The iPhone Wiki is no longer updated. Visit this article on The Apple Wiki for current information. |
Difference between revisions of "Kirkwood 7A341 (iPod2,1)"
ChronicDev (talk | contribs) |
ChronicDev (talk | contribs) |
||
Line 34: | Line 34: | ||
* '''IV''': 395f0ec18c19f302298c0fd49b75c6e6 |
* '''IV''': 395f0ec18c19f302298c0fd49b75c6e6 |
||
* '''Key''': 8f4a88ab8acf4bed06a5f641ba804c50 |
* '''Key''': 8f4a88ab8acf4bed06a5f641ba804c50 |
||
+ | |||
+ | ==Patches== |
||
+ | Putting this here for developers that would like to to utilize "extras" like /dev/kmem access, tfp0, etc. |
||
+ | |||
+ | ===Kernel=== |
||
+ | <pre> |
||
+ | // thumb patches |
||
+ | 0x08DE72: 8D 43 => 00 00 // w^x patch #1 |
||
+ | 0x090B6E: A2 43 => 00 00 // w^x patch #2 |
||
+ | 0x19B8BC: 0C D1 => 0C E0 // allow tfp0 |
||
+ | 0x381E22: FA 23 DB 00 => 01 23 5B 42 // allow aes uid key usage |
||
+ | 0x381E34: FA 23 9B 00 => 01 23 5B 42 // allow aes gid key usage |
||
+ | 0x3DEF8E: 40 42 => 00 20 // img3 signature check |
||
+ | |||
+ | // flag patches |
||
+ | 0x213638: 00 00 00 00 => 01 00 00 00 // setup_kmem flag |
||
+ | |||
+ | // arm patches |
||
+ | 0x3F908C: 00 40 A0 E3 => 01 40 A0 E3 // codesign check actual code patch |
||
+ | 0x3FCB40: FF 40 A0 E3 => 00 40 A0 E3 // ??? (was in posix's patcher) |
||
+ | </pre> |
Revision as of 20:37, 17 June 2009
Contents
Decryption Keys
Root Filesystem
- VFDecrypt: 415225778e1bebf8eeff2a9050b04ce429de9680e4acba50820a3fa453897bc4a4b307e2
LLB
- IV: 6a362817b3dfaf5932f13a747e0181a6
- Key: fd285252b62192710f6f8c902ef96aaf
iBoot
- IV: c71876986992913eeb8b12b072e00293
- Key: e0476a04b7dfba9531e1c0263f8b0143
DeviceTree
- IV: 58a4993608ddfbd3c7be970c7656f54a
- Key: b11cafdbacf7ccc0a73a500dffe48c81
kernelcache
- IV: 308dd79438f44a9b9f2d465dbc850f3d
- Key: d1dd8688b1845fd4c58628e701a1e0a2
iBEC
- IV: cb811d7b738e930fdf21660dd261e937
- Key: 592b94ddb22d797f5bfe0b6529223233
iBSS
- IV: 562681289ebe33a82a810a6463b95dde
- Key: d42a45e83880d70807fef01f2fed29ac
018-5309-002.dmg
- IV: b7ae396e8e8ea533b1593802b1d59678
- Key: 4672f8b511586e795ec7d6aa9ad1b1c3
018-5310-002.dmg
- IV: 395f0ec18c19f302298c0fd49b75c6e6
- Key: 8f4a88ab8acf4bed06a5f641ba804c50
Patches
Putting this here for developers that would like to to utilize "extras" like /dev/kmem access, tfp0, etc.
Kernel
// thumb patches 0x08DE72: 8D 43 => 00 00 // w^x patch #1 0x090B6E: A2 43 => 00 00 // w^x patch #2 0x19B8BC: 0C D1 => 0C E0 // allow tfp0 0x381E22: FA 23 DB 00 => 01 23 5B 42 // allow aes uid key usage 0x381E34: FA 23 9B 00 => 01 23 5B 42 // allow aes gid key usage 0x3DEF8E: 40 42 => 00 20 // img3 signature check // flag patches 0x213638: 00 00 00 00 => 01 00 00 00 // setup_kmem flag // arm patches 0x3F908C: 00 40 A0 E3 => 01 40 A0 E3 // codesign check actual code patch 0x3FCB40: FF 40 A0 E3 => 00 40 A0 E3 // ??? (was in posix's patcher)