Difference between revisions of "Bootrom 574.4"

From The iPhone Wiki
Jump to: navigation, search
m (SHAtter ≠ Geohot's bootrom exploit.)
m
 
(16 intermediate revisions by 6 users not shown)
Line 1: Line 1:
This is the first revision of the [[S5L8930]] bootrom, found in the [[K48ap|iPad]], the [[N81ap|iPod touch 4G]], and in the [[N90ap|iPhone 4]]. Geohot has hinted at an undiscovered bootrom exploit in all iDevices, but said he has no plans to release it. He has since left the jailbreak scene.
+
This is the [[S5L8930]] (A4) bootrom, found in the [[K48AP|original iPad]], the [[iPhone 4]], the [[N81AP|iPod touch (4th generation)]], and the [[K66AP|Apple TV (2nd generation)]]. This bootrom was compiled in between 3.0 beta 1 and 3.0 beta 2.
   
  +
==Exploits==
[[SHAtter]], a different exploit that only targets [[S5L8930]] devices, will be released soon.
 
  +
*[[Limera1n Exploit]] was released by [[User:Geohot|geohot]] to jailbreak devices using this revision of the bootrom.
  +
*[[SHA-1 Image Segment Overflow|SHAtter]], a different exploit that only targets [[S5L8930]] devices was found, but never used.
  +
  +
===Texts found in this bootrom===
  +
====zero-terminated====
  +
0200 SecureROM for s5l8930xsi, Copyright 2009, Apple Inc.
  +
0240 RELEASE
  +
0280 iBoot-574.4
  +
A31C nor0
  +
A32C panic: 
  +
A334 : 
  +
A338 double panic in 
  +
A34C idle task
  +
A358 Apple Secure Boot Certification Authority
  +
A384 Apple Mobile Device (DFU Mode)
  +
A3A4 CPID:%04X CPRV:%02X CPFM:%02X SCEP:%02X BDID:%02X ECID:%016llX IBFL:%02X
  +
A3F0  SRTG:[
  +
A3F8 ]
  +
A3FC <null>
  +
A404 .
  +
A408 :
  +
A40C 0x
  +
A410 Apple Inc.
  +
  +
====BSTR====
  +
ADC7 US
  +
ADD4 Apple Inc.
  +
ADE9 Apple Certification Authority
  +
AE11 Apple Root CA
  +
AE22 060425214036Z
  +
AE31 350209214036Z
  +
AE58 Apple Inc.
  +
AE6D Apple Certification Authority
  +
AE95 Apple Root CA
  +
B062 <nowiki>https://www.apple.com/appleca/</nowiki>
  +
B093 Reliance on this certificate by any party assumes
  +
acceptance of the then applicable standard terms
  +
and conditions of use, certificate policy and
  +
certification practice statements.
  +
  +
====fixed length====
  +
B26C 0123456789ABCDEF0123456789abcdef
  +
  +
[[Category:Bootrom]]

Latest revision as of 10:13, 26 March 2017

This is the S5L8930 (A4) bootrom, found in the original iPad, the iPhone 4, the iPod touch (4th generation), and the Apple TV (2nd generation). This bootrom was compiled in between 3.0 beta 1 and 3.0 beta 2.

Exploits

  • Limera1n Exploit was released by geohot to jailbreak devices using this revision of the bootrom.
  • SHAtter, a different exploit that only targets S5L8930 devices was found, but never used.

Texts found in this bootrom

zero-terminated

0200 SecureROM for s5l8930xsi, Copyright 2009, Apple Inc.
0240 RELEASE
0280 iBoot-574.4
A31C nor0
A32C panic: 
A334 : 
A338 double panic in 
A34C idle task
A358 Apple Secure Boot Certification Authority
A384 Apple Mobile Device (DFU Mode)
A3A4 CPID:%04X CPRV:%02X CPFM:%02X SCEP:%02X BDID:%02X ECID:%016llX IBFL:%02X
A3F0  SRTG:[
A3F8 ]
A3FC <null>
A404 .
A408 :
A40C 0x
A410 Apple Inc.

BSTR

ADC7 US
ADD4 Apple Inc.
ADE9 Apple Certification Authority
AE11 Apple Root CA
AE22 060425214036Z
AE31 350209214036Z
AE58 Apple Inc.
AE6D Apple Certification Authority
AE95 Apple Root CA
B062 https://www.apple.com/appleca/
B093 Reliance on this certificate by any party assumes 
     acceptance of the then applicable standard terms 
     and conditions of use, certificate policy and 
     certification practice statements.

fixed length

B26C 0123456789ABCDEF0123456789abcdef