The iPhone Wiki is no longer updated. Visit this article on The Apple Wiki for current information. |
User contributions
(newest | oldest) View (newer 100 | older 100) (20 | 50 | 100 | 250 | 500)
- 01:03, 28 July 2008 (diff | hist) . . (-1) . . The iPhone Wiki:General disclaimer
- 00:46, 28 July 2008 (diff | hist) . . (+18) . . Recovery Mode
- 00:46, 28 July 2008 (diff | hist) . . (-2) . . PwnageTool
- 00:46, 28 July 2008 (diff | hist) . . (+90) . . PwnageTool
- 00:45, 28 July 2008 (diff | hist) . . (+39) . . Baseband
- 00:45, 28 July 2008 (diff | hist) . . (0) . . Up to Speed
- 00:45, 28 July 2008 (diff | hist) . . (+34) . . Up to Speed
- 00:44, 28 July 2008 (diff | hist) . . (+24) . . Up to Speed
- 00:36, 28 July 2008 (diff | hist) . . (+69) . . N NCK (New page: Network Control Key. The 15-digit key required to unlock your iPhone.)
- 00:35, 28 July 2008 (diff | hist) . . (+4) . . Timeline
- 00:35, 28 July 2008 (diff | hist) . . (-2) . . Timeline
- 00:35, 28 July 2008 (diff | hist) . . (-16) . . Timeline
- 00:35, 28 July 2008 (diff | hist) . . (+43) . . Main Page
- 00:34, 28 July 2008 (diff | hist) . . (-55) . . Up to Speed
- 00:33, 28 July 2008 (diff | hist) . . (-4) . . The iPhone Wiki:General disclaimer
- 00:33, 28 July 2008 (diff | hist) . . (-71) . . The iPhone Wiki:General disclaimer
- 00:33, 28 July 2008 (diff | hist) . . (+1,834) . . N The iPhone Wiki:General disclaimer (New page: From The old iPhone Dev Wiki ==Preamble== This is a place for people who want to make iPhone even more awesome than it is already out of the box. No company in the world can build all t...)
- 00:31, 28 July 2008 (diff | hist) . . (+6) . . Baseband TEA Keys
- 00:31, 28 July 2008 (diff | hist) . . (+12) . . Baseband TEA Keys
- 00:31, 28 July 2008 (diff | hist) . . (-100) . . Baseband TEA Keys
- 00:31, 28 July 2008 (diff | hist) . . (+1,308) . . N Baseband TEA Keys (New page: The baseband generates TEA keys based of the CHIPID and NORID. ==Key A Generation== //return unique phone key (key A), this key is used for security zone encryption/decryption void get_...)
- 00:28, 28 July 2008 (diff | hist) . . (+13) . . Secpack 2.0
- 00:28, 28 July 2008 (diff | hist) . . (+21) . . Secpack 2.0
- 00:28, 28 July 2008 (diff | hist) . . (+302) . . N Secpack 2.0 (New page: This is the security region in the files sent to the X-Gold 608. This is the first 0xCF8 is new fls and eep files. ==Layout== 0x634--Memory Map 0x714--Descriptor 0xCD4--Post secpac...)
- 00:21, 28 July 2008 (diff | hist) . . (+132) . . Seczone
- 00:20, 28 July 2008 (diff | hist) . . (+130) . . N Seczone (New page: This is the area in the baseband where the lock state is stored. ==Layout== 0x400--NCK token 0xB00--IMEI 0xB10--IMEI signature)
- 00:19, 28 July 2008 (diff | hist) . . (-7) . . Unsolved problems
- 00:18, 28 July 2008 (diff | hist) . . (+161) . . Unsolved problems
- 00:17, 28 July 2008 (diff | hist) . . (+15) . . N Unsolved problems (New page: *Unlock 2.0)
- 00:14, 28 July 2008 (diff | hist) . . (+81) . . Ramdisk
- 00:13, 28 July 2008 (diff | hist) . . (+1) . . Apple Certificate
- 00:13, 28 July 2008 (diff | hist) . . (+12,972) . . N Apple Certificate (New page: The certificate on IMG2 and IMG3 files ==Parsed== openssl asn1parse -inform DER -in cert 0:d=0 hl=4 l=1211 cons: SEQUENCE 4:d=...)
