|
The iPhone Wiki is no longer updated. Visit this article on The Apple Wiki for current information. |
Difference between revisions of "Fakeblank"
m (→Description) |
(→Other links) |
||
| Line 7: | Line 7: | ||
The bootrom is located at 0x400000, and can be dumped via geohotz 5.8bl loader exploit |
The bootrom is located at 0x400000, and can be dumped via geohotz 5.8bl loader exploit |
||
| + | This is the first code that runs on the baseband. It resides in internal ROM. |
||
| − | ==Other links== |
||
| − | [http://wikee.iphwn.org/sgold_bootrom:fakeblank dev team description of fakeblank] |
||
| + | ==S-Gold 2== |
||
| − | [[Category:Baseband Exploits]] |
||
| + | The bootrom here is located at 0x400000. It was initially dumped using exploits in java on other [[S-Gold 2]] phones. It allows unsigned code to be uploaded using [[Baseband Bootrom Protocol]]. On non debug variants of the chip, it requires [[Fakeblank]] to run that code |
||
| + | |||
| + | ==X-Gold 608== |
||
| + | The bootrom is located at 0x400000, and can be dumped via geohotz 5.8bl loader exploit |
||
Revision as of 00:58, 23 September 2010
This exploit is in the Baseband Bootrom. There are hardware (testpoint) and software variations of this.
Contents
Credit
gray, iProof, geohot, dinopio, lazyc0der, and an anonymous contributor
X-Gold 608
The bootrom is located at 0x400000, and can be dumped via geohotz 5.8bl loader exploit
This is the first code that runs on the baseband. It resides in internal ROM.
S-Gold 2
The bootrom here is located at 0x400000. It was initially dumped using exploits in java on other S-Gold 2 phones. It allows unsigned code to be uploaded using Baseband Bootrom Protocol. On non debug variants of the chip, it requires Fakeblank to run that code
X-Gold 608
The bootrom is located at 0x400000, and can be dumped via geohotz 5.8bl loader exploit
