Page 14 of 14 FirstFirst ... 4567891011121314
Results 131 to 140 of 140
Discuss [1.1.3] Firmware Image Decryption Key at the General - Hackint0sh.org; Originally Posted by thecompkid I am back at 1.1.2 and I am willing to try ...
  1. #131
    Senior Professional Array

    Join Date
    Nov 2007
    Posts
    406
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    0

    Default

    Quote Originally Posted by thecompkid View Post
    I am back at 1.1.2 and I am willing to try any upgrade persistent hacks, despite how much of a PITA downgrading was. Has it been confirmed that the entire root partition is wiped during an upgrade? I think i'm going to try replacing one of the official iPhone apps, like stocks, with installer.app and matching the size somehow.
    I still think the way to do this hijack is with Webclips, it makes some sense, also going off speculative posts saying it is like doing 1.1.2 perhaps a modified iPhuc?
    O2 UK iPhone Tarrif
    1.1.4 Firmware Jailbroken / Unlocked


  2. #132
    J to the T. Shaken, not Stirred Array thecompkid's Avatar

    Join Date
    Jul 2007
    Posts
    1,152
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    75

    Default

    Well, I'm just going to operate under the assumption that a normal update mkfs's the whole partition even though I haven't gotten complete confirmation. I think it's pretty obvious anyway, so I'm not wasting my time.

    As previously stated, we can just forget about the exploits until we get a good developer on our side, right now all we have available is just non-dev hacking, which isn't really the worst considering it's what got (almost) every previous jailbreak running.

    We know we can't modify the .ipsw, that has been a given since 1.0.0.

    What does that leave us with? Not much, just iTunes hacking and that ever mysterious secret pathway you only notice once you're inside (sorry, that's not really an option, is it? :p )

    Anyone think there's a predictable order to the way the files are written to the iPhone during a restore? Hey, wait a minute, isn't the iPhone technically jailbroken as the files are being copied? I know this is a long shot, but what if we could somehow piggyback on that process and slip a file or two in? I've also heard that the restore is copied over as a compressed dmg and the actual unzip is done on the iPhone, but that doesn't make it impossible, does it? I believe that the key to JBing 1.1.3 is in the one aspect of the upgrade process that we can control: the computer doing the upgrading. Unfortunately, this would require code, probably more complex than the exploits, but if it were implemented correctly, it could actually be FW upgrade resistant (but not iTunes upgrade resistant, less of a problem anyway). Hell, it would probably even require a rigged USB driver, but that immunity would be worth every ounce of effort. Of course, the reality of all this is that the dev team has probably already looked into in and found out that all communication is encrypted, or something along those lines.

  3. #133
    Advanced Array

    Join Date
    Jan 2008
    Posts
    45
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    0

    Default

    Quote Originally Posted by thecompkid View Post
    Well, I'm just going to operate under the assumption that a normal update mkfs's the whole partition even though I haven't gotten complete confirmation. I think it's pretty obvious anyway, so I'm not wasting my time.

    As previously stated, we can just forget about the exploits until we get a good developer on our side, right now all we have available is just non-dev hacking, which isn't really the worst considering it's what got (almost) every previous jailbreak running.

    We know we can't modify the .ipsw, that has been a given since 1.0.0.

    What does that leave us with? Not much, just iTunes hacking and that ever mysterious secret pathway you only notice once you're inside (sorry, that's not really an option, is it? :p )

    Anyone think there's a predictable order to the way the files are written to the iPhone during a restore? Hey, wait a minute, isn't the iPhone technically jailbroken as the files are being copied? I know this is a long shot, but what if we could somehow piggyback on that process and slip a file or two in? I've also heard that the restore is copied over as a compressed dmg and the actual unzip is done on the iPhone, but that doesn't make it impossible, does it? I believe that the key to JBing 1.1.3 is in the one aspect of the upgrade process that we can control: the computer doing the upgrading. Unfortunately, this would require code, probably more complex than the exploits, but if it were implemented correctly, it could actually be FW upgrade resistant (but not iTunes upgrade resistant, less of a problem anyway). Hell, it would probably even require a rigged USB driver, but that immunity would be worth every ounce of effort. Of course, the reality of all this is that the dev team has probably already looked into in and found out that all communication is encrypted, or something along those lines.
    I like where your head is at. What if someone came up with a Hardware USB "filter" device that could go inline between the computer and the iphone that would allow the two to communicate, but also allow us to modify any data transmission between the two. I am sure that there are checksums which would prohibit this. But such devices exist as keystroke loggers. I have never seen a USB one, but I have seen PS2 versions. They don't allow intervention, but they do log everything. However, if we had a device or software that could talk directly to the iphone through the USB port, I don't guess any of that would matter.

    Could the code in the infamous y.tiff file be used to create a quicktime file and a .png file to test the theories?

