Talk:Telluride 9A406 (iPhone4,1)

Key location

Everyone is saying that the VFDecrypt keys were practically included in the OS, but I can't find em :P Where would they be in the IPSW? --rdqronos 20:01, 15 December 2011 (MST)

The VFDecrypt key is in the ramdisk. You could use GenPass to get it. --Dialexio 22:12, 15 December 2011 (MST)

I am sure they were referring to the fact that, because the ramdisks are unencrypted, they were able to be "extracted" without the device. --5urd 17:05, 16 December 2011 (MST)

continuing from this, where do you get the ramdisk key if it is encrypted? --adaminsull (talk) 18:43, 29 January 2013 (UTC)

The ramdisk's KBAG needs to be decrypted with the device's GID key. There is no way to extract the GID key; you need a bootrom exploit (an iBoot exploit may suffice?) to use the device's AES engine. Once you have the IV and key, you can use xpwntool to decrypt the ramdisk. --Dialexio (talk) 20:43, 29 January 2013 (UTC)

How would I get the GID key on an A4 device? --adaminsull (talk) 20:56, 29 January 2013 (UTC)

You can't. GID key is only in hardware and has never been extracted. You can only ask the hardware to use the GID key to decrypt something for you. --http (talk) 23:53, 30 January 2013 (UTC)

Then how do I do that? --adaminsull (talk) 23:57, 30 January 2013 (UTC)