|
The iPhone Wiki is no longer updated. Visit this article on The Apple Wiki for current information. |
Greenpois0n (jailbreak)
Greenpois0n is both a cross-platform hacker toolkit (that helps users to find their own exploits for jailbreaks, write custom ramdisks, and create custom firmwares) as well as a jailbreak tool for iDevices written by Chronic Dev (team).
Toolkit
- GreenPois0n Syringe: Greenpois0n's exploit injector, to assist in booting devices into jailbroken states.
- GreenPois0n Cyanide: iBoot payload toolkit to help developers discover new vulnerabilities and design super fast, low-level iBoot jailbreaks and exploit payloads, much like the way blackra1n/purplera1n works.
- GreenPois0n Dioxin: MobileDevice toolkit designed to help developers design awesome userland jailbreaks, like how Spirit works.
- GreenPois0n Anthrax: iPhone ramdisk toolkit to help developers design extremely stable and portable ramdisk jailbreaks, much like the same way QuickPwn/redsn0w works.
- GreenPois0n Arsenic: custom firmware toolkit to help developers design jailbreaks to help preserve baseband and keep unlocks, much in the same way PwnageTool/sn0wbreeze works.
Jailbreak
The downloads for greenpois0n can be found on the website. It is available for Windows, Mac, and Linux.
Source Code: Greenpois0n
History
Greenpois0n was originally written using two exploits: SHAtter (a bootrom exploit) as well as a userland kernel exploit provided by Comex to make the jailbreak untethered. A release date of 10/10/10 10:10:10 AM (GMT) was announced, as well as the list of supported devices. Due to the nature of SHAtter, only iDevices using the A4 Processor were supported. geohot later released another jailbreak (limera1n using a different bootrom exploit) on 9 October 2010, which led to a delay in greenpois0n's release (to implement geohot's exploit, not SHAtter). Posixninja announced (via Twitter) around January 20, 2011 that there will soon be an update to greenpois0n that will compatible with the new iOS 4.2.1. Demonstration video here.
Controversy
There was much controversy surrounding the sudden release of limera1n and the motives behind it. The main reasons for the limera1n release were:
- Use an exploit that Apple already knew about (newer iBoots shows the exploit patched)
- Supports more iDevices than SHAtter
- Hopefully save the SHAtter bootrom exploit for future iDevices
The reason for this is bootrom exploits are not patchable with software updates. It requires new hardware to fix the security hole. Since the limera1n hole was already discovered and patched by Apple, it benefits the community if SHAtter is saved in hopes of using it with new hardware, like the 5th generation iPhone/iPod touch and the iPad 2G.
Supported Devices
greenpois0n requires the device to be on either iOS 3.2.2 (iPad 1G) or iOS 4.1 (all other devices). Of the devices that support these firmware revisions, the only one not supported is the iPhone 3G.
Output
iPhone 4 with greenpois0n output (via iRecovery):
Attempting to initialize greenpois0n Initializing commands Searching for cmd_ramdisk Found cmd_ramdisk string at 0x8401c7ac Found cmd_ramdisk reference at 0x84000d64 Found cmd_ramdisk function at 0x84000cd1 Initializing patches Initializing memory Initializing aes Searching for aes_crypto_cmd Found aes_crypto_cmd string at 0x84021a8c Found aes_crypto_cmd reference at 0x84017bb8 Found aes_crypto_cmd fnction at 0x84017b51 Initializing bdev Initializing image Initializing nvram Initializing kernel Greenpois0n initialized
