Difference between revisions of "Greenpois0n (jailbreak)"

From The iPhone Wiki
Jump to: navigation, search
(subtitles)
(RC5 and RC5_2)
Line 11: Line 11:
 
=== RC5 and RC5_2 ===
 
=== RC5 and RC5_2 ===
 
Posixninja and the rest of [[Chronic Dev (team)|Chronic Dev]] released greenpois0n RC5 on 3 February 2011, which performs an untethered jailbreak on iOS 4.2.1 for most devices that support it. The exploit was fixed in the 4.3 betas, due to an implementation of [[wikipedia:Address space layout randomization|ASLR]].
 
Posixninja and the rest of [[Chronic Dev (team)|Chronic Dev]] released greenpois0n RC5 on 3 February 2011, which performs an untethered jailbreak on iOS 4.2.1 for most devices that support it. The exploit was fixed in the 4.3 betas, due to an implementation of [[wikipedia:Address space layout randomization|ASLR]].
  +
  +
Also, released on February 5 2011 was greenpois0n RC5 b2 which included support for Windows and also bug fixes. Also released was greenpois0n RC5 b3 which is currently for Mac only and includes some bug fixes.
   
 
== Controversy ==
 
== Controversy ==

Revision as of 10:37, 6 February 2011

greenpois0n
This article is about the jailbreak. For the toolkit, see greenpois0n (toolkit).

The downloads for greenpois0n can be found on http://www.greenpois0n.com/. It is available for Windows, Mac, and Linux.

History

RC1 - RC4

Greenpois0n was originally written using two exploits: SHAtter (a bootrom exploit) as well as a userland kernel exploit provided by Comex to make the jailbreak untethered. A release date of 10/10/10 10:10:10 AM (GMT) was announced, as well as the list of supported devices. Due to the nature of SHAtter, only iDevices using the A4 Processor were supported. geohot later released another jailbreak (limera1n using a different bootrom exploit) on 9 October 2010, which led to a delay in greenpois0n's release (to implement geohot's exploit, not SHAtter).

RC5 and RC5_2

Posixninja and the rest of Chronic Dev released greenpois0n RC5 on 3 February 2011, which performs an untethered jailbreak on iOS 4.2.1 for most devices that support it. The exploit was fixed in the 4.3 betas, due to an implementation of ASLR.

Also, released on February 5 2011 was greenpois0n RC5 b2 which included support for Windows and also bug fixes. Also released was greenpois0n RC5 b3 which is currently for Mac only and includes some bug fixes.

Controversy

There was much controversy surrounding the sudden release of limera1n and the motives behind it. The main reasons for the limera1n release were:

  1. Use an exploit that Apple already knew about (newer iBoots shows the exploit patched)
  2. Supports more iDevices than SHAtter
  3. Hopefully save the SHAtter bootrom exploit for future iDevices

The reason for this is bootrom exploits are not patchable with software updates. It requires new hardware to fix the security hole. Since the limera1n hole was already discovered and patched by Apple, it benefits the community if SHAtter is saved in hopes of using it with new hardware, like the 5th generation iPhone/iPod touch and the iPad 2G.

Supported Devices

greenpois0n RC4 and earlier requires the device to be on either iOS 3.2.2 (iPad 1G) or iOS 4.1 (all other devices). Of the devices that support these firmware revisions, the only one not supported is the iPhone 3G.

greenpois0n RC5 requires the device to be on iOS 4.2.1. It is compatible with every device that has 4.2.1, except for the iPhone 3G. It was released earlier than anticipated, because iOS 4.3 unintentionally blocked the HFS Legacy Volume Name Stack Buffer Overflow‎ exploit.

Output

iPhone 4 with greenpois0n output (via iRecovery):

Attempting to initialize greenpois0n
Initializing commands
Searching for cmd_ramdisk
Found cmd_ramdisk string at 0x8401c7ac
Found cmd_ramdisk reference at 0x84000d64
Found cmd_ramdisk function at 0x84000cd1
Initializing patches
Initializing memory
Initializing aes
Searching for aes_crypto_cmd
Found aes_crypto_cmd string at 0x84021a8c
Found aes_crypto_cmd reference at 0x84017bb8
Found aes_crypto_cmd fnction at 0x84017b51
Initializing bdev
Initializing image
Initializing nvram
Initializing kernel
Greenpois0n initialized