The iPhone Wiki is no longer updated. Visit this article on The Apple Wiki for current information. |
Difference between revisions of "Talk:PwnageTool"
(One intermediate revision by one other user not shown) | |||
Line 1: | Line 1: | ||
This is probably explained somewhere, but... how does pwnagetool actually implement an exploit such as limera1n? --[[User:Rdqronos|rdqronos]] 16:00, 25 November 2011 (MST) |
This is probably explained somewhere, but... how does pwnagetool actually implement an exploit such as limera1n? --[[User:Rdqronos|rdqronos]] 16:00, 25 November 2011 (MST) |
||
:limera1n's exploit is used to put the device in "pwned DFU" mode, so you can restore to the custom IPSW in iTunes. --[[User:Dialexio|<span style="color:#C20; font-weight:normal;">Dialexio</span>]] 16:57, 25 November 2011 (MST) |
:limera1n's exploit is used to put the device in "pwned DFU" mode, so you can restore to the custom IPSW in iTunes. --[[User:Dialexio|<span style="color:#C20; font-weight:normal;">Dialexio</span>]] 16:57, 25 November 2011 (MST) |
||
+ | |||
+ | :If you were asking how [[PwnageTool]] actually implements the jailbreaks (in general): They "just" patch the firmware by decrypting it, change a few bytes and add some custom code and re-encrypt it again. The [[limera1n]] exploit is a bootrom vulnerability and this is needed to allow the installation of such new firmware, as Dialexio already mentioned. But you can use [[redsn0w]] instead. [[PwnageTool]] is mainly to create the new ipsw. Was there any specific question, like how any jailbreak works? -- [[User:Http|http]] 05:06, 26 November 2011 (MST) |
||
+ | :Actually, you nailed it spot on, http. Thanks a bunch, it's always nagged me how that worked :P --[[User:Rdqronos|rdqronos]] 14:48, 26 November 2011 (MST) |
Latest revision as of 21:48, 26 November 2011
This is probably explained somewhere, but... how does pwnagetool actually implement an exploit such as limera1n? --rdqronos 16:00, 25 November 2011 (MST)
- limera1n's exploit is used to put the device in "pwned DFU" mode, so you can restore to the custom IPSW in iTunes. --Dialexio 16:57, 25 November 2011 (MST)
- If you were asking how PwnageTool actually implements the jailbreaks (in general): They "just" patch the firmware by decrypting it, change a few bytes and add some custom code and re-encrypt it again. The limera1n exploit is a bootrom vulnerability and this is needed to allow the installation of such new firmware, as Dialexio already mentioned. But you can use redsn0w instead. PwnageTool is mainly to create the new ipsw. Was there any specific question, like how any jailbreak works? -- http 05:06, 26 November 2011 (MST)
- Actually, you nailed it spot on, http. Thanks a bunch, it's always nagged me how that worked :P --rdqronos 14:48, 26 November 2011 (MST)