IOS7完美越狱内幕,高手扒下太极助手的伪装

  • IOS7完美越狱内幕,高手扒下太极助手的伪装已关闭评论
  • 2,576

“iOS 7越狱来了!咦?里面怎么还有一个太极助手?”

昨晚到今天,“太极”成为了国外越狱社区,以及国内社交网络上的热门话题。evasi0n还特意针对这一情况发布了声明。正如王崇旭所说,“这一天,对以‘追求自由’‘打破桎梏’为核心价值观的越狱黑客们来说,注定是不光彩的。”
IOS7完美越狱内幕,高手扒下太极助手的伪装

本文一步一步还原“太极”背后的支持者。由于是在Linux环境下用终端命令查询,因此如果打算亲自尝试,请先检查一下自己的操作系统是否Linux。
第一步,用Whois命令查询域名信息。
$ whois taig.com
Domain Name: TAIG.COM
Registry Domain ID: 5070333_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.godaddy.com
Registrar URL: http://www.godaddy.com
Update Date: 2013-11-05 18:27:16
Creation Date: 1999-04-06 23:00:00
Registrar Registration Expiration Date: 2015-04-06 23:00:00
Registrar: GoDaddy.com, LLC
Registrar IANA ID: 146
Registrar Abuse Contact Email: abuse@ godaddy.com
Registrar Abuse Contact Phone: +1.480-624-2505
Domain Status: clientTransferProhibited
Domain Status: clientUpdateProhibited
Domain Status: clientRenewProhibited
Domain Status: clientDeleteProhibited
Registry Registrant ID:
Registrant Name: zhou shengjin
Registrant Organization:
Registrant Street: Beijing changping district changping road
Registrant City: Beijing
Registrant State/Province: beijing
Registrant Postal Code: 100096
Registrant Country: China
Registrant Phone: +1.8811225068
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email: nomas.chow@ gmail.com
Registry Admin ID:
Admin Name: zhou shengjin
Admin Organization:
Admin Street: Beijing changping district changping road
Admin City: Beijing
Admin State/Province: beijing
Admin Postal Code: 100096
Admin Country: China
Admin Phone: +1.8811225068
Admin Phone Ext:
Admin Fax:
Admin Fax Ext:
Admin Email: nomas.chow@ gmail.com
Registry Tech ID:
Tech Name: zhou shengjin
Tech Organization:
Tech Street: Beijing changping district changping road
Tech City: Beijing
Tech State/Province: beijing
Tech Postal Code: 100096
Tech Country: China
Tech Phone: +1.8811225068
Tech Phone Ext:
Tech Fax:
Tech Fax Ext:
Tech Email: nomas.chow@ gmail.com
Name Server: NS3.DNSV4.COM
Name Server: NS4.DNSV4.COM
从以上信息可看出, taig.com是一个1999年就注册的域名。这个域名里的联系电话,+1.8811225068应为 +86-18811225068。这是我们的线索之一。地址“北京市昌平区昌平路”与手机号码归属地北京相匹配。Email地址则是另一个有效的线索。
第二步,用host命令解析 www.taig.com,得到与该命令相关联的IP地址和DNS地址。
$ host www.taig.com
www.taig.com has address 211.155.82.248
www.taig.com has address 203.191.148.133
www.taig.com has address 42.62.21.140
www.taig.com has address 42.62.21.141
www.taig.com has address 42.62.21.142
www.taig.com has address 42.62.21.143
www.taig.com has address 42.62.21.144
www.taig.com has address 211.155.82.233
这些IP地址告诉我们什么呢? www.taig.com这家网站拥有好几个机房,启用了CDN加速,不像是小公司的基础设施。通过whois命令查询这些IP地址,得到的结果令人失望,因为结果均指向各个数据中心。然后再用查询IP以及域名信息的工具 bgp.he.net查询,也同样没有给出更多的信息。
不过,也不必气馁,以上所找到的信息已经布满疑点。现在,再尝试用curl -s将 www.taig.com的页面源代码下载到本地,然后通过grep -Eo“http://[^\"']+”从源代码里找到特定的网址,结果很有意思:
$ curl -s www.taig.com|grep -Eo "http://[^\"']+"
http://bbdown.iphonespirit.com/site/image/logo.ico
http://js.pingguoyingyong.com/taiji-home/css/style.css
http://bbs.taig.com
http://www.taig.com/archives/category/news
http://static.youku.com/v1.0.0334/v/swf/player_yk.swf
http://static.youku.com/v1.0.0334/v/swf/player_yk.swf
http://www.adobe.com/go/getflash
http://bbdown.iphonespirit.com/ios/7/TaiG_JailBreak_iOS7_ForWin_v1.0.zip
http://bbdown.iphonespirit.com/ios/7/TaiG_JailBreak_iOS7_ForMac_v1.0.dmg
http://www.taig.com/archives/category/news
http://www.taig.com/archives/548
