The iPhone Wiki is no longer updated. Visit this article on The Apple Wiki for current information. |
Difference between revisions of "PwnStrap"
m |
|||
(3 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
+ | '''PwnStrap''' is a collection of programs to bootstrap the loading of a new limera1n exploit-based [[PwnageTool]] image. |
||
− | [http://www.bingner.com/pwnstrap.html Link to original info and some binaries] |
||
+ | == Procedure == |
||
− | This is the procedure to use greenpois0n to bootstrap the loading of a new limera1n exploit-based pwnagetool image via windows or other irecovery and a supported device: |
||
− | # irecovery -s |
+ | # <code>irecovery -s</code> |
− | # setenv boot-args 2 |
+ | # <code>setenv boot-args 2</code> |
− | # setenv auto-boot false |
+ | # <code>setenv auto-boot false</code> |
− | # saveenv |
+ | # <code>saveenv</code> |
− | # |
+ | # Run [[greenpois0n]]; it will stop on a white screen |
− | # |
+ | # Extract [[iBSS]] from your custom image |
− | # irecovery -f iBSS |
+ | # <code>irecovery -f iBSS</code> |
− | # irecovery -s |
+ | # <code>irecovery -s</code> |
− | # setenv boot-args 0 |
+ | # <code>setenv boot-args 0</code> |
− | # saveenv |
+ | # <code>saveenv</code> |
− | # go image decrypt 0x41000000 |
+ | # <code>go image decrypt 0x41000000</code> |
− | # go jump 0x41000040 |
+ | # <code>go jump 0x41000040</code> |
+ | # Restore firmware with [[iTunes]] |
||
− | # restore your CFW from itunes |
||
+ | You will need one of the new binaries posted below if you have an Apple TV (2nd generation) |
||
+ | == External Links == |
||
− | You will need one of the new binaries posted above if you have an AppleTV2 |
||
+ | * [http://www.bingner.com/pwnstrap.html Original info and some binaries] |
Latest revision as of 16:53, 26 March 2017
PwnStrap is a collection of programs to bootstrap the loading of a new limera1n exploit-based PwnageTool image.
Procedure
irecovery -s
setenv boot-args 2
setenv auto-boot false
saveenv
- Run greenpois0n; it will stop on a white screen
- Extract iBSS from your custom image
irecovery -f iBSS
irecovery -s
setenv boot-args 0
saveenv
go image decrypt 0x41000000
go jump 0x41000040
- Restore firmware with iTunes
You will need one of the new binaries posted below if you have an Apple TV (2nd generation)