Page 9 of 12 FirstFirst 123456789101112 LastLast
Results 81 to 90 of 115
Discuss A new exploit discovered, might help in cracking 1.1.1 soon at the General - Hackint0sh.org; Originally Posted by shodanjr_gr It's not better than decrypting the update files because we still ...
  1. #81
    Amazingly Knowledgeable Array Locked's Avatar

    Join Date
    Aug 2007
    Location
    127.0.0.1
    Posts
    900
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    53

    Default

    Quote Originally Posted by shodanjr_gr View Post
    It's not better than decrypting the update files because we still dont have access to the baseband firmware (this isnt mapable to the filesystem).
    Taking a look at the lockdown dir can reveal a lot of interesting stuff.

    Patience my friend...


  2. #82
    The Man Array aviegas's Avatar

    Join Date
    Sep 2007
    Posts
    1,108
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    73

    Default

    Actually the filesystem difference is not that the /dev/disk0s2 has the noexec flag (it's also there on 1.0.2), but the fact the /dev/disk0s1 is mounted RO under darwin, meaning that it's locked.

    Gaining RW access to /dev/disk0s1 (that is the root directory) is the key to jailbreaking. Without RW access to it, one can't store files in /Application and thus can't run apps, or any other executable.

    The challenge now is to find a way to change the fstab so that the fstab will reflect /dev/disk0s1 as mountable as RW. Then we are in serious business

  3. #83
    Ken
    Ken is offline
    Advanced Array

    Join Date
    Sep 2007
    Posts
    33
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    0

    Default

    ^^ +1

    Fellas.. There is alot of action in the #iphone-dev channel.. Take a look and just watch.. It will come just be patient..

  4. #84
    The Man Array aviegas's Avatar

    Join Date
    Sep 2007
    Posts
    1,108
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    73

    Default

    Maybe someone else has mentioned or thought about this, but it just came to my mind that with a unix shell it's very simple to revert the a RO filesystem to RW.

    I've tried that with 1.0.2 it works, so apparently the iPhone darwin behave like a normal Unix, as far as moving a filesystem from RO to RW.

    Just execute the mount command as part of the TIFF exploit and voila! Well I can't swear it will work, but I'm quite sure it will.

    Then just replace the fstab and reboot to make it permanent.

  5. #85
    Amazingly Knowledgeable Array Locked's Avatar

    Join Date
    Aug 2007
    Location
    127.0.0.1
    Posts
    900
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    53

    Default

    Quote Originally Posted by aviegas View Post
    Maybe someone else has mentioned or thought about this, but it just came to my mind that with a unix shell it's very simple to revert the a RO filesystem to RW.

    I've tried that with 1.0.2 it works, so apparently the iPhone darwin behave like a normal Unix, as far as moving a filesystem from RO to RW.

    Just execute the mount command as part of the TIFF exploit and voila! Well I can't swear it will work, but I'm quite sure it will.

    Then just replace the fstab and reboot to make it permanent.
    It is not as easy as you might think. Try posting this on the dev channel and prepare to be slaughtered


  6. #86
    The Man Array aviegas's Avatar

    Join Date
    Sep 2007
    Posts
    1,108
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    73

    Default

    Quote Originally Posted by Locked View Post
    It is not as easy as you might think. Try posting this on the dev channel and prepare to be slaughtered
    I'm not saying that it's simple, but in theory (and the 1.0.2 mount test) it could work.

    The regular jailbreak uses iTunes as the conduit to change the fstab. I'm just thinking on ways to combine 2 things: the TIFF exploit and the symbolic-link-before-upgrade to gain access to the filesystem. Then the rest would follow. Never implying it's simple. It isn't.

  7. #87
    Newbie Array

    Join Date
    Oct 2007
    Posts
    1
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    0

    Default

    what is the irc connection and room #?

  8. #88
    mr_
    mr_ is offline
    Senior Professional Array

    Join Date
    Sep 2007
    Posts
    100
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    12

    Default

    by the way, to add to the useless tidbits, according to the irc channel we now know that the 1.1.1 root password is "alpine" (instead of "dottie")--since it is a word you find in a dictionary, it took only a few milliseconds of CPU time to figure it out. goodnight everyone for tonight
    Last edited by mr_; 10-06-2007 at 02:20 AM.

  9. #89
    Amazingly Knowledgeable Array

    Join Date
    Jul 2007
    Location
    Fort Meade
    Posts
    941
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    55

    Default

    Quote Originally Posted by mr_ View Post
    by the way, to add to the useless tidbits, according to the irc channel we now know that the 1.1.1 root password is "alpine" (instead of "dottie")--since it is a word you find in a dictionary, it took only a few milliseconds of CPU time to figure it out. goodnight everyone for tonight
    So maybe, maybe Apple (or their software developers ) aren't as bad as we thought when FW 1.1.1 came out. They have to put up a fight, at least "on paper" to please their carrier partners.

  10. #90
    Professional Array

    Join Date
    Sep 2007
    Posts
    69
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    10

    Default

    wow.. I must say this is exciting news !! it feels good to hear about progress in cracking 1.1.1 !!


 

 

Similar Threads

  1. AT&T cracking down on tethering?
    By unclemiltie in forum iPhone 4
    Replies: 5
    Last Post: 03-21-2011, 05:23 PM
  2. need help with cracking avid mc!!!!
    By chopmeat in forum Installation
    Replies: 0
    Last Post: 07-23-2009, 07:37 PM
  3. i discovered how to screenshot on 2.0.2
    By seseberg in forum General
    Replies: 12
    Last Post: 08-28-2008, 06:18 PM
  4. [Information] Hacking is not Cracking Here
    By n350z in forum General
    Replies: 2
    Last Post: 03-23-2008, 04:10 PM
  5. Downgrade From 4.6 to 3.9 Discovered?
    By Kayser Sose in forum iPhone "2G" (Rev. 1)
    Replies: 15
    Last Post: 11-27-2007, 07:43 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Powered by vBulletin®
Copyright © 2014 vBulletin Solutions, Inc. All rights reserved.
Search Engine Friendly URLs by vBSEO
(c) 2006-2012 Hackint0sh.org
All times are GMT +2. The time now is 09:28 AM.
twitter, follow us!