https://www.theiphonewiki.com/w/api.php?action=feedcontributions&feedformat=atom&user=RequilenceThe iPhone Wiki - User contributions [en]2026-05-08T19:10:51ZUser contributionsMediaWiki 1.31.14https://www.theiphonewiki.com/w/index.php?title=Talk:WildcardTicket&diff=16937Talk:WildcardTicket2011-03-20T19:52:41Z<p>Requilence: </p>
<hr />
<div>Theoretically, can't we just edit the .plist? and make it into the factory unlocked IMSI Mask? -- {{unsigned|Leobruh|5:32, 19 August 2010 (UTC)}}<br />
<br />
:The activation plist is signed, so to do this you require a jailbreak anyway. --[[User:Lilstevie|Lilstevie]] 09:45, 20 August 2010 (UTC)- lilstevie<br />
<br />
i realize that. but wouldnt this result in a permanent unlock? [[User:Leobruh|Leobruh]] 07:37, 19 August 2010 (UTC)!<br />
<br />
I'm guessing the ticket is handled by the baseband, which requires an exploit to get unsigned code running in the first place? [[User:Iemit737|Iemit737]] 07:41, 19 August 2010 (UTC)<br />
<br />
The wildcard ticket is also signed - simple edits break the signature and the ticket gets rejected then. rtfm cryptography 101. [[User:dogbert|dogbert]] 16:02, 19 August 2010 (UTC)<br />
<br />
kay but unsigned code already runs when the phone is jailbroken and has access to the filesystem. wouldnt editing the .plist be okay since the sig checks arent needed. again this is all theoretical. im jw [[User:Leobruh|Leobruh]] 18:33, 19 August 2010 (UTC)!<br />
<br />
The baseband processor checks the signature, not the application processor. [[User:dogbert|dogbert]] 18:36, 19 August 2010 (UTC)<br />
<br />
ahh got ya! but would my theory work though through an exploit such as AT+XAPP? instead of a payload it just changes the .plist? [[User:Leobruh|Leobruh]] 00:15, 20 August 2010 (UTC)!<br />
<br />
:you would still require the valid NCK for it to process the unlock in that method, the current way the payloads work for exploits in the baseband processor are adequate --[[User:Lilstevie|Lilstevie]] 09:44, 20 August 2010 (UTC)<br />
<br />
:i thought NKC was only for the iPhone 2G? 0.o [[User:Leobruh|Leobruh]] 14:47, 21 August 2010 (UTC)!<br />
::NCK or Network Code Key is on any cellular device that gets locked to a carrier --[[User:Lilstevie|Lilstevie]] 14:52, 19 September 2010 (UTC)<br />
<br />
Is there are ability to decode WildcardTicket received from Apple to see NCK or lockstate table?<br />
What about unlocked by request to carrier iPhones? Is it some differences in WildcardTicket? --[[User:Requilence|Requilence]] 13:17, 20 March 2011 (UTC)<br />
<br />
:Decrypting is possible since the key is known. Changing the ticket is, however, not possible since it breaks the signatures. For carrier unlocked phones, Apple sends a new WildcardTicket without a lock table during sync.--[[User:Dogbert|Dogbert]] 16:43, 20 March 2011 (UTC)<br />
<br />
::Tell me this, if the signature is broken, what happens to the phone? DFU, Recovery...? [[User:Leobruh|Leobruh]] 17:41, 20 March 2011 (UTC)!<br />
<br />
:: Apple send it to iphone only on sync after activate? I try SAM on unlocked by request iphone, it's activate properly with right IMSI and IMEI, but seems like WildcardTicket doesn't have lock table accept any IMSI. How can i check this? --[[User:Requilence|Requilence]] 19:52, 20 March 2011 (UTC)</div>Requilencehttps://www.theiphonewiki.com/w/index.php?title=Talk:WildcardTicket&diff=16931Talk:WildcardTicket2011-03-20T13:17:12Z<p>Requilence: </p>
<hr />
<div>Theoretically, can't we just edit the .plist? and make it into the factory unlocked IMSI Mask? -- {{unsigned|Leobruh|5:32, 19 August 2010 (UTC)}}<br />
<br />
:The activation plist is signed, so to do this you require a jailbreak anyway. --[[User:Lilstevie|Lilstevie]] 09:45, 20 August 2010 (UTC)- lilstevie<br />
<br />
i realize that. but wouldnt this result in a permanent unlock? [[User:Leobruh|Leobruh]] 07:37, 19 August 2010 (UTC)!<br />
<br />
I'm guessing the ticket is handled by the baseband, which requires an exploit to get unsigned code running in the first place? [[User:Iemit737|Iemit737]] 07:41, 19 August 2010 (UTC)<br />
<br />
The wildcard ticket is also signed - simple edits break the signature and the ticket gets rejected then. rtfm cryptography 101. [[User:dogbert|dogbert]] 16:02, 19 August 2010 (UTC)<br />
<br />
kay but unsigned code already runs when the phone is jailbroken and has access to the filesystem. wouldnt editing the .plist be okay since the sig checks arent needed. again this is all theoretical. im jw [[User:Leobruh|Leobruh]] 18:33, 19 August 2010 (UTC)!<br />
<br />
The baseband processor checks the signature, not the application processor. [[User:dogbert|dogbert]] 18:36, 19 August 2010 (UTC)<br />
<br />
ahh got ya! but would my theory work though through an exploit such as AT+XAPP? instead of a payload it just changes the .plist? [[User:Leobruh|Leobruh]] 00:15, 20 August 2010 (UTC)!<br />
<br />
:you would still require the valid NCK for it to process the unlock in that method, the current way the payloads work for exploits in the baseband processor are adequate --[[User:Lilstevie|Lilstevie]] 09:44, 20 August 2010 (UTC)<br />
