Search results

Page title matches

• S-Gold 2
  21 bytes (2 words) - 20:47, 28 September 2016

Page text matches

• Main Page
  ...lomerate work of everything done by everyone on Apple's amazing [[iDevice]]s. ''Anyone'' can contribute here, just [[The iPhone Wiki:Account creation|as ...to collecting, storing and providing information on the internals of Apple's amazing [[iDevice|iDevices]]. We hope to pass this information on to the ne
  10 KB (1,218 words) - 18:16, 24 January 2023
• Constitution
  Have you been on the [http://wikee.iphwn.org/ dev team's wiki]?<br/> Have you been to the [http://blog.iphone-dev.org/ dev team's blog]?<br/>
  1 KB (253 words) - 13:21, 21 March 2022
• Up to Speed
  * [[Unlock]] - to allow the use of any mobile phone carrier's SIM. ...you don't have any background yet in programming or security research - it's like learning about how puzzles work. To learn more about security research
  9 KB (1,286 words) - 14:08, 17 September 2021
• Timeline
  ...r|GM]], and watchOS 6.2.8 [[Golden Master|GM]] released. First public beta's of iOS 14 and tvOS 14 released. * 9 November – iOS 10.1.1 (14B150) released via IPSW's only.
  86 KB (10,312 words) - 17:11, 20 October 2022
• Recovery Mode (Protocols)
  usb_control_msg(idev, 0x21, 1, x, 0, fbuf, s, 1000); //send file
  1 KB (172 words) - 20:24, 16 September 2022
• Pwnage
  ...]] and [[iBoot (Bootloader)|iBoot]] modules which are stored in the device's [[NOR]] flash and are typically encrypted (as of 1.1.x). However, they are ...encryption keys. Also, we add another memory device, pointed at the kernel's address space, to allow live kernel patching. After booting up, we patch ou
  6 KB (884 words) - 18:18, 3 April 2022
• PwnageTool
  ...et. al. has announced that they made a project that will bring PwnageTool's functionality to Windows, called [[sn0wbreeze]]. [http://ih8sn0w.com/]
  7 KB (910 words) - 14:07, 17 September 2021
• Gevey SIM
  Gevey Ultra S was announced to be able to unlock iPhone 4S running iOS 5.0 and 5.0.1. Spe *[https://twitter.com/MuscleNerd/status/51943620844060672 MuscleNerd says it's illegal in most countries]
  1 KB (205 words) - 09:52, 14 October 2015
• X-Gold 608 Unlock
  ...y dumped the [[Baseband Bootrom|bootrom]], but they won't release it as it's copyrighted code. .../iphonejtag.blogspot.com/2008/07/infineon-we-have-problem.html blog post]</s> Currently hidden, only viewable by invite only.
  3 KB (458 words) - 18:43, 16 September 2021
• NOR
  ...es a NOR flash. (See [https://en.wikipedia.org/wiki/Flash_memory Wikipedia's article about flash memory] for background on NOR flash in general.)
