|
The iPhone Wiki is no longer updated. Visit this article on The Apple Wiki for current information. |
Difference between revisions of "Research: Re-allowing unsigned ramdisks and boot-args with the 2.* iBoot"
ChronicDev (talk | contribs) |
ChronicDev (talk | contribs) |
||
| Line 1: | Line 1: | ||
| − | == |
+ | ==Ramdisks== |
| + | Ramdisks will run from the get go, just use xpwntool to pack / encrypt them using a vanilla ramdisk as the template. I am not sure if xpwntool will do this, so you may want to check the header to make sure the correct info (sizes etc) are there. |
||
| + | ==boot-args== |
||
| − | Without decompiling iBoot 2.x, we can use openiboot. |
||
| + | They use a buffer that is passed on when booting a kernel for boot args, the different in 2.x is that the boot-args NVRAM var is totally ignored. Not only would a 'patch' be needed, but some code would actually need to be added, somehow. |
||
| − | |||
| − | :*For boot-args through libibooter |
||
| − | :*Ramdisk exploitation |
||
| − | :*Or even to open up the NAND to be mounted through USB on your computer. |
||
| − | |||
| − | ==RE: Theory== |
||
| − | That is possible, but the end-goal is something for the end-user Right now wEsTbAeR is scoping out the iBoot to try to find a way to patch it to allow this. |
||
| − | |||
| − | Right now, even if you get iBooter / iPHUC working with 2.0, that does not matter, because boot-args are disabled. However, just kind of thinking out loud, it would be kind of interesting to see what else is still enabled / disabled...(boot-partition, boot-command, etc.) |
||
Revision as of 18:47, 24 December 2008
Ramdisks
Ramdisks will run from the get go, just use xpwntool to pack / encrypt them using a vanilla ramdisk as the template. I am not sure if xpwntool will do this, so you may want to check the header to make sure the correct info (sizes etc) are there.
boot-args
They use a buffer that is passed on when booting a kernel for boot args, the different in 2.x is that the boot-args NVRAM var is totally ignored. Not only would a 'patch' be needed, but some code would actually need to be added, somehow.
