Difference between revisions of "Talk:Firmware Keys"

From The iPhone Wiki
Jump to: navigation, search
(Moving VFDecrypt Keys to Firmware Keys: new section)
m (added sign)
 
(29 intermediate revisions by 6 users not shown)
Line 1: Line 1:
  +
{{Talk Archive}}
==S5L8900==
 
Obviously, the 1G touch runs the 8900 also, but is the key the same?
 
When I try to decrypt the KBAG data, I get:
 
"bad decrypt
 
3590:error:0606506D:digital envelope routines:EVP_DecryptFinal_ex:wrong final block length:evp_enc.c:454:"
 
   
  +
== iKeys ==
My syntax is probably wrong: "echo "key" | openssl enc -d aes-128-cbc -K 5F650295E1FFFC97CE77ABD49DD955B3 -iv 0".
 
  +
I was wondering if anyone had any info on "iKeys". It's mentioned [http://pastie.org/1161868 here] at the bottom. I'd imagine it's like GenPass but just wondering. Any info is appreciated. --[[User:OMEGA_RAZER|OMEGA_RAZER]]
 
yea you'll always get that error, although you should probably enter the kbag into a file in binary form and pass that into openssl, but you are on the right track! --[[User:Posixninja|posixninja]] 02:10, 18 June 2009 (UTC)
 
 
== 2.0 beta 8 key? ==
 
Would anyone, by any chance, have the key for 2.0 build 5A345? For some reason, it's missing on this page. -[[User:Dialexio|Dialexio]] 16:13, 17 August 2008 (UTC)
 
 
== VFDecrypt error ==
 
When I try with the command I get a warning message.It shows that cygcrypto-0.9.8.dll was not found.I've searched this file but it seems I can't find it.Thanks for helping me in advance. {{unsigned|Delstam|14:30, August 1, 2009 (UTC)}}
 
:This DLL is part of Cygwin. You can get it here: [http://www.mirrorservice.org/sites/sourceware.org/pub/cygwin/release/openssl/openssl-0.9.8k-1.tar.bz2/usr/bin/cygcrypto-0.9.8.dll?extract=true] --[[User:Blackbox|Blackbox]] 14:45, 1 August 2009 (UTC)
 
::Thanks {{unsigned|Delstam|14:58, August 1, 2009 (UTC)}}
 
:::Hey, I need this file too, but the link seems to now be broken. I just got it from [http://www.mediafire.com/?wznnyt5izmu here] instead. Just thought I'd make a note in case anyone else needs it. [[User:MaybachMan|MaybachMan]] 13:17, 17 August 2010 (UTC)
 
:::: ...Cygwin1.dll can also be gotten [http://www.dll-files.com/pop.php?dll=cygwin1 here.] {{unsigned|MaybachMan|13:27, August 17, 2010 (UTC)}}
 
:::::I'm working on getting my fork of VFDecrypt running on Windows. Soon as I get it compiled, I'll post the download link to a /native/ Windows binary. --[[User:dra1nerdrake|dra1nerdrake]] 17:35, 17 August 2010 (UTC)
 
 
==VFDecrypt for Mac link==
 
The link in the article is broken, does anyone have a working one? [[User:MaybachMan|MaybachMan]] 11:39, 19 August 2010 (UTC)
 
:Use mine from github and build it with 'make linux'. It (should) work. If it does, please post back here so I can update the program. If it doesn't, post back here with the error and I'll try to debug it. --[[User:Dra1nerdrake|dra1nerdrake]] 21:13, 19 August 2010 (UTC)
 
''vfdecrypt.c:42:22: error: byteswap.h: No such file or directory''
 
''make: *** [linux] Error 1''
 
:--[[User:MaybachMan|MaybachMan]] 10:44, 20 August 2010 (UTC)
 
::You can get a version that will compile on Mac OS X at [https://github.com/coryleach/VFDecrypt GitHub].
 
 
==iKeys==
 
I was wondering if anyone had any info on "iKeys". It's mentioned [http://pastie.org/1161868 here] at the bottom. I'd Imagine it's like GenPass but just wondering. Any info is appreciated. --[[User:OMEGA_RAZER|OMEGA_RAZER]]
 
 
== Remove Request ==
 
As someone mentioned on the [[Talk:VFDecrypt_Keys:_3.x_BETA#STOP|Firmware 3.x Beta talk page]], I want to request that the whole section "Firmware" on this page here gets removed and all mentioned pages deleted as well. The information there (the VFDecrypt keys) should go into their appropriate firmware page. Or do we still need all VFDecrypt keys (only) together also? If yes, then at least it should be cleaned up and these pages should mention that these are duplicates for the sake of grouping. --[[User:Http|http]] 10:17, 23 October 2010 (UTC)
 
: I think we should just protect the pages [[VFDecrypt Keys:_1.x]], [[VFDecrypt Keys: 2.x]], [[VFDecrypt Keys: 3.x]], and [[VFDecrypt Keys: 3.x BETA]]. And if someone discovers a key for those Firmwares we should add it to the talk page for an admin to add. --[[User:5urd|5urd]] 15:03, 23 October 2010 (UTC)
 
:These pages are really chaotic. For the 1.x and 2.x pages, it is unknown if they are for the iPhone or iPod touch (or for both). We can just assume something, or try. The 3.x pages contain not only vfdecrypt keys, but some ramdisk keys as well. And some have beta mixed within, others not. I assume that all keys are on their respective firmware page already. If not, then we should create the missing pages and link them to the [[Firmware]] or [[Beta Firmware]] page. I'll start with that some time if I find the time - feel free to help. But then, if all keys are available on their firmware page, why would we still need these pages? I still request to delete them. We could add a cross table on this page with firmware vs. device and in each cell a link, so that we easily find the page with the keys. I think I'll add this table right away. Then there's no need for these pages anymore. Please discuss here if you agree to remove them afterwards. -- [[User:Http|http]] 20:14, 29 October 2010 (UTC)
 
