The iPhone Wiki is no longer updated. Visit this article on The Apple Wiki for current information. |
Difference between revisions of "Talk:N72AP"
m (fix changed link) |
m (Dialexio moved page Talk:N72ap to Talk:N72AP: Capitalization.) |
||
(One intermediate revision by one other user not shown) | |||
Line 5: | Line 5: | ||
You have a decrypted copy of iBSS in \iPod2,1_2.1.1_5F138_Restore\Firmware\dfu\iBSS.n72ap.RELEASE.dfu |
You have a decrypted copy of iBSS in \iPod2,1_2.1.1_5F138_Restore\Firmware\dfu\iBSS.n72ap.RELEASE.dfu |
||
− | I'm almost sure the DFU exploit is still there, because the DFU file is still 89001. Use [[ |
+ | I'm almost sure the DFU exploit is still there, because the DFU file is still 89001. Use [[Obtaining_IMG3_Keys|my iBoot patch]] to patch that iBSS and run the AES engine straight from iBoot. Use [http://iphonejtag.blogspot.com/2008/07/yiphone-and-otherwise.html iran] to upload the patched version. |
== okay now == |
== okay now == |
Latest revision as of 21:07, 6 October 2015
Anyone got one? ~geohot
Cool, didn't realize I could download the new Touch fw.
You have a decrypted copy of iBSS in \iPod2,1_2.1.1_5F138_Restore\Firmware\dfu\iBSS.n72ap.RELEASE.dfu
I'm almost sure the DFU exploit is still there, because the DFU file is still 89001. Use my iBoot patch to patch that iBSS and run the AES engine straight from iBoot. Use iran to upload the patched version.
okay now
Is the DFU exploit there? Test it using "iran", not iTunes. If not, then we are up against something. Otherwise, why the long talk page?
assuming the DFU exploit is still there...
1. Do the old iBSSes and iBECs run(with exploit)? If so, you are done, just use my iBoot patches to run the AES engine right from iBoot. No chainloading required.
2. The DFUs all weren't encrypted on the iPhone firmware, including the iBSS and iBEC ones. Still true? Then theres iBoot.
assuming the DFU exploit is gone...
1. If the old iBoots run(without exploit, from normal DFU), run 1.1.4 and use the diags exploit to strap into a patched iBoot.
questions
that actually would make a lot of sense. the only thing is, would new code be needed to decrypt the kbags, or business as usual since it is just a gid key change? i would think it is the later but im no crypto genius so i cant be too sure.
I know the jist of how the diags exploit works, but how exactly would i strap on another iBoot. basically, do you have code handy for that? preferably in the form of already laid out 'mw's so that i can just copy and paste :P but thats asking too much. in all seriousness, please let me know if you do as i paln on picking one up soon.
wait!
Although it for some strange reason parses 8900 files, I just realized...they could have just fixed the bootrom stack overflow, and kept parsing intact for whatever reason...
i have one
i have the 2g touch if anyone wants me to do any testing. I use a mac, if you need to contact me email me at fiftyfour123@gmail.com cuz i won't be checking this page.
I got one too. I'll have to stop using it before November since I'll give it as a birthday present, but not I can test that it is working well :p. My email address is julienf.collin@gmail.com Geohot, if you want to contact me, mail me, use google talk (either via gmail or via iChat for mac) or this address as a Windows Live Messenger. BTW, I sent you a 10 US$ donation for the bootloader 4.6 software unlock(s) and all your work.
i have a 2g touch. I tried to upload an old iBSS but I get 'Memory image not valid' when I try to run it. Any ideas?