Difference between revisions of "Baseband Device"

From The iPhone Wiki
Jump to: navigation, search
m (Capitalized "it")
(Qualcomm Snapdragon X65M)
 
(10 intermediate revisions by 4 users not shown)
Line 1: Line 1:
the '''Baseband Device''' is the chipset that all [[iPhone|iPhones]] and cellular models of the [[Apple Watch]], [[iPad]], [[List_of_iPad_Airs|iPad Air]], [[List_of_iPad_minis|iPad mini]], and [[iPad Pro]] use that manages all the functions which require a cellular antenna. It has its own RAM and Firmware in NOR flash, separate from the [[ARM]] core resources. The baseband is a resource to the OS. The Wi-Fi and Bluetooth are managed by the main CPU, although the baseband stores it's MAC addresses in its NVRAM.
+
the '''Baseband Device''' is the chipset that all [[iPhone|iPhones]] and cellular models of the [[List of Apple Watches|Apple Watch]], [[List of iPads|iPad]], [[List of iPad Airs|iPad Air]], [[List of iPad minis|iPad mini]], and [[List of iPad Pros|iPad Pro]] use that manages all the functions which require a cellular antenna. It has its own RAM and Firmware in NOR flash, separate from the [[ARM]] core resources. The baseband is a resource to the OS. The Wi-Fi and Bluetooth are managed by the main CPU, although the baseband stores it's MAC addresses in its NVRAM.
   
 
See also: [[Baseband Commands]] and [[iOS Baseband Tools]].
 
See also: [[Baseband Commands]] and [[iOS Baseband Tools]].
 
==Device List==
 
==Device List==
 
<onlyinclude> <!-- Do not remove this tag, it is used as part of the main page transclution! -->
 
<onlyinclude> <!-- Do not remove this tag, it is used as part of the main page transclution! -->
  +
<div class="flex">
  +
<div>
 
=====[[PMB8876]] S-Gold 2=====
 
=====[[PMB8876]] S-Gold 2=====
 
* [[M68AP|iPhone]]
 
* [[M68AP|iPhone]]
Line 61: Line 63:
 
* [[iPhone 7]]
 
* [[iPhone 7]]
 
* [[iPhone 7 Plus]]
 
* [[iPhone 7 Plus]]
  +
</div>
 
  +
<div>
 
=====[[MDM9655]]=====
 
=====[[MDM9655]]=====
 
* [[iPhone 8]]
 
* [[iPhone 8]]
Line 75: Line 78:
 
* [[Apple Watch Series 4]]
 
* [[Apple Watch Series 4]]
 
* [[Apple Watch Series 5]]
 
* [[Apple Watch Series 5]]
* [[Apple Watch SE]]
+
* [[Apple Watch SE (1st generation)|Apple Watch SE]]
 
* [[Apple Watch Series 6]]
 
* [[Apple Watch Series 6]]
  +
* [[Apple Watch Series 7]]
  +
* [[Apple Watch SE (2nd generation)|Apple Watch SE]]
  +
* [[Apple Watch Series 8]]
  +
* [[Apple Watch Ultra]]
 
* [[iPad (7th generation)]]
 
* [[iPad (7th generation)]]
 
* [[iPad (8th generation)]]
 
* [[iPad (8th generation)]]
Line 103: Line 110:
 
* [[iPhone 12 Pro]]
 
* [[iPhone 12 Pro]]
 
* [[iPhone 12 Pro Max]]
 
* [[iPhone 12 Pro Max]]
  +
  +
=====[[SDX57M]]=====
  +
* [[iPhone SE (3rd generation)]]
  +
  +
=====[[SDX60M]]=====
  +
* [[iPad Air (5th generation)]]
  +
* [[iPad mini (6th generation)]]
  +
* [[iPhone 13 mini]]
  +
* [[iPhone 13]]
  +
* [[iPhone 13 Pro]]
  +
* [[iPhone 13 Pro Max]]
  +
  +
=====[[SDX65M]]=====
  +
* [[iPhone 14]]
  +
* [[iPhone 14 Plus]]
  +
* [[iPhone 14 Pro]]
  +
* [[iPhone 14 Pro Max]]
  +
</div>
  +
</div>
 
</onlyinclude> <!-- Do not remove this tag, it is used as part of the main page transclution! -->
 
</onlyinclude> <!-- Do not remove this tag, it is used as part of the main page transclution! -->
   
Line 174: Line 200:
   
 
===[[SDX55M]]===
 
===[[SDX55M]]===
  +
* None
  +
  +
===[[SDX57M]]===
  +
* None
  +
  +
===[[SDX60M]]===
  +
* None
  +
  +
===[[SDX65M]]===
 
* None
 
* None
   

Latest revision as of 23:33, 19 September 2022

the Baseband Device is the chipset that all iPhones and cellular models of the Apple Watch, iPad, iPad Air, iPad mini, and iPad Pro use that manages all the functions which require a cellular antenna. It has its own RAM and Firmware in NOR flash, separate from the ARM core resources. The baseband is a resource to the OS. The Wi-Fi and Bluetooth are managed by the main CPU, although the baseband stores it's MAC addresses in its NVRAM.

See also: Baseband Commands and iOS Baseband Tools.

Device List

MDM9655
PMB9948 X-Gold 748
PMB9955 X-Gold 756
PMB9960 X-Gold 766
SDX55M
SDX57M
SDX60M
SDX65M


Seczone

This is the area in the baseband where the lock state is stored.

Layout

0x400--NCK token
0xA00--IMEI signature
0xB00--IMEI
0xC00--Locks table

Encryption

Many of the sections are encrypted using TEA based off the CHIPID and NORID. See NCK Brute Force for more info.

Exploits

PMB8876 S-Gold 2

PMB8878 X-Gold 608

XMM 6180 X-Gold 618

MDM6600

  • None

MDM6610

  • None

MDM9600

  • None

MDM9615

  • None

MDM9625

  • None

MDM9635

  • None

MDM9645

  • None

PMB9943 X-Gold 736

  • None

MDM9655

  • None

PMB9948 X-Gold 748

  • None

PMB9955 X-Gold 756

  • None

PMB9960 X-Gold 766

  • None

SDX55M

  • None

SDX57M

  • None

SDX60M

  • None

SDX65M

  • None

Theoretical Attacks

Boot Chain

bootrom->bootloader->firmware