Difference between revisions of "Seczone"

From The iPhone Wiki
Jump to: navigation, search
(some links; is it ok to link from TEA to Baseband TEA Keys?)
 
(6 intermediate revisions by 2 users not shown)
Line 3: Line 3:
 
==Layout==
 
==Layout==
 
0x400--NCK token
 
0x400--NCK token
  +
0xA00--IMEI signature
 
0xB00--IMEI
 
0xB00--IMEI
  +
0xC00--Locks table
0xB10--IMEI signature
 
  +
  +
The locks table is identical for every device.
  +
  +
==Locks Table==
  +
Type Offset Size Entry
  +
0002 0028 0018 102F0100 00000001 7F200000 FFFF6F07 0000FFFF 00000009
  +
0010 0040 0010 15220100 06310830 00010432 00001F10
  +
8001 0050 0008 FF010001 FFFFFFFF
  +
0001 0058 00e0 00250100 00000000 00000000 00000000 00000000 00000001 01050101
  +
00000000 00000009 00000000 00000000 00000000 00000029 00000000
  +
00000000 00000000 00000505 00000000 00000000 00000000 00000000
  +
00000000 00000000 00000000 00000000 00000000 00000505 00000000
  +
00000000 00000000 00000000 00000000 00000000 00000000 00000000
  +
00000000 00000505 00000000 00000000 00000000 00000000 00000000
  +
00000000 00000000 00000000 00000000 00000505 00000000 00000000
  +
00000000 00000000 00000000 00000000 00000000 00000000 00000000
  +
0003 0138 00b8 00000100 00000000 00000000 00000000 00000000 00000000 00000000
  +
00000000 00000000 00000000 00000000 00000000 00000000 00000000
  +
00000000 00000000 00000000 00000000 00000000 00000000 00000000
  +
00000000 00000000 00000000 00000000 00000000 00000000 00000000
  +
00000000 00000000 00000000 00000000 00000000 00000000 00000000
  +
00000000 00000000 00000000 00000000 00000000 00000000 00000000
  +
00000000 00000000 00000000 00000000
   
 
==Encryption==
 
==Encryption==
Many of the sections are encrypted using TEA based off the CHIPID and NORID. See [[NCK Brute Force]] for more info.
+
Many of the sections are encrypted using [[Baseband TEA Keys|TEA]] based off the hashed [[CHIPID]] and/or [[NORID]]. See [[NCK Brute Force]] for more info.
  +
  +
[[Category:Baseband]]

Latest revision as of 21:49, 19 August 2010

This is the area in the baseband where the lock state is stored.

Layout

0x400--NCK token
0xA00--IMEI signature
0xB00--IMEI
0xC00--Locks table

The locks table is identical for every device.

Locks Table

 Type Offset Size  Entry
 0002  0028  0018  102F0100 00000001 7F200000 FFFF6F07 0000FFFF 00000009 
 0010  0040  0010  15220100 06310830 00010432 00001F10 
 8001  0050  0008  FF010001 FFFFFFFF 
 0001  0058  00e0  00250100 00000000 00000000 00000000 00000000 00000001 01050101 
                   00000000 00000009 00000000 00000000 00000000 00000029 00000000 
                   00000000 00000000 00000505 00000000 00000000 00000000 00000000 
                   00000000 00000000 00000000 00000000 00000000 00000505 00000000 
                   00000000 00000000 00000000 00000000 00000000 00000000 00000000 
                   00000000 00000505 00000000 00000000 00000000 00000000 00000000 
                   00000000 00000000 00000000 00000000 00000505 00000000 00000000 
                   00000000 00000000 00000000 00000000 00000000 00000000 00000000 
 0003  0138  00b8  00000100 00000000 00000000 00000000 00000000 00000000 00000000 
                   00000000 00000000 00000000 00000000 00000000 00000000 00000000 
                   00000000 00000000 00000000 00000000 00000000 00000000 00000000 
                   00000000 00000000 00000000 00000000 00000000 00000000 00000000 
                   00000000 00000000 00000000 00000000 00000000 00000000 00000000 
                   00000000 00000000 00000000 00000000 00000000 00000000 00000000 
                   00000000 00000000 00000000 00000000

Encryption

Many of the sections are encrypted using TEA based off the hashed CHIPID and/or NORID. See NCK Brute Force for more info.