I know that iOS Jailbreaks are just simply exploits for iOS to get root on the device, but what files do they modify/what techniques are used in order to gain root on the device? Can't you just log in to the root account in iOS? The password for root is well known (alpine). Why is a special method needed in order to jailbreak an iOS device, and what is that method?
Asked
Active
Viewed 209 times
1
-
You do not have anything even remotely like a remote shell or ssh server runing on an iOS device when its still not jail-broken. So how does the password of the root eve help you? – LvB Jul 18 '17 at 08:36
-
iOS specific answer is given. Also, for generic answer operating systems can be exploited mostly with subsystem interfaces, exploiting privileged applications, vulnerabilities which leads to hijack kernel program flow, unsecured device drivers, or reading and writing system files. – Kerim Can Kalıpcıoğlu Jul 18 '17 at 09:23
1 Answers
1
The password is known, yes, but you can't run binaries from sideloaded apps. You need to modify the root filesystem to put an app into /Applications and make it tun root code.
ArtikusHG
- 26
- 1