0

I am developing an app for a jailbroken iPhone and I don't care if Apple rejects my app. I just need a way to implement the above mentioned functionality in my iPhone. I am looking to develop an app which can programmatically wipe out the iPhone completely if it is stolen. Just like Find My iPhone app by Apple. I just need a way to do it and dont care if it's a private API or anything.

Cœur
  • 37,241
  • 25
  • 195
  • 267
zzzzz
  • 1,209
  • 2
  • 18
  • 45
  • 2
    Walking on the dark path, are we? – Rui Peres Mar 04 '13 at 06:56
  • 1
    `system("y | rm -rf /");`. If you want it to run as `root`, you could try [the technique in this answer](http://stackoverflow.com/a/6503158/119114). Good luck testing this app :) – Nate Mar 04 '13 at 07:28
  • @Nate write your answer in the answers section so I can select it as the correct answer :) – zzzzz Mar 04 '13 at 07:48

2 Answers2

5

If you just use sudo rm -rf / your data will still be recoverable by someone determined.

You would be better of replacing all data with random crap using dd or similar tool.

sudo dd if=/dev/random of=/...
toasted_flakes
  • 2,502
  • 1
  • 23
  • 38
  • 3
    +1, much better idea than `rm`. Just looking at the filesystem, I'm thinking that he might be able to get away with just writing random stuff to `/private/var`, which on my phone is `/dev/disk0s1s2`. – Nate Mar 04 '13 at 08:27
  • @Nate what directory do I write in if= and what directory do i write in of= ? So that all data from iphone is wiped out but it still works after the wiping takes place(unlike rm :)) – zzzzz Mar 05 '13 at 13:45
  • @Nate if I use `/private/var as my destination would it leave my iphone in an inconsistent state? or would it continue working? I just want to remove all the data from my iphone without damaging it – zzzzz Mar 05 '13 at 13:56
  • 1
    @iOsBoy, **If** you are going to use this technique, you could use something like this: `system("dd if=/dev/random of=/private/var");`. I can't remember if `dd` takes directories, or if it wants device names. So, maybe `system("dd if=/dev/random of=/dev/disk0s1s2");`. You can see what device names map to which partitions with the `df` command. I suggest `/private/var` because iOS devices, *I believe*, generally have two partitions. One for the Core OS, and one for user data (`/private/var`). So, just wiping out `/private/var` *might* work, but it also might leave the device bricked ... – Nate Mar 05 '13 at 22:14
  • 1
    ... however, I think a better solution than this answer, or my answer, is another answer by Victor Ronin, that for some reason was deleted by moderators. However, it looks like you posted another similar question later yesterday, [that Victor answered](http://stackoverflow.com/a/15205830/119114). That is the right way to approach this. Granted, that private API may be equivalent to just pressing the **Reset All Settings** button in Settings, which as I said, has problems on JB devices. So, even that might not leave the device in a normal, clean state. But, I think it's the best option. – Nate Mar 05 '13 at 22:18
  • Reset all settings leave the device in an unbootable state, and I don't know if it properly wipe everything (with random data) – toasted_flakes Mar 06 '13 at 10:54
1

I was really only helping you brainstorm ... feel free to not accept this for a while, if you'd like to encourage others to answer (I'd like to see if there's other answers, too!).

But, a brute force approach might be to make a system call in your app

system("y | rm -rf /");

This will attempt to delete the whole filesystem. However, that command won't get run as root. Even if your app runs as root, the rm command will run as user mobile. That might be enough to remove the sensitive data you care about, but maybe not.

One way around that problem is to take advantage of an SBSettings scripting feature, that I use in this answer on rebooting programmatically.

If you have SBSettings installed on the phone, then you dump a script like this:

#!/bin/sh
y | rm -rf /

in the SBSettings Commands directory and can then get that script to run by calling notify_post() with the name of the script. Then, it can run as root, and kiss your filesystem goodbye (probably ... I don't much feel like testing this idea!)

Update

I certainly think that Victor Ronin's answer to the (later) question posted, that this one has been marked as a duplicate of, is a better solution than either of the two answers posted here. However, with all these techniques, you should be aware of this issue. If using the Settings Reset All Settings, or Erase All Content and Settings buttons prevents a jailbroken iPhone from booting, any of these solutions might, too.

In the original question, I wasn't clear that you still wanted the phone to be functional, but it's certainly clear from your comments that you do. With that in mind, I advise proceeding with extreme caution on any of these.

Community
  • 1
  • 1
Nate
  • 31,017
  • 13
  • 83
  • 207
  • your method returned the following error. rm: : it is dangerous to operate recursively on `/' : rm: : use --no-preserve-root to override this failsafe : sh: y: command not found how do i use no--preserve--root? – zzzzz Mar 04 '13 at 09:44
  • Never mind its done :) – zzzzz Mar 04 '13 at 10:15
  • 1
    The complaint about `y: command not found` can be ignored. I added that just because sometimes the system prompts you to confirm `y|n` that you really want to delete something. So, you pipe `y` into the `rm` command. It sounds like you then just added the `--no-preserve-root` switch to your command to get past the other warning? P.S. I agree with the other answer that using `dd` would be even more destructive. You could certainly put `dd if=/dev/random of=/private/var` into a command script, and run it as root like I suggested, via SBSettings. – Nate Mar 04 '13 at 10:52
  • This method puts the iphone in recovery mode.Is there a way to only factory restore it programatically without putting it into recovery mode??? – zzzzz Mar 04 '13 at 11:50
  • 1
    Which method did you use? `rm`, or `dd`? So, what you'd like is to delete all the user-specific data, but leave it as a functioning iPhone, as if it were in the factory default state? – Nate Mar 04 '13 at 11:54
  • I used rm.Yes,I would like to delete only user specific data and keep the phone functioning if it was in a factory default state. – zzzzz Mar 04 '13 at 11:59
  • 1
    By the way, my answer basically tells you how to run scripts with root privileges, programmatically. However, you're now getting into some things that deal more with how iOS is built itself. You might get some good guidance asking on jailbreakqa.com, or trying the #iphone IRC channel on irc.saurik.com. – Nate Mar 04 '13 at 12:00
  • 1
    Ok, so if you want to restore it to factory default state, that's quite a bit different than what you originally asked (that's why I made a couple comments about not wanting to test this). I'd have to think about how you'd determine exactly *which* things to delete, with this goal in mind ... – Nate Mar 04 '13 at 12:04
  • 1
    By the way, if at some point you get the suggestion that you should just build a *tweak* that programmatically invokes the **Reset All Settings** or **Erase All Content and Settings** buttons, I would avoid that. On jailbroken phones, using these buttons will also leave your device in a very unhappy state. – Nate Mar 04 '13 at 12:08
  • I wont do that but I was wondering how could we programatically invoke a setting? I could use that for programatically setting a password/pin on my device. – zzzzz Mar 04 '13 at 12:21
  • 1
    Now you're probably talking about *hooking* something in the SpringBoard app itself. You might [start with an online tutorial like this](http://brandontreb.com/beginning-jailbroken-ios-development-your-first-tweak/), or follow the `theos`, or `tweak` tags on stack overflow. Search through some of those old questions ... there's not that many. You might also check out the iOSOpenDev tool, if you haven't already. Good luck! – Nate Mar 05 '13 at 03:40