VN:F [1.8.2_1042]
Rating: 8.0/10 (1 vote cast)
Were you one of the people who bought the first iPhone? Well I was and I loved it. Well that is until the iPhone3g came out, and then of course the iPhone3gs. Well of course i bought the iPhone3g when it came out which left me with an iPhonr2g sitting on my desk. It took me forever to figure out what I was gonna do with that iPhone. 
I didn’t want to sell it because it is so readily hackable, and no one in my family wanted it because it was either too much gadget or they owned a newer one. So some time around the week of Christmas, I got the crazy idea, with the help of my wife to turn the iPhone2g into a iPod touch for my 2 year old daughter. The idea seemed a bit lavish at first but I soon found myself going at it strong. I ended up re-hacking the iPhone2g so I could both unlock it and make it work without a SIM card. And let me stop there and just show you what I did.
So first things first, we need to brick this sucker so we can make it call proof without a SIM card. So you have 2 options now, you can head over to http://iphone.unlock.no and pay $25 dollars for a universal iPhone hack or you can do a bit of research and you can alternatively do it this way. First we need to get a program called “redsn0w” and you can get it here or here. Now for this article, and instance I personally used redsn0w 0.8 which requires the iphone firmware version 3.0 or 3.0.1. You can find those firmwares plus loads of others from here.
After you have downloaded the firmware and redsn0w its time to move on to the next step. When you run redsn0w and give it the location to the firmware it will ask you for if you want into install cydia, icy, and or unlock. For this because there is no support or demand for childrens applications on the hacked app install database, its not needed here so im going to just unlock the phone.
The next screen will prompt you for the boot loaders. Yup because this is a older original iphone you need 2 separate boot loaders. You can aquire those here or here.
So now we get to a tricky part. redsn0w will have directions on the program window that are greyed out and become active on a timer that you can see. Follow the directions verbatim. When the phone hits the rescue mode redsn0w will take over and the magic will start to happen. Once the process is finished (10 minutes or so) its time to start adding some media suitable for a 2 year old onto the device. So I decided to drag out some of my babies favorite DVDs. One of which happens to be Mary Poppins. So in order to continue from here we have to rip the DVD and encode it to a portable format. Now there is no need for me to get into an explanation of how to rip a DVD in this article so, you can find a nice step by step tutorial here that uses free software. The rest as they say is history. I did take the time to move all but a few of the icons on to an auxiliary window on the ipod so they wouldn’t reside on the home screen. Buttons such as the phone, text messages, and so on. In return I replaced the missing buttons with some nice free games from the apple app store such as “bubble wrap”, and “tap tap revenge”.
VN:F [1.8.2_1042]
Rating: 0.0/10 (0 votes cast)
Written By: Red Squirrel 05′
Revised By: Onykage 08′
Back in 2005 Red Squirrel did an article giving an outline with some basic examples of how you can show the viewer his/her
ip address thats embeded into an image which is your forum signature and it is allowed on any forum. Infact, this very article is how
I found the Iceteks community originally and the reason I kept coming back.
As a brief recap, below is a outline copy of Red’s Orignal article.
http://www.iceteks.com/articles.php/textsig/1
- First, what we want to do is setup a folder where .jpg files will run as php. So make a folder called phpsigs and put this in your .htaccess file:
ForceType application /x-httpd-php
That will simply force all files to run in the php parser. You can go into more htaccess stuff to only make certain files be affected and what not, but to keep things simple, we’ll just do it to all files. You just have to make sure not to put anything else in this folder. Only the .htaccess file and the fake image file.
- Secondly, we need to create a fake image file. By fake I simply mean that it’s not a real image, but code. Let’s call it siggy.jpg and put it in the phpsigs. The actual image that will be displayed as the sig can be stored anywhere, on, or outside of the server. The image has to be png, for the code we will use.
- You must have the GD library installed on your server for this to work. What we want to do is set up text strings and place them on top of the graphic. Basically, we generate a graphic on the fly. For the main image, we grab the data off a normal image, and we “insert” the text data into it, and then display it.
