[ linux] file management Jailbreak Iphone With Ubuntu 2
Tip: Highlight text to annotate itX
Hi everybody,
welcome to this second episode
of the iPhone/iPod/iPad file tasking under Ubuntu.
Today, I'll be dealing with
what you can do with a jailbroken iDevice.
If you didn't watch the first video
I recorded about this subject, you won't understand a lot of things.
First, I would like to correct
two or three things I said in the previous video.
When I told you
that the OS had to be under Debian, I was...
almost totally wrong.
Having a Debian OS doesn't matter,
everything you need is to have libimobiledevice installed.
There are a lot of them, I don't know why
but you need to have one of them installed.
That's what Ubuntu has by default
at least since the 12.04 version.
So libimobiledevice.
So,
through this video, I will be mostly dealing with
how to access root files
and also about security.
To jailbreak your iDevice,
it is pretty simple under Linux.
If you're running iOS 6,
you'll need evasi0n
with an 0 (zero) instead of the "o": evasi0n.com
Click on Linux,
download.
For iOS5,
you'll need greenpois0n
same thing : the last "o" is a 0 (zero).
Then click on Linux. Concerning jailbreak tutorial for Linux,
they don't exist but it is the same as Windows or MAC.
You can watch them on YouTube.
Careful, you have to be really patient while jailbreaking
and it will be the same thing all along this video.
We're gonna deal with system files, you mustn't do anything stupid.
Take your time,
don't do inconsiderate action.
So, you jailbroke your iDevice, you're happy but,
nothing seems to have change....
Don't care about my round and squared icons,
it's a theme which is a bit invasive.
So, it seems that you still don't have admin right,
(ooops, wrong app)
but you can know write in an application.
Let's see...
Create a new folder.
That's it, you've got the right. Yes!
But that is no very useful.
So, how to access system files?
First, you've got a
small indicator
which shows you if you're jailbroken or not.
When you write the command :
gvfs-mount -l
gvfs-mount -l
You will see twice the port number 3
Once,
and twice,
Here and there.
In fact, developers of
libimobiledevice hid
this third port (which is :2). I don't know why,
I tried to mount it
I tried to mount it
in the previous video,
it didn't work.
You've gotta mount the :2 port.
To mount it, you'll find a file in the description
once downloaded, right click on it, properties,
permission
enabled execution as programm, OK.
Double click the file.
launch
You can see a notification that told you that the system port is mounted.
And here,
yahoo,
iMegacier (jailbroken)
"débridé" means jailbroken in french.
"débridé" means jailbroken in french.
"débridé" means jailbroken in french.
And here, Ooooo
you can finally access system files.
I will show you at the end of the video how to that in command line.
You will first note that this root
looks like
(a bit)
Ubuntu's root.
So if you go to the Linux root,
you will see resemblance, it's normal because
iOS as MAc OS is Linux based, they're part of UNIX systems.
So,
I would like to speak first about system files and ports.
What you have to know is that your iDevice
is parted in two parts: system and applications.
is parted in two parts: system and applications.
(By the way, you can appreciate my graphism talent)
So the system part also weights 1.5 Go (Giga bits).
that's the reason why when you buy a 8 Go iPod for example,
you can only have 6.5 Go.
The proof in setting/general/informations/capacity
You've got 1.5 Go of system on every iDevices
You've got 1.5 Go of system on every iDevices
whatever is the capacity
of your iDevice.
You can notice that it is more interesting to buy
a 64 Go iDevice.
Now, let's speak about ports.
In the first video, I told you that a part of your document was in the port 3
and other part in the 1.
So the port 2 is the one that contains the system :
system files and Operating System programs.
the only way to modify
system files
is to use itunes and for example to restore your iDevice.
OK, you don't really modify it, Apple does.
(cool)
So this port 2 has all the rights.
It can communicate with the other ports
It can communicate with the other ports
while (let's say that) it's not possible in the other way.
That's it. Let's take a look at this system port!
So Apple likes
using always the same words.
You will see several times "Applications",
"bin" stands for binaries, the executable files,
and the Apple's most favorite word is "Library".
There is "Library" everywhere!
You'll see it tons of times.
To begin with : /applications.
In this folder, you will only find system app (those you can't delete).
You've got
the music app,
camera, calculator, App store
but also Cydia installed app as
...
Cydia itself,
Dashboard, SBSetting.
-> All the system apps.
Now if you want to access
Now if you want to access
let's say your game app folder.
Got to /var/ .. By the way you will see a lot of shortcuts,
those were created to make sure the updates are
backwards compatible (I guess).
I didn't add the shortcuts by myself.
Anyway, go to /var/mobile/
You'll see both "Document" and "Applications"
If you go in "Application"
If you go in "Application"
It's rather the same as the third port,
only the names are different.
In fact, when you access the folder
this way here
the navigator changes
names and icons for the good one.
Anyway,
if you click /var/mobile/Media
(and not documents)
(sorry)
You'll see the same thing as the port 3.
As I said previously,
You can access port 1 & 3 from the 2nd one
but the other way doesn't work (without jailbreak).
Well, what alse can I show you of interesting...
if you go to
/ect/
you'll see a file named "launchd.conf". It is the file
YOU MUSN'T DELETE !!!
It's a kind of Grub (if you know under Linux)
it manages the executables which are started on boot. I won't even open it
without back-up,
If you delete this file, your iDevice won't re/boot anymore.
