Difference between revisions of "S5L8720"

Latest revision as of 12:33, 23 March 2017

This is the Application Processor used on the iPod touch (2nd generation).

Bootrom Exploits

0x24000 Segment Overflow - only in Bootrom 240.4 (old bootrom)
usb_control_msg(0xA1, 1) Exploit

Note: iBoot on the S5L8720 can be downgraded, allowing any of the iBoot exploits to be used on future firmwares.

Boot Chain

VROM->LLB->iBoot->Kernel->System Software

It is definitely worthy to note that the Pwnage exploit is fixed because the images are now flashed to the NOR in their encrypted IMG3 containers, and the bootrom can properly check LLB's signature. That being said, unsigned images can still be run using the 0x24000 Segment Overflow, provided the bootrom is old enough.

External Links

Technical Reference Manual: ARM1176JZF-S

Revision as of 23:42, 14 August 2013 (view source) IAdam1n (talk \| contribs) m ← Older edit		Latest revision as of 12:33, 23 March 2017 (view source) Spydar007 (talk \| contribs) m
(One intermediate revision by one other user not shown)
Line 1:		Line 1:
−	This is the Application Processor used on the [[~~n72ap~~\|iPod touch 2G]].	+	This is the Application Processor used on the [[N72AP\|iPod touch (2nd generation)]].

	== [[Bootrom]] Exploits ==		== [[Bootrom]] Exploits ==

Difference between revisions of "S5L8720"

Latest revision as of 12:33, 23 March 2017

Contents

Bootrom Exploits

Boot Chain

See Also

External Links

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Miscellaneous

Tools