:I don't think we should delete the key pages until the table shows all blue links so that way we don't trash any keys on accident. --[[User:5urd|5urd]] 15:33, 30 October 2010 (UTC)
 
::After making sure we have all keys on their firmware pages, I went ahead and copied the text to this page and deleted the 4.x (final) page. The others will follow, after checking them also. -- [[User:Http|http]] 21:25, 6 November 2010 (UTC)
 
:::Ok, now the other pages are also removed and all keys there are on its own page as discussed. Sorry for spamming the Recent changes list. I copied mostly the existing pages, but some of them were not following the standard, so this means the new pages also don't follow the standard. This means more cleanup is necessary. Also I removed the KBAGs as discussed somewhere else where I saw them. I added the Pesudo-GID on three pages (S5L8900 for 3.0 Build 7A341). I have no idea what this is for, so feel free to remove it again if you think this is not necessary. For the 1.x pages Dialexio wrote that the VFDecrypt keys are for both iPhone and iPod touch, so I copied them to both pages. I hope this is correct. For the 2.x pages there was also not mentioned for what device the keys were, so I copied them to the iPhone, or, where it was clear from the version number, only to iPod touch. For versions lower than 2.1 I copied them to both, but since 2.1 only the ramdisk keys were copied to both pages (as S5L8900 applies to iPhone, iPod touch and iPhone 3G). I hope this is all correct. (I'm not very experienced with handling these keys yet.) Because I didn't look into each ipsw, I don't know what files are in there, so I didn't create all necessary sections. This means more cleanup is necessary. Also all keys should be in lower case. I didn't change them, I just copied them over, hopefully without any copy/paste errors. There is much more work left, but I hope I didn't mess it up, but helped to improve the overall structure. Ok, now you can reply and shoot on me. -- [[User:Http|http]] 00:25, 31 December 2010 (UTC)
 
   
 
== Exploit? ==
 
== Exploit? ==
am i to understand that a low level exploit is needed to get the vfdecrypt key???
+
Am I to understand that a low level exploit is needed to get the VFDecrypt key? --[[User:Shengis14|Shengis14]] 18:50, 8 October 2010 (UTC)
  +
:No, that's not completely true. :P One has to manage to get the key/IV for a ramdisk, and then use [[GenPass]] to get the VFDecrypt key. --[[User:Dra1nerdrake|dra1nerdrake]] 21:27, 8 October 2010 (UTC)
--[[User:Shengis14|Shengis14]] 18:50, 8 October 2010 (UTC)
 
And how would someone like myself go about getting the Key/IV for an update/restore ramdisk --[[User:Shengis14|Shengis14]] 22:13, 8 October 2010 (UTC)
+
:::You would need (at the very least) an iBoot exploit and a payload to upload that is able to access the AES engine of the device. --[[User:OMEGA RAZER|OMEGA RAZER]] 22:16, 8 October 2010 (UTC)
  +
::::It's just that one of the reasons I'm confused is why there is a sudden jump in the number of keys for the iPod touch 3G on 4.0-4.1?
:You would need at least an iBoot exploit and a payload to upload that is able to access the AES engine of the device. --[[User:OMEGA RAZER|OMEGA RAZER]] 22:16, 8 October 2010 (UTC)
 
  +
:::::There isn't an exploit that is iBoot level or lower for that device. --[[User:Shengis14|Shengis14]] 22:50, 8 October 2010 (UTC)
::It's just one of the reasons I'm confused is how is there a sudden jump in the number of vfdecrypt keys for the iPod touch 3G on like 4.0-1??
 
:No, that's not completely true. :P One has to manage to get the key/iv for an update/restore ramdisk, and then use [[Genpass]] to get a VFDecrypt key. --[[User:Dra1nerdrake|dra1nerdrake]] 21:27, 8 October 2010 (UTC)
+
::How would someone like myself go about geting the key/IV for a ramdisk? --[[User:Shengis14|Shengis14]] 22:13, 8 October 2010 (UTC)
:::There isnt a exploit that is iBoot or lower for that device. Any thoughts ? --[[User:Shengis14|Shengis14]] 22:50, 8 October 2010 (UTC)
 
   
 
== New page? ==
 
== New page? ==
 
I think we should make a new page detailing how to utilise [[User:Gojohnnyboi|Gojohnnyboi]]'s AES payload to get the keys including screenies on opening up an img3 in a hex editor and getting the [[KBAG]] etc. Then the keys won't be left to the main devs and [[User:iH8sn0w|iH8sn0w]] to post. Then all these beta FWs can be decrypted faster and more keys can be posted. I myself would definitely be interested in getting the KBAG etc. and if anybody could create such a page then I would definitely be interested in posting keys myself. Once created the page shouldn't need too much housekeeping either since the process won't change until IMG4 comes along which I will dread :P Who's up to it?? [[User:Windows Helpdesk|blackthund3r]] 11:43, 20 October 2010 (UTC)
 
I think we should make a new page detailing how to utilise [[User:Gojohnnyboi|Gojohnnyboi]]'s AES payload to get the keys including screenies on opening up an img3 in a hex editor and getting the [[KBAG]] etc. Then the keys won't be left to the main devs and [[User:iH8sn0w|iH8sn0w]] to post. Then all these beta FWs can be decrypted faster and more keys can be posted. I myself would definitely be interested in getting the KBAG etc. and if anybody could create such a page then I would definitely be interested in posting keys myself. Once created the page shouldn't need too much housekeeping either since the process won't change until IMG4 comes along which I will dread :P Who's up to it?? [[User:Windows Helpdesk|blackthund3r]] 11:43, 20 October 2010 (UTC)
   
