Difference between revisions of "Talk:Kirkwood 7A341 (iPhone2,1)"

From The iPhone Wiki
Jump to: navigation, search
m
 
(7 intermediate revisions by 6 users not shown)
Line 1: Line 1:
 
Every time I try and vfdecrypt the 3GS file system, it always works but the resulted dmg is unmountable. Any help? Thanks!!
 
Every time I try and vfdecrypt the 3GS file system, it always works but the resulted dmg is unmountable. Any help? Thanks!!
 
:If you're on Windows, I find that there is an extra step required to open the image. After decrypting the image with vfdecrypt, run the decrypted image through XPwn's dmg utility. I use "dmg extract decrypted.dmg out.dmg". The resulting disk image should be readable by most Windows programs. If you're on a Mac, I don't know what would help. I believe OS X ignores the junk that's left after decrypting the image, so it's most likely user fault. The key is correct though, as I've been able to decrypt the image. --[[User:James|James]] 18:01, 25 June 2009 (UTC)
 
:If you're on Windows, I find that there is an extra step required to open the image. After decrypting the image with vfdecrypt, run the decrypted image through XPwn's dmg utility. I use "dmg extract decrypted.dmg out.dmg". The resulting disk image should be readable by most Windows programs. If you're on a Mac, I don't know what would help. I believe OS X ignores the junk that's left after decrypting the image, so it's most likely user fault. The key is correct though, as I've been able to decrypt the image. --[[User:James|James]] 18:01, 25 June 2009 (UTC)
  +
:Or ignore vfdecrypt completely, just run ''dmg extract encrypted.dmg decrypted.hfs -k key''. [[User:Blackbox|Blackbox]]
   
 
== iBoot decryption ==
 
== iBoot decryption ==
Line 7: Line 8:
 
:It appears to decrypt incorrectly for me too using xpwntool. Every other image decrypts correctly using it, so I assume it's a bad key. --[[User:James|James]] 21:16, 25 June 2009 (UTC)
 
:It appears to decrypt incorrectly for me too using xpwntool. Every other image decrypts correctly using it, so I assume it's a bad key. --[[User:James|James]] 21:16, 25 June 2009 (UTC)
 
::Alright thanks, just wanted to make sure it wasn't my error, cause I decrypted all the other files fine too. Looks like geohot will have to run those keys through again. --[[User:Cool name|Cool name]] 00:48, 26 June 2009 (UTC)
 
::Alright thanks, just wanted to make sure it wasn't my error, cause I decrypted all the other files fine too. Looks like geohot will have to run those keys through again. --[[User:Cool name|Cool name]] 00:48, 26 June 2009 (UTC)
  +
  +
== Developer patches ==
  +
  +
Can anyone assist me in getting access to the AES engine using UID/GID keys? I successfully patched the kernel (i.e. /dev/kmem is available) but running the aes utility from xpwn still fails with kIOReturnNotPrivileged. I'm on 3.0.1 (using 3.0 kernel) and I have also downgraded the IOKit.framework as this seems to have changed with 3.0.1. Is this a 3.0.1 issue or have I missed something? --[[User:CleanAir|CleanAir]] 09:49, 2 August 2009 (UTC)
  +
:Look at [[Kirkwood 7A341 (iPhone1,2)|Kirkwood_7A341_(iPhone_3G)]] for iPhone 2G, 3G, and iPod touches, or [[Kirkwood 7A341 (iPhone2,1)|Kirkwood_7A341_(iPhone_3GS)]] for iPhone 3GS. Chronic has provided kernel patches that allow AES GID/UID key usage. --[[User:Cool name|Cool name]] 14:28, 2 August 2009 (UTC)
  +
::That's what I did, the kernel _is_ patched, but I still can't use the GID key. I've tried fiddling with the aes.c program (in.bits = 256 instead of 128, in.mask = 0x1000 instead of 0x3E8, ...) but to now avail.
  +
:::wait, in.mask from 0x3E8 to 0x1000? why? you realize that 0x3E0==1000? you don't want to change that, since 1000 / 0x3E0 is the keymask for gid. in either case though, I am not sure why you are getting an error with it... [[User:ChronicDev|ChronicDev]] 19:23, 9 August 2009 (UTC)

Latest revision as of 16:16, 28 March 2017

Every time I try and vfdecrypt the 3GS file system, it always works but the resulted dmg is unmountable. Any help? Thanks!!

If you're on Windows, I find that there is an extra step required to open the image. After decrypting the image with vfdecrypt, run the decrypted image through XPwn's dmg utility. I use "dmg extract decrypted.dmg out.dmg". The resulting disk image should be readable by most Windows programs. If you're on a Mac, I don't know what would help. I believe OS X ignores the junk that's left after decrypting the image, so it's most likely user fault. The key is correct though, as I've been able to decrypt the image. --James 18:01, 25 June 2009 (UTC)
Or ignore vfdecrypt completely, just run dmg extract encrypted.dmg decrypted.hfs -k key. Blackbox

iBoot decryption

Is it just me, or does iBoot appear to decrypt incorrectly using the keys given? --Cool name 20:15, 25 June 2009 (UTC)

It appears to decrypt incorrectly for me too using xpwntool. Every other image decrypts correctly using it, so I assume it's a bad key. --James 21:16, 25 June 2009 (UTC)
Alright thanks, just wanted to make sure it wasn't my error, cause I decrypted all the other files fine too. Looks like geohot will have to run those keys through again. --Cool name 00:48, 26 June 2009 (UTC)

Developer patches

Can anyone assist me in getting access to the AES engine using UID/GID keys? I successfully patched the kernel (i.e. /dev/kmem is available) but running the aes utility from xpwn still fails with kIOReturnNotPrivileged. I'm on 3.0.1 (using 3.0 kernel) and I have also downgraded the IOKit.framework as this seems to have changed with 3.0.1. Is this a 3.0.1 issue or have I missed something? --CleanAir 09:49, 2 August 2009 (UTC)

Look at Kirkwood_7A341_(iPhone_3G) for iPhone 2G, 3G, and iPod touches, or Kirkwood_7A341_(iPhone_3GS) for iPhone 3GS. Chronic has provided kernel patches that allow AES GID/UID key usage. --Cool name 14:28, 2 August 2009 (UTC)
That's what I did, the kernel _is_ patched, but I still can't use the GID key. I've tried fiddling with the aes.c program (in.bits = 256 instead of 128, in.mask = 0x1000 instead of 0x3E8, ...) but to now avail.
wait, in.mask from 0x3E8 to 0x1000? why? you realize that 0x3E0==1000? you don't want to change that, since 1000 / 0x3E0 is the keymask for gid. in either case though, I am not sure why you are getting an error with it... ChronicDev 19:23, 9 August 2009 (UTC)