- Here is a sample dynamic sig and below is it’s code.
/*
** Code example from Iceteks
*/
01: <?php
02:
03: header(“Content-type: image/png”);
04:
05:
06: $number = rand(1,9);
07:
08: if($number==1)$string2 = “all your base r belong 2 us”;
09: if($number==2)$string2 = “somebody set up us the bomb”;
10: if($number==3)$string2 = “Resistance is futile”;
11: if($number==4)$string2 = “R0D3NTS are cute”;
12: if($number==5)$string2 = “H4X0R in thE yur PC1?!”;
13: if($number==6)$string2 = “Dude w3re’s my c4r?”;
14: if($number==7)$string2 = “s0m3on3 st0l3 my mega hurtz!!”;
15: if($number==8)$string2 = “move zig for great justice”;
16: if($number==9)$string2 = “Rodents make the world cool”;
17:
18:
19: $im = imagecreatefrompng(“http://www.iceteks.com/articles/textsig/redsquirrelsig12.png”);
20: $color = imagecolorallocate($im, 255, 255, 255);
21:
22:
23: $px=167;
24: $py=70;
25:
26: imagestring($im, 3, $px, $py, $string, $color);
27: imagestring($im, 2, $px, $py+12, $string2, $color);
28:
29: imagepng($im);
30: imagedestroy($im);
31: ?>
- On line 3 we give the browser a header that this is not a php file but is an image file. Basically we are reversing what we tell the server to do, run it as php. But what the server is doing is good, because it’s running as php which we want, but we don’t want the browser to know it’s php, so we indicate that it’s an image. You do not even need to use an image extension for this to work, but it causes less problems when posting on forums and such, since some won’t let you use .php as image.
- On line 6 through 16 we simply establish what text we want to display. The first part chooses a random number from 1 to 9 and depending on that number, a string is chosen. We store it in the $string2 variable.
- line 19 picks the image that we will use. Notice that it’s actually on a different host. You can pretty much do what you want, even hotlink of another site, but as a courtesy, I would at least put the image on your own host.
- Line 20 decides what the color of the text will be, using RBG color scale. Notice the $im variable used on line 19 is used as a parameter.
- Line 24 and 25 are simply variables for the position of the text, these numbers can be written directly in the function but this makes changing easier. If you wanted the text to appear at a different location depending on what the chosen string is, you could easily modify these in each if statement shown at the start.
- Line 26 and 27 set up the strings on the image. The first one is to show the IP address, and the second is the random string.
- Line 29 and 30 display and finish the png image and we’re all set!
- The possibilities with this are endless. You can make it so the image changes, and the text changes, and make quite a sophisticated sig!
- Also, this particular sig does not show much info,but a really scarry sig could be made to show any other php variable such as the user’s host name, and I’ve never researched it, but it’s most likely possible to get the user’s resolution and other information. Simply plug it in the same spot as the text and you’re all set. Also note that if text is too long for the image, it simply gets cut off and does not wrap. Something to keep in mind.
Since 2005 the apache has changed some and altho the original article does work I decided it was time to bring a really good article back to life and correct some now outdated information.
Since Red has already explained the basics of this script I wont go into great detail about its workings. The first thing we need to change in the original article is:
AddHandler application/x-httpd-php .jpg
This is a extention of the apache httpd used to force our false image to work. It also prevents anyone from extracting any files located inside the folder where the script resides.
Again since Red has already explained the basics of this script, I am going to just expand off of the original idea. We already know that $_SERVER['REMOTE_ADDR'] will give us the viewers IP address, but what about some other information.
- What about the users browser? If we use $_SERVER['HTTP_USER_AGENT'] we can decipher which browser the user is on.
Here is a small example of how you might go about figuring out what browser the user is on.
