[3GS] iBoot-359.3.2 - No 24kpwn !

vikram · #1 (**permalink**) 10-14-2009, 01:02 AM

chainsaws problem

Quote:

"@MuscleNerd @geohot @iphone_dev There is a new iphone 3GS Bootrom iBoot- (24kpwn no workie)" - Mathieu Hervais

Quote:

"yay! new 3gs bootrom apparently kills 24kpwn." - cpich3g

Quote:

"oh oh, from what @cpich3g + @Mathieulh have found so far, a normal untethered JB may be in jeopardy in brand new 3GS units" - MuscleNerd

hurry purchase old 3GS asap before new1 hits the shelves.

truehybridx · #2 (**permalink**) 10-14-2009, 04:06 AM

lol gee they fixed the problem.... wonder what hole they made while doing that

vikram · #3 (**permalink**) 10-17-2009, 01:19 PM

We can now confirm that the new 8GB iPod touch is not vulnerable to 24Kpwn. It took just 6 bytes for Apple to fix this:

Code:

load_module+16   43 68    LDR  R3, [R0,#bdevImg.totalSize]
load_module+18   9A 42    CMP  bufsize, R3
load_module+1A   13 D3    BCC  FAIL

Code:

find_named_image(illb): 000100d8  00024100  696c6c62 696d6733 
                        dataSize  totalSize illb     img3

Given how small the fix is, it seems likely that it was also applied to that updated bootrom of very recent iPhone 3GS devices. We'll be able to confirm this once we have an actual one of those in hand.

Update #2 10/17/2009

Confirmation that the new 8GB iPod touch is at least a tethered jailbreak. This device doesn't require personalized img3 files in the way that the iPhone 3GS and iPod touch 3G do. For this reason, it will “always” be jailbreakable (no need to rush and get your ECID signed hashes like you do for the 3GS and ipt3G). But for the foreseeable future, it will be a tethered jailbreak only.

source: DevTeam

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
MacNN: Hackers crack iBoot, dual-boot 1.x iPhone firmware	hackint0sh	Latest Headlines	0	07-14-2008 05:20 PM