  +
==New table format.==
== Page split request ==
 
  +
I was thinking, because the tables do not fit into the normal view (7.x beta's for example), maybe we could think of a new design. I had an idea of maybe using device tables, so we could have something like the below (of course we would have a beta and public sections and all devices would be added);
I think we should split this page into two. The first half deals more with the VFDecrypt program, not the keys as the title would suggest. Perhaps we can move the info related to the program to [[VFDecrypt (program)]], and make [[VFDecrypt]] a disambiguation page. --[[User:Dialexio|<span style="color:#C20; font-weight:normal;">Dialexio</span>]] 00:17, 7 November 2010 (UTC)
 
:I like that, but think it should just be [[VFDecrypt]] for the program and dont make a disambiguation page, [[:Category:VFDecrypt]] is like a disambiguation page already... Also making the current page info on the keys would be more like it as that is what the page waws orrigionally... --[[User:5urd|5urd]] 00:25, 7 November 2010 (UTC)
 
:Yes, VFDecrypt should be about the program or a disambiguation page and here only infos about the keys. All this stuff about the other programs don't really belong here either. That could go to the disambiguation page or small under a "see also" section. Don't forget all the links like <nowiki>[[VFDecrypt Keys|VFDecrypt]]</nowiki> have to get fixed. -- [[User:Http|http]] 00:56, 7 November 2010 (UTC)
 
::So, it's settled. I'll get to moving all of the info related to the actual program to the page [[VFDecrypt]]. --[[User:Dialexio|<span style="color:#C20; font-weight:normal;">Dialexio</span>]] 21:25, 10 November 2010 (UTC)
 
   
  +
iPhone (As a heading, since actually adding this would break the topic, making it two.)
== Comments from deleted page VFDecrypt Keys: 4.x BETA ==
 
  +
{| class="wikitable"
i'm trying to genpass a s5l8720x key, but seems to be invalid --[[User:Qwertyoruiop|Qwertyoruiop]] 00:19, 11 April 2010 (UTC)
 
:GenPass for 3.x isn't working on 4.0 rootfs. --[[User:Cichacz|Cichacz]] 10:40, 11 April 2010 (UTC)
 
::thx --[[User:Qwertyoruiop|Qwertyoruiop]] 10:57, 11 April 2010 (UTC)
 
:We can only try asking [[User:MuscleNerd|MuscleNerd]] to post the new one script :) --[[User:Cichacz|Cichacz]] 11:05, 11 April 2010 (UTC)
 
:ih8sn0w has some scripts too, maybe try asking him --[[User:Pjakuszew|pjakuszew]] 13:34, 11 April 2010 (UTC)
 
:is there a manual way to aquire those keys? after looking at genpass source it looks like openssl could be involved. couldnt hurt to ask someone for their script though --[[User:Jimmy.M|Jimmy.M]]
 
::reversing asr could be a solution. --[[User:Qwertyoruiop|Qwertyoruiop]] 15:37, 11 April 2010 (UTC)
 
::I think it's better to keep the scripts non-public. If there was a public script for getting the vfdecrypt keys, Apple developers could move the keys again and we will have to find yet another method for getting the vfdecryptk's. --[[User:Pjakuszew|pjakuszew]] 15:41, 11 April 2010 (UTC)
 
 
== Comments from deleted page VFDecrypt Keys: 3.x (BETA) ==
 
What's about ramdisk decrypt keys for beta 1? {{unsigned|Cartman|15:22, April 15, 2009}}
 
:There were no ramdisk decrypt keys for beta 1, beta 1 ''firmware'' files were not encrypted, only wrapped in an IMG3 container with no encryption.--[[User:Cool name|Cool name]] 15:39, 15 April 2009 (UTC)
 
 
== James ==
 
James, would you mind explaining this last edit for me? I don't see any problem with leaving the iPod touch & iPhone 3G keys both on the page....{{unsigned|Cool name|01:02, April 17, 2009}}
 
:Those are the ramdisk keys and they're exactly the same. They have always been the same and I was waiting for someone to post another model and confirm that. The only model that will have different keys will be the iPod 2G, which I should really edit in. --[[User:James|James]] 01:51, 17 April 2009 (UTC)
 
::Ahh, my bad with that. I didn't realize they were the same keys :P Feel free to edit the page however you want --[[User:Cool name|Cool name]] 02:08, 17 April 2009 (UTC)
 
 
== Octothorpe ==
 
Why cleanup the ramdisk keys? They are split into bytes on the 2.x page also, so changing them just makes formatting inconsistent. I can why the rest of the changes were needed though. --[[User:James|James]] 03:55, 18 April 2009 (UTC)
 
:I like them not separated, I only did that at first because I was lazy. {{unsigned|Geohot|05:46, April 18, 2009}}
 
::Well, it's all corrected now on the 2.x page. If anyone has a problem, feel free to revert. --[[User:James|James]] 09:40, 18 April 2009 (UTC)
 
:@Octothorpe: thanks for moving this page, I thought about doing it earlier, i'm just a lazy bastard --[[User:Posixninja|posixninja]] 02:23, 18 June 2009 (UTC)
 
:@OmegaRazor: about VFDecrypt Keys: 3.x, not VFDecrypt Keys: 3.x BETA, chronic has a better idea about orginizing the key/iv for each firmware, see [[Kirkwood_7A341_(iPhone_3G)]] so this page will probably be deleted in the future. also you didn't really explain how the kbag key was used, or mentions GIDecrypt --[[User:Posixninja|posixninja]] 14:57, 18 June 2009 (UTC)
 