- 00:06, 28 July 2008 (diff | hist) . . (+1,098) . . N Baseband RSA Keys (New page: These are the keys shared between the S-Gold 2 and the X-Gold 608 ==Key 1== This is used to decrypt the debug cert and things in the seczone Modulus length 0x400 bits, Exponent 0...)
- 00:03, 28 July 2008 (diff | hist) . . (+31) . . N Key 2 (Redirecting to Baseband RSA Keys) (current)
- 00:02, 28 July 2008 (diff | hist) . . (+295) . . N Secpack (New page: This is the S-Gold 2 security section on files it is uploading. It is at 0x1A4-0x9A4 in fls and eep files. ==Layout== 0x0 -- RSA Signature, decrypted with key 2 0x200 -- Descrip...)
- 23:58, 27 July 2008 (diff | hist) . . (+33) . . N Bootloader 4.6 (Redirecting to Baseband Bootloader) (current)
- 23:58, 27 July 2008 (diff | hist) . . (-2) . . JerrySIM
- 23:58, 27 July 2008 (diff | hist) . . (+227) . . N JerrySIM (New page: This was the dev's teams approach to unlocking Bootloader 4.6 ==Exploit== This relied on a buffer overflow in the STK. ==Resources== [http://code.google.com/p/iphone-elite/wiki/Jerry...)
- 23:56, 27 July 2008 (diff | hist) . . (+33) . . N Bootloader 3.9 (Redirecting to Baseband Bootloader) (current)
- 23:56, 27 July 2008 (diff | hist) . . (+221) . . N Minus 0x400 (New page: This was the first openly available exploit found in Bootloader 3.9 ==Credit== The dev team ==Exploit== The first 0x400 bytes aren't written until the signature verifies. So star...)
- 23:54, 27 July 2008 (diff | hist) . . (+880) . . N IPSF (New page: IPSF, or iPhone SIM free, was the first software unlock available for the iPhone. It relied on two exploits, with weren't understood until much later. Both of these were only in [[Bootload...)
- 23:49, 27 July 2008 (diff | hist) . . (+253) . . SIM hacks
- 23:47, 27 July 2008 (diff | hist) . . (+457) . . N SIM hacks (New page: These hacks all require a SIM card passthrough to be used. ==Exploit== This relies on the fact that the IMSI is read twice, once to validate the IMSI and once to connect to the network. S...)
- 23:45, 27 July 2008 (diff | hist) . . (+345) . . N JailbreakMe (New page: This was the exploit used to easily jailbreak 1.1.1 phones. ==Credit== metasploit, rezn, dinopio, drudge, kroo, pumpkin, davidc, dunham, planetbeing and NerveGas ==Exploit== There was a ...)
- 23:43, 27 July 2008 (diff | hist) . . (+152) . . Restore Mode
- 23:42, 27 July 2008 (diff | hist) . . (+513) . . N NAND (New page: Normally refers to the NAND flash chip used in the phone. This is where all the storage capacity comes from. The capacity of this is 4GB, 8GB, or 16GB. It has two partitions, the system pa...)
- 23:39, 27 July 2008 (diff | hist) . . (+226) . . N Symlinks (New page: Before the discovery of the Ramdisk Hack, this was used after 1.1.1 to jailbreak. It involved either symlinking the directories to a sandbox or symlinking the NAND block device, in...)
- 23:37, 27 July 2008 (diff | hist) . . (+29) . . N Baseband Firmware (New page: The baseband firmware itself.)
- 23:35, 27 July 2008 (diff | hist) . . (+207) . . IMG3 File Format
- 23:34, 27 July 2008 (diff | hist) . . (+732) . . N IMG3 File Format (New page: This is the replacement for the IMG2 File Format in 2.0 firmware. ==Header== struct Img3 { unsigned int magic; unsigned int dataLenPad; unsigned int u1; // offSet to 20 byte fo...)
