From The iPhone Wiki
Jump to: navigation, search

Anyone got one? ~geohot

Cool, didn't realize I could download the new Touch fw.

You have a decrypted copy of iBSS in \iPod2,1_2.1.1_5F138_Restore\Firmware\dfu\iBSS.n72ap.RELEASE.dfu

I'm almost sure the DFU exploit is still there, because the DFU file is still 89001. Use my iBoot patch to patch that iBSS and run the AES engine straight from iBoot. Use iran to upload the patched version.

okay now

Is the DFU exploit there? Test it using "iran", not iTunes. If not, then we are up against something. Otherwise, why the long talk page?

assuming the DFU exploit is still there...

1. Do the old iBSSes and iBECs run(with exploit)? If so, you are done, just use my iBoot patches to run the AES engine right from iBoot. No chainloading required.

2. The DFUs all weren't encrypted on the iPhone firmware, including the iBSS and iBEC ones. Still true? Then theres iBoot.

assuming the DFU exploit is gone...

1. If the old iBoots run(without exploit, from normal DFU), run 1.1.4 and use the diags exploit to strap into a patched iBoot.


that actually would make a lot of sense. the only thing is, would new code be needed to decrypt the kbags, or business as usual since it is just a gid key change? i would think it is the later but im no crypto genius so i cant be too sure.

I know the jist of how the diags exploit works, but how exactly would i strap on another iBoot. basically, do you have code handy for that? preferably in the form of already laid out 'mw's so that i can just copy and paste :P but thats asking too much. in all seriousness, please let me know if you do as i paln on picking one up soon.


Although it for some strange reason parses 8900 files, I just realized...they could have just fixed the bootrom stack overflow, and kept parsing intact for whatever reason...

i have one

i have the 2g touch if anyone wants me to do any testing. I use a mac, if you need to contact me email me at cuz i won't be checking this page.

I got one too. I'll have to stop using it before November since I'll give it as a birthday present, but not I can test that it is working well :p. My email address is Geohot, if you want to contact me, mail me, use google talk (either via gmail or via iChat for mac) or this address as a Windows Live Messenger. BTW, I sent you a 10 US$ donation for the bootloader 4.6 software unlock(s) and all your work.

i have a 2g touch. I tried to upload an old iBSS but I get 'Memory image not valid' when I try to run it. Any ideas?