http://bbdown.iphonespirit.com/site/docpic/2348.jpg
http://www.taig.com/archives/548
http://www.taig.com/archives/548
http://www.taig.com/archives/253
http://www.taig.com/archives/251
http://www.taig.com/archives/249
http://www.taig.com/archives/247
http://www.taig.com/archives/241
http://www.taig.com/archives/239
http://www.taig.com/archives/237
http://www.taig.com/archives/233
http://js.pingguoyingyong.com/taiji-home/js/build.js
以上结果说明,我们在www.taig.com的网页上,还找到了其它网站的域名。这些网站的域名必定不是无缘无故出现在这里的。我们再次使用whois命令,查询这些看上去可疑的域名,首先是pingguoyingyong.com这个域名:
$ whois pingguoyingyong.com
Domain Name: PINGGUOYINGYONG.COM
Registry Domain ID: 1701302087_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.godaddy.com
Registrar URL: http://www.godaddy.com
Update Date: 2013-02-04 05:56:33
Creation Date: 2012-02-09 09:52:46
Registrar Registration Expiration Date: 2015-02-09 09:52:46
Registrar: GoDaddy.com, LLC
Registrar IANA ID: 146
Registrar Abuse Contact Email: abuse@godaddy.com
Registrar Abuse Contact Phone: +1.480-624-2505
Domain Status: clientTransferProhibited
Domain Status: clientUpdateProhibited
Domain Status: clientRenewProhibited
Domain Status: clientDeleteProhibited
Registry Registrant ID:
Registrant Name: John Lennon
Registrant Organization: Apple Application INC.
Registrant Street: China
Registrant City: guangdong
Registrant State/Province: baiyun
Registrant Postal Code: 000000
Registrant Country: China
Registrant Phone: +86.138000138000
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email: fidate@gmail.com
Registry Admin ID:
Admin Name: John Lennon
Admin Organization: Apple Application INC.
Admin Street: China
Admin City: guangdong
Admin State/Province: baiyun
Admin Postal Code: 000000
Admin Country: China
Admin Phone: +86.138000138000
Admin Phone Ext:
Admin Fax:
Admin Fax Ext:
Admin Email: fidate@gmail.com
Registry Tech ID:
Tech Name: John Lennon
Tech Organization: Apple Application INC.
Tech Street: China
Tech City: guangdong
Tech State/Province: baiyun
Tech Postal Code: 000000
Tech Country: China
Tech Phone: +86.138000138000
Tech Phone Ext:
Tech Fax:
Tech Fax Ext:
Tech Email: fidate@gmail.com
Name Server: F1G1NS1.DNSPOD.NET
Name Server: F1G1NS2.DNSPOD.NET
如果想知道一个域名的持有者,还持有什么其它的域名,那么持有此域名的邮箱是首要的调查对象。经过查询,此域名的邮箱fidate@gmail.com还拥有另一个域名,idestop.com。
再用whois命令查询iphonespirit.com这个域名,发现它采用了保护手段,防止别人查询whois域名信息。
$ whois iphonespirit.com
Domain Name ..................... iphonespirit.com
Sponsoring Registrar ............ HICHINA ZHICHENG TECHNOLOGY LTD.
Name Server ..................... ns3.dnsv4.com
ns4.dnsv4.com
Registrant ID ................... whois-protect
Registrant Name ................. WHOIS AGENT
Registrant Organization ......... DOMAIN WHOIS PROTECTION SERVICE
Registrant Address .............. 3/F.,HiChina Mansion,No.27 Gulouwai Avenue
Dongcheng District,Beijing 100120,China
Registrant City ................. Beijing
Registrant Province/State ....... Beijing
Registrant Postal Code .......... 100120
Registrant Country Code ......... CN
Registrant Phone Number ......... +8610.64242266
Registrant Fax .................. +8610.84138796
Registrant Email ................ domainadm@hichina.com
Administrative ID ............... whois-protect
Administrative Name ............. WHOIS AGENT
Administrative Organization ..... DOMAIN WHOIS PROTECTION SERVICE
Administrative Address .......... 3/F.,HiChina Mansion,No.27 Gulouwai Avenue
