Talk:N72AP

From The iPhone Wiki
Revision as of 18:42, 13 September 2008 by ChronicDev (talk | contribs) (wait!: new section)
Jump to: navigation, search

Anyone got one? ~geohot

Cool, didn't realize I could download the new Touch fw.

You have a decrypted copy of iBSS in \iPod2,1_2.1.1_5F138_Restore\Firmware\dfu\iBSS.n72ap.RELEASE.dfu

I'm almost sure the DFU exploit is still there, because the DFU file is still 89001. Use my iBoot patch to patch that iBSS and run the AES engine straight from iBoot. Use iran to upload the patched version.

okay now

Is the DFU exploit there? Test it using "iran", not iTunes. If not, then we are up against something. Otherwise, why the long talk page?

assuming the DFU exploit is still there...

1. Do the old iBSSes and iBECs run(with exploit)? If so, you are done, just use my iBoot patches to run the AES engine right from iBoot. No chainloading required.

2. The DFUs all weren't encrypted on the iPhone firmware, including the iBSS and iBEC ones. Still true? Then theres iBoot.

assuming the DFU exploit is gone...

1. If the old iBoots run(without exploit, from normal DFU), run 1.1.4 and use the diags exploit to strap into a patched iBoot.

questions

that actually would make a lot of sense. the only thing is, would new code be needed to decrypt the kbags, or business as usual since it is just a gid key change? i would think it is the later but im no crypto genius so i cant be too sure.

I know the jist of how the diags exploit works, but how exactly would i strap on another iBoot. basically, do you have code handy for that? preferably in the form of already laid out 'mw's so that i can just copy and paste :P but thats asking too much. in all seriousness, please let me know if you do as i paln on picking one up soon.

wait!

Although it for some strange reason parses 8900 files, I just realized...they could have just fixed the bootrom stack overflow, and kept parsing intact for whatever reason...