“iOS 7越狱来了！咦？里面怎么还有一个太极助手？”

昨晚到今天，“太极”成为了国外越狱社区，以及国内社交网络上的热门话题。evasi0n还特意针对这一情况发布了声明。正如王崇旭所说，“这一天，对以‘追求自由’‘打破桎梏’为核心价值观的越狱黑客们来说，注定是不光彩的。”

本文一步一步还原“太极”背后的支持者。由于是在Linux环境下用终端命令查询，因此如果打算亲自尝试，请先检查一下自己的操作系统是否Linux。

第一步，用Whois命令查询域名信息。

$ whois taig.com

Domain Name: TAIG.COM

Registry Domain ID: 5070333_DOMAIN_COM-VRSN

Registrar WHOIS Server: whois.godaddy.com

Registrar URL: http://www.godaddy.com

Update Date: 2013-11-05 18:27:16

Creation Date: 1999-04-06 23:00:00

Registrar Registration Expiration Date: 2015-04-06 23:00:00

Registrar: GoDaddy.com, LLC

Registrar IANA ID: 146

Registrar Abuse Contact Email: abuse@godaddy.com

Registrar Abuse Contact Phone: +1.480-624-2505

Domain Status: clientTransferProhibited

Domain Status: clientUpdateProhibited

Domain Status: clientRenewProhibited

Domain Status: clientDeleteProhibited

Registry Registrant ID:

Registrant Name: zhou shengjin

Registrant Organization:

Registrant Street: Beijing changping district changping road

Registrant City: Beijing

Registrant State/Province: beijing

Registrant Postal Code: 100096

Registrant Country: China

Registrant Phone: +1.8811225068

Registrant Phone Ext:

Registrant Fax:

Registrant Fax Ext:

Registrant Email: nomas.chow@gmail.com

Registry Admin ID:

Admin Name: zhou shengjin

Admin Organization:

Admin Street: Beijing changping district changping road

Admin City: Beijing

Admin State/Province: beijing

Admin Postal Code: 100096

Admin Country: China

Admin Phone: +1.8811225068

Admin Phone Ext:

Admin Fax:

Admin Fax Ext:

Admin Email: nomas.chow@gmail.com

Registry Tech ID:

Tech Name: zhou shengjin

Tech Organization:

Tech Street: Beijing changping district changping road

Tech City: Beijing

Tech State/Province: beijing

Tech Postal Code: 100096

Tech Country: China

Tech Phone: +1.8811225068

Tech Phone Ext:

Tech Fax:

Tech Fax Ext:

Tech Email: nomas.chow@gmail.com

Name Server: NS3.DNSV4.COM

Name Server: NS4.DNSV4.COM

从以上信息可看出，taig.com是一个1999年就注册的域名。这个域名里的联系电话，+1.8811225068应为+86-18811225068。这是我们的线索之一。地址“北京市昌平区昌平路”与手机号码归属地北京相匹配。Email地址则是另一个有效的线索。

第二步，用host命令解析www.taig.com，得到与该命令相关联的IP地址和DNS地址。

$ host www.taig.com

www.taig.com has address 211.155.82.248

www.taig.com has address 203.191.148.133

www.taig.com has address 42.62.21.140

www.taig.com has address 42.62.21.141

www.taig.com has address 42.62.21.142

www.taig.com has address 42.62.21.143

www.taig.com has address 42.62.21.144

www.taig.com has address 211.155.82.233

这些IP地址告诉我们什么呢？www.taig.com这家网站拥有好几个机房，启用了CDN加速，不像是小公司的基础设施。通过whois命令查询这些IP地址，得到的结果令人失望，因为结果均指向各个数据中心。然后再用查询IP以及域名信息的工具bgp.he.net查询，也同样没有给出更多的信息。

不过，也不必气馁，以上所找到的信息已经布满疑点。现在，再尝试用curl -s将www.taig.com的页面源代码下载到本地，然后通过grep -Eo“http://[^\"']+”从源代码里找到特定的网址，结果很有意思：

$ curl -s www.taig.com|grep -Eo "http://[^\"']+"

http://bbdown.iphonespirit.com/site/image/logo.ico

http://js.pingguoyingyong.com/taiji-home/css/style.css

http://bbs.taig.com

http://