The iPhone Wiki is no longer updated. Visit this article on The Apple Wiki for current information. |
Difference between revisions of "Research: Re-allowing unsigned ramdisks and boot-args with the 2.* iBoot"
ChronicDev (talk | contribs) |
m (Changed different to difference) |
||
(One intermediate revision by one other user not shown) | |||
Line 1: | Line 1: | ||
− | == |
+ | ==Ramdisks== |
+ | Ramdisks will run from the get go, just use xpwntool to pack / encrypt them using a vanilla ramdisk as the template. I am not sure if xpwntool will do this, so you may want to check the header to make sure the correct info (sizes etc) are there. |
||
+ | ==boot-args== |
||
− | Without decompiling iBoot 2.x, we can use openiboot. |
||
+ | They use a buffer that is passed on when booting a kernel for boot args, the difference in 2.x is that the boot-args NVRAM var is totally ignored. Not only would a 'patch' be needed, but some code would actually need to be added, somehow. |
||
− | |||
− | :*For boot-args through libibooter |
||
− | :*Ramdisk exploitation |
||
− | :*Or even to open up the NAND to be mounted through USB on your computer. |
||
− | |||
− | ==RE: Theory== |
||
− | That is possible, but the end-goal is something for the end-user Right now wEsTbAeR is scoping out the iBoot to try to find a way to patch it to allow this. |
||
− | |||
− | Right now, even if you get iBooter / iPHUC working with 2.0, that does not matter, because boot-args are disabled. However, just kind of thinking out loud, it would be kind of interesting to see what else is still enabled / disabled...(boot-partition, boot-command, etc.) |
Latest revision as of 20:56, 25 September 2013
Ramdisks
Ramdisks will run from the get go, just use xpwntool to pack / encrypt them using a vanilla ramdisk as the template. I am not sure if xpwntool will do this, so you may want to check the header to make sure the correct info (sizes etc) are there.
boot-args
They use a buffer that is passed on when booting a kernel for boot args, the difference in 2.x is that the boot-args NVRAM var is totally ignored. Not only would a 'patch' be needed, but some code would actually need to be added, somehow.