The iPhone Wiki is no longer updated. Visit this article on The Apple Wiki for current information.

Difference between revisions of "Kirkwood 7A341 (iPhone1,2)"

From The iPhone Wiki
Jump to: navigation, search
(Replacing page with 'Hacked by Chroniccommand')
(reverting vandalism)
Line 1: Line 1:
  +
== Decryption Keys ==
Hacked by Chroniccommand
  
  +
=== Root Filesystem ===
  +
* '''VFDecrypt''': 8d5d1fea02d627c9e9b0d994c3cfdeaab9780c86ac908db15461efe44eddd19f8924b6b2
  +
  +
=== Update Ramdisk - 018-5303-002.dmg===
  +
* '''Key''': 5a0f82979f336baa58ed37926bd89dfe
  +
* '''IV''': 0dc67d4f50ac62ee142b99baa569d0f4
  +
  +
=== Restore Ramdisk - 018-5305-002.dmg ===
  +
* '''Key''': 9962589aabb4d5ec56b7a867ab5b11b0
  +
* '''IV''': caca33f1aca029320d60873a4deed68d
  +
  +
=== DeviceTree ===
  +
* '''Key''': 1852158326954e1379ee3aebe1d5c50c
  +
* '''IV''': 5e6bca89f06c8dc4f3868fa4caba9d40
  +
  +
=== iBoot ===
  +
* '''Key''': 4a8d6657297ca45cf6bec0854ee0a2e8
  +
* '''IV''': 674a95015a8d33cd2f1f259ebe01aca7
  +
  +
=== Logo ===
  +
* '''Key''': f9841fa3197f0bd9fd162ce170c5f6f9
  +
* '''IV''': 30c0cb05ae49d0484392261b2c8b21a8
  +
  +
=== Recovery Logo ===
  +
* '''Key''': 5a56972f4750335c448f3219269ed202
  +
* '''IV''': 848d4cef8e4d8182c3f10062cf5347fe
  +
  +
=== Kernel ===
  +
* '''Key''': 02418105dfb3be2af2a76248e026f702
  +
* '''IV ''': a4db9183cd79722b4146c9de09ab29c5
  +
  +
==Patches==
  +
Putting this here for developers that would like to to utilize "extras" like /dev/kmem access, tfp0, etc.
  +
  +
===Kernel===
  +
<pre>
  +
// thumb patches
  +
0x08DE72: 8D 43 => 00 00 // w^x patch #1
  +
0x090B6E: A2 43 => 00 00 // w^x patch #2
  +
0x19B8BC: 0C D1 => 0C E0 // allow tfp0
  +
0x381E22: FA 23 DB 00 => 01 23 5B 42 // allow aes uid key usage
  +
0x381E34: FA 23 9B 00 => 01 23 5B 42 // allow aes gid key usage
  +
0x3DEF8E: 40 42 => 00 20 // img3 signature check
  +
  +
// flag patches
  +
0x213638: 00 00 00 00 => 01 00 00 00 // setup_kmem flag
  +
  +
// arm patches
  +
0x3F908C: 00 40 A0 E3 => 01 40 A0 E3 // codesign check actual code patch
  +
0x3FCB40: FF 40 A0 E3 => 00 40 A0 E3
  +
</pre>

Revision as of 20:20, 6 November 2009

Decryption Keys

Root Filesystem

  • VFDecrypt: 8d5d1fea02d627c9e9b0d994c3cfdeaab9780c86ac908db15461efe44eddd19f8924b6b2

Update Ramdisk - 018-5303-002.dmg

  • Key: 5a0f82979f336baa58ed37926bd89dfe
  • IV: 0dc67d4f50ac62ee142b99baa569d0f4

Restore Ramdisk - 018-5305-002.dmg

  • Key: 9962589aabb4d5ec56b7a867ab5b11b0
  • IV: caca33f1aca029320d60873a4deed68d

DeviceTree

  • Key: 1852158326954e1379ee3aebe1d5c50c
  • IV: 5e6bca89f06c8dc4f3868fa4caba9d40

iBoot

  • Key: 4a8d6657297ca45cf6bec0854ee0a2e8
  • IV: 674a95015a8d33cd2f1f259ebe01aca7

  • Key: f9841fa3197f0bd9fd162ce170c5f6f9
  • IV: 30c0cb05ae49d0484392261b2c8b21a8

  • Key: 5a56972f4750335c448f3219269ed202
  • IV: 848d4cef8e4d8182c3f10062cf5347fe

Kernel

  • Key: 02418105dfb3be2af2a76248e026f702
  • IV : a4db9183cd79722b4146c9de09ab29c5

Patches

Putting this here for developers that would like to to utilize "extras" like /dev/kmem access, tfp0, etc.

Kernel

// thumb patches
0x08DE72: 8D 43 => 00 00               // w^x patch #1
0x090B6E: A2 43 => 00 00               // w^x patch #2
0x19B8BC: 0C D1 => 0C E0               // allow tfp0
0x381E22: FA 23 DB 00 => 01 23 5B 42   // allow aes uid key usage
0x381E34: FA 23 9B 00 => 01 23 5B 42   // allow aes gid key usage
0x3DEF8E: 40 42 => 00 20               // img3 signature check

// flag patches
0x213638: 00 00 00 00 => 01 00 00 00   // setup_kmem flag

// arm patches
0x3F908C: 00 40 A0 E3 => 01 40 A0 E3   // codesign check actual code patch
0x3FCB40: FF 40 A0 E3 => 00 40 A0 E3
Retrieved from "https://www.theiphonewiki.com/w/index.php?title=Kirkwood_7A341_(iPhone1,2)&oldid=5463"