  2 KB (267 words) - 09:46, 26 March 2017
• BBUpdaterExtreme
  *BBUpdaterExtreme automatic -S -F [or -L for BL] | for automatic update (while firmware restores) BBUpdaterExtreme automatic -S -L /mnt1/bin -x
  5 KB (716 words) - 15:33, 26 March 2017
• M68AP
  The iPhone uses the [[S-Gold 2]] baseband chip. *[http://www.anandtech.com/mac/showdoc.aspx?i=3026&p=1 Apple's iPhone Dissected: We did it, so you don't have to]
  2 KB (265 words) - 22:46, 14 September 2021
• PMB8876
  This is the [[S-Gold 2]] security section on files it is uploading. It is at 0x1A4-0x9A4 in
  3 KB (247 words) - 19:22, 18 October 2019
• DFU Mode
  ...rresponding to Power and Home/Vol-, respectively, or by pulling your board's <code>GPIO_FORCE_DFU</code> pin high at SecureROM startup (unless you are u ...obileDevice Library]] does not enter the true DFU Mode in the hardware. It's possible to enter the true DFU Mode without doing it manually, but it canno
  10 KB (1,674 words) - 16:14, 29 November 2022
• WTF
  ...Mode]] and loads a secondary DFU-like interface. WTF Mode stands for "What's The Firmware" according to [[PurpleRestore]] and a quick look at some [[App
  627 bytes (102 words) - 01:47, 6 July 2023
• IBoot (Bootloader)
  ...eferred to as “iBoot second-stage loader” in the source code, is Apple's stage 2 bootloader for all of the [[iDevice|devices]]. It runs what is know
  123 KB (8,553 words) - 00:24, 13 November 2022
• Recovery Mode
  Information about [[Recovery Mode (Protocols)|Recovery Mode's protocols]] is available. # You can either revive (update) or restore the Mac's firmware.
  6 KB (950 words) - 20:24, 16 September 2022
• DFU 0x1227
  int s; s = fread(fbuf, 1, 0x800, f);
  1 KB (148 words) - 22:52, 30 December 2012
• Baseband Bootrom
  ==S-Gold 2== ...ted at 0x400000. It was initially dumped using exploits in java on other [[S-Gold 2]] phones. It allows unsigned code to be uploaded using [[Baseband Bo
  485 bytes (78 words) - 17:27, 21 January 2013
• Baseband Bootloader
  == [[S-Gold 2]] Revisions == Found in the iOS 1.0 and 1.1.1 [[Ramdisk]]s for the [[M68AP|iPhone]].
  4 KB (570 words) - 07:59, 8 October 2015
• List of iPhones
  *Initial firmware(s): 15.0 ([[Sky 19A340 (iPhone14,4)|19A340]], [[Sky 19A341 (iPhone14,4)|19A34 *Initial firmware(s): 15.0 ([[Sky 19A340 (iPhone14,5)|19A340]], [[Sky 19A341 (iPhone14,5)|19A34
  39 KB (4,850 words) - 18:30, 11 November 2022
• Kernel
  Like its macOS counterpart, iOS's XNU accepts command line arguments (though the actual passing of arguments -s
  177 KB (18,986 words) - 05:15, 14 November 2022
• ZiPhone
  [[User:Zibri|Zibri]]'s tool to [[unlock]], [[jailbreak]], and [[Activation|activate]]. It was foun It makes use of the [[Ramdisk Hack]] and uses [[User:Geohot|geohot]]'s [[Minus 0x20000 with Back Extend Erase|BL4.6 exploit]] to downgrade the [[B
  671 bytes (91 words) - 22:13, 19 September 2016
• Bootrom
  You might also be looking for [[iBoot (Bootloader)|Apple's stage 2 bootloader]], which also uses the "iBoot" name. ...20-%20Joshua%20'p0sixninja'%20Hill%20-%20SHAttered%20Dreams.pdf p0sixninja's presentation SHAttered Dreams - Adventures in BootROM Land]
  10 KB (1,261 words) - 00:50, 13 September 2022
• S5L8900
  ...ic/com.arm.doc.ddi0301h/DDI0301H_arm1176jzfs_r0p7_trm.pdf <code>arm1176jzf-s</code>]. This processor was succeded by the [[S5L8720]] used in the [[N72AP ...uch as [[wikipedia:ReactOS|ReactOS]] and the [[wikipedia:GNU Project|GNU]]'s own kernel, the [http://www.gnu.org/software/hurd/hurd.html Hurd].