:all these keys are over at [[Kirkwood 7A341 (iPhone 3G)]] and [[Kirkwood 7A341 (iPod touch 2G)]] {{unsigned|posixninja|15:51, June 21, 2009}}
 
::Whould you please post vfdecrypt keys for 3.1 beta firmware? --[[User:Redart|Redart]]
 
:::Here they are:
 
:::2G: dd832e7ce186077bf0b4c5934c1b38b6d55c01c1f04e1ffde721792b1fe06e68e1125f29
 
:::3G: f526d42d44dcf61dadf5a0b4be7eb18dafd66c88ec6d91e3ac2f08d3179b63ce64108530
 
:::Not sure where is the proper place to put them.... --[[User:Redart|Redart]]
 
::::How did you get these anyways? I didn't even look into it until today, and you certainly didn't use any of our tools as they're all broke as of 3.1. I'm just curious, i've noticed a couple people posting fsroot keys while genpass has been broke for awhile, is there another group out there making their own private tools or something? --[[User:Posixninja|posixninja]] 18:50, 10 July 2009 (UTC)
 
:::::The man who got them said that he used GenPass. I assume that he is the one who made custom quickPwns for 3.0 betas from Russia. --[[User:Redart|Redart]]
 
::::::This vfdecrypt key for iPod Touch 2G 3.1 Beta Software doesn't work for me.I'm trying it on iPod2,1_3.1_7C97d Software Please post another vfdecrypt key.Thanks. {{unsigned|Delstam|08:04, August 3, 2009}}
 
 
== 3GS 3.1.3 ==
 
And the key for 3gs 3.1.3 firmware? --[[User:L0g0|L0g0]] 01:26, 26 July 2010 (UTC)
 
:You mean [[SUNorthstarTwo 7E18 (iPhone 3GS)|these]]? --[[User:Dialexio|<span style="color:#C20; font-weight:normal;">Dialexio</span>]] 01:54, 26 July 2010 (UTC)
 
 
== STOP ==
 
The article says to stop adding/editing pages like this one, add the keys to a firmware version and add a link to the firmware page. Fine. But on the Firmware page we dont list the beta firmwares. Should we create a beta firmware page to link to all the beta firmware key pages? --[[User:Http|http]] 22:36, 22 October 2010 (UTC)
 
:yes [[User:iH8sn0w]] know's how to get the key's and now i realise that that is what makes him a hacker (not even the real hackers look after the wiki) --[[User:Liamchat|liamchat]] 23:07, 22 October 2010 (UTC)
 
 
== Table merge ==
 
Any one but me think about merging the two tables? I will do it. --[[User:5urd|5urd]] 14:26, 17 July 2011 (MDT)
 
:I intentionally kept them separate when creating them, as it was a wish not to include betas in the real list. Looking back, I think it was still a good idea, so let's leave it like this. Merging them would mean we should also merge the two firmware pages and I think nobody wants that. --[[User:Http|http]] 18:07, 17 July 2011 (MDT)
 
 
== Split up the table? ==
 
Updating the tables on this page is rather unwieldy, so I'd like to split the tables up by firmware version. (i.e.- 1.x, 2.x, 3.x…) Is this fine with everyone? --[[User:Dialexio|<span style="color:#C20; font-weight:normal;">Dialexio</span>]] 15:07, 26 July 2011 (MDT)
 
:Agreed. This way we can remove the columns of the devices that did not exist at the time of the firmware release (like [[iPad 2]] columns in the 2.x table) and also those devices that are no longer supported on the given firmware versions (like ipt1g column in 4.x table). But maybe add a comment of what is missing to each table. --[[User:Http|http]] 03:33, 27 July 2011 (MDT)
 
:agreed as the table is getting waaaaaay to wide for small displays. So like for 1.x, we could have only 2 columns: ipt1g and iph2g --[[User:5urd|5urd]] 09:48, 30 July 2011 (MDT)
 
:Wow! That looks way nicer! Now we just need to do the betas --[[User:5urd|5urd]] 16:10, 1 August 2011 (MDT)
 
 
== [http://theiphonewiki.com/wiki/index.php?title=VFDecrypt_Keys&curid=87&diff=21727&oldid=21725 http's edit] ==
 
Where did 3140 come from? Was it a typo? --[[User:5urd|5urd]] 18:01, 13 October 2011 (MDT)
 
:That's what the ATV displays. I didn't look at the ipsw yet. -- [[User:Http|http]] 18:03, 13 October 2011 (MDT)
 
::Well, there may be two firmwares, the original 4.4 9A334v and not 3140... but that doesn't seem like apple to break a standard like build codes... --[[User:5urd|5urd]] 18:05, 13 October 2011 (MDT)
 
:::No, not two firmwares, just the display. -- [[User:Http|http]] 11:49, 18 October 2011 (MDT)
 
:The display shows this (in About menu):
 
Apple TV-Software 4.4 (3140)
 
Apple TV-Software 4.4.2 (3160)
 
:As this is obviously not a build number, any idea what this is? --[[User:Http|http]] 16:30, 24 October 2011 (MDT)
 
::I will assume that 4.4.1 would be (3150)... @[[User:http|http]], I would assume that the reason you couldn't update was that Apple had briefly pulled it... --[[User:5urd|5urd]] 17:12, 24 October 2011 (MDT)
 
