The iPhone Wiki is no longer updated. Visit this article on The Apple Wiki for current information. |
Difference between revisions of "Talk:Telluride 9A406 (iPhone4,1)"
(→Key location) |
(→Key location) |
||
Line 4: | Line 4: | ||
:I am sure they were referring to the fact that, because the ramdisks are unencrypted, they were able to be "extracted" without the device. --[[User:5urd|5urd]] 17:05, 16 December 2011 (MST) |
:I am sure they were referring to the fact that, because the ramdisks are unencrypted, they were able to be "extracted" without the device. --[[User:5urd|5urd]] 17:05, 16 December 2011 (MST) |
||
:: continuing from this, where do you get the ramdisk key if it is encrypted? --[[User:Adaminsull|adaminsull]] ([[User talk:Adaminsull|talk]]) 18:43, 29 January 2013 (UTC) |
:: continuing from this, where do you get the ramdisk key if it is encrypted? --[[User:Adaminsull|adaminsull]] ([[User talk:Adaminsull|talk]]) 18:43, 29 January 2013 (UTC) |
||
+ | :::The ramdisk's [[KBAG]] needs to be decrypted with the device's GID key. There is no way to extract the GID key; you need a bootrom exploit (an iBoot exploit may suffice?) to use the device's AES engine. Once you have the IV and key, you can use xpwntool to decrypt the ramdisk. --[[User:Dialexio|<span style="color:#BA0000; font-weight:normal;">Dialexio</span>]] ([[User talk:Dialexio|<span style="color:#BA0000; font-weight:normal;">talk</span>]]) 20:43, 29 January 2013 (UTC) |
Revision as of 20:43, 29 January 2013
Key location
Everyone is saying that the VFDecrypt keys were practically included in the OS, but I can't find em :P Where would they be in the IPSW? --rdqronos 20:01, 15 December 2011 (MST)
- The VFDecrypt key is in the ramdisk. You could use GenPass to get it. --Dialexio 22:12, 15 December 2011 (MST)
- I am sure they were referring to the fact that, because the ramdisks are unencrypted, they were able to be "extracted" without the device. --5urd 17:05, 16 December 2011 (MST)
- continuing from this, where do you get the ramdisk key if it is encrypted? --adaminsull (talk) 18:43, 29 January 2013 (UTC)
- The ramdisk's KBAG needs to be decrypted with the device's GID key. There is no way to extract the GID key; you need a bootrom exploit (an iBoot exploit may suffice?) to use the device's AES engine. Once you have the IV and key, you can use xpwntool to decrypt the ramdisk. --Dialexio (talk) 20:43, 29 January 2013 (UTC)
- continuing from this, where do you get the ramdisk key if it is encrypted? --adaminsull (talk) 18:43, 29 January 2013 (UTC)