|
The iPhone Wiki is no longer updated. Visit this article on The Apple Wiki for current information. |
Difference between revisions of "Pwnage"
ChronicDev (talk | contribs) |
ChronicDev (talk | contribs) (→Exploit) |
||
| Line 6: | Line 6: | ||
==Exploit== |
==Exploit== |
||
The [[VROM]] doesn't sig check the stuff it jumps to in the [[NOR]]. So to use the exploit, one finds a way of writing to the NOR unsigned, either with [[iBoot]] hacks or kernel patches. |
The [[VROM]] doesn't sig check the stuff it jumps to in the [[NOR]]. So to use the exploit, one finds a way of writing to the NOR unsigned, either with [[iBoot]] hacks or kernel patches. |
||
| + | |||
| + | This exploit has been fixed on the [[iPod Touch 2G]]. The bootrom sigchecks LLB before jumping to it now, and if the LLB is patched, it will default to DFU mode. |
||
==Implementation== |
==Implementation== |
||
Revision as of 18:17, 15 December 2008
This exploit is in the VROM
Credit
Exploit
The VROM doesn't sig check the stuff it jumps to in the NOR. So to use the exploit, one finds a way of writing to the NOR unsigned, either with iBoot hacks or kernel patches.
This exploit has been fixed on the iPod Touch 2G. The bootrom sigchecks LLB before jumping to it now, and if the LLB is patched, it will default to DFU mode.
