https://www.theiphonewiki.com/w/api.php?action=feedcontributions&user=NetMage&feedformat=atomThe iPhone Wiki - User contributions [en]2024-03-29T06:56:40ZUser contributionsMediaWiki 1.31.14https://www.theiphonewiki.com/w/index.php?title=Pwnage_2.0&diff=3908Pwnage 2.02009-06-23T23:51:27Z<p>NetMage: /* Change category to match other similar pages */</p>
<hr />
<div>This exploit in the [[VROM]] is really the ultimate exploit, since it allows unsigned code to be run at the lowest level. It can be patched out '''only''' by a new hardware revision.<br />
<br />
==Credit==<br />
[[The dev team]]<br />
<br />
==Exploit==<br />
There is a stack overflow in the certificate parsing code. By passing a malformed certificate, unsigned code can be run.<br />
<br />
==Implementations==<br />
*[[PwnageTool]]<br />
*[[QuickPwn]]<br />
*[[WinPwn]]<br />
*[http://lpahome.com/geohot/iran.rar iran]<br />
<br />
[[Category:Exploits]]</div>NetMagehttps://www.theiphonewiki.com/w/index.php?title=Jailbreak&diff=3907Jailbreak2009-06-23T23:25:46Z<p>NetMage: </p>
<hr />
<div>This is the process by which full execute and write access is obtained on all the partitions of the iPhone. It is done by patching /etc/fstab to mount the System partition as read-write. This is entirely different to an [[unlock]]. Jailbreaking is the first action that must be taken before things like non-official [[activation]], and non-official unlocking, can proceed.<br />
<br />
The original jailbreak also included modifying the afc service (service used by iTunes to access the filesystem) to give full filesystem access from root. This was later updated to creating a new service (afc2) that allows access to the full filesystem.<br />
<br />
Modern jailbreaks also include patching the OS kernel to get around code-signing and other restrictions.</div>NetMage