/*
** Code example Ony’s CCFS Script
*/
01: <?php
02:
03: function Browser( &$type ) {
04: if( preg_match( ‘/Opera/’, $_SERVER[ 'HTTP_USER_AGENT' ] ) ) {
05: $type = “Opera Browser”;
06: } elseif( preg_match( ‘/Firefox/’, $_SERVER[ 'HTTP_USER_AGENT' ] ) ) {
07: $type = “Mozzila Firefox”;
08: } elseif( preg_match( ‘/MSIE/’, $_SERVER[ 'HTTP_USER_AGENT' ] ) ) {
09: $type = “Internet Explorer”;
10: } elseif( preg_match( ‘/Chrome/’, $_SERVER[ 'HTTP_USER_AGENT' ] ) ) {
11: $type = “Google Chrome”;
12: } elseif( preg_match( ‘/Safari/’, $_SERVER[ 'HTTP_USER_AGENT' ] ) ) {
13: $type = “Apple Safari”;
14: } else{
15: $type = “Unknown”;
16: }
17: }
18: ?>
- What about something more complex or freaky. How about the screensize or the windowsize? Well since we are going to use some Ajax, how about showing a proxy ping?
This is just a sudo idea of how you might accomplish such a feat with javascript.
01: var I = new Image();
02: I.onload = function () {
03: T[ 1 ] = Number( new Date() );
04: // now do something with T[ 1 ] – T[ 0 ]
05: }
06:
07: var T = [ Number( new Date() ) ];
08:
09: I.src = ‘http://www.yourdomain.com/phpsig/sig.jpg’ +
10: Math.round(Math.random() * 10000 );
The result is a two-element array T containing 0: the time just prior to telling it to start downloading the image and 1: the time just after it finished.
- The signature is not the only thing limited to this idea. You can also do something similar with your avatar. Make it randomly display a different image on each view/refresh, or even create some kind of custom text or information to randomly appear on or over the Image, just like the signature example here.
The ideas here are limited only by your imagination and or limitations to your knowledge of web software design. From the display of a time, to well what ever else you can think of. There are LOTS more ideas and features you can implement here, from the use of a database to.. well I’m going to tell you every possibility because of security risks, and it would take all of the fun out of creating your own custom php generated signature.
Now for those of you who are just plan lazy, or have no concept of programming, I have provided a ready to use, plug n play version of the PHP forum sig script. Just download, extract, configure, and link!
Here is an example of the plug n play script at work.
Attention: Anything you learn, create, or download from this article is of your own free will, thus Iceteks.com & Onykage.com are not and can not be held liable for any actions or reprecustions taken due to the use of these scripts or their examples.
A further note: both me and Red have been banned from forums for use of this script or refusal to not use it. We have both tried in every way possible to explain the workings of this script to the forum admins but we both found deaf ears. So with this being said, you have been duly warned.
VN:F [1.8.2_1042]
Rating: 0.0/10 (0 votes cast)
Before we start, we need to gather a few resources.
Before we start, there are a few things that you need to be aware of. First, you need to understand that performing this hack will void your warranty on any Apple products where you are successful in a hack attempt. Second, you need to understand that the hack software used here will install a program called OpenSSH, which gives backdoor access to the device. You also need to understand that unless you change the default password installed by this hack, your device is completely open to other hack attempts by anyone in the world who understands the shell command system. This leaves open access to any and ALL information placed on or used by the device or you. For example, your contacts, access to your email accounts, access to your itunes account, access to your music, videos, pictures, and basically anything on the device. Just use your imagination.
The goal of this guide is to instruct even the most un-computer savvy individual on how to properly and correctly hack your Apple mobile PC device. If you are not the owner or are not prepared to completely follow this guide then STOP here and come back when you have one of your own, or when you are ready to commit to this software modification.
Now, lets begin!
First things first. Connect your device to iTunes and sync it. Also you will want to make sure that you have upgraded your device to the 1.1.4 firmware. Once you have done this then we should be ready to venture to the next step.
Next Install and run ZiPhone. Zibri is quite knowledgeable on Apple’s mobile PC devices. If you have the time, I recommend his blog. Once you have ZiPhone running, click jailbreak. You can run through the entire unlock process, but if your already using your iPhone and its activated, then there is no need to run through the entire process. All you need to hack the phone is just jailbreak.