  3 KB (511 words) - 18:22, 22 March 2017
• Application Processor
  ...Processors|incarnations]] of processors for [[wikipedia:Apple Inc.|Apple]]'s [[iDevice|mobile devices]]. ...ipedia:System on a chip|SoC]] tailored to the device's needs. All of Apple's SoC platforms have proprietary PowerVR graphics, public key encryption acce
  7 KB (896 words) - 11:30, 29 October 2022
• GID Key
  ...sors, the [[Secure Enclave]] has it's own GID that is separate from the AP's which is used to encrypt the SEP Firmware before delivery to the end user. ...(page 9, chapter "Encryption and Data Protection"), along with [[UID key]]s:
  10 KB (1,556 words) - 12:50, 17 September 2021
• AES Keys
  ...th the introduction of [[IMG3 File Format|IMG3]] in iPhone OS 2.0, [[KBAG]]s are now used instead of the 0x837 key. Because iPhone OS versions 1.x were * Start greenpois0n console: 'irecovery -s'
  4 KB (717 words) - 05:11, 28 November 2020
• UID key
  The '''UID key''' (device's unique ID key) is an AES 256-bit hardware key, unique to each iPhone. It is
  1,010 bytes (179 words) - 20:38, 3 April 2022
• IMG3 File Format
  ...kwards when written to the file (e.g. <code>VERS</code> is stored as <code>S&nbsp;R&nbsp;E&nbsp;V</code>). [[TYPE]]: Type of image, should contain the same string as the header's <code>ident</code>
  3 KB (457 words) - 18:35, 2 March 2023
• PROD
  ...;</code> routine. The routine skips the '''PROD''' tag check if the device's fuse value is <code>false</code>.
  714 bytes (112 words) - 19:35, 16 July 2015
• Baseband Firmware
  ...<code>/usr/local/standalone/firmware</code> on the corresponding firmware's [[Restore Ramdisk|restore ramdisk]] or from an [[IPSW File Format|IPSW]] un
  2 KB (256 words) - 23:32, 20 April 2020
• NAND
  ...dia:Flash memory|non-volatile memory chip]] that is used in all [[iDevice]]s. This chip is where all the ''storage'' of the device is located. In the ca The size of the root partition has varied throughout [[iOS]]'s history, while the user partition just fills the rest of the space of the N
  4 KB (696 words) - 22:10, 18 December 2019
• SIM hacks
  (citation taken from dev team's [http://blog.iphone-dev.org/post/44428446/updates blog]): ...ith an L-shaped pin and a quick but forceful yank. It sounds scary but it's just plastic, after all.
  5 KB (905 words) - 13:48, 17 September 2021
• JerrySIM
  This was the [[iPhone Dev Team]]'s approach to unlocking [[Baseband Bootloader|Bootloader 4.6]].
  1 KB (222 words) - 23:42, 22 January 2013
• Carrier Bundle
  For users on carriers other than the Apple's official partners, carrier bundles allow to configure important settings su ...-testing" preference]] is enabled, .ipcc files can be loaded from the user's hard drive by clicking either "Check for Updates" or "Restore" button while
  4 KB (667 words) - 20:07, 9 January 2023
• Toolchain
  $ sed 's/^FLAGS_FOR_TARGET=$/FLAGS_FOR_TARGET=${FLAGS_FOR_TARGET-}/g' \ $ sudo ln -s /usr/local/arm-apple-darwin/lib/crt1.o \
  9 KB (1,329 words) - 23:49, 7 February 2014
• UnionFS
  ...uld be mapped. The first use of this in a jailbreak was in [[JailbreakMe]]'s third incarnation, [[Saffron]].
