Tuesday, July 5, 2011

ssh problems on a jailbroken iOS (ssh_exchange_identification: Connection closed by remote host)

Openssh stopped working for me and using the toggle to start the daemon didn't help either. When I tried to connect all I got was
ssh_exchange_identification: Connection closed by remote host
Reinstalling helped, but only for so long. It turns out that I had a worm on my iPhone and that I was to blame, because my root password was still the default password.
Weird, because I make it a point to change them right away. But as it turns out, my last two firmware updates weren't restores but regular updates, and I jailbroke right away. My stupid self assumed that the passwords I had set were still the same, and not reset to the default ones. It turns out they were. Why did it take a while for me to notice since I regularly ssh into my iPhone? I use keyfiles, which I now hope weren't compromised.
Anyway, the guide is below, remove that worm and change your password. Also, it turns out there are variants of this worm in the wild, which require a different removal procedure, but now that you know it's a worm, using that keyword in your search should help you find the solution instantly.

Delete these files:
/ System / Library / LaunchDaemons / com.ikey.bbot.plist
/ bin / poc-bbot

Reinstall OpenSSH

Technical Information (Analysis)
Worm:iPhoneOS/Ikee.C is a worm that uses the default root password in SSH in order to spread among jail-broken iPhones. The worm also changes the affected machine's background image.
When run on an iPhone, this worm takes the following actions:

1. Attempts to set a file lock at /var/lock/bbot.lock in order to verify that only one copy of the worm runs at a time.
2. Attempts to copy the file /var/log/youcanbeclosertogod.jpg to /var/mobile/Library/LockBackground.jpg
3. Removes the /usr/sbin/sshd directory and stops the SSH daemon.
4. Attempts to spread using several hard-coded IP ranges.

When the worm infects a remote host, it does so by copying /bin/poc-bbot, /bin/sshpass and /var/log/youcanbeclosertogod.jpg from the local system to the remote system. It also copies /var/log/youcanbeclosertogod.jpg to /var/mobil/Library/LockBackground.jpg on the remote system.

The file /System/Library/LaunchDaemons/com.ikey.bbot.plist is also copied to the remote system and the following command is run:
"launchctl load /System/Library/LaunchDaemons/com.ikey.bbot.plist"

This command is used to load the worm remotely, and to add it to startup on reboot on the remote machine.

The worm then remotely stops the SSH daemon and deletes the automatic start on reboot option for the SSH service.

Monday, June 27, 2011

A cheat for Hanging With Friends (iOS)

Update (7/2/2012): As pointed out in the 1st comment, this does not work anymore. Too bad, it was fun.

I accidentally discovered a bug that allows a foolproof method to cheat in the iOS game Hanging With Friends.
The following steps will work every time, until the author fixes it of course.
- Load the game when it's your turn.
- Turn off all data connections (I use a jailbroken iPhone4 for this, so this might not work when you have to leave the app to do so)
- Guess the wrong word and see the solution.
- Quit the game, from the task manager.
- Turn on your data connection.
- Restart the game.
- Enter the correct word :-)
- Profit! And Zynga phail.

Monday, June 6, 2011

Windows 7 x64 on a MacBook Pro

HERE is an awesome guide to install windows 7 on an mbp and get *everything* working. Share the wealth.

Wednesday, April 20, 2011

coolbook on a Macbook pro 15", 2.2 Ghz - update

This is an update to this post about Coolbook. I slightly altered the voltages for the higher frequencies.

My mbp kept crashing whenever I played flash video, and I noticed it didn't whenever the power was disconnected, moreover, my battery settings for coolbook are limited to 1600MHz. This made me think that, since flash is so cpu intensive, the voltages were not high enough for the higher frequencies. I raised the voltages for those frequencies and so far, so good. No crashes yet.

Also, here are my battery settings.

Thursday, February 10, 2011

iTunes restore blues

Your device is jailbroken, there is a new jailbreak out and you try to restore, iTunes keeps restoring your device, rebooting it, then telling you it has encountered some 4digit error (my latest one was 1013) and that it has found an iDevice in recovery mode and needs to restore it, over and over again.
The most probable reason and cure in this case is that iTunes failed to verify the restore with apple (ET phone home) and this in turn is most likely because gs.apple.com is pointing to a server that is not responding properly, probably because you entered an alternate ip address yourself in the hosts file or something like tinyumbrella did it for you. Just comment out all the entries in the hosts file (in /etc/ on a mac or in %SystemRoot%\system32\drivers\etc\ on win machines) that contain gs.apple.com by putting a # in front of the entry. Then restart your internet connection (on your computer, not your home network).
If you rely on TinyUmbrella for signatures, then make sure that localhost/ is uncommented in your hosts file.

iPhone GMail incorrect exchange password

At first I thought this was just a built-in security measure that you couldn't get around, and that you constantly needed to enter your password tens of times and that you also needed to constantly fill out the Google unlock captcha.
I thought this was inevitable Since my iPhone is roaming and constantly switching networks, and I keep an eye on my email with my browser and email client as well simultaneously.
I was wrong, all I needed to get rid of that error was a password that google considered strong. Solved all my problems in the blink of an eye.