Difference between revisions of "Symlinks"

From The iPhone Wiki
Jump to: navigation, search
m (Exploit)
(Changed LibTiff to LibTiff exploit since that's where the page is and it actually makes sense)
Line 3: Line 3:
   
 
== Exploit ==
 
== Exploit ==
Before the discovery of the [[LibTiff]], this was used on 1.1.1 to jailbreak iPhones from 1.0.2. However, this only worked for [[iPhone]]s, as the new [[iPod touch]] could not run 1.0.2 and therefore could not use this jailbreak method. The symlink method involved symlinking [[/private/var/root/Media]], the "jailed" directory that could be accessed via iPHUC, to [[/]], and then downloading, jailbreaking, and reuploading the entire system partition from <code>/dev/rdisk0s1</code>.
+
Before the discovery of the [[LibTiff Exploit]], this was used on 1.1.1 to jailbreak iPhones from 1.0.2. However, this only worked for [[iPhone]]s, as the new [[iPod touch]] could not run 1.0.2 and therefore could not use this jailbreak method. The symlink method involved symlinking [[/private/var/root/Media]], the "jailed" directory that could be accessed via iPHUC, to [[/]], and then downloading, jailbreaking, and reuploading the entire system partition from <code>/dev/rdisk0s1</code>.
   
 
This exploit was fixed in 1.1.2, when Apple introduced a check in the update ramdisk that prevented this from happening. Note that this is not the 1.1.2 [[mknod]] exploit.
 
This exploit was fixed in 1.1.2, when Apple introduced a check in the update ramdisk that prevented this from happening. Note that this is not the 1.1.2 [[mknod]] exploit.

Revision as of 14:42, 9 July 2014

Credit

iPhone Dev Team

Exploit

Before the discovery of the LibTiff Exploit, this was used on 1.1.1 to jailbreak iPhones from 1.0.2. However, this only worked for iPhones, as the new iPod touch could not run 1.0.2 and therefore could not use this jailbreak method. The symlink method involved symlinking /private/var/root/Media, the "jailed" directory that could be accessed via iPHUC, to /, and then downloading, jailbreaking, and reuploading the entire system partition from /dev/rdisk0s1.

This exploit was fixed in 1.1.2, when Apple introduced a check in the update ramdisk that prevented this from happening. Note that this is not the 1.1.2 mknod exploit.