- 23:28, 27 July 2008 (diff | hist) . . (+62) . . 8900 File Format
- 23:25, 27 July 2008 (diff | hist) . . (+4) . . AES Keys
- 23:25, 27 July 2008 (diff | hist) . . (+78) . . N UID key (New page: AES hardware key unique to each iPhone. Used to encrypt things in the NOR.)
- 23:25, 27 July 2008 (diff | hist) . . (+435) . . N AES Keys (New page: The S5L8900 has an AES coprocessor with the GID-key and UID-key built in. ==Key 0x837== Generated by encrypting 345A2D6C5050D058780DA431F0710E15 with GID-key to get 188458...)
- 23:22, 27 July 2008 (diff | hist) . . (+22) . . N Key 0x837 (Redirecting to AES Keys)
- 23:21, 27 July 2008 (diff | hist) . . (+13) . . Main Page
- 23:20, 27 July 2008 (diff | hist) . . (+188) . . N GID Key (New page: The hardware AES key shared by every iPhone and iPhone 3G. Used to generated Key 0x837. ==Attack== It would be great to perform some side channel attack of this to extract it.)
- 23:19, 27 July 2008 (diff | hist) . . (+81) . . m 8900 File Format
- 23:18, 27 July 2008 (diff | hist) . . (+1,020) . . N 8900 File Format (New page: This is the file format used by the S5L8900 ==Header== typedef struct { uchar magic[4]; // string "8900" uchar version[3]; // string "1.0" uint8 form...)
- 23:17, 27 July 2008 (diff | hist) . . (+21) . . N Application Processor (Redirecting to S5L8900)
- 23:17, 27 July 2008 (diff | hist) . . (+143) . . N S5L8900 (New page: This is the Application Processor shared between the iPhone and the iPhone 3G. Not much is known about it through official sources.)
- 23:16, 27 July 2008 (diff | hist) . . (+37) . . PMB8878
- 23:15, 27 July 2008 (diff | hist) . . (+51) . . PMB8876
- 23:14, 27 July 2008 (diff | hist) . . (+65) . . PMB8876
- 23:13, 27 July 2008 (diff | hist) . . (+1) . . Baseband
- 23:13, 27 July 2008 (diff | hist) . . (+76) . . N Baseband (New page: The S-Gold2 or X-Gold 608 chip used to handle all cellular function.)
- 23:13, 27 July 2008 (diff | hist) . . (+72) . . N Ramdisk (New page: This is what iTunes boots to upgrade the System and the Baseband)
- 23:12, 27 July 2008 (diff | hist) . . (+9) . . Main Page
- 23:11, 27 July 2008 (diff | hist) . . (+74) . . Firmware
- 23:11, 27 July 2008 (diff | hist) . . (+130) . . Firmware
- 23:10, 27 July 2008 (diff | hist) . . (+1,893) . . N Firmware (New page: This is the Mac OS X system the iPhone runs The apple download links can be found at http://ax.phobos.apple.com.edgesuite.net/WebObjects/MZStore.woa/wa/com.apple.jingle.appserver.client.M...)
- 23:06, 27 July 2008 (diff | hist) . . (+142) . . N User:Zibri (New page: A hard working hacker who discovered such things as the Ramdisk Hack, the Minus 0x20000 with Back Extend Erase, and the iPhone 3G.)
- 23:05, 27 July 2008 (diff | hist) . . (+52) . . N ZiPhone (New page: Zibri's tool to unlock, jailbreak, and activate.)
- 23:05, 27 July 2008 (diff | hist) . . (+266) . . N Ramdisk Hack (New page: This allows unsigned ramdisks to be booted. It was first publicized by ZiPhone ==Credit== The dev team ==Exploit== Passing boot args specifying a ramdisk in ram > 0x9C000000 all...)
- 23:03, 27 July 2008 (diff | hist) . . (+246) . . N Kernel (New page: This is the Darwin kernel. Pre 2.0, it was vulnerable to the Ramdisk Hack and may still be, but iBoot doesn't allow boot-args to be passed anymore. It is mapped to memory at 0xC0000000...)
- 23:01, 27 July 2008 (diff | hist) . . (+102) . . N The iPhone Wiki:Copyrights (New page: If Apple made it, don't post it. If you made it, post it. If someone else made it, give them credit.)