  577 bytes (93 words) - 20:20, 4 August 2013
• N45AP
  ...portable media player with Wi-Fi launched on {{date|2007|09|05}} at Apple's "The beat goes on." event. The iPod touch is the first iPod to introduce a
  1 KB (160 words) - 00:01, 15 September 2021
• Activation
  ...ted, the server will generate a [[WildcardTicket]] and signs it with Apple's private key. [[iTunes]] then calls AMDeviceActivate with the [[WildcardTick * [[User:posixninja|posixninja]]'s [http://github.com/posixninja/ideviceactivate iDeviceActivate]
  3 KB (465 words) - 00:49, 16 October 2017
• LibTiff Exploit
  ...p]]. [https://mtmdev.org/blog/mtm-devadmin/2018/ios-1-1-1-jailbreak cipher's] version was released in 2018 due to AppSnapp being offline. There was a buffer overflow in the iPhone's libtiff. This was exploited to run a small application to jailbreak and pat
  1 KB (152 words) - 13:32, 9 October 2018
• Jailbreak
  When a device is booting, it loads Apple's own [[kernel]] initially, so a jailbroken device must be exploited and have ...-''un''tethered''']] jailbreak gives the ability to start the device on it's own. On first boot, the device will not be running a patched kernel. Howeve
  4 KB (713 words) - 10:55, 13 February 2023
• BootNeuter
  ...der]], and flash the 3.9 or 4.6 bootloader image, regardless of the iPhone's bootloader version. Bootneuter does not support the [[X-Gold 608]] and [[X- ...le apply. You can arbitrarily go up and down regardless of what [[secpack]]s you use.
  3 KB (424 words) - 17:10, 1 January 2018
• Tutorial:Unlock iPhone 3G with TurboSim
  ...to do trickery to your cellular network'''. But due to the way the iPhone's 2.x baseband firmware handles the login, '''actually it does'''. Short over ...the iPhone (it is not roaming for your provider, but the iPhone thinks it's roaming)
  13 KB (1,987 words) - 01:02, 17 September 2021
• Unlock
  ...carrier. This is entirely different than a [[jailbreak]]; jailbreaking one's iPhone does not unlock it. A jailbreak is, however, required for all curren ...ight.gov/fedreg/2012/2012-26308_PI.pdf pages 16-20 of the copyright office's 2012 DMCA rulings] for details.
  6 KB (918 words) - 18:42, 16 September 2021
• Remote.app
  ...Size: 1, Data: True ; Server Supports Persistent ID's Tag: msdc, Size: 4, Count: 1 ; # Of Database's Available
  4 KB (426 words) - 17:29, 1 February 2015
• Brick
  ...a.com/questions/277646/stuck-after-mac-address-change-can-i-revive-it Here's a JailbreakQA thread about this] and [http://www.jailbreakqa.com/questions/ .../1m3jo6/how_much_torture_kernel_user_based_etc_would_it/cc5g8nj See winocm's explanation of several related ways to brick a device]:
  7 KB (1,220 words) - 13:38, 24 September 2021
• ITunes Modes
  Syncing is not allowed under this mode. Judging by the name, it's probably meant for Nike stores (to pitch Nike+).
  3 KB (489 words) - 11:28, 13 November 2015
• Toolchain 2.0
  ...NDA), the alternative is simple. Install the Apple iPhone SDK, and use it's compiler, and specify the correct architecture, like so: Use saurik's codesign tool (ldid) to sign the binary like so:
  8 KB (1,156 words) - 23:46, 7 February 2014
• /private/var/root/Library/Caches/locationd
  This folder contains the data files for Location Services. It's location was changed in 4.3.3 from the [[/private/var/mobile|mobile]] user
  931 bytes (118 words) - 12:36, 14 September 2013
• Tutorials
  ...ed by [[chpwn]] and [[comex]], and Cydia people pay attention to it, so it's reasonably reliable and up-to-date.
  2 KB (266 words) - 00:54, 13 May 2020
• Software Update Service
  printf("Usage: %s src_BOM patches_dir target_BOM [root_dir]\n", printf("Couldn't open %s", argv[1]);
  13 KB (1,865 words) - 20:56, 31 July 2013
• BurnIn
  * The first button labeled "Start BurnIn" runs selected BurnIn tests. It's worth noting that on firmwares after 8A133 BurnIn automatically runs [[Infe ...s any tests currently in progress. It cannot, however, close Inferno if it's currently running.
