https://www.theiphonewiki.com/w/api.php?action=feedcontributions&feedformat=atom&user=BioQuarkThe iPhone Wiki - User contributions [en]2026-06-09T10:46:58ZUser contributionsMediaWiki 1.31.14https://www.theiphonewiki.com/w/index.php?title=Talk:IBoot_Environment_Variable_Overflow&diff=4065Talk:IBoot Environment Variable Overflow2009-07-03T20:57:48Z<p>BioQuark: New page: I'm wet.</p>
<hr />
<div>I'm wet.</div>BioQuarkhttps://www.theiphonewiki.com/w/index.php?title=Jailbreak_(S5L8920%2B)&diff=3892Jailbreak (S5L8920+)2009-06-22T06:50:04Z<p>BioQuark: </p>
<hr />
<div>Because of the date the [[0x24000 Segment Overflow]] was leaked by [[NitroKey]], Apple may or may not have had the time to fix the bug. If not, the following needs to be done:<br />
* '''Find a new iBoot exploit''' - This will allow us to decrypt the platform iBoot and other firmware files in it's IPSW, as well as dump the bootrom to examine.<br />
* '''Find a new bootrom exploit''' - After we have the bootrom dumped, we must look for a way to make SecureROM run our patched [[LLB]].<br />
<br />
== How to check for [[0x24000 Segment Overflow]] exploitability (Mac) ==<br />
As the device has not been released yet, and we only know of it's existance because of various references to "iPhone2,1", this might not work for it. But for previous devices, and hopefully this one too, you can do this:<br />
# Put the device in [[DFU]]<br />
# Open Applications/Utilities/System Profiler<br />
# Go to "USB" on the left sidebar<br />
# Click on "Apple Mobile Device (DFU Mode)"<br />
# Look under "USB Serial Number". Among things like the Chip ID, there should be "iBoot Version"<br />
# If "iBoot Version" is "iBoot-240.4", then that means it is most likely still vulnerable<br />
<br />
== iPhone2,1 == <br />
<br />
Apple Mobile Device (DFU Mode):<br />
<br />
Product ID: 0x1227<br />
Vendor ID: 0x05ac (Apple Inc.)<br />
Version: 0.00<br />
Serial Number: CPID:8920 CPRV:14 CPFM:03 SCEP:01 BDID:00 ECID:000002DBCA0C6D0E SRTG:['''iBoot-359.3''']<br />
Speed: Up to 480 Mb/sec<br />
Manufacturer: Apple Inc.<br />
Location ID: 0xfd100000<br />
Current Available (mA): 500<br />
Current Required (mA): 100"</div>BioQuarkhttps://www.theiphonewiki.com/w/index.php?title=Jailbreak_(S5L8920%2B)&diff=3891Jailbreak (S5L8920+)2009-06-22T00:29:58Z<p>BioQuark: Info from an iPhone 3GS in DFU from System Profiler.</p>
<hr />
<div>Because of the date the [[0x24000 Segment Overflow]] was leaked by [[NitroKey]], Apple may or may not have had the time to fix the bug. If not, the following needs to be done:<br />
* '''Find a new iBoot exploit''' - This will allow us to decrypt the platform iBoot and other firmware files in it's IPSW, as well as dump the bootrom to examine.<br />
* '''Find a new bootrom exploit''' - After we have the bootrom dumped, we must look for a way to make SecureROM run our patched [[LLB]].<br />
<br />
== How to check for [[0x24000 Segment Overflow]] exploitability (Mac) ==<br />
As the device has not been released yet, and we only know of it's existance because of various references to "iPhone2,1", this might not work for it. But for previous devices, and hopefully this one too, you can do this:<br />
# Put the device in [[DFU]]<br />
# Open Applications/Utilities/System Profiler<br />
# Go to "USB" on the left sidebar<br />
# Click on "Apple Mobile Device (DFU Mode)"<br />
# Look under "USB Serial Number". Among things like the Chip ID, there should be "iBoot Version"<br />
# If "iBoot Version" is "iBoot-240.4", then that means it is most likely still vulnerable<br />
<br />
== iPhone2,1 == <br />
<br />
"Apple Mobile Device (DFU Mode):<br />
<br />
Product ID: 0x1227<br />
Vendor ID: 0x05ac (Apple Inc.)<br />
Version: 0.00<br />
Serial Number: CPID:8920 CPRV:14 CPFM:03 SCEP:01 BDID:00 ECID:000002DBCA0C6D0E SRTG:['''iBoot-359.3''']<br />
Speed: Up to 480 Mb/sec<br />
Manufacturer: Apple Inc.<br />
Location ID: 0xfd100000<br />
Current Available (mA): 500<br />
Current Required (mA): 100"</div>BioQuarkhttps://www.theiphonewiki.com/w/index.php?title=Jailbreak_(S5L8920%2B)&diff=3890Jailbreak (S5L8920+)2009-06-22T00:28:53Z<p>BioQuark: </p>
<hr />
<div>Because of the date the [[0x24000 Segment Overflow]] was leaked by [[NitroKey]], Apple may or may not have had the time to fix the bug. If not, the following needs to be done:<br />
* '''Find a new iBoot exploit''' - This will allow us to decrypt the platform iBoot and other firmware files in it's IPSW, as well as dump the bootrom to examine.<br />
* '''Find a new bootrom exploit''' - After we have the bootrom dumped, we must look for a way to make SecureROM run our patched [[LLB]].<br />
<br />
== How to check for [[0x24000 Segment Overflow]] exploitability (Mac) ==<br />
As the device has not been released yet, and we only know of it's existance because of various references to "iPhone2,1", this might not work for it. But for previous devices, and hopefully this one too, you can do this:<br />
# Put the device in [[DFU]]<br />
# Open Applications/Utilities/System Profiler<br />
# Go to "USB" on the left sidebar<br />
# Click on "Apple Mobile Device (DFU Mode)"<br />
# Look under "USB Serial Number". Among things like the Chip ID, there should be "iBoot Version"<br />
# If "iBoot Version" is "iBoot-240.4", then that means it is most likely still vulnerable<br />
<br />
== iBoot of iPhone2,1 == <br />
<br />
"iBoot-359.3"</div>BioQuark