- 23:01, 27 July 2008 (diff | hist) . . (+123) . . N82AP
- 23:00, 27 July 2008 (diff | hist) . . (+135) . . M68AP
- 22:59, 27 July 2008 (diff | hist) . . (+19) . . N IPhone 3G (Redirecting to N82ap)
- 22:58, 27 July 2008 (diff | hist) . . (+4) . . List of iPhones (Redirecting to M68ap)
- 22:58, 27 July 2008 (diff | hist) . . (+15) . . N List of iPhones (New page: #REDIRECT M68ap)
- 22:57, 27 July 2008 (diff | hist) . . (+426) . . N Baseband Bootloader (New page: This is responsible for updating the baseband ==3.9== This is the old bootloader from the iPhone/S-Gold 2. It is vulnerable to Minus 0x400 and IPSF ==4.6== This is the ne...)
- 22:55, 27 July 2008 (diff | hist) . . (+566) . . N Baseband Bootrom (New page: This is the first code that runs on the baseband. ==S-Gold 2== The bootrom here is located at 0x400000. It was initially dumped using exploits in java on other S-Gold 2 phones. It al...)
- 22:49, 27 July 2008 (diff | hist) . . (0) . . Constitution
- 22:45, 27 July 2008 (diff | hist) . . (+10) . . Interactive Mode
- 22:44, 27 July 2008 (diff | hist) . . (+46) . . Restore Mode
- 22:44, 27 July 2008 (diff | hist) . . (+114) . . N Restore Mode (New page: This is the mode the Apple ramdisk enters to restore the iPhone. ==Implementations== *itunesmobiledevice.dll)
- 22:42, 27 July 2008 (diff | hist) . . (+6,614) . . N Itunesmobiledevice.dll (New page: The dll iTunes uses for all things iPhone related. On mac it's called MobileDevice.framework ==Location== c:\Program Files\Common Files\Apple\Mobile Device Support\bin\ ==Exports== AF...)
- 22:36, 27 July 2008 (diff | hist) . . (+4) . . Normal Mode
- 22:36, 27 July 2008 (diff | hist) . . (0) . . Normal Mode
- 22:36, 27 July 2008 (diff | hist) . . (+338) . . N Normal Mode (New page: This is the protocol iTunes uses to talk to the booted iPhone. It uses usbmux to provide TCP like connectivity over a USB port using SSL. There is a pairing process iTunes uses to establis...)
- 22:34, 27 July 2008 (diff | hist) . . (0) . . Main Page
- 22:33, 27 July 2008 (diff | hist) . . (+84) . . Recovery Mode 0x1281
- 22:31, 27 July 2008 (diff | hist) . . (0) . . DFU 0x1227
- 22:31, 27 July 2008 (diff | hist) . . (+113) . . N DFU 0x1227 (New page: This the protocol used by the WTF version 2. Protocol Same as sending a file to Recovery Mode 0x1821)
- 22:30, 27 July 2008 (diff | hist) . . (+62) . . DFU 0x1222
- 22:29, 27 July 2008 (diff | hist) . . (+197) . . N DFU 0x1222 (New page: This is the protocol used to talk to the DFU and the WTF version 1. ==Protocol== Data 12 byte footer CRC32 of data+footer ==Implementations== *[http://lpahome.com/geohot/iran....)
- 22:28, 27 July 2008 (diff | hist) . . (+480) . . N Interactive Mode (New page: This is the protocol used to talk to the baseband in bootloader interactive mode. ==Commands== BBSETBAUDRATE = 0x82, BBCFISTAGE1 = 0x84, BBCFISTAGE2 = 0x85, BB102 = 0x102, BBBEG...)
- 22:26, 27 July 2008 (diff | hist) . . (+15) . . Baseband Bootrom Protocol
- 22:26, 27 July 2008 (diff | hist) . . (+341) . . N Baseband Bootrom Protocol (New page: This is the protocol used to talk to the old, and probably the new baseband, at the bootrom level. The old bootrom didn't have an sig checking, the new one does. ==Protocol== AT 0x30 2...)
(newest | oldest) View (newer 100 | older 100) (20 | 50 | 100 | 250 | 500)