:::Well, shortly after 4.4.2 came out, I clicked on update. After the update the version shown was still 4.0 (3140). But a few minutes later, a push update came through and asked me to update again. After that was through, the above mentioned 4.4.2 (3160) was shown. Quite strange. --[[User:Http|http]] 06:13, 25 October 2011 (MDT)
 
::::Fail in build? --[[User:5urd|5urd]] 14:04, 26 October 2011 (MDT)
 
 
== Major Resorting Request ==
 
I would like to change the sorting etc. on this page. Right now we have ATV versions that belong to 5.x under the 4.x section, because we put them under the displayed version section. So I would suggest to change these tables to sort by build number. Rows that have different build numbers should get split up to two rows. So far so good. But two questions remain: 1. Where do we see the iOS version number? Just in front of the build number? And what about the ATV iOS numbers on the screen, do we show those as well and where? 2. If we have the build number in the first column already, then what do we write as the link? Just an "X" or what? Anybody disagrees with the resorting in general? -- [[User:Http|http]] 11:49, 18 October 2011 (MDT)
 
:see discussion here: [[:The_iPhone_Wiki:Community_portal#Apple_TV_2G_versions_.28Part_34.29]] --[[User:Http|http]] 06:00, 25 October 2011 (MDT)
 
:: Frankly spoken this page looks messy and I suggest an overhaul. What are the tables here used for anyway? The VFDecrypt Keys for every [[firmware]] can be reached easily from the firmware page via the Link in the Build column. Maybe the colum should be renamed to Build/VFDecrypt Keys. Then the issue about the aTV firmeware numbers would also be taken care of as these columns are also already available (for 'real' and reported). This page here could then explain how the VFDecrypt keys can be generated.--[[User:M2m|M2m]] 06:30, 25 October 2011 (MDT)
 
:::An overhaul was done a while back by [[User:dialexio|dialexio]] to seperate it by major versions. But this page does seem like a duplicate of [[firmware]] and I kind of agree that we should just change this to list the ways to get the keys. But a lot of tech blogs on decrypting the firmwares link to this page... Maybe the above info stays the same, but the tables are replaced with:
 
<nowiki>== Firmware Versions ==</nowiki>
 
<nowiki>{{main|Firmware|Beta Firmware}}</nowiki>
 
:::Any other thoughts? --[[User:5urd|5urd]] 14:04, 26 October 2011 (MDT)
 
::::Well just like I said I would remove all tables here and just refer to the Firmware Page for the Keys themselves. In case really necessary add an extra column as shown below.
 
::::{| class="wikitable"
 
 
|-
 
|-
! width="120" | VFDecrypt Key
+
! rowspan="2" | Date
  +
! rowspan="2" | Build
  +
! colspan="3" | [[iPhone 4]]
  +
! rowspan="2" | [[N94AP|iPhone 4S]]
  +
! colspan="2" | [[iPhone 5]]
 
|-
 
|-
  +
! [[N90AP|iPhone3,1]]
| {{yes}}
 
  +
! [[N90BAP|iPhone3,2]]
|}
 
  +
! [[N92AP|iPhone3,3]]
::::Otherwise I also see lots of double maintenance.. --[[User:M2m|M2m]] 04:35, 29 October 2011 (MDT)
 
  +
! [[N41AP|iPhone5,1]]
:::::I love your edit. But yes, I think we should resort to removing the tables from this page and adding the column "VFDecrypt Key" to [[Firmware]] and [[Beta Firmware]] as the Apple TV does get confusing. --[[User:5urd|5urd]] 18:53, 29 October 2011 (MDT)
 
  +
! [[N42AP|iPhone5,2]]
:::This is awful, there used to be a nice table you could look at and know which keys are available by firmware based on if the page is created or not... or at least what the links are to each one. Now you have to scroll through a giant list sorted by PRODUCT instead of by firmware to figure out which keys are available. What was wrong with having a little redundancy for the sake of usability? --[[User:Sbingner|Sbingner]] 19:17, 11 November 2011 (MST)
 
::::Personally, I liked the table as well as I could easily find the keys by version instead of device. If we bring the table back now, we only have the 5.0.1 betas and 5.0.1 final to bring back. But the Apple TV screwed it all. Maybe if it had its own dedicated section... Perhaps:
 
== Final ==
 
=== 1.x ===
 
=== 2.x ===
 
=== 3.x ===
 
=== 4.x ===
 
=== 5.x ===
 
=== Apple TV ===
 
== Beta ==
 
=== 1.x/2.x ===
 
=== 3.x ===
 
=== 4.x ===
 
=== 5.x ===
 
=== Apple TV ===
 
::::Any thoughts? --[[User:5urd|5urd]] 21:48, 12 November 2011 (MST)
 
:::::Despite its… "unique" versioning, I'm not too keen on splitting the Apple TV from the rest of the bunch. (To an extent, it would split the table based on product again.) I think that we should decide on what we should use for the Apple TV's firmware versions before discussing this further. --[[User:Dialexio|<span style="color:#C20; font-weight:normal;">Dialexio</span>]] 00:15, 13 November 2011 (MST)
 
::::What about bringing back the list like this:
 
::::{| class="wikitable" style="text-align: center;"
 
 
|-
 
|-
  +
| 10&nbsp;Jun&nbsp;2013
!
 
