Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 28
Discuss [idea] Standalone jailbreak (semi-tethered) at the Blackra1n (3G(S) jailbreak) - Hackint0sh.org; It seems that the iPhone in recovery mode implements a kind of serial interface to ...
  1. #11
    Rookie Array

    Join Date
    Jul 2006
    Posts
    10
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    0

    Default

    It seems that the iPhone in recovery mode implements a kind of serial interface to send commands and it would be totally possible to put that code in a microcontroller to have a 'jailbreak dongle'.

    Shame blackra1n isn't open source to pick up the code and upload it up (with modifications of course) on a MSP430 or even a cheaper PIC.


  2. #12
    Super Moderator Array Olethros's Avatar

    Join Date
    Sep 2007
    Location
    Norway
    Posts
    8,360
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    439

    Default

    Quote Originally Posted by Arcanis View Post
    It seems that the iPhone in recovery mode implements a kind of serial interface to send commands and it would be totally possible to put that code in a microcontroller to have a 'jailbreak dongle'.

    Shame blackra1n isn't open source to pick up the code and upload it up (with modifications of course) on a MSP430 or even a cheaper PIC.
    Look at the source code for iRecovery. posixninja's irecovery at master - GitHub
    This exploit is implemented in the latest revision.

    Not sure if that is really what you want though.

    This talk of a serial dongle requires a semi-tethered jailbreak implementation.
    I am pretty sure blackra1n is not written with that kind of jailbreak in mind.
    Last edited by Olethros; 12-26-2009 at 11:45 PM.
    Please read the stickies & search forum before posting!
    How to report an iTunes restore/update fail in a useful manner
    -

    iPad 3G 64GB (4.3.3, Redsn0w) oldest SHSH 3.2.2
    iPhone 4 32GB (4.2.1, Redsn0w JB-monte) oldest SHSH 4.1
    iPhone 3GS 32GB (4.3.3; Pwnagetool) factory unlocked oldest SHSH 3.1
    iPhone 8GB (3.1.3; Pwnagetool) AT&T Locked - Unlocked with bootneuter

    -
    Did we solve your problem? Got a dollar or two spare ? Donate!

  3. #13
    Rookie Array

    Join Date
    Jul 2006
    Posts
    10
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    0

    Default

    Quote Originally Posted by Olethros View Post
    Look at the source code for iRecovery. posixninja's irecovery at master - GitHub
    This exploit is implemented in the latest revision.

    Not sure if that is really what you want though.

    This talk of a serial dongle requires a semi-tethered jailbreak implementation.
    I am pretty sure blackra1n is not written with that kind of jailbreak in mind.
    I know blackra1n wasn't written with that purpose, but a serial dongle with blackra1n code would be a portable jailbreaking device for both tethered and un tethered iphones/ipod touches.

    I was looking the iRecovery source and seems implementable in a microcontroller, my only doubt is in a tethered jailbroken device i could use some iBoot commands to force booting the device, I don't know what blackra1n really does to boot it bypassing the signature check.

  4. #14
    Newbie Array

    Join Date
    Nov 2007
    Posts
    4
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    0

    Default

    PEU as a fellow argentinian and a 3GS user count me in! I will help you in anyway I can

  5. #15
    peu
    peu is offline
    Respected Professional Array peu's Avatar

    Join Date
    Aug 2007
    Location
    Buenos Aires Argentina (I like ribs)
    Posts
    501
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    34

    Default

    anyone tried to capture the USB handshake between an already jailbroken 3gs and the pc with an usb sniffer?

    I'm getting my 3gs tomorrow, will try to do it, I guess most of the payload is geohot picture

    5>evaders>JB 6.12
    4S>5.01>>5.11>redsnow>JB 5.1.1
    4>Limera1n B1>4.3.2>IOS5 GM>redsnow>JB 5.0
    3GS>blackra1n RC3>3.1.2>Spirit>Unlock 3.1.2>Jailbreakme.com>Ultrasn0w 2.0>JB 4.01
    3G>redsn0w 0.72>ultrasn0w>Unlock 3.0>pwnage 3.14>JB 3.1.2
    2G>hardware unlock>elite-team virginizer>upgrade to 1.1.1>toc2rta JB>anysim 1.1>unlock 1.1.1>Restored to 1.1.3>Ziphone 2.2>Unlock 1.1.3>Modified Ziphone>iClarified unlock patch>Unlocked 1.1.4>QuickPWN>2.0.2>2.1>2.2>2.2.1>redsn0w 0.71>JB 3.0


  6. #16
    peu
    peu is offline
    Respected Professional Array peu's Avatar

    Join Date
    Aug 2007
    Location
    Buenos Aires Argentina (I like ribs)
    Posts
    501
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    34

    Default

    it seems geohot picked up the idea: Twitter / George Hotz: Do you want a dongle to bo ...

    Let's hope he commits or at least tell us the details of the handshake so it can be implemented by the community.

    I also hope the thingy is keychainable.


    I'm getting my 3GS today YAY!!

