1.1.2 root password

Printable View

11-11-2007, 12:11 AM
aviegas

1.1.2 root password

Another finding: Apple removed the root password in 1.1.2.

I do not think they truly believe that an effective measure. It's innocuous. It's only a risk if you run SSH and if you run SSH, it like that you will install a new one, so why bother removing it.

So when installing SSH the new packaging will need to add a password to root, or copy from the "mobile" user, that is still "alpine".

UPDATE:
my bad. For some reason the file I've retrieved from the unencrypted image showed it, but uppon examining the file on 1.1.2 after an upgrade it has a password.
11-11-2007, 12:19 AM
NotFound

well you can install mobile terminal and use it to change the password.
11-11-2007, 01:02 AM
aviegas

Quote:

Originally Posted by NotFound

well you can install mobile terminal and use it to change the password.

Running "vi" on the mobile-terminal is hard! and there is no passwd. Better to replace the file during "jailbreak".
11-11-2007, 03:20 PM
MuscleNerd

root still has a password

Code:

% egrep "^root" Oktoberfest3B48b.UserBundle/private/etc/master.passwd root:/smx7MYTQIi2M:0:0::0:0:System Administrator:/var/root:/bin/sh
11-11-2007, 03:24 PM
997TT

Quote:

Originally Posted by aviegas

Running "vi" on the mobile-terminal is hard! and there is no passwd. Better to replace the file during "jailbreak".

What are you talking about??? With SSH enabled, you can easily change the root and mobile password using pwd.
11-11-2007, 03:51 PM
Shade.sh

Loaded 1 password hash (Traditional DES [64/64 BS])
alpine (root)
guesses: 1 time: 0:00:00:00 100% (2) c/s: 160575 trying: adi - buffalo