Once you have run the Jailbreak, you will notice two icons that are placed on your springboard. One is Installer.app and the other is
a hotlink to Zibri’s blog. Now the first thing you will want to do is obviously connect your device to a wifi network. In case you didn’t
know, go to settings and then select a wifi network to join. You may also want to look under General and for the time being, set the
screen auto-lock option to never. Once you have gotten on a wifi network, open the installer.app. You will be prompted
to donate. I recommend a modest donation, but if you are tight on cash, then just click later. The installer will “refresh its sources”. This process
may take up to 5 minutes. In most cases it will only take 40 seconds. Once the Installer.app has finished the refresh, you will be prompted
that there is an update available. Go ahead and update the Installer. When it finishes, it will reboot the Installer.app program and
you will want to restart the app and then tap on the Sources link at the bottom right of the screen. Once the sources list comes up, in the upper left corner there
is a refresh button. Refresh the sources list at least 2 times before you attempt to install anything. Currently any sources from “Conceited Software” do not work. Their portal is down.
Now with Installer.app updated, and a current sources list, install the following applications.
- Term-vt100 (under the “System” folder)
- BSD Subsystem 2.0 Term patch (under the “Tweaks 1.1.4″ folder)
- Services (under the Utilities folder)
Once you have those pieces of software installed onto the device, perform a power cycle. IE, power it off, count to 15 and turn it back on.
Now we get to the fun parts. First thing we want to do is ssh into our device. In order to do that we need to know what our device’s
IP address is. So in order to retrieve that info we will want to open terminal on the Apple device. Once term is running, type “ifconfig” (please omit the
quotation marks). You will see some text that will display as a response. You will see 2 “inet” numbers that will appear. The first inet
number will be 127.0.0.1. This is localhost or the device itself. The second inet number will be a 192.168.#.# number. This number is the
IP address assigned to the device by the wireless router or gateway. You will probably see a number, something like 192.168.1.100 or 192.168.0.100. This
number is what we need to remote into our device. Below is a term ifconfig output example. (the outputs will NOT be the same.)
lo0: flags=8049 UP,LOOPBACK,RUNNING,MULTICAST mtu 16384
inet 127.0.0.1 netmask 0xff000000
gif0: flags=8010POINTOPOINT,MULTICAST mtu 1280
stf0: flags=0 mtu 1280
en0: flags=8863 UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST mtu 1500
inet 192.168.1.100 netmask 0xffffff00 broadcast 192.168.1.255
ether 00:0d:93:5d:02:9c
media: autoselect (100baseTX full-duplex) status: active
supported media: none autoselect 10baseT/UTP half-duplex 10baseT/UTP full-duplex 10baseT/UTP full-duplex,hw-loopback 100baseTX half-duplex 100baseTX full-duplex 100baseTX full-duplex,hw-loopback
fw2: flags=8822 BROADCAST,SMART,SIMPLEX,MULTICAST mtu 2030
lladdr 00:0d:93:ff:fe:5d:02:9c
media: autoselect full-duplex status: inactive
supported media: autoselect full-duplex
Now you will want to open the program called “Putty”, or if you have a Mac, just open term. With putty open you will see some fields. The
first field is the address field. Type in the device address in the address field and click “connect”. You will be prompted to accept a key, of course type “yes”,
then you will see “login as:” popup on the screen after
a few seconds. You want to login as “root”. Next you will see Putty ask you for a password. The password you will want to use is “alpine”. When
you have successfully logged into your device, you will see a “#” appear on an empty line. Leave this window session open, we’ll come back to this in a minute.
Now we want to open FileZilla or your favorite FTP client. With FileZilla open, at the top there are 5 fields. The first field is the address field. Type in the Apple device’s
IP address here. The next field is the username field. Type in “root” in the username field. The next field is the password field. Type in “alpine” in
the password field. The next field is the port field. Type “22″ in the port field. Then click “connect”.
