Difference between revisions of "Pwnage 2.0"

From The iPhone Wiki
Jump to: navigation, search
m
Line 12: Line 12:
 
*[[WinPwn]]
 
*[[WinPwn]]
 
*[[redsn0w]]
 
*[[redsn0w]]
  +
*[[iran]]
*[http://lpahome.com/geohot/iran.rar iran]
 
   
 
[[Category:Bootrom Exploits]]
 
[[Category:Bootrom Exploits]]

Revision as of 12:14, 30 November 2010

This exploit in the S5L8900 bootrom is really the ultimate exploit, since it allows unsigned code to be run at the lowest level. It is available in all devices that use the S5L8900 - the iPhone, iPod Touch and iPhone 3G.

Credit

iPhone Dev Team

Exploit

There is a stack overflow in the certificate parsing code. By passing a malformed certificate, unsigned code can be run.

Implementations