The iPhone Wiki is no longer updated. Visit this article on The Apple Wiki for current information. |
Difference between revisions of "Pwnage 2.0"
(New page: This exploit is in the VROM ==Credit== The dev team ==Exploit== There is a bug in the certificate parsing. By passing a malformed certificate, unsigned code can be run. ==Implementa...) |
m (Updating.) |
||
(21 intermediate revisions by 13 users not shown) | |||
Line 1: | Line 1: | ||
+ | This exploit in the [[VROM (S5L8900)|S5L8900 bootrom]] is really the ultimate exploit, since it allows unsigned code to be run at the lowest level. It is available in all devices that use the [[S5L8900]] - the [[M68AP|iPhone]], [[N45AP|iPod Touch]] and [[N82AP|iPhone 3G]]. It is also available on some non-iOS iPods. |
||
− | This exploit is in the [[VROM]] |
||
− | |||
==Credit== |
==Credit== |
||
+ | [[iPhone Dev Team]] |
||
− | The dev team |
||
==Exploit== |
==Exploit== |
||
− | There is a |
+ | There is a stack overflow in the certificate parsing code. By passing a malformed certificate, unsigned code can be run. |
==Implementations== |
==Implementations== |
||
− | *[[ |
+ | *[[PwnageTool]] |
+ | *[[QuickPwn]] |
||
− | *[http://lpahome.com/geohot/iran.rar iran] |
||
+ | *[[WinPwn]] |
||
+ | *[[redsn0w]] |
||
+ | *[[iran]] |
||
+ | |||
+ | [[Category:Bootrom Exploits]] |
Latest revision as of 07:51, 8 October 2015
This exploit in the S5L8900 bootrom is really the ultimate exploit, since it allows unsigned code to be run at the lowest level. It is available in all devices that use the S5L8900 - the iPhone, iPod Touch and iPhone 3G. It is also available on some non-iOS iPods.
Credit
Exploit
There is a stack overflow in the certificate parsing code. By passing a malformed certificate, unsigned code can be run.