Breaking the original iPhone password takes only 3 days

Although the iPhone was only officially sold for less than 4 days, the crickets were severely dissected, both figuratively and literally. Latest information: Apple fans have hacked into the iPhone firmware and detected this cricket's top-level admin password.

Firmware, also known as "cartilage" or hardware "softening", is actually memory software in read-only memory (Read-Only memory). For mobile phones, firmware is the minimum version of genuine mobile phone software for normal operation. Each type of phone model will have a different firmware, exclusively for that model.

In fact, hackers who discover the original password of the iPhone are completely accidental. From an internal zip file containing 2 .dmg disk image files, one file is a password-encrypted image of the system and the other is a hard disk image that no longer encodes, the hacker "accidentally picked up gold ".

By digging through unencrypted image files, the hacker discovered that all iPhone phones were shipped with a predefined password, for two accounts named mobile and root. In it, "root" is the name of the administrator account with the highest privilege on the operating system using the Unix platform of the iPhone.

Blind fire?

Picture 1 of Breaking the original iPhone password takes only 3 days Source: AP Just use simple UNIX commands that hackers can "extract" the information you care about from the disk image file mentioned above, such as a list of user accounts and password encryption. application.

Then, using the familiar password cracking tool John the Ripper, it took less than 16 seconds, the hacker was able to obtain passwords for both "mobile" and "root" accounts. They are all simple 6-character passwords.

However, getting the root password is still just "innocuous" at the moment, because from now on, hackers also have no way of logging into other accounts.

In fact, no one is sure that having the original password in hand will decrypt and use the iPhone. Even so, many comments raised the hypothesis that these password files are only "works" of the first iPhone design phase, or that Apple deliberately left them to deceive hackers (just like before). This company used to criticize hackers with . poetry.

Trong Cam