  +
! style="text-align:left;" | 11A4372q
! [[k66ap|Apple TV 2G]]
 
  +
| [[InnsbruckVailPrime 11A4372q (iPhone3,1)|7.0b]]
! [[k48ap|iPad]]
 
  +
| [[InnsbruckVailPrime 11A4372q (iPhone3,2)|7.0b]]
! [[k93ap|iPad 2 (Wi-Fi)]]
 
  +
| [[InnsbruckVailPrime 11A4372q (iPhone3,3)|7.0b]]
  +
| [[InnsbruckVailPrime 11A4372q (iPhone4,1)|7.0b]]
  +
| [[InnsbruckVailPrime 11A4372q (iPhone5,1)|7.0b]]
  +
| [[InnsbruckVailPrime 11A4372q (iPhone5,2)|7.0b]]
 
|-
 
|-
  +
| 24&nbsp;Jun&nbsp;2013
! style="text-align:left;" | 8F190
 
  +
! style="text-align:left;" | 11A4400f
| -
 
| [[Durango 8F190 (iPad)|4.3]]
+
| [[InnsbruckVailPrime 11A4400f (iPhone3,1)|7.0b2]]
  +
| [[InnsbruckVailPrime 11A4400f (iPhone3,2)|7.0b2]]
| -
 
  +
| [[InnsbruckVailPrime 11A4400f (iPhone3,3)|7.0b2]]
  +
| [[InnsbruckVailPrime 11A4400f (iPhone4,1)|7.0b2]]
  +
| [[InnsbruckVailPrime 11A4400f (iPhone5,1)|7.0b2]]
  +
| [[InnsbruckVailPrime 11A4400f (iPhone5,2)|7.0b2]]
 
|-
 
|-
  +
| 8&nbsp;Jul&nbsp;2013
! style="text-align:left;" | 8F191
 
  +
! style="text-align:left;" | 11A4414e
| -
 
  +
| [[InnsbruckVailPrime 11A4414e (iPhone3,1)|7.0b3]]
| -
 
| [[Durango 8F191 (iPad 2 GSM)|4.3]]
+
| [[InnsbruckVailPrime 11A4414e (iPhone3,2)|7.0b3]]
  +
| [[InnsbruckVailPrime 11A4414e (iPhone3,3)|7.0b3]]
  +
| [[InnsbruckVailPrime 11A4414e (iPhone3,1)|7.0b3]]
  +
| [[InnsbruckVailPrime 11A4414e (iPhone5,1)|7.0b3]]
  +
| [[InnsbruckVailPrime 11A4414e (iPhone5,2)|7.0b3]]
 
|-
 
|-
  +
| 29&nbsp;Jul&nbsp;2013
! style="text-align:left;" | 8F191m
 
  +
! style="text-align:left;" | 11A4435d
| [[Durango 8F191m (Apple TV 2G)|4.2]]
 
  +
| [[InnsbruckVailPrime 11A4435d (iPhone3,1)|7.0b4]]
| -
 
  +
| [[InnsbruckVailPrime 11A4435d (iPhone3,2)|7.0b4]]
| -
 
  +
| [[InnsbruckVailPrime 11A4435d (iPhone3,3)|7.0b4]]
|-
 
  +
| [[InnsbruckVailPrime 11A4435d (iPhone4,1)|7.0b4]]
! style="text-align:left;" | 8F202
 
| [[DurangoTide 8F202 (Apple TV 2G)|4.2.1]]
+
| [[InnsbruckVailPrime 11A4435d (iPhone5,1)|7.0b4]]
  +
| [[InnsbruckVailPrime 11A4435d (iPhone5,2)|7.0b4]]
| -
 
| -
 
|-
 
! style="text-align:left;" | 8F305
 
| [[DurangoTide 8F305 (Apple TV 2G)|4.2.2]]
 
| -
 
| -
 
|-
 
! style="text-align:left;" | 8F455
 
| [[DurangoTideCuba 8F455 (Apple TV 2G)|4.3]]
 
| -
 
| -
 
|-
 
! style="text-align:left;" | 9A334
 
| -
 
| [[Telluride 9A334 (iPad)|5.0]]
 
| [[Telluride 9A334 (iPad 2 GSM)|5.0]]
 
|-
 
! style="text-align:left;" | 9A334v
 
| [[Telluride 9A334v (Apple TV 2G)|4.4]]
 
| -
 
| -
 
 
|}
 
|}
  +
We would also break this down into .x still, so 6.x Apple TV, iPad, iPad mini, iPhone, iPod touch then 7.x and repeat. This would also work well with the new format of listing "iPhone 5 GSM" and "iPhone5,1". Let me know your thoughts. --[[User:IAdam1n|iAdam1n]] ([[User talk:IAdam1n|talk]]) 23:10, 7 March 2014 (UTC)
::::--[[User:Http|http]] 15:43, 14 November 2011 (MST)
 
  +
:+1. Could still overflow (that example already occupies over half of a 1024px wide window), but of course still better than the current format. [[User:Thekirbylover|kirb]] ([[User talk:Thekirbylover|talk]]) 02:37, 8 March 2014 (UTC)
:::::What about
 
  +
::I have taken a screenshot of what it will look like with the current suggestions [http://imgur.com/9UNiwuH here]. This will be completed on the 15th March if nobody objects.--[[User:IAdam1n|iAdam1n]] ([[User talk:IAdam1n|talk]]) 01:12, 9 March 2014 (UTC)
:::::{| class="wikitable" style="text-align: center;"
 
  +
:::This has been completed. --[[User:IAdam1n|iAdam1n]] ([[User talk:IAdam1n|talk]]) 10:11, 15 March 2014 (UTC)
|-
 
!
 
