Iphone bought

My mate bought an iphone 4 yesterday and had it stolen during the night bwahahahhaha.

Here's my strategy:

Sending a mail to my mate's gmail account with "Your new Papypal account password" as headline. The mail would contained a link to some server whose role is to record IPs.

Once i'm in possession of the IP, I log into the iPhone via ssh and disable sleep-mode as fast as i can. Once it's done, I install a no-ip daemon or something similar, and use some commandline tool to get the GPS coordinates and give them to the cops.

A few questions arise:

-1 : will the cops ever care about it ?

----A : they don't give a fucking fuck.

----B : they are interested because usually they have no way to trace back phones as thiefs usually remove the sim card (that's actually what heppened to my friend). Also they might hope to find more phones.

-2 : will the thiefs format the iPhone ?

----A : The iPhone is already jailbroken, so no need to give 15 bucks to some guy to do it. They leave it as it, which means they are still pushed mails from my mate's gmail account

----B : There is no need to jailbreak iphones prior to selling them back since all operators can now sell iphones in France and thus there is no particular protection anymore : the thiefs are cautious and format the iPhone.

----C : They format the iphone and re-jailbreak it.

-3 one of the thief is a big poker player and has accessed his email account from the iPhone. I gain access to his paypal account and revenge myself .

What's your opinion WATMM ?

if you can get the GPS coordinates, why not just bike down there and see how big the thief is? If he's a wee wanker (and chances are he is) then just get it back yourselves. Otherwise, I dunno what the french police are like, but fuck if the cops here would give a fuck about a stolen iPhone.

So go with option #3 :)

forgot to mention my mate got his iphone stolen by a band of black men who didn't hesitate to punch him.

Definitely option #3 then. Take them for the cost of a new iPhone and perhaps a nice night out on the town. No more though.

Unfortunately, option 3 was only hypothetic. :(

Hot news : the cops are interested. They are able to locate the phone but as the operation costs 2000€ they won't do it. If i give them the GPS coordinates, they'll go have a knock on the door though.

My strategy slighty changed : the iphone is supposed to check gmail every 30 minutes or so, and gmail does record IPs, even for IMAP connections, so i guess i'll try to use this.

I would need to have a script regularly checking gmail's IPs but i don't really know how to used egrep or sed. I would suck cocks for such a script.

Thanks.

Dang that's shitty, best of luck man. I had my phone stolen a couple of weeks ago (*see full story below) so since then I've got F-Secure Anti-Theft ( http://www.f-secure.com/en_EMEA/products/mobile/anti-theft-for-mobile/index_main.html ) on it. So I can do just what you've tried to do but with a simple SMS command (like #locate#, #lock# or #wipe#) rather than a hack into the mainframe and realign the data core matrix type shenanigans it sounds like you have to do

*So yeah I was walking down a street at 3am in Holborn and three guys in their mid-20s were heading towards me and one of them pinched my phone from my pocket with some Derren Brown-esque slight of handery and walked off with his two other mates, I somehow made the drunken mis-calculation to peg it after him and get it back. Despite the stats being stacked waaay out of my favour (being possibly the least intimidating person ever) he reached into his pocket to reach a knife a blackberry. I could've thanked my lucky stars and got at least some phone back but I pushed my luck further and swiftly told him 'that's not my fucking phone' so he reached in the other pocked and got a gun handed me back my lovely HTC desire. Hooray !

  On 9/12/2010 at 2:51 PM, mcbpete said:

Dang that's shitty, best of luck man. I had my phone stolen a couple of weeks ago (*see full story below) so since then I've got F-Secure Anti-Theft ( http://www.f-secure.com/en_EMEA/products/mobile/anti-theft-for-mobile/index_main.html ) on it. So I can do just what you've tried to do but with a simple SMS command (like #locate#, #lock# or #wipe#) rather than a hack into the mainframe and realign the data core matrix type shenanigans it sounds like you have to do

 

*So yeah I was walking down a street at 3am in Holborn and three guys in their mid-20s were heading towards me and one of them pinched my phone from my pocket with some Derren Brown-esque slight of handery and walked off with his two other mates, I somehow made the drunken mis-calculation to peg it after him and get it back. Despite the stats being stacked waaay out of my favour (being possibly the least intimidating person ever) he reached into his pocket to reach a knife a blackberry. I could've thanked my lucky stars and got at least some phone back but I pushed my luck further and swiftly told him 'that's not my fucking phone' so he reached in the other pocked and got a gun handed me back my lovely HTC desire. Hooray !

Did you just said Dang , and Hooray!???

What are you ?? a bot design to spew random shitty slang?

oh , and you are a faggot for saying Hooray!

lol isnt it a bit early to be hitting the cough syrup that hard?

  On 9/12/2010 at 3:44 PM, Boxing Day said:

Did you just said Dang , and Hooray!???

 

What are you ?? a bot design to spew random shitty slang?

 

oh , and you are a faggot for saying Hooray!

How about you just fuck off cunt.

There, you happy now ?

Okay everything is set up. I'm watching those IPs, if there is something suspect, itunes will start playing 'Grumpy Acid' (mmmh perfect). I'm also ready to install a GPS daemon in the targeted iPhone. This deamon is supposed to pass the coordinates to some program. But I don't know what program i should use. There is no fucking mail or sendmail on Cydia. Couldn't find a twitter cli app either. I need it to be precompiled for the iphone. Otherwise it's going to take an assternity. It can be a remote php script or a bash script, anything that sends infos outside.