    5>evaders>JB 6.12
    4S>5.01>>5.11>redsnow>JB 5.1.1
    4>Limera1n B1>4.3.2>IOS5 GM>redsnow>JB 5.0
    3GS>blackra1n RC3>3.1.2>Spirit>Unlock 3.1.2>Jailbreakme.com>Ultrasn0w 2.0>JB 4.01
    3G>redsn0w 0.72>ultrasn0w>Unlock 3.0>pwnage 3.14>JB 3.1.2
    2G>hardware unlock>elite-team virginizer>upgrade to 1.1.1>toc2rta JB>anysim 1.1>unlock 1.1.1>Restored to 1.1.3>Ziphone 2.2>Unlock 1.1.3>Modified Ziphone>iClarified unlock patch>Unlocked 1.1.4>QuickPWN>2.0.2>2.1>2.2>2.2.1>redsn0w 0.71>JB 3.0

  7. #17
    Newbie Array

    Join Date
    May 2009
    Posts
    2
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    0

    Default

    Hello. This idea has been tossed around, the biggest issue is you can't use serial for sending the exploit. The actual vulnerabality for the exploit is in the USB code of the bootloader, so it would require at least a uC with a USB (OTG?) controller.

  8. #18
    peu
    peu is offline
    Respected Professional Array peu's Avatar

    Join Date
    Aug 2007
    Location
    Buenos Aires Argentina (I like ribs)
    Posts
    501
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    34

    Default

    Quote Originally Posted by posixninja View Post
    Hello. This idea has been tossed around, the biggest issue is you can't use serial for sending the exploit. The actual vulnerabality for the exploit is in the USB code of the bootloader, so it would require at least a uC with a USB (OTG?) controller.
    18F series microchip PICs have USB capabilities, but to start thinking about doing something, one needs to know the handshake/timings/etc
    There are also chips from TI, freescale, etc with USB capabilities.

    I still think this is a great community project, if code&schematics are posted in the open its a matter of time more than one entrepeneur will make a cheap version to be sold to the masses.

    Keep in mind that if you need an portable solution you can use a cheap netbook, nowadays they run for less than $150, so IMHO a dongle like this one can't be more than $50 shipped with some nice profit for the maker, but I see the price market driven to near $20 shipped if more than one person makes them...

    5>evaders>JB 6.12
    4S>5.01>>5.11>redsnow>JB 5.1.1
    4>Limera1n B1>4.3.2>IOS5 GM>redsnow>JB 5.0
    3GS>blackra1n RC3>3.1.2>Spirit>Unlock 3.1.2>Jailbreakme.com>Ultrasn0w 2.0>JB 4.01
    3G>redsn0w 0.72>ultrasn0w>Unlock 3.0>pwnage 3.14>JB 3.1.2
    2G>hardware unlock>elite-team virginizer>upgrade to 1.1.1>toc2rta JB>anysim 1.1>unlock 1.1.1>Restored to 1.1.3>Ziphone 2.2>Unlock 1.1.3>Modified Ziphone>iClarified unlock patch>Unlocked 1.1.4>QuickPWN>2.0.2>2.1>2.2>2.2.1>redsn0w 0.71>JB 3.0

  9. #19
    Newbie Array

    Join Date
    Mar 2010
    Posts
    4
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    0
    Last edited by nono240; 03-05-2010 at 09:55 PM.

  10. #20
    peu
    peu is offline
    Respected Professional Array peu's Avatar

    Join Date
    Aug 2007
    Location
    Buenos Aires Argentina (I like ribs)
    Posts
    501
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    34

    Default

    Excellent! I hope he open sources it so I can build one and/or someone can improve it.

    5>evaders>JB 6.12
    4S>5.01>>5.11>redsnow>JB 5.1.1
    4>Limera1n B1>4.3.2>IOS5 GM>redsnow>JB 5.0
    3GS>blackra1n RC3>3.1.2>Spirit>Unlock 3.1.2>Jailbreakme.com>Ultrasn0w 2.0>JB 4.01
    3G>redsn0w 0.72>ultrasn0w>Unlock 3.0>pwnage 3.14>JB 3.1.2
    2G>hardware unlock>elite-team virginizer>upgrade to 1.1.1>toc2rta JB>anysim 1.1>unlock 1.1.1>Restored to 1.1.3>Ziphone 2.2>Unlock 1.1.3>Modified Ziphone>iClarified unlock patch>Unlocked 1.1.4>QuickPWN>2.0.2>2.1>2.2>2.2.1>redsn0w 0.71>JB 3.0


 

 
Page 2 of 3 FirstFirst 123 LastLast

Similar Threads

  1. Replies: 0
    Last Post: 03-28-2011, 06:10 PM
  2. Replies: 0
    Last Post: 03-05-2010, 06:27 PM
  3. Tethered Jailbreak gone?
    By Siren2010 in forum iOS 3.x (iPhone OS 3.x)
    Replies: 1
    Last Post: 02-02-2010, 09:23 PM
  4. Will this jailbreak be tethered?
    By nycmetz86 in forum iPhone 3GS
    Replies: 5
    Last Post: 12-20-2009, 05:04 PM
  5. Semi-Tethered Jailbreak
    By dtube in forum iPod Touch 2G
    Replies: 4
    Last Post: 08-28-2009, 02:55 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Powered by vBulletin®
Copyright © 2014 vBulletin Solutions, Inc. All rights reserved.
Search Engine Friendly URLs by vBSEO
(c) 2006-2012 Hackint0sh.org
All times are GMT +2. The time now is 10:14 PM.
twitter, follow us!