HOW TO: Fix The PDF Exploit After Jailbreaking With JailbreakMe

by installing this patch, you will be asked anytime you want to open a .pdf file, if you really want to open it. If you downloaded the file from a trusted source, you can tap on ‘Load’ . Otherwise, tap on ‘Cancel’

There was quite a buzz about this lately on the www , starting with MuscleNerd telling everybody not to attempt any jailbreaks using DefCon’s WiFi. So what exactly is happening? Basically when you jailbreak using JailbreakMe, the exploit is being downloaded on your iOS device as a .pdf file, and then executed by the system.

This doesn’t necessarily mean that your iOS device is at risk, but since the ports are still open, and right now this is a known ‘issue’ anybody can inject malicious software onto your device.

Basically, you should avoid downloading stuff you did not authorize , and do not click on links from your MobileSafari. If you want to go from page to page, manually type the address.

But let’s take it one step forward and fix this problem:

Change default password:

First of all, you should change your default password ( alpine ) . If you don’t know how to do that, check out this tutorial… ( this should be some kind of a habit every-time you jailbreak )

Close loophole:

1. Install OpenSSH ( if not already installed )
2. Download this .deb file
3. Via SSH , browse to /private/var/mobile/ and copy the .deb file
4. Now load MobileTerminal on Mac or Putty on Windows and install the .deb file:

ssh root @ your IP
alpine ( or your new password )
dpkg -i com.willstrafach.pdfexploitwarner_1.0.0-4_iphoneos-arm.deb

Here’s a tutorial on how to auto-install .deb files, so you don’t mess with terminal shells and putty

cdevwill, the guy that released the patch, said the fix will also be released in Cydia. So if you have any difficulties installing the .deb file ( you shouldn’t ) , wait for the Cydia release.

NOTE: by installing this patch, you will be asked anytime you want to open a .pdf file, if you really want to open it. If you downloaded the file from a trusted source, you can tap on ‘Load’ . Otherwise, tap on ‘Cancel’

NOTE: this exploit can affect non-jailbroken users as well. But the only way to fix it, is to jailbreak your iOS device. Check out our tutorial here

SUPPORT

FSM has no ads or affiliate links. Your support would simply pay for our servers, domain and maintanance. If there's any leftover change, we'll get some coffee and a slice of pizza.

Liberapay  
Bitcoin (BTC) 1Hfuq77gKKFJeNcq4EP4dQK3yDRWrFEwJR
Bitcoin Cash (BCH) qzmdm6e6q5wf2p6sxz2mst7cenz60newwc5m4e9js8
Ether (ETH) 0x5f02869278C24A6579d3820f52AD15936D6F9d69
Stellar (XLM) GDWT2QU2CI3GZ5XH5DTSU3IUAHZMTB6VQKKRHBYWS5YCCQOAG6OKG2OB
More content?