  4 KB (670 words) - 23:47, 21 July 2018
• Cydia.app
  [[File:Cydia icon.png|thumb|152px|thumb|Cydia's icon pre-iOS 7.]] ...s 1.1.30, which supports all devices (except [[List of Apple TVs|Apple TV]]s and [[List of Apple Watches|Apple Watches]]) running iPhone OS 2.0 - iOS 12
  3 KB (390 words) - 13:29, 17 September 2021
• Keynote
  | '''''"Let's Rock"''''' | '''''"It's only rock and roll, but we like it."'''''
  68 KB (9,338 words) - 01:20, 8 November 2022
• Useful Links
  * <s>[http://www.mactalk.com.au/iphone/ MacTalk Australia Forums]</s> * [http://george.insideiphone.com George Zhu's Blog]
  2 KB (252 words) - 01:03, 12 September 2019
• Baseband Device
  ...and Bluetooth are managed by the main CPU, although the baseband stores it's MAC addresses in its NVRAM. =====[[PMB8876]] S-Gold 2=====
  5 KB (576 words) - 23:33, 19 September 2022
• Patchfinder
  ...ferent devices and firmwares, this task is always more and more work. That's why [[planetbeing]] has written some code to dynamically search for the off
  4 KB (718 words) - 13:06, 15 April 2013
• Apple Developer
  '''[https://developer.apple.com Apple Developer]''' is Apple's main hub for developers looking for info on developing or publishing their
  2 KB (283 words) - 22:19, 11 August 2015
• HFS Heap Overflow
  *[http://pod2g-ios.blogspot.com/2012/01/details-on-corona.html pod2g's blog] ...m/bh-us-11/Esser/BH_US_11_Esser_Exploiting_The_iOS_Kernel_Slides.pdf i0n1c's Heap Feng Shui paper]
  1 KB (186 words) - 21:25, 31 January 2013
• Racoon String Format Overflow Exploit
  *[http://pod2g-ios.blogspot.com/2012/01/details-on-corona.html pod2g's blog]
  2 KB (296 words) - 16:45, 12 July 2022
• Activation Token
  ...e Foundation|CFDictionary]] string representation which gets sent to Apple's server.The object can be obtained by using the [[MobileDevice Library]], AM ...en signature is not correct, Apple server will respond with message "there's problem with your device".
  5 KB (509 words) - 16:36, 18 November 2015
• How to reverse
  ...surrounding functions. Get in the head of the designer; think about what (s)he was thinking about when writing this code. Also, enjoy it. It's really cool when things come together, and you finally figure out that one
  2 KB (343 words) - 13:28, 17 September 2021
• Posix spawn kernel information leak
  ...etrieve leaked bytes from the kernel heap. If you carefully craft the data's size, you can leak bytes from the heap using a ''PSFA_OPEN'' file action. T ...m%20iOS%206%20Exploitation%20and%20iOS%207%20Security%20Changes.pdf i0n1c's writeup]
  1 KB (207 words) - 00:34, 24 January 2016
• Kernel Patches
  See also [[saurik]]'s comment for a list of "the 'best practice' patches that jailbreaks install
  10 KB (1,564 words) - 09:45, 11 October 2015
• Bypassing iPhone Code Signatures
  ...ow to make a self-signing certificate you can read this article from Apple's website: [http://developer.apple.com/documentation/Security/Conceptual/Code ldid -S Program
  3 KB (500 words) - 14:27, 9 January 2012
• Obtaining IMG3 Keys
  ...ng the IMG3 keys using iBoot/iBEC patch based on the Dev Team's and Geohot's exploits and was tested on both Linux and Windows OS. Epic thanks to #xpwn ...ute the patched iBEC. Your iPhone will reboot into a blank screen and that's good. You need to reconnect the ibooter after the "reboot".