Dongcheng District,Beijing 100120,China
Administrative City ............. Beijing
Administrative Province/State ... Beijing
Administrative Postal Code ...... 100120
Administrative Country Code ..... CN
Administrative Phone Number ..... +8610.64242266
Administrative Fax .............. +8610.84138796
Administrative Email ............ domainadm@hichina.com
Billing ID ...................... whois-protect
Billing Name .................... WHOIS AGENT
Billing Organization ............ DOMAIN WHOIS PROTECTION SERVICE
Billing Address ................. 3/F.,HiChina Mansion,No.27 Gulouwai Avenue
Dongcheng District,Beijing 100120,China
Billing City .................... Beijing
Billing Province/State .......... Beijing
Billing Postal Code ............. 100120
Billing Country Code ............ CN
Billing Phone Number ............ +8610.64242266
Billing Fax ..................... +8610.84138796
Billing Email ................... domainadm@hichina.com
Technical ID .................... whois-protect
Technical Name .................. WHOIS AGENT
Technical Organization .......... DOMAIN WHOIS PROTECTION SERVICE
Technical Address ............... 3/F.,HiChina Mansion,No.27 Gulouwai Avenue
Dongcheng District,Beijing 100120,China
Technical City .................. Beijing
Technical Province/State ........ Beijing
Technical Postal Code ........... 100120
Technical Country Code .......... CN
Technical Phone Number .......... +8610.64242266
Technical Fax ................... +8610.84138796
Technical Email ................. domainadm@hichina.com
Domain Create Date .............. 2013-03-29 19:54:24
Expiration Date ................. 2014-03-29 19:54:24
不过,我们依然可以进一步的进行DNS分析。
$ host bbdown.iphonespirit.com
bbdown.iphonespirit.com is an alias for bbdown.iphonespirit.com.51ccdn.com.
bbdown.iphonespirit.com.51ccdn.com is an alias for c01.i08.sisyun.com.
c01.i08.sisyun.com is an alias for c01.i08.cncsd.hadns.net.
c01.i08.cncsd.hadns.net has address 61.156.242.76
c01.i08.cncsd.hadns.net has address 60.210.10.77
c01.i08.cncsd.hadns.net has address 61.156.157.183
随手一搜索,我们可以发现“苹果核”使用的分发域名便是iphonespirit.com。而苹果核使用了国内某公司的核心,不得不让人有某些联想。
$ host js.pingguoyingyong.com
js.pingguoyingyong.com has address 117.121.11.32
接下来,我们用host命令查询这个IP地址,得到了一个惊奇的发现。
$ host www.kuaiyong.com
www.kuaiyong.com has address 117.121.11.16
经查,海外解析地址为.16,国内解析地址为.32。
$ curl -s --head -H"Host: www.kuaiyong.com" 117.121.11.32
HTTP/1.1 200 OK
Server: nginx/1.0.15
Date: Sun, 22 Dec 2013 22:40:11 GMT
Content-Type: text/html
Content-Length: 9268
Last-Modified: Thu, 19 Dec 2013 05:47:21 GMT
Connection: keep-alive
Accept-Ranges: bytes
$ curl -s -H"Host: nosuchhost.com" 117.121.11.32 | grep '
$ curl -s -H"Host: www.kuaiyong.com" 117.121.11.32 | grep '
结论
由于太极的下载链接托管在了iphonespirit.com上,我们有理由相信太极和国内某公司或某公司投资的某些公司有某种联系。
再由于太极的JS资源托管到了pingguoyingyong.com上,我们有理由相信太极和快用助手有某种深层次的合作。还有另外一种可能太极只是快用助手的马甲。
PS:
现在打开bbdown.iphonespirit.com,你会发现一段告示(如本文首图所示),看来已经被黑了:
致某公司
谢谢你送我们的圣诞白苹果
谢谢你送我们的捆绑太极助手
既然你们有钱和Evad3rs合作,再出个服务好不?白苹果了直接送台新的
这次真的很失望,因为你们已经背叛了越狱的初衷
不要继续挑战用户的底线了好吗?

  • 文本由 发表于 2013年12月23日
在XP系统下该怎样将U盘格式化成NTFS格式? 计算机

在XP系统下该怎样将U盘格式化成NTFS格式?

众所周知,要想在存储设备存储大于单个4G的文件,必须要用NTFS格式的分区。硬盘,移动硬盘都没有问题,但是U盘,在容量够的情况下,默认还是FAT32的分区格式,这就对有大容量便携存储的人群有了限制。大...
WordPress如何更换域名 计算机

WordPress如何更换域名

WordPress如何更换域名 wordpress后台 但不换主机时,怎么才能使以前数据库中的地址变成新 呢?下面将会介绍wordpress数据库新老 批量替换的方法。 步骤一:修改数据库配置文件,如...