev1L - 05/07/07
The Apple fan boys are so funny. They dont have a single clue about Unix systems. Yet if Steve builds it....it must be divine.
Grow up you noobs. While your Mac hides the seedy underbelly of computing from you, do not assume just because Steve gives you an interface 'you'll want to lick,' that you somehow have a superior OS.
I have a nice set of the original first release disks of OS X server--pre-Aqua.
And for the last time you morons, its 'Os ten' not 'OS X.'
» Report offensive content
37
pilgrim - 05/07/07
Lol, I remember the Rhapsody tech demos - Look we made Uncle Steve loads of money for NeXt Step, we'll call it OS 10. No, wait said the fanfic writing X-Men obsessed marketeers - Lets Call It OS - X . But at least it isn't Windows.
» Report offensive content
38
Xepol - 05/07/07
Dream all you want, this isn't the first sign of huge gaping holes in the Apple security front.
» Report offensive content
39
PCDude - 05/07/07
Having never met anybody who'll admit to being an Apple OS dev, i wonder, now that Mac's are basically PC's with a different OS, when will the Apple boys realise there is no such thing as an Apple PC anymore, but just a PC with coloured plastic round it and branding slapped on, Apple lost the PC war that's why they moved to MP3 players and phones.. devices far simpler to operate and develop for.. wait a sec.. that makes sense, simple devices for simple people :-)
» Report offensive content
40
azz - 05/07/07
Oh you hav a mac? damn pity.
» Report offensive content
41
Mike - 06/07/07
ok... so what?? you cracked it ... you want a cookie??? big whoop!! i don't understand all the mac haters... you hate mac because why? I want to know...
» Report offensive content
42
WaterGoblin - 06/07/07
One way in would probably be to find a security vulnerability in Safari
» Report offensive content
43
PooPoo - 06/07/07
>RipperRoo
"and i bet if you compare stats on virus infections you will find on a per user basis you get about the same for results for OSX as you do for windows"
virus on a mac? there's still not one around for os x. no one even uses virusscanners, sorry, bet lost...
» Report offensive content
44
Wm - 07/07/07
iPhone in hand... programming environment open on my laptop... and how exactly does the root password do any good?
Don't get me wrong, it might be possible to use the restore images in a virtual environment so you could simulate having an iPhone. Then you might be able to hardcode changes like adding software, then recreate the restore images and actually restore to an iPhone.
Seriously though, you wouldn't need any passwords to make changes if you had that kind of low level access. And as previously mentioned, OS X has root disabled by default, so there's no reason to believe the iPhone's root account would work without an Admin User's password to enable root, and with an Admin Password you could change root's password anyway.
I've written a program to suck passwords out of CuteFTP's protected file. What they've done here is not easy for "users", but it's child's play compared to what it'd take to really make changes to an iPhone, and the secret they've learned is likely to be completely useless (except for bragging rights among the wannabes).
Wm
» Report offensive content
45
NERDBOT2000000000000000000000 - 07/07/07
nerds...
» Report offensive content
46
Bklynjava - 10/07/07
Ive read through this and i can tell you all one thing for sure.
The iphone will be Cracked - Hacked and re-baked =) just my 2...
There are those who will basically reverse it down to the chip and extract everything possible.
Why would someone do that you ask - well lets see there are those who get degrees in EE - there are others who don't need degrees and then there are those who are bored with lots of time on their hands - lol - oh yeah and its just fun for others.
Whatever the reason if you give someone a combination lock and say hold this they will turn the dial a few times and see if it unlocked.
» Report offensive content
47
jeremy langhans - 26/08/07
so how about the google phone?
» Report offensive content
48
jeremy langhans - 26/08/07
so how about the google phone?
» Report offensive content
49
dc - 04/09/07
Hackers aren't the ones who create malware and viruses. If you're creating malware, you're no hacker. You're a cut-rate script kiddie in your parents' basement with nothing better to do and you'd be better served to do some real masturbating instead of trying to mentally masturbate yourself up to the level of real hackers.
No amount of Windows bots is going to impress them. Seriously. That is not the goal of hacking.
And Mac users? Stop taunting them. You sound very George Bush-like "Bring it on"... do you really really want them to start attacking your computers?
» Report offensive content
50
parad0x - 21/11/07
real hackers are not limited to just PC's or just macs. 99.95% of people on here have no clue what hacking really is and fire up Newzbin and giganews a couple pr0ggies and keygens, login to their modded xbox's and chat on their WOW forums with their buddies on their liquid cooled dual SLI 8800GTS pc's and think that they are superior... I know some real life hackers and their lives suck, they don't have access to all the toys mommy and daddy give you, some of them don't even have cell phones... so when they get their 45 minutes in front of a computer they make the most out of it.
» Report offensive content
51
noel kirkland - 29/11/07
hey, some kid stole my iphone and then someone els found it and long story short i have my iphone back but the bastard who took it put a pascode on it. thi really sucks I was wondering if you guys could help?
» Report offensive content
52
tony - 16/01/08
now i have 2 new unlocked 8G iphone in stock in Sydney. Take your chance by contact 0434634635 for buy it now $699each. Serious only
» Report offensive content
53
gustavo - 22/05/08
Hello, Yesterday when I was changing the password in my IPhone. That work is possible editing the file "/etc/master.passwrd" as root, in the middle of the work I lost the ssh session with the IPhone and now I can't ssh login to the IPhone using the old root IPhone password (alpine). And also I can't see the file "/etc/master.paswrd" from a IPhone terminal because I need root permission for that.
ANY IDEA PLEAS!!! WHAT CAN i DO NOW???
Thanks a lot in advance,
Gustavo
» Report offensive content
54
nightstep - 10/07/08
the iPhone has not been hacked, unless they are able to exploit the iPhone via modifications and breaking through personal info? Then its not a hack, so calm down people!
» Report offensive content
55
ijoel - 26/02/09
thanks for the info everyone
by ijoel
www.mp3shake.com
» Report offensive content
56
prakash - 02/03/09
Hi everyone,
My iphone is disabled due to passcode I forgetton. pls anyone me suggestion how to crack the passcode in my iphone
» Report offensive content
57
Adio - 08/08/09
I'm sorry to say but all you apple fans are only apple fans today because Bill Gates bought $150 million dollars worth of shares in 1997 to keep apple going. So apple fails miserably and you apple fan boys need to give microsoft its well deserved credit! (Besides the vista part.)
» Report offensive content
58
arahman - 31/01/10
arahman
» Report offensive content