Inside FileZilla there are 2 or 4 divisions. The left side of the program is the computer that you are using. The Right side of the program
is the remote computer system. In this case the right side of the program is the device we are currently hacking. You will be brought to the
/private/var/root/ folder of the device once you have successfully connected to it. On the left side, you will want to navigate to some place on you
computer that you can find again, like your desktop.
On the upper right side of FileZilla you will see “/private/var/root/”. Change this address to “/private/etc/”. You will see a file called
“master.passwd” in the file listing here. Download that file out of your device and onto your computer. Now we need to open Crimson Editor. Open the
“master.passwd” file with Crimson. If you don’t want to use crimson, notepad will work fine, you can also use notepad++ or Textmate. Just DO NOT USE MICROSOFT WORD!.
When you open the master.passwd file this is the code snippet you will see.
##
# User Database
#
# Note that this file is consulted when the system is running in single-user
# mode. At other times this information is handled by lookupd. By default,
# lookupd gets information from NetInfo, so this file will not be consulted
# unless you have changed lookupd's configuration.
##
nobody:*:-2:-2::0:0:Unprivileged User:/var/empty:/usr/bin/false
root:/smx7MYTQIi2M:0:0::0:0:System Administrator:/var/root:/bin/sh
mobile:/smx7MYTQIi2M:501:501::0:0:Mobile User:/var/mobile:/bin/sh
daemon:*:1:1::0:0:System Services:/var/root:/usr/bin/false
unknown:*:99:99::0:0:Unknown User:/var/empty:/usr/bin/false
_securityd:*:64:64::0:0:securityd:/var/empty:/usr/bin/false
On line 10, “root:/smx7MYTQIi2M:0:0::0:0:System Administrator:/var/root:/bin/sh”
everything between “root:” and “:0:0::0:0:System Administrator” is the hash code for your current password which is alpine. We need to change this.
On your linux machine run this line of code at the terminal.
openssl passwd -crypt -salt /s myNewPasswd
Replace myNewPasswd with the password you want. I highly recommend at least a 10 digit password with at least 2 numbers and 1 symbol.
Be real sure you know what this password is and that you didn’t mistype it, because when you upload this file, you will have to reload
the device to undo this change.
You will get a hash output with the given salt. Copy the output and paste it over the old hash on the root line. Save the file.
Now go back to Filezilla. Hit “F5″ to refresh the window and upload the new file to your device. If you don’t have any way to access a linux
terminal or you are just lazy and you want a quick fix, I am providing you with 2 other options.
You can copy and paste this code snippet into your master.passwd file.
root:/sokyrqKGZPFA:0:0::0:0:System Administrator:/var/root:/bin/sh
Or you can just download this copy of the master.passwd file that I have prepared for you to use. Do not fear. The
password that I used to create this hash is very complex and is quite safe. You will want to use this option if you just want to hack your Apple device
and do not care to use ssh with it. Because I haven’t specified what the password is that I used to create this hash output, you wont be able to log into
your device via ssh. Also I need to explain to you that this also is not much safer then having the default password. Because the hash
used here is quite popular when “hacked iphone” is searched in google, anyone with some know how can reverse this hash I have provided and find the password. This
is why I highly recommend you creating your own hash.
Once you have edited and uploaded your new master.passwd file, go back to your putty session you left open. You should still be logged into the
device. Type “reboot” and hit enter. When you do this, the iphone or itouch will immediately power-down and start the reboot cycle. You will also be
instantly disconnected from the device in putty. You can just close the program, it’s no longer needed. You can also close Filezilla, it is also no longer needed.
Oh Snap!
You have hacked your device the correct way. Following these steps will allow you to hack the device safely and you have saved yourself hours and hours of
frustration and reading trying to figure out what some bugs you caused were from. Once the device reboots, load the installer and begin having loads of fun
with your now completely secure and completely unlocked device from Apple.
Enjoy!
Related Sources
