In the next incarnation of a series of hacks against the iPhone comes a new gem: full shell access. Last Friday "geohot" of the Hackint0sh forums, representing the #iPhone channel on irc.osx86.hu, announced that he/she had gained access to a debugging command prompt via the iPhone's data connector. More importantly, the command prompt includes the ability to transfer files via TFTP, which can allow hackers to transfer data--and maybe user programs, eventually--to and from the iPhone.

At this time, we have not seen any outside confirmation of #iPhone's work, though as time passes more parties will come forward with additional information.

Currently, the hack requires a fair bit of know-how in electronics and soldering, although someone may likely be selling ready-made cables in the future. The hack isn't much of a security risk as execution requires a hardware access and a little bit of preparation via other homebrew software. However, with access to the iPhone internals, it is conceivable that further hacks could be developed as a result of this newfound access.

Today, a progress report on the iPhone Dev Wiki clarified some of the findings from Friday:

"The bootloader is basically a dead end. Everything that goes into it must be signed, and without apples 1024-bit RSA private key, this isn't going to happen. Fortunately we have another in. We have basically full command over the file system and can upload, copy, and run files. I'll say this, ringtones would be a *trivial* thing to do now. We know the radio is accessible though software from from this bbupdate dump. Once the toolchain is working, we can write a program to write to /dev/tty.baseband, and finally unlock this thing."

Previous hacks include someone brute-forcing the iPhone's internal system passwords, and the ability to activate parts of the iPhone without going through AT&T.

A command list for the command prompt is available here.