  4. #134
    Respected Professional Array

    Join Date
    Sep 2007
    Posts
    695
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    55

    Default

    I would like to point out that I am collaborating with an unamed person at the time, and we may really have something here. This person was able to jailbreak with major problems requiring a restore, of which I think I know how to fix.

    Also, an idea I just had based on the above posts, but a little different is this: We find something to log everything iTunes does during the upgrade, downgrade the iPhone to 1.1.1/1.1.2 again, then this time, use what we have logged to do the upgrade. All we'd have to do is replace or add something to it that would allow for a patched fstab and lockdownd, then we should be good to go. That is a long shot, but if there is no way of getting the method I mentioned at the top of my post working, let's not rule this out as a possibility...

  5. #135
    Senior Professional Array

    Join Date
    Sep 2007
    Posts
    253
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    20

    Default

    This kind of utilities exist, just search for USB logger or snifer or something in those lines.

    However, I'm pretty sure that's the first thing anyone would try so I'm guessing the communication between itunes and the phone is encrypted.


  6. #136
    Newbie Array

    Join Date
    Jan 2008
    Posts
    5
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    0

    Default

    Quote Originally Posted by ChronicProductions View Post
    I would like to point out that I am collaborating with an unamed person at the time, and we may really have something here. This person was able to jailbreak with major problems requiring a restore, of which I think I know how to fix.

    Also, an idea I just had based on the above posts, but a little different is this: We find something to log everything iTunes does during the upgrade, downgrade the iPhone to 1.1.1/1.1.2 again, then this time, use what we have logged to do the upgrade. All we'd have to do is replace or add something to it that would allow for a patched fstab and lockdownd, then we should be good to go. That is a long shot, but if there is no way of getting the method I mentioned at the top of my post working, let's not rule this out as a possibility...
    In the name of not being like the dev team, please make sure to post your findings here. More brains can always help

    I hope you really have something there!!

    Edit: You don't have to, of course, if you don't want to, but I just think it might help.

  7. #137
    Former Bender
    Guest

    Default

    Quote Originally Posted by chivopelado View Post
    Dude, you have already been told too many times STFU!!!
    Do i need to remind you my previous post ?

  8. #138
    Developer Array cosmoLV's Avatar

    Join Date
    Dec 2007
    Location
    Latvia
    Posts
    320
    Post Thanks / Like
    Downloads
    1
    Uploads
    0
    Rep Power
    23
    [SIZE=2]Location: Latvia

    ---

  9. #139
    Developer Array cosmoLV's Avatar

    Join Date
    Dec 2007
    Location
    Latvia
    Posts
    320
    Post Thanks / Like
    Downloads
    1
    Uploads
    0
    Rep Power
    23

    Default

    Quote Originally Posted by wlp5 View Post
    This kind of utilities exist, just search for USB logger or snifer or something in those lines.

    However, I'm pretty sure that's the first thing anyone would try so I'm guessing the communication between itunes and the phone is encrypted.
    You try this? http://code.google.com/p/iphonebrowser
    Last edited by Former Bender; 01-23-2008 at 09:03 AM.
    [SIZE=2]Location: Latvia

    ---

  10. #140
    Senior Professional Array libertybenz2's Avatar

    Join Date
    Jan 2008
    Location
    New Jersey
    Posts
    253
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    26

    Default

    someone found the key! unless its a diff one , then forget it lol

    http://www.hackint0sh.org/forum/show...510#post189510

    PrOuD To AnNoUncE

    <-DeV*TeAm->

    [XianLi's edit][Thread closed to prevent several same topics, please continue in this new thread]
    Last edited by Former Bender; 01-23-2008 at 08:15 AM.


 

 

Similar Threads

  1. 1.1.4 firmwire decryption
    By winmedia in forum General
    Replies: 8
    Last Post: 04-15-2008, 10:43 AM
  2. Firmware image signed
    By non4bidden in forum iPhone "2G" (Rev. 1)
    Replies: 3
    Last Post: 02-27-2008, 10:00 AM
  3. [1.1.3] deleting the firmware image
    By syamazing15 in forum General
    Replies: 4
    Last Post: 01-25-2008, 12:53 PM
  4. I have an idea on how to decrypt the 1.1.1 firmware image
    By ChronicProductions in forum iPhone "2G" (Rev. 1)
    Replies: 27
    Last Post: 10-01-2007, 01:04 PM
  5. Regarding new firmware image 1.1.1
    By vpr in forum General
    Replies: 0
    Last Post: 09-29-2007, 12:09 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Powered by vBulletin®
Copyright © 2014 vBulletin Solutions, Inc. All rights reserved.
Search Engine Friendly URLs by vBSEO
(c) 2006-2012 Hackint0sh.org
All times are GMT +2. The time now is 12:10 AM.
twitter, follow us!