Difference between revisions of "Talk:AT+XAPP Vulnerability"

From The iPhone Wiki
Jump to: navigation, search
(Missing signature.)
 
(2 intermediate revisions by 2 users not shown)
Line 4: Line 4:
 
So if someone could please give a small intro as to how to find the AT+ commands (main) routine, please fill out. Thanks in advance! ~toomuchjames
 
So if someone could please give a small intro as to how to find the AT+ commands (main) routine, please fill out. Thanks in advance! ~toomuchjames
   
  +
Anyone? {{unsigned|toomuchjames|14:18, August 13, 2010 (UTC)}}
Anyone?
 
   
 
Okay so like this can't be real can it? I know it's not relavant to this exploit but I just wanna know.
 
Okay so like this can't be real can it? I know it's not relavant to this exploit but I just wanna know.
 
http://pastie.org/pastes/1568212 [[User:Leobruh|Leobruh]] 23:20, 24 February 2011 (UTC)!
 
http://pastie.org/pastes/1568212 [[User:Leobruh|Leobruh]] 23:20, 24 February 2011 (UTC)!
  +
  +
I know that the BB bootloader signature checks everything on bootup so a permanent unlock is out of discussion. But can this exploit be used with a payload to downgrade the baseband to an older signed version? {{unsigned|Clrokr|02:23, March 14, 2011 (UTC)}}

Latest revision as of 03:05, 14 March 2011

I try to find the xapp command in the disassembly. Is it right that it is in the stack.fls file? I cant find a "xapp" string ... Can someone help me? ~chrisude

In a more general sense I'd like to know the same. As to not being able to find the xapp string, which baseband are you looking at? I can verify that the 05.11.07 baseband does have xapp (at offset 62F5AF, 63B217, 37E4D5 (and xapp_get at 513D18, cmd_xapp.app at 632619). Which you're suppose to look at exactly I'd like to know also. So if someone could please give a small intro as to how to find the AT+ commands (main) routine, please fill out. Thanks in advance! ~toomuchjames

Anyone? --The preceding unsigned comment was added by toomuchjames (talk) 14:18, August 13, 2010 (UTC). Please consult this page for more info on how to sign pages, and how to fix this.

Okay so like this can't be real can it? I know it's not relavant to this exploit but I just wanna know. http://pastie.org/pastes/1568212 Leobruh 23:20, 24 February 2011 (UTC)!

I know that the BB bootloader signature checks everything on bootup so a permanent unlock is out of discussion. But can this exploit be used with a payload to downgrade the baseband to an older signed version? --The preceding unsigned comment was added by Clrokr (talk) 02:23, March 14, 2011 (UTC). Please consult this page for more info on how to sign pages, and how to fix this.