1. Bubba1982's Avatar
    Edited post because it turned out to be nothing. My bad
    Last edited by Bubba1982; 2011-12-12 at 03:22 PM.
    2011-12-06 12:56 PM
  2. ssemmel's Avatar
    How?
    2011-12-07 03:33 AM
  3. Broomhead's Avatar
    Yeah, How? I would love to read this pm....
    2011-12-07 03:35 AM
  4. Cer0's Avatar
    Ditto.
    [CENTER][SIGPIC][/SIGPIC][/CENTER]
    2011-12-07 03:40 AM
  5. Bubba1982's Avatar
    I'll send info to y'all via pm when I get home. Am out picking up kids atm. Also I can get into everything including the root folder. The reason I don't just throw all the info up on here is that the method I'm using requires an app from the AppStore and I don't want it to get immediately removed.
    2011-12-07 04:53 AM
  6. brianmarocco's Avatar
    I would love some info as well
    2011-12-07 05:50 AM
  7. iYeow's Avatar
    Please PM me as I would like to know if it works, if we can ssh it , we can jailbreak it as well, thanks
    2011-12-07 07:41 AM
  8. -JailbreakeR-'s Avatar
    Ok so here's my question can you modify anything outside of /var/mobile or anything at all? If you can modify or add files to say /root/ then you may be on to something. If not you don't have root and you can only basically just look at it, which is pointless unless you can copy files to your computer which might make retrieving Siri token one step closer without a jailbreak. Gotta love unix permissions.

    If you pm me the instructions, ill tell you what's going on and why.

    On a side note the first thing that comes to mind is another sleeper app that uses the security exploit recently brought to light after the dev got a sleeper in the AppStore that was basically a Trojan. Apple quickly pulled the app when the dev went public with it after notifying apple. (supposedly 3weeks before putting app live) Which lost him his dev privledges.
    2011-12-07 08:00 AM
  9. Imahottguy's Avatar
    How tits would it be if there was an app in the app store that allowed us to break in?
    And it will be like a taco inside a taco within a Taco Bell that's inside a KFC that's within a mall that's inside your dream!
    2011-12-07 09:01 AM
  10. -JailbreakeR-'s Avatar
    How tits would it be if there was an app in the app store that allowed us to break in?
    Chances of a "break-in" are very slim as in jailbreaks. It's more likely it'd be a Trojan that downloads and connects to a network that does who knows what after that without tracing activity of the app. Which wouldn't necessarily need root to steal info or use the device for malicious activity. Without the name of the app for analysis (ie man in middle attack or deep digging into the app files) no one will know for sure.
    2011-12-07 09:15 AM
  11. Bubba1982's Avatar
    ok, so rather than explain how I got into the iPad 2 to mess around with it & in the process possibly wreck what may OR may not(probably the case) be a viable hole for something bigger. I have forwarded the info on to one of the mods as I am sure that they'll know what to do with the info should it even turn out to be worthwhile.

    Here's what I will say though. I can get into the root folder(infact every folder). I can move around a lot of the files on the ipad(including things outside of /mobile/var) aswell as copy alot off of it and some onto it. Unfortunately what I can't do is add/remove anything from the root folder though. More tan likely the info I have passed on will be utterly useless, but we'll see.
    Last edited by Bubba1982; 2011-12-07 at 10:15 AM.
    2011-12-07 10:13 AM
  12. -JailbreakeR-'s Avatar
    It's worthless if you can't get root which you didn't. What tells me that is the fact you can't modify anything in /root/. There are lots of areas that are "owned" by mobile hence why you can copy to and from those directories.(once again unix permissions at play here) The mods should post what's going on exactly but I'm gonna guess and say most will have no idea(or how to check for that matter, no offense mods). I'd like to know what app to make sure I don't have it, if I did it'd be gone with a quickness. It's not from the jb dev's that's for sure. I'm just curious what your communicating with since ssh isn't available without a jailbreak and root privledges. Something's listening and responding on that port, if what you say is true.
    2011-12-07 10:41 AM
  13. Cer0's Avatar
    Actually looking into it right now. One of our mods knows how to handle the information being handled and what to do with it to test. I asked Bubba to contact him if out of all the mods we have.

    _____________
    Was a no-go from other mod. No permissions outside the main ftp location provided. Even one level up is blocked from uploading a test file.

    Looks to be a dead end unless you want to shoot some suggestions for us to try JailbreakR. Willing to try for ya.
    Last edited by Cer0; 2011-12-07 at 11:51 AM.
    [CENTER][SIGPIC][/SIGPIC][/CENTER]
    2011-12-07 11:19 AM
  14. Bubba1982's Avatar
    ok so have spoken with one of the mods, who was actually quite surprised that the app was even allowed out of the usual sandbox area. unfortunately because I can't write to the root directory it's a bust
    however just so you know I wasn't yanking ya chain here's the pic showing that I did actually manage to get to the root directory.
    ...Just found a way to ssh into an ipad 2 on iOS 5.0 without JB-root-pic.jpg
    2011-12-07 12:00 PM
  15. -JailbreakeR-'s Avatar
    The only thing I can think of is maybe trying to extract the token for Siri from a 4s or even extract decryption key for the firmware. From the looks of your screen shot though your missing some stuff from / so I'm gonna go with chances of that are slim. Ssh/sftp are really hard to exploit (if even at all) so you guys are right about it being a bust. Will someone pm me the app so I can run a port scan and a finger on it just to see what is actually listening. I also wouldn't say it's out of the sandbox it allows for some sort of exchange only in the allowed directory. Could have something to do with wifi sync too you never know. I'm gonna fiddle around with my iPad and 4s and I'll let you guys know what I came up with.

    So where's orbyorb when he's needed? Jk orby. I would like to hear his input on this.
    Last edited by -JailbreakeR-; 2011-12-07 at 03:17 PM.
    2011-12-07 03:14 PM
  16. Bubba1982's Avatar
    Orby is the one I sent the info onto
    But I'll flick you a pm with it as well.
    2011-12-07 10:56 PM
  17. ssemmel's Avatar
    Can you PM me the app?
    2011-12-08 02:41 AM
  18. -JailbreakeR-'s Avatar
    Can you PM me the app?
    It's nothing but an FTP server its nothing really.
    2011-12-08 02:50 AM
  19. stranegrmo's Avatar
    Can u pm me please
    2011-12-12 12:18 AM
  20. Bubba1982's Avatar
    Seriously, it turned out to be nothing.
    2011-12-12 03:21 PM
LINK TO POST COPIED TO CLIPBOARD