  7 KB (1,062 words) - 10:01, 12 October 2015
• /System/Library/Frameworks
  ...n App Store apps. Private frameworks are intended to be used only by Apple's apps, and are more unstable against firmware changes, but many of the inter
  35 KB (4,011 words) - 06:41, 25 December 2021
• MobileDevice Library
  ...] (OS X framework written in C that can be used interchangeably with Apple's private framework MobileDevice.framework) Unlike OS X's dynamically linkable libraries, Windows dynamic libraries do not support po
  6 KB (609 words) - 13:18, 24 January 2020
• Xcode
  ...le as a free download on [https://developer.apple.com/download/more/ Apple's developer site] and the [https://itunes.apple.com/app/xcode/id497799835 Mac
  13 KB (1,385 words) - 20:35, 20 September 2022
• Apple Push Service Protocol
  ...send a notification to Apple servers, which will then send it to the user's device to be displayed, even when the app is not running. **<code>01</code> device's push token
  8 KB (1,140 words) - 22:18, 15 August 2021
• IPhone 5s
  This is the iPhone 5s introduced by Tim Cook at Apple's 'iPhone' event in late 2013. It is very similar to the [[iPhone 5]].
  2 KB (223 words) - 12:57, 16 August 2020
• Image3maker
  -s, --imageSecurityEpoch [epoch] Set epoch
  2 KB (232 words) - 16:28, 25 August 2013
• Image3maker (Internal Tool)
  ...er''' is an Apple internal tool used to create [[img3]] firmware files. It's implemented in mostly C with its symbols stripped. There is an open source
  6 KB (664 words) - 20:39, 9 March 2015
• Keylimepie
  ...generated are not all accurate from 7.1+. It can still be used to get KBAG's.
  1 KB (180 words) - 12:29, 23 March 2017
• IDA Pro Setup
  The [[X-Gold 608]] has a memory map, as seen in it's page. ...pack), and the CODE starts at the ROM start address of 0x20040000(since it's the main firmware)
  4 KB (641 words) - 09:18, 10 February 2012
• Address Mapping
  * 0x7858 - memzero (this looks funny in IDA, kind of, but really it's just optimized as part of memset)
  3 KB (546 words) - 12:29, 23 March 2017
• Phone.app codes
  <!-- call blocking and divert codes, plus your carrier's services --> ...e incoming call; the phone will become kind of messed up, thinking that it's on a call until you restart. Can be used to stream music to Bluetooth heads
  3 KB (421 words) - 12:51, 14 September 2013
• System Log
  ...place of the method mentioned above. It functions similar to Ryan Petrich's [https://github.com/rpetrich/deviceconsole deviceconsole] tool, but runs di ...n be convenient): install '''syslogd to /var/log/syslog''' from [[saurik]]'s repo and reboot your device.
  8 KB (1,382 words) - 17:44, 26 August 2015
• S5L File Formats
  ...beta 3, or the [[S5L8900]] [[VROM]]. The [[S5L8720]] and newer [[bootrom]]s have no support for it. * [http://www.jbfaq.com/article.asp?id=70 cmw's IMG3 Unpacker]
  4 KB (641 words) - 17:01, 12 July 2017
• IRecovery
  ...talk to [[iBoot (Bootloader)|iBoot]] and [[iBSS]] and [[iBEC]] via USB. It's completely open source; the source code is released under the terms of the ./iRecovery -s
  4 KB (569 words) - 14:05, 17 September 2021
• /private/var/backups
  This is an empty folder. It's usage is unknown.
  170 bytes (20 words) - 00:50, 4 January 2013
• /private/var/lib
  ...wikipedia:Filesystem Hierarchy System|HFS]] 2.3 as /var/lib, but per Apple's naming scheme, they decided to place it here. To work around this issue, th * {{ipfw|apt}} (file lists of installed [[wikipedia:deb (file format)|deb]]s)
  1 KB (182 words) - 17:17, 1 February 2015
• /private/var/cache/apt
  * {{ipfw|archives}} (where the actual <code>deb</code>s are)
  990 bytes (154 words) - 10:38, 27 August 2013
• MobileTerminal
  ...by default). The default configuration of bash will also change the prompt's <code>$</code> to a <code>#</code>.
