Curiosity has gotten the most of me, I've been jailbreaking and unlocking since shortly after I got my original iPhone 2G. But I've never quite understood how the jailbreak gets done and what it's doing.

I'm not asking for you guys to detail something that Apple may not know, but an older exploit and how it really works would be interesting. (and feel free to say that this stuff is too secret to post in an open forum)

is this written down anywhere? (like maybe the 24kpwn exploit that Apple plugged already)

Same goes for the unlock and how an older baseband exploit was done.


thanks

[QUOTE=unclemiltie;653236]Curiosity has gotten the most of me, I've been jailbreaking and unlocking since shortly after I got my original iPhone 2G. But I've never quite understood how the jailbreak gets done and what it's doing.

I'm not asking for you guys to detail something that Apple may not know, but an older exploit and how it really works would be interesting. (and feel free to say that this stuff is too secret to post in an open forum)

is this written down anywhere? (like maybe the 24kpwn exploit that Apple plugged already)

Same goes for the unlock and how an older baseband exploit was done./QUOTE]

0x24000 Segment Overflow - The iPhone Wiki
Pwnage 2.0 - The iPhone Wiki
Spirit - The iPhone Wiki
Star - The iPhone Wiki
Ultrasn0w - The iPhone Wiki
usb_control_msg(0xA1, 1) Exploit - The iPhone Wiki

and much more.. pretty much everything that is public (stuff that it is OK for Apple to know about because they have already fixed it or can't ever fix it) is on the iPhone wiki.

The latest combination bootrom (from geohot) and kernel (from comex) exploit (introduced with limera1n and now available in Pwnagetool 4.1.x redsn0w 0.9.6b2 and greenpois0n) hasn't yet been documented.

Thank you!

This is very interesting work. I can only imagine how you guys do this. Cool