The iPhone Wiki is no longer updated. Visit this article on The Apple Wiki for current information. |
Difference between revisions of "IBooty"
m (added missing space and a link) |
(Adding Category:Jailbreaking) |
||
(24 intermediate revisions by 8 users not shown) | |||
Line 1: | Line 1: | ||
{{DISPLAYTITLE:iBooty}} |
{{DISPLAYTITLE:iBooty}} |
||
+ | [[Image:WFCF.png|thumb|Waiting For Custom Firmware]] |
||
− | iBooty is a utility created by [[iH8sn0w]] to aid in jailbreaking [[N18ap|iPod touch 3G]] and [[N88ap|iPhone 3GS]] ([[iBoot-359.3.2|new bootrom]]) devices. The [[jailbreak]] is [[tethered]]. It has been reverse-engineered and is being ported to Linux. See [http://forums.openpwn.org/viewtopic.php?f=15&t=107] for information on booting your tethered device on Linux. |
||
+ | == iBooty Version earlier then 1.8 == |
||
− | This application has been ported along with Payload Pwner to Mac OS X 10.4+ under the name [[Pneumonia]]. |
||
+ | It was a utility to aid in jailbreaking all [[Bootrom 359.3.2|new bootrom]] devices on iOS 3.1.2. |
||
+ | === "Boot it!" Function === |
||
− | Also there's a application which includes Payload Pwner and iBooty called [[Nephron]]. (available [http://github.com/fallensn0w/Nephron @github]) |
||
+ | iBooty uploads the payload which is a pwned 3.1.2 iBoot and then uploads [[iBEC]] and jumps to it. It resets the connection and then uploads and sets up the device tree. Now it uploads and sets up iH8sn0w's logo. Finally, it uploads the [[kernelcache]] for it to boot the device. |
||
− | == " |
+ | === "Prepare" Function === |
+ | It uploads the payload, then the [[iBEC]], and uploads and prepares the logo, which notifies you to begin the restore process. |
||
− | Reverse-engineered in a collaborative effort between [[User:Dra1nerdrake|dra1nerdrake]] and [[User:Fallensn0w|Fallensn0w]]: iBooty uploads the payload (nothing more than a pwned 3.1.2 iBoot), then uploads 4.0 [[iBEC]] and jumps to it. It resets the connection and then uploads and sets up the device tree. Now it uploads and sets up iH8sn0w's logo. Finally, it uploads the kernelcache for iOS 4.0 and boots the device. |
||
+ | == iBooty Version later then 2.0 == |
||
− | == "Prepare" Function == |
||
+ | Utility to boot tethered jailbroken device |
||
− | Although I can not be sure yet, I believe that the program uploads the payload, then the 4.0 [[iBEC]], and uploads and prepares the logo, which notifies you to begin the restore process. |
||
+ | # Exploits [[bootrom]] with [[limera1n]]/[[steaks4uce]] exploits |
||
+ | # Uploads the pwned [[LLB]] that jumps to a pwned iBoot image that was flashed upon restore with the custom [[sn0wbreeze]] restore. |
||
== Resources == |
== Resources == |
||
− | There's |
+ | There's an open-source version of iBooty by [[User:Fallensn0w|Fallensn0w]] available at [http://github.com/fallensn0w/openiBooty @github] |
+ | <br>This "version" of iBooty lets the user to do "booty callz!" on any OS. (Mac, Linux, Windows). |
||
+ | [[Category:Jailbreaks]] |
||
− | == Theory == |
||
+ | [[Category:Jailbreaking]] |
||
− | This application has caused me to realize that provided one with a late-bootrom device has their SHSH blobs for iOS 3.1.2, they can jailbreak their device indefinitely, using this tethered method. --[[User:Dra1nerdrake|dra1nerdrake]] 15:37, 12 August 2010 (UTC) |
||
+ | [[Category:Software]] |
Latest revision as of 20:55, 26 August 2015
Contents
iBooty Version earlier then 1.8
It was a utility to aid in jailbreaking all new bootrom devices on iOS 3.1.2.
"Boot it!" Function
iBooty uploads the payload which is a pwned 3.1.2 iBoot and then uploads iBEC and jumps to it. It resets the connection and then uploads and sets up the device tree. Now it uploads and sets up iH8sn0w's logo. Finally, it uploads the kernelcache for it to boot the device.
"Prepare" Function
It uploads the payload, then the iBEC, and uploads and prepares the logo, which notifies you to begin the restore process.
iBooty Version later then 2.0
Utility to boot tethered jailbroken device
- Exploits bootrom with limera1n/steaks4uce exploits
- Uploads the pwned LLB that jumps to a pwned iBoot image that was flashed upon restore with the custom sn0wbreeze restore.
Resources
There's an open-source version of iBooty by Fallensn0w available at @github
This "version" of iBooty lets the user to do "booty callz!" on any OS. (Mac, Linux, Windows).