  2 KB (380 words) - 12:16, 27 August 2015
• /Applications
  | {{ipfw|What's New?.app}} | {{ipfw|What's New?.app}}
  33 KB (3,712 words) - 20:10, 4 February 2021
• GIDecrypt
  printf("Can't open file %s\n", input);
  3 KB (462 words) - 18:25, 9 March 2017
• /private/etc
  ...ard|FHS]] as a place that "contains configuration files" (i.e. "local file[s] used to control the operation of a program"). Most of the folders here are
  1 KB (165 words) - 23:57, 22 July 2020
• /private/var
  .../disk0s1s2</code> on modern iOS versions), which is the [[iDevice|device]]'s user/data partition. This deviates from the [[wikipedia:Filesystem Hierarch
  2 KB (313 words) - 19:21, 31 August 2020
• IPhone Restore Procedure
  metadata-whitening was found and it's set to 1 default-ftl-version was found and it's set to 1
  31 KB (3,832 words) - 04:45, 25 June 2019
• History: Decrypt 1.1.1 (Talk Page)
  ==FULL information about iBoot's handling of crypted 8900 images== ...ion. However, if you look at the encrypted applelogo.img2 from 1.1.1, that's not the case (the unencrypted applelogo.img2 from 1.0.2 has a whole bunch o
  37 KB (6,324 words) - 21:12, 20 March 2015
• IBoot Flags
  ROM:0FF0BD38 ; =============== S U B R O U T I N E ======================================= ROM:0FF0BD04 ; =============== S U B R O U T I N E =======================================
  16 KB (2,016 words) - 08:46, 14 March 2017
• SDOM
  ...be ran on. It allows Apple to make sure you are not running another device's firmware files on an incompatible device, probably to prevent using old exp
  661 bytes (96 words) - 23:39, 21 April 2020
• Ultrasn0w
  The actual unlock works by a daemon patching the baseband's RAM on-the-fly, overriding the carrier lock code. It is not permanent becau ROM:00000000 ; =============== S U B R O U T I N E =======================================
  27 KB (3,160 words) - 13:28, 17 September 2021
• KBAG
  Apple's [[IMG3 File Format|IMG3]] and [[IMG4 File Format|IMG4]] security scheme use
  4 KB (546 words) - 18:55, 29 March 2022
• S5L8720
  ...e Format|IMG3]] containers, and the [[bootrom]] can properly check [[LLB]]'s signature. That being said, unsigned images can still be run using the [[0x ...h/DDI0301H_arm1176jzfs_r0p7_trm.pdf Technical Reference Manual: ARM1176JZF-S]
  1 KB (167 words) - 12:33, 23 March 2017
• Jailbreak (S5L8720x)
  So lets post whats been tried and what doesn't work. It's only a matter of time before the 3G has this DFU. Apple revved the silicon ...in the summer of 2008 that called iBoot's AES function to decrypt [[KBAG]]s. This way, we could examine iBoot for any other vulnerabilities, the kernel
  14 KB (2,533 words) - 18:42, 28 May 2017
• ARM7 Go
  ...to the [[N72AP|iPod touch (2nd generation)]]. It is present in the device's 2.1.1 firmware, as well as the [[iBEC]]/[[iBSS]] if you choose to upload it
  2 KB (305 words) - 06:24, 11 February 2021
• Redsn0w Lite
  ...] on iPhone OS 2.1.1. It is their payload for the [[ARM7 Go]] backdoor. It's analagous to how [[yellowsn0w]] is the actual unlocking payload injected by
  3 KB (385 words) - 04:31, 17 March 2018
• GenPass
  ...e decrypted ramdisk messes with the structure of the image rending GenPass's keys false.
  713 bytes (106 words) - 23:02, 4 January 2016

View (previous 100 | next 100) (20 | 50 | 100 | 250 | 500)