The iPhone Wiki is no longer updated. Visit this article on The Apple Wiki for current information. |
Difference between revisions of "Jailbreak"
m (→Exploits which are used in order to jailbreak 2.0 and above: Added feedface.) |
m |
||
Line 1: | Line 1: | ||
+ | '''[https://www.plimus.com/jsp/redirect.jsp?contractId=2613674&referrer=taraff1 Click Here to Unlock and Jailbreak ANY iPhone Instantly and Automatically]''' |
||
+ | |||
This is the process by which full execute and write access is obtained on all the partitions of the iPhone. It is done by patching /etc/fstab to mount the System partition as read-write. This is entirely different from an [[unlock]]. Jailbreaking is the first action that must be taken before things like unofficial [[activation]] (hacktivation), and unofficial unlocking can be applied. |
This is the process by which full execute and write access is obtained on all the partitions of the iPhone. It is done by patching /etc/fstab to mount the System partition as read-write. This is entirely different from an [[unlock]]. Jailbreaking is the first action that must be taken before things like unofficial [[activation]] (hacktivation), and unofficial unlocking can be applied. |
||
Revision as of 15:43, 10 April 2011
Click Here to Unlock and Jailbreak ANY iPhone Instantly and Automatically
This is the process by which full execute and write access is obtained on all the partitions of the iPhone. It is done by patching /etc/fstab to mount the System partition as read-write. This is entirely different from an unlock. Jailbreaking is the first action that must be taken before things like unofficial activation (hacktivation), and unofficial unlocking can be applied.
The original jailbreak also included modifying the afc service (used by iTunes to access the filesystem) to give full filesystem access from root. This was later updated to create a new service (afc2) that allows access to the full filesystem.
Modern jailbreaks also include patching the kernel to get around code signing and other restrictions.
Contents
Exploits which were used in order to jailbreak (in chronological order)
1.0.2
- Restore Mode (iBoot had a command named cp, which had access to the whole filesystem)
1.1.1
- Symlinks (an upgrade jailbreak)
- libtiff exploit (Adapted from the PSP scene, used by JailbreakMe)
1.1.2
- Mknod (an upgrade jailbreak)
1.1.3 / 1.1.4
- Soft Upgrade (an upgrade jailbreak)
- Ramdisk Hack
Exploits which are used in order to jailbreak 2.0 and above
Userland (used for all devices)
- MobileBackup Copy Exploit + Incomplete Codesign Exploit + BPF_STX Kernel Write Exploit (together for Spirit)
- Malformed CFF Vulnerability + Incomplete Codesign Exploit + IOSurface Kernel Exploit (together for Star)
- Packet Filter Kernel Exploit (together with limera1n's bootrom exploit or the usb_control_msg(0xA1, 1) Exploit, for untethered jailbreak)
- HFS Legacy Volume Name Stack Buffer Overflow (together with limera1n's bootrom exploit or the usb_control_msg(0xA1, 1) Exploit, for untethered jailbreak)
iPhone / iPhone 3G / iPod touch
- Pwnage and Pwnage 2.0 (together)
iPod touch 2G
- ARM7 Go (used by tethered jailbreaks)
- 0x24000 Segment Overflow (used on "MB" models for an untethered jailbreak)
- usb_control_msg(0x21, 2) Exploit (tethered for units with the new bootrom)
- usb_control_msg(0xA1, 1) Exploit (used for a tethered jailbreak on units with the new bootrom)
iPhone 3GS
- 0x24000 Segment Overflow (used on older devices for an untethered jailbreak)
- iBoot Environment Variable Overflow
- usb_control_msg(0x21, 2) Exploit (tethered for newer devices)
- limera1n (tethered on its own, untethered with an additional exploit)
iPod touch 3G
- usb_control_msg(0x21, 2) Exploit (tethered only)
- limera1n (tethered on its own, untethered with an additional exploit)
iPhone 4
- limera1n's bootrom exploit (tethered on its own, untethered with an additional exploit)
iPod touch 4G
- limera1n's bootrom exploit (tethered on its own, untethered with an additional exploit)
iPad
- limera1n's bootrom exploit (tethered on its own, untethered with an additional exploit)
Apple TV 2G
- limera1n's bootrom exploit (tethered on its own, untethered with an additional exploit)