Difference between revisions of "Kirkwood 7A341 (iPod2,1)"

From The iPhone Wiki
Jump to: navigation, search
(needservice.s5l8720x.img3)
(RecoveryMode)
Line 68: Line 68:
   
 
===RecoveryMode===
 
===RecoveryMode===
* '''IV''':
+
* '''IV''':
  +
* '''Key''':
  +
http://filebin.ca/rqxhwd/recoverymode.s5l8720x.img3_keys.txt
   
 
===018-5309-002.dmg===
 
===018-5309-002.dmg===

Revision as of 21:43, 8 November 2010

Decryption Keys

Root Filesystem

  • VFDecrypt: 415225778e1bebf8eeff2a9050b04ce429de9680e4acba50820a3fa453897bc4a4b307e2

LLB

  • IV: 6a362817b3dfaf5932f13a747e0181a6
  • Key: fd285252b62192710f6f8c902ef96aaf

iBoot

  • IV: c71876986992913eeb8b12b072e00293
  • Key: e0476a04b7dfba9531e1c0263f8b0143

DeviceTree

  • IV: 58a4993608ddfbd3c7be970c7656f54a
  • Key: b11cafdbacf7ccc0a73a500dffe48c81

kernelcache

  • IV: 308dd79438f44a9b9f2d465dbc850f3d
  • Key: d1dd8688b1845fd4c58628e701a1e0a2

iBEC

  • IV: cb811d7b738e930fdf21660dd261e937
  • Key: 592b94ddb22d797f5bfe0b6529223233

iBSS

  • IV: 562681289ebe33a82a810a6463b95dde
  • Key: d42a45e83880d70807fef01f2fed29ac

WTF.s5l8900xall.RELEASE.dfu

  • IV: e060a05be0f95aa0d722500a7beff6ae
  • Key: 50deb7d37209f8a2199ce2e2e7583a6d

applelogo.s5l8720x.img3

  • IV: 1237fe42ccb2cc144cf680d112409413
  • Key: 4f597271cb2a131f5b9ffb1832f8f07a

batterycharging0.s5l8720x.img3

  • IV: 625434a61c354d9a325b7b8db48a0962
  • Key: 38788d3f80e84c00a88feb454c1310ea

batterycharging1.s5l8720x.img3

  • IV: 2497d0cb0a5bc3d2b774ae0fc419f47f
  • Key: afa026b0cc1efb39586082ec7f2023e8

batteryfull.s5l8720x.img3

  • IV: 9631f413e96a38e40925c41f2e60cbb9
  • Key: 5fcc938c67b55507a230c76380d54a1e

batterylow0.s5l8720x.img3

  • IV: 62edecfd87f56442a7e145cef66686dc
  • Key: 067804b6f4d959e78e9c1b33bd3000bb

batterylow1.s5l8720x.img3

  • IV: 6748c9a0659f51a1e85ea26aa6e5869c
  • Key: 01b231b289acc777f3d9f975a3065379

glyphcharging.s5l8720x.img3

  • IV: 80deaa6a52faf40e7bd9f0c370bc8bf6
  • Key: e178f1dbfea6da9e2f266fd8948c4d7e

glyphplugin.s5l8720x.img3

  • IV: e4a3edd136315a9b2464526529bc6d38
  • Key: 5ac996aefc96924fe7bfb9b8ffaec38f

needservice.s5l8720x.img3

  • IV: 98b8496df8d8997f5000b8252c8cec05
  • Key: 5cfaebe8d1271e30d503b1337df51239

RecoveryMode

  • IV:
  • Key:

http://filebin.ca/rqxhwd/recoverymode.s5l8720x.img3_keys.txt

018-5309-002.dmg

  • IV: b7ae396e8e8ea533b1593802b1d59678
  • Key: 4672f8b511586e795ec7d6aa9ad1b1c3

018-5310-002.dmg

  • IV: 395f0ec18c19f302298c0fd49b75c6e6
  • Key: 8f4a88ab8acf4bed06a5f641ba804c50

Patches

Putting this here for developers that would like to to utilize "extras" like /dev/kmem access, tfp0, etc.

Kernel

// thumb patches
0x08DE72: 8D 43 => 00 00               // w^x patch #1
0x090B6E: A2 43 => 00 00               // w^x patch #2
0x19B8BC: 0C D1 => 0C E0               // allow tfp0
0x381E22: FA 23 DB 00 => 01 23 5B 42   // allow aes uid key usage
0x381E34: FA 23 9B 00 => 01 23 5B 42   // allow aes gid key usage
0x3DEF8E: 40 42 => 00 20               // img3 signature check

// flag patches
0x213638: 00 00 00 00 => 01 00 00 00   // setup_kmem flag

// arm patches
0x3F908C: 00 40 A0 E3 => 01 40 A0 E3   // codesign check actual code patch
0x3FCB40: FF 40 A0 E3 => 00 40 A0 E3