! [[k66ap|Apple TV 2G]]
 
! [[k93ap|iPad 2 (Wi-Fi)]]
 
|-
 
! style="text-align:left;" | 8F191
 
| -
 
| [[Durango 8F191 (iPad 2 GSM)|Durango 4.3]]
 
|-
 
! style="text-align:left;" | 8F191m
 
| [[Durango 8F191m (Apple TV 2G)|Durango 4.2]]
 
| -
 
|}
 
:::::--[[User:5urd|5urd]] 17:49, 14 November 2011 (MST)
 
::::::We don't need to repeat the names for every link. They are already on each page in case anybody needs to know. Having them here in the link too just wastes the space. --[[User:Http|http]] 17:52, 14 November 2011 (MST)
 
:::::::Now that you say that, I can see that. I like your idea. --[[User:5urd|5urd]] 17:53, 14 November 2011 (MST)
 
:::::I do see a problem in that... The iPad 3.2.x builds are in the 7B*** range while the 3.1.3 builds are 7D11(?)... --[[User:5urd|5urd]] 20:24, 15 November 2011 (MST)
 
:::::Apologies for neglecting to respond; I have a bit of college work on my hands. It sounds good to me as well. --[[User:Dialexio|<span style="color:#C20; font-weight:normal;">Dialexio</span>]] 08:05, 15 November 2011 (MST)
 
 
== 2.0 beta 1 ==
 
After 1.2 beta 1, the version was renamed to 2.0. The question now is if the next beta was 2.0 beta 1 or beta 2. According to [http://www.wikipedia.org/w/index.php?title=IOS_version_history#Unreleased_versions wiki] it was beta 1, but I don't believe that, as there was no evidence in ''this'' wiki. Does anybody know more? --[[User:Http|http]] 10:44, 24 October 2011 (MDT)
 
:Discussing this on Twitter resulted in the fact that just the iOS version name changed after beta 1 (or was wrong on beta 1), but the beta numbers were continuously. So I removed the non-existent 2.0b1 from the list. -- [[User:Http|http]] 15:43, 24 October 2011 (MDT)
 
:I edited wikipedia to 2.0b2, I doubt anyone will challange that... If they do, I will referance them to this wiki --[[User:5urd|5urd]] 14:11, 24 October 2011 (MDT)
 
 
== iOS 5.1 betas ==
 
iOS 5.1 betas are not on the list... --[[User:5urd|5urd]] 19:49, 9 May 2012 (MDT)
 
:They are not on the [[Beta Firmware]] list either. I have no Apple developer account. Feel free to add known missing ones. --[[User:Http|http]] 00:26, 10 May 2012 (MDT)
 
 
== ATV Beta Numbering for 5.0 ==
 
The last 5urd change opened some questions. I don't have access to betas, but I assume the beta version will not be shown anywhere on the screen. Correct me if I'm wrong. This page shows Display Versions of ATV numbers as far as I understand this. And there never was a 4th beta available for ATV. Does this mean we leave out the b4 and match the internal beta version? I would assume so. In any case all pages should match. We currently have these pages:
 
*[[VFDecrypt Keys|this page]]
 
*[[Beta Firmware]]
 
*[[Apple TV Firmware Versions]]
 
*key pages ([[TellurideVail 9A5288d (Apple TV 2G)|a]], [[TellurideVail 9A5302b (Apple TV 2G)|b]], [[TellurideVail 9A5313e (Apple TV 2G)|c]])
 
Right now they don't match (before and after 5urd's change). So we should decide what we want first.
 
--[[User:Http|http]] 13:09, 24 June 2012 (MDT)
 
:I changed it back as [[HoodooVail 9B5141a (Apple TV 2G)|HoodooVail 9B5141a]] is 5.1b3, but (due to Apple's versioning), it is 5.0b3, but listed as b2. I was the one who originally set <code>b4</code> to <code>b5</code> and so on. --[[User:5urd|5urd]] 17:54, 24 June 2012 (MDT)
 
 
== Header Rows ==
 
The header rows spanning two lines looks really ugly on small screens. I think we should change it to look like this: (6.x Beta)
 
{| class="wikitable"
 
|-
 
! rowspan="2" | Date<br />(YYYY/MM/DD)
 
! rowspan="2" | Build
 
! colspan="2" | [[Apple TV]]
 
! colspan="7" | [[iPad]]
 
! colspan="4" | [[iPhone]]
 
! colspan="1" | [[iPod&nbsp;touch]]
 
|-
 
! [[k66ap|2G]]
 
! [[j33ap|3G]]
 
! [[k93ap|2&nbsp;(Wi&#8209;Fi)]]
 
! [[k94ap|2&nbsp;(GSM)]]
 
! [[k95ap|2&nbsp;(CDMA)]]
 
! [[k93aap|2&nbsp;(Wi&#8209;Fi)&nbsp;[R2]]]
 
! [[j1ap|3&nbsp;(Wi&#8209;Fi)]]
 
! [[j2ap|3&nbsp;(CDMA)]]
 
! [[j2aap|3&nbsp;(Global)]]
 
! [[n88ap|3GS]]
 
! [[n90ap|4&nbsp;(GSM)]]
 
! [[n92ap|4&nbsp;(CDMA)]]
 
! [[n94ap|4S]]
 
! [[n81ap|4G]]
 
|}
 
Notice (in the source) the use of a [http://www.fileformat.info/info/unicode/char/2011/index.htm non-breaking hyphen] (<code>&amp;#8209;</code>) instead of a hyphen (<code>-</code>) so that a line break won't be used if the column is too small. Also notice the use of a non-breaking space (<code>&amp;nbsp;</code>) instead of spaces for the same reason. --[[User:5urd|5urd]] 18:16, 24 June 2012 (MDT)
 
:Looks good for me. I'm working mostly on the iPhone though. Let's wait for some other opinions first (or a few days if nobody answers). --[[User:Http|http]] 00:23, 25 June 2012 (MDT)
 