<br />
:i thought NKC was only for the iPhone 2G? 0.o [[User:Leobruh|Leobruh]] 14:47, 21 August 2010 (UTC)!<br />
::NCK or Network Code Key is on any cellular device that gets locked to a carrier --[[User:Lilstevie|Lilstevie]] 14:52, 19 September 2010 (UTC)<br />
<br />
Is there are ability to decode WildcardTicket received from Apple to see NCK or lockstate table?<br />
What about unlocked by request to carrier iPhones? Is it some differences in WildcardTicket? --[[User:Requilence|Requilence]] 13:17, 20 March 2011 (UTC)</div>Requilencehttps://www.theiphonewiki.com/w/index.php?title=Talk:WildcardTicket&diff=16930Talk:WildcardTicket2011-03-20T13:16:46Z<p>Requilence: Undo revision 16929 by Requilence (Talk)</p>
<hr />
<div>Theoretically, can't we just edit the .plist? and make it into the factory unlocked IMSI Mask? -- {{unsigned|Leobruh|5:32, 19 August 2010 (UTC)}}<br />
<br />
:The activation plist is signed, so to do this you require a jailbreak anyway. --[[User:Lilstevie|Lilstevie]] 09:45, 20 August 2010 (UTC)- lilstevie<br />
<br />
i realize that. but wouldnt this result in a permanent unlock? [[User:Leobruh|Leobruh]] 07:37, 19 August 2010 (UTC)!<br />
<br />
I'm guessing the ticket is handled by the baseband, which requires an exploit to get unsigned code running in the first place? [[User:Iemit737|Iemit737]] 07:41, 19 August 2010 (UTC)<br />
<br />
The wildcard ticket is also signed - simple edits break the signature and the ticket gets rejected then. rtfm cryptography 101. [[User:dogbert|dogbert]] 16:02, 19 August 2010 (UTC)<br />
<br />
kay but unsigned code already runs when the phone is jailbroken and has access to the filesystem. wouldnt editing the .plist be okay since the sig checks arent needed. again this is all theoretical. im jw [[User:Leobruh|Leobruh]] 18:33, 19 August 2010 (UTC)!<br />
<br />
The baseband processor checks the signature, not the application processor. [[User:dogbert|dogbert]] 18:36, 19 August 2010 (UTC)<br />
<br />
ahh got ya! but would my theory work though through an exploit such as AT+XAPP? instead of a payload it just changes the .plist? [[User:Leobruh|Leobruh]] 00:15, 20 August 2010 (UTC)!<br />
<br />
:you would still require the valid NCK for it to process the unlock in that method, the current way the payloads work for exploits in the baseband processor are adequate --[[User:Lilstevie|Lilstevie]] 09:44, 20 August 2010 (UTC)<br />
<br />
:i thought NKC was only for the iPhone 2G? 0.o [[User:Leobruh|Leobruh]] 14:47, 21 August 2010 (UTC)!<br />
::NCK or Network Code Key is on any cellular device that gets locked to a carrier --[[User:Lilstevie|Lilstevie]] 14:52, 19 September 2010 (UTC)</div>Requilencehttps://www.theiphonewiki.com/w/index.php?title=Talk:WildcardTicket&diff=16929Talk:WildcardTicket2011-03-20T13:14:52Z<p>Requilence: </p>
<hr />
<div>Theoretically, can't we just edit the .plist? and make it into the factory unlocked IMSI Mask? -- {{unsigned|Leobruh|5:32, 19 August 2010 (UTC)}}<br />
<br />
:The activation plist is signed, so to do this you require a jailbreak anyway. --[[User:Lilstevie|Lilstevie]] 09:45, 20 August 2010 (UTC)- lilstevie<br />
<br />
i realize that. but wouldnt this result in a permanent unlock? [[User:Leobruh|Leobruh]] 07:37, 19 August 2010 (UTC)!<br />
<br />
I'm guessing the ticket is handled by the baseband, which requires an exploit to get unsigned code running in the first place? [[User:Iemit737|Iemit737]] 07:41, 19 August 2010 (UTC)<br />
<br />
The wildcard ticket is also signed - simple edits break the signature and the ticket gets rejected then. rtfm cryptography 101. [[User:dogbert|dogbert]] 16:02, 19 August 2010 (UTC)<br />
<br />
kay but unsigned code already runs when the phone is jailbroken and has access to the filesystem. wouldnt editing the .plist be okay since the sig checks arent needed. again this is all theoretical. im jw [[User:Leobruh|Leobruh]] 18:33, 19 August 2010 (UTC)!<br />
<br />
The baseband processor checks the signature, not the application processor. [[User:dogbert|dogbert]] 18:36, 19 August 2010 (UTC)<br />
<br />
ahh got ya! but would my theory work though through an exploit such as AT+XAPP? instead of a payload it just changes the .plist? [[User:Leobruh|Leobruh]] 00:15, 20 August 2010 (UTC)!<br />
<br />
:you would still require the valid NCK for it to process the unlock in that method, the current way the payloads work for exploits in the baseband processor are adequate --[[User:Lilstevie|Lilstevie]] 09:44, 20 August 2010 (UTC)<br />
<br />
:i thought NKC was only for the iPhone 2G? 0.o [[User:Leobruh|Leobruh]] 14:47, 21 August 2010 (UTC)!<br />
::NCK or Network Code Key is on any cellular device that gets locked to a carrier --[[User:Lilstevie|Lilstevie]] 14:52, 19 September 2010 (UTC)<br />
<br />
Is there are ability to decode WildcardTicket received from Apple to see NCK or lockstate table?<br />
What about unlocked by request to carrier iPhones? Is it some differences in WildcardTicket?</div>Requilence