Don't do that please!
In fact,
if you're a hacker, your dream is to modify this file.
That's what enable the jailbreak to be working
or at least the untethred one which enable you to reboot
without computer.
It one of the most protected file under iOS, not to say *the* most protected.
Well yes,
I told you about system apps,
about "regular" app, but another app I want to show you exists.
/system/Library/ (another Library)
/system/Library/CoreServices
/system/Library/CoreServices
And here you've got
applications (how to say that?)
system app
you never see. Example : Assistive touch
you never see. Example : Assistive touch
(you use that when your home button is broken)
There are other things as Firmware update - guess what it does.
Voice Over, iPod's Siri.
But there is another interesting app :
that is to say
springboard.app.
This app enable you to open another app.
For example, when you change the language, there's a kind of
small black screen with a spinning thing
(which looks stupid). it is the app sprinboard which restarts.
(which looks stupid). it is the app sprinboard which restarts.
You can see here
(almost) every
stupid but useful pics you see everyday
without knowing it
for example here is stored
(vilain :-( )
Here is stored
the pictures of your battery level.
You also have the slider,
You also have the slider,
the thing you slide to unlock.
the thing you slide to unlock.
the thing you slide to unlock.
I don't exactly remember the file name ...
Anyway, you can also browse file using
iFile.
That mean you can do that from your iDevice,
That mean you can do that from your iDevice,
What is interesting to do that from Ubuntu
is that you've got no random-access memory trouble
and it is easier to modify files.
Then, it is true that you can access file from iFile anywhere
while you need a computer
to do that with Ubuntu.
Personally, I feel more comforted to do that
from a computer.
Now, let's talk about security.
You may have heard about SSH?
When you jailbreak, your SSH password is rested to "alpine"
and you may have seen on internet "you must change that password".
and you reply : "why? I never get any trouble."
So, I'm gonna show you how to use the SSH
and explain
why it is super important to change this password.
First,
connect your iDevice to your wi-fi
that is to say you exit the plane mod.
( I would have told you)
And you need its IP address. Write "arp -a" in the terminal.
By the way, you need to be connected on the same box as your computer.
By the way, you need to be connected on the same box as your computer.
"arp -a", you can see iMegacier which is my iPod
and its IP address. I hid the MAC address,
I don't want virus!
Now, write in the terminal : "ssh root@[your IP address]"
"ssh root@[your IP address]"
If you don't write "root@"
I absolutely don't know what is the password you'll be asked for.
I absolutely don't know what is the password you'll be asked for.
I absolutely don't know what is the password you'll be asked for.
"ssh", not "shh" ..... thanks.
You're asking for a password: if you didn't change it, it's alpine
If you changed it, it's another one.
If you changed it, it's another one.
That works!
I'm now in root ssh.
I can access,
in respect to the folders,
the executable files and *start* them.
the executable files and *start* them.
I can do that from ssh.
By the way,
it's the same executables as Ubuntu/Debian.
New terminal. I'm in my computer not in ssh. "help" : the command are the same!
New terminal. I'm in my computer not in ssh. "help" : commands are the same!
New terminal. I'm in my computer not in ssh. "help" : commands are the same!
Once more, iOS is based
on Unix kernel.
on Unix kernel.
So, I can't show you what is really interesting to do with the ssh
So, I can't show you what is really interesting to do with the ssh
But I can show you what is
stupid, dangerous and not interesting, I can. There is "kill" to kill a task,
"delete" to deleted a file or folder
It can be very very dangerous if you didn't change your ssh password.
Simply imagine someone
on a public wi-fi
or who has a wi-fi without password.
he can easily destroy your iDevice. He simply delete.
the launch.conf file and it is game over.
the launch.conf file and it is game over.
"terminated!".
And yes to exit the ssh
simply write "exit".
The connexion is closed,
I can leave relaxed.
There is another way to destroy even more faster and easier
your file using an ftp.
The drawback of an ftp
is its speed.
Go to connection
"ssh"
The iDevice IP's address
port : [nothing] name : root password : alpine (or other if changed)
connexion
OK
I'm at the same place as when I wrote "ls". And I can access
root.
I won't show you how easy it is to delete file, but press DEL and it's done.
NOT RECOMMENDED -> FORBIDDEN I'm not responsible of any lost.
"admin" everywhere .... but in mobile
"admin" everywhere .... but in mobile
Eventually, be careful with that.
The advantage of the navigator against ftp
is that it is faster because of the USB.
It can be very slow with the ftp.
Then, it's also a personal choice. Also the navigator
works without jailbreak.
So it's the end of this video, as I never know how to finish a video
So it's the end of this video, as I never know how to finish a video
I'll show you how the file
which mount the system port works.
So,
you write in terminal
"lsusb -v | grep iSerial"
"lsusb -v | grep iSerial" -v is to increase verbosity
"lsusb -v | grep iSerial" careful with the case of "iSerial"
ENTER
the afc
copy
Then, as in the previous video:
"gvfs-mount afc://[paste]:2"
"gvfs-mount afc://[paste]:2"
In the previous video, it didn't work
because I wasn't jailbroken.
But now,
it works!
To unmount : "gvfs-mount -u afc://[paste]"
It disappeared.
Thanks for watching, post a comment if you've got any question.
Thanks for watching, post a comment if you've got any question.
Talk to you...