 
== How to ==
 
How can I get the VFDecrypt Key of a Firmware's Filesystem? Because I need the key for the Filesystem of iOS 6 GM (iPad 2 GSM), but on the [[VFDecrypt Keys]] page there isn't. Thanks. --[[User:Jaggions|Jaggions]] 13:56, 14 September 2012 (MDT)
 
:[[GenPass]] requires a decrypted ramdisk. But to get that, an exploit is needed. So ATM, the iPad 2 (+) and iPhone 4S (+) and iPod touch 5G (+) keys can't be retrieved. As I said, an exploit is needed. But that's kindof a lie. You need an iBoot exploit to upload a custom ramdisk that will be able to access the AES engine of the device. --[[User:5urd|5urd]] 19:48, 19 October 2012 (MDT)
 
:: So does the iPod touch 4G have a decrypted ramdisk in IPSW's? --[[User:Adaminsull|adaminsull]] ([[User talk:Adaminsull|talk]]) 00:28, 30 December 2012 (UTC)
 
   
== Moving [[VFDecrypt Keys]] to [[Firmware Keys]] ==
+
== [[Internal Firmware]] Keys ==
   
This page now encompasses more than just [[VFDecrypt]]'s keys. To an extent, it encompasses [[xpwntool]]'s keys also. We also don't list the keys here, but just a link to the article that does. I think that this warrants a rename to [[Firmware Keys]]. It will be a big task to fix the redirects, but it ''can'' be done. Any ideas or objections? --[[User:5urd|5urd]] ([[User talk:5urd|talk]]) 20:03, 13 August 2013 (UTC)
+
Should there be a keys page just for SwitchBoard firmwares that also have NOR dumps/are restore bundles, so that people can decrypt these firmwares (if they have them and don't have a device with the same SoC) and explore files themselves? --[[User:Ilikeiphone123|Ilikeiphone123]] ([[User talk:Ilikeiphone123|talk]]) 16:12, 13 March 2021 (UTC)

Latest revision as of 16:13, 13 March 2021

Archives
 • 2009 • 2010 • 2011 • 2012 • 2013 •

iKeys

I was wondering if anyone had any info on "iKeys". It's mentioned here at the bottom. I'd imagine it's like GenPass but just wondering. Any info is appreciated. --OMEGA_RAZER

Exploit?

Am I to understand that a low level exploit is needed to get the VFDecrypt key? --Shengis14 18:50, 8 October 2010 (UTC)

No, that's not completely true. :P One has to manage to get the key/IV for a ramdisk, and then use GenPass to get the VFDecrypt key. --dra1nerdrake 21:27, 8 October 2010 (UTC)
How would someone like myself go about geting the key/IV for a ramdisk? --Shengis14 22:13, 8 October 2010 (UTC)
You would need (at the very least) an iBoot exploit and a payload to upload that is able to access the AES engine of the device. --OMEGA RAZER 22:16, 8 October 2010 (UTC)
It's just that one of the reasons I'm confused is why there is a sudden jump in the number of keys for the iPod touch 3G on 4.0-4.1?
There isn't an exploit that is iBoot level or lower for that device. --Shengis14 22:50, 8 October 2010 (UTC)

New page?

I think we should make a new page detailing how to utilise Gojohnnyboi's AES payload to get the keys including screenies on opening up an img3 in a hex editor and getting the KBAG etc. Then the keys won't be left to the main devs and iH8sn0w to post. Then all these beta FWs can be decrypted faster and more keys can be posted. I myself would definitely be interested in getting the KBAG etc. and if anybody could create such a page then I would definitely be interested in posting keys myself. Once created the page shouldn't need too much housekeeping either since the process won't change until IMG4 comes along which I will dread :P Who's up to it?? blackthund3r 11:43, 20 October 2010 (UTC)

New table format.

I was thinking, because the tables do not fit into the normal view (7.x beta's for example), maybe we could think of a new design. I had an idea of maybe using device tables, so we could have something like the below (of course we would have a beta and public sections and all devices would be added);

iPhone (As a heading, since actually adding this would break the topic, making it two.)

Date Build iPhone 4 iPhone 4S iPhone 5
iPhone3,1 iPhone3,2 iPhone3,3 iPhone5,1 iPhone5,2
10 Jun 2013 11A4372q 7.0b 7.0b 7.0b 7.0b 7.0b 7.0b
24 Jun 2013 11A4400f 7.0b2 7.0b2 7.0b2 7.0b2 7.0b2 7.0b2
8 Jul 2013 11A4414e 7.0b3 7.0b3 7.0b3 7.0b3 7.0b3 7.0b3
29 Jul 2013 11A4435d 7.0b4 7.0b4 7.0b4 7.0b4 7.0b4 7.0b4

We would also break this down into .x still, so 6.x Apple TV, iPad, iPad mini, iPhone, iPod touch then 7.x and repeat. This would also work well with the new format of listing "iPhone 5 GSM" and "iPhone5,1". Let me know your thoughts. --iAdam1n (talk) 23:10, 7 March 2014 (UTC)

+1. Could still overflow (that example already occupies over half of a 1024px wide window), but of course still better than the current format. kirb (talk) 02:37, 8 March 2014 (UTC)
I have taken a screenshot of what it will look like with the current suggestions here. This will be completed on the 15th March if nobody objects.--iAdam1n (talk) 01:12, 9 March 2014 (UTC)
This has been completed. --iAdam1n (talk) 10:11, 15 March 2014 (UTC)

Internal Firmware Keys

Should there be a keys page just for SwitchBoard firmwares that also have NOR dumps/are restore bundles, so that people can decrypt these firmwares (if they have them and don't have a device with the same SoC) and explore files themselves? --Ilikeiphone123 (talk) 16:12, 13 March 2021 (UTC)