|
The iPhone Wiki is no longer updated. Visit this article on The Apple Wiki for current information. |
Difference between revisions of "PwnStrap"
(I'll update this - too tried to do it right tonight/this morning) |
m (oops) |
||
| Line 1: | Line 1: | ||
[http://www.bingner.com/pwnstrap.html Link to original info and some binaries] |
[http://www.bingner.com/pwnstrap.html Link to original info and some binaries] |
||
| − | This is the procedure to use greenpois0n to bootstrap the |
+ | This is the procedure to use greenpois0n to bootstrap the loading of a new limera1n exploit-based pwnagetool image via windows or other irecovery and a supported device: |
# irecovery -c |
# irecovery -c |
||
# setenv boot-args 2 |
# setenv boot-args 2 |
||
| Line 15: | Line 15: | ||
# go jump 0x41000040 |
# go jump 0x41000040 |
||
# restore your CFW from itunes |
# restore your CFW from itunes |
||
| + | |||
| + | |||
| + | You will need one of the new binaries posted above if you have an AppleTV2 |
||
Revision as of 18:27, 23 October 2010
Link to original info and some binaries
This is the procedure to use greenpois0n to bootstrap the loading of a new limera1n exploit-based pwnagetool image via windows or other irecovery and a supported device:
- irecovery -c
- setenv boot-args 2
- setenv auto-boot false
- saveenv
- run greenpois0n - it will stop on a white screen.
- extract iBSS from your custom pwnagetool image
- irecovery -f iBSS
- irecovery -c
- setenv boot-args 0
- saveenv
- go image decrypt 0x41000000
- go jump 0x41000040
- restore your CFW from itunes
You will need one of the new binaries posted above if you have an AppleTV2
