The iPhone Wiki is no longer updated. Visit this article on The Apple Wiki for current information.

Fakeblank

From The iPhone Wiki
Revision as of 00:58, 23 September 2010 by QWAZ (talk | contribs) (Other links)
Jump to: navigation, search

This exploit is in the Baseband Bootrom. There are hardware (testpoint) and software variations of this.

Credit

gray, iProof, geohot, dinopio, lazyc0der, and an anonymous contributor

X-Gold 608

The bootrom is located at 0x400000, and can be dumped via geohotz 5.8bl loader exploit

This is the first code that runs on the baseband. It resides in internal ROM.

S-Gold 2

The bootrom here is located at 0x400000. It was initially dumped using exploits in java on other S-Gold 2 phones. It allows unsigned code to be uploaded using Baseband Bootrom Protocol. On non debug variants of the chip, it requires Fakeblank to run that code

X-Gold 608

The bootrom is located at 0x400000, and can be dumped via geohotz 5.8bl loader exploit

Retrieved from "https://www.theiphonewiki.com/w/index.php?title=Fakeblank&oldid=9363"