Any idea ?

Also if I fish this phone : he's mine :

  On 9/12/2010 at 1:46 PM, Babar said:

Hot news : the cops are interested. They are able to locate the phone but as the operation costs 2000€ they won't do it. If i give them the GPS coordinates, they'll go have a knock on the door though.

 

My strategy slighty changed : the iphone is supposed to check gmail every 30 minutes or so, and gmail does record IPs, even for IMAP connections, so i guess i'll try to use this.

I would need to have a script regularly checking gmail's IPs but i don't really know how to used egrep or sed. I would suck cocks for such a script.

Thanks.

if your friend signs in to gmail from a computer, there will be a message at the bottom of the screen listing what other IPs are logged into the account.

  On 9/12/2010 at 8:34 PM, Babar said:

Okay everything is set up. I'm watching those IPs, if there is something suspect, itunes will start playing 'Grumpy Acid' (mmmh perfect). I'm also ready to install a GPS daemon in the targeted iPhone. This deamon is supposed to pass the coordinates to some program. But I don't know what program i should use. There is no fucking mail or sendmail on Cydia. Couldn't find a twitter cli app either. I need it to be precompiled for the iphone. Otherwise it's going to take an assternity. It can be a remote php script or a bash script, anything that sends infos outside.

Any idea ?

 

Also if I fish this phone : he's mine :

babar is officialy on a mission.

  On 9/12/2010 at 8:37 PM, kaini said:

  On 9/12/2010 at 1:46 PM, Babar said:

Hot news : the cops are interested. They are able to locate the phone but as the operation costs 2000€ they won't do it. If i give them the GPS coordinates, they'll go have a knock on the door though.

 

My strategy slighty changed : the iphone is supposed to check gmail every 30 minutes or so, and gmail does record IPs, even for IMAP connections, so i guess i'll try to use this.

I would need to have a script regularly checking gmail's IPs but i don't really know how to used egrep or sed. I would suck cocks for such a script.

Thanks.

 

if your friend signs in to gmail from a computer, there will be a message at the bottom of the screen listing what other IPs are logged into the account.

QFT

this is super cool babar. keep us posted!

  On 9/12/2010 at 2:51 PM, mcbpete said:

*So yeah I was walking down a street at 3am in Holborn and three guys in their mid-20s were heading towards me and one of them pinched my phone from my pocket with some Derren Brown-esque slight of handery and walked off with his two other mates, I somehow made the drunken mis-calculation to peg it after him and get it back. Despite the stats being stacked waaay out of my favour (being possibly the least intimidating person ever) he reached into his pocket to reach a knife a blackberry. I could've thanked my lucky stars and got at least some phone back but I pushed my luck further and swiftly told him 'that's not my fucking phone' so he reached in the other pocked and got a gun handed me back my lovely HTC desire. Hooray !

he must've felt pretty bad for what he had done if he had the heart to give it back!

btw, great detective work here babar. give updates.

keep on refreshing this...

I've never felt like I've been on a mission during a three hour systems theory lecture before - please keep us posted, this is the only thing keeping me awake lol.

ok my script is running in the brackground, ready to break an infinite loop if the guys ever dare showing up on gmail. If so it installs ncftp (ftp) and relocate (gps daemon). Then coordinates are sent to a ftp server, theoretically every 20 seconds.

I've been said I could have called a php script with wget but bublurg i don't know how to code such a script.

Also, a little damper to the picture : ssh won't accept a predefined password : it means i have to type so it is not entirely automatic (besides if someone has some clue on this, I'd like to hear it).

I don't think it will work, the phone must have been already wiped out (at least that's what I'd do, i'll try to clean any information concerning the previous owner before reselling the phone).

Also i don't know if ssh works over 3G/UMTS (it depends on the operator) and if the phone is connected via wifi, i'll probably have a firewall problem.

And if i ever succeed in fishing an IP from gmail, it will most likely be the new owner rather than the thief.

. . .

Anyhow those thiefs are pretty retarded. They should have a look at the emails they can find in the phones they steal. There is so much more money to make.

*imagines forthcoming police raid. Glory*

If you haven't lost hope yet, I've seen a few stolen computer and phone stories on reddit end with the owner getting them back. Perhaps someone there will have a sneaky technical tip. If they're really dumb perhaps they'll fall for something like you texting the phone "whats up (friend's name)? i have that money/weed/whatever, i'll be at x at x time, see you there" then they trot off to try and mug you, but really you're laying in wait with a hammer.

Then you get arrested for manslaughter... lol

This is exciting.

  On 9/13/2010 at 9:20 PM, halisray said:

Then you get arrested for manslaughter... lol

lol

Did you try breadcrumbing the datafloor with CV.254 traps? Be weary of the thin walls present in SSH tunnels... they don't call it a ShuSH tunnel for nothin'... I had a buddy prematurely tab complete a minesweep in a SSH tunnel once and accidentally NULL'd his matrix array.

Any progress thus far?

he found the hooligans and they stuck a croissant up his hiny hole