Page 2 of 2 FirstFirst 12
Results 11 to 17 of 17
Discuss some questions about iOS bootchain at the iOS 4.x (iPhone OS 4.x) - Hackint0sh.org; Originally Posted by Olethros As I said before, the kernel exploits find a way to ...
  1. #11
    Rookie Array

    Join Date
    Dec 2010
    Posts
    22
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    0

    Default

    Quote Originally Posted by Olethros View Post
    As I said before, the kernel exploits find a way to load (often by exploiting a flaw in loading resource that the kernel needs to load during boot)
    is that "Incomplete Codesign Exploit"? it was released in 3.1.3 and still working? why didnt Apple patch it?


  2. #12
    Super Moderator Array Olethros's Avatar

    Join Date
    Sep 2007
    Location
    Norway
    Posts
    8,360
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    439

    Default

    Quote Originally Posted by snakeninny View Post
    is that "Incomplete Codesign Exploit"? it was released in 3.1.3 and still working? why didnt Apple patch it?
    I think Apple actually added extra checks in IOS 4.1 to block some of the ways that "Incomplete Codesign" exploit can be used.
    Please read the stickies & search forum before posting!
    How to report an iTunes restore/update fail in a useful manner
    -

    iPad 3G 64GB (4.3.3, Redsn0w) oldest SHSH 3.2.2
    iPhone 4 32GB (4.2.1, Redsn0w JB-monte) oldest SHSH 4.1
    iPhone 3GS 32GB (4.3.3; Pwnagetool) factory unlocked oldest SHSH 3.1
    iPhone 8GB (3.1.3; Pwnagetool) AT&T Locked - Unlocked with bootneuter

    -
    Did we solve your problem? Got a dollar or two spare ? Donate!

  3. #13
    Rookie Array

    Join Date
    Dec 2010
    Posts
    22
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    0

    Default

    Quote Originally Posted by Olethros View Post
    I think Apple actually added extra checks in IOS 4.1 to block some of the ways that "Incomplete Codesign" exploit can be used.
    but according to theiphonewiki "Incomplete Codesign exploit" can still be achieved through "Initializers exploit" in post 4.0, right?

  4. #14
    Super Moderator Array Olethros's Avatar

    Join Date
    Sep 2007
    Location
    Norway
    Posts
    8,360
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    439

    Default

    Quote Originally Posted by snakeninny View Post
    but according to theiphonewiki "Incomplete Codesign exploit" can still be achieved through "Initializers exploit" in post 4.0, right?
    "In iOS 4.1, dyld does a range check on the interposition targets to make sure that a dylib only redirects symbols to its own code segments, preventing the use of this feature to control code flow"

    I'm interpreting this (and the fact that other exploits were used to jailbreak 4.1 and 4.2.1) to mean that this change blocks the ability to use "Incomplete Codesign exploit" to get code execution.
    Please read the stickies & search forum before posting!
    How to report an iTunes restore/update fail in a useful manner
    -

    iPad 3G 64GB (4.3.3, Redsn0w) oldest SHSH 3.2.2
    iPhone 4 32GB (4.2.1, Redsn0w JB-monte) oldest SHSH 4.1
    iPhone 3GS 32GB (4.3.3; Pwnagetool) factory unlocked oldest SHSH 3.1
    iPhone 8GB (3.1.3; Pwnagetool) AT&T Locked - Unlocked with bootneuter

    -
    Did we solve your problem? Got a dollar or two spare ? Donate!

  5. #15
    Rookie Array

    Join Date
    Dec 2010
    Posts
    22
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    0

    Default

    Quote Originally Posted by Olethros View Post
    "In iOS 4.1, dyld does a range check on the interposition targets to make sure that a dylib only redirects symbols to its own code segments, preventing the use of this feature to control code flow"

    I'm interpreting this (and the fact that other exploits were used to jailbreak 4.1 and 4.2.1) to mean that this change blocks the ability to use "Incomplete Codesign exploit" to get code execution.
    sure i saw this but according to theiphonewiki "initializer exploit" which suits post 4.1 is a part of "incomplete codesign exploit",right? or they wont appear in the same page


  6. #16
    Super Moderator Array Olethros's Avatar

    Join Date
    Sep 2007
    Location
    Norway
    Posts
    8,360
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    439

    Default

    Yeah reading more closely, i'd say that you are right. The original technique was blocked in 4.1 but other related techniques using the same "incomplete codesign exploit" have been used to get code execution on 4.1 and 4.2.1.

    Just to be clear, this family of exploits is just the starting point (code execution). After this other kernel exploits are required to actually patch the kernel.
    Please read the stickies & search forum before posting!
    How to report an iTunes restore/update fail in a useful manner
    -

    iPad 3G 64GB (4.3.3, Redsn0w) oldest SHSH 3.2.2
    iPhone 4 32GB (4.2.1, Redsn0w JB-monte) oldest SHSH 4.1
    iPhone 3GS 32GB (4.3.3; Pwnagetool) factory unlocked oldest SHSH 3.1
    iPhone 8GB (3.1.3; Pwnagetool) AT&T Locked - Unlocked with bootneuter

    -
    Did we solve your problem? Got a dollar or two spare ? Donate!

  7. #17
    Rookie Array

    Join Date
    Dec 2010
    Posts
    22
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    0

    Default

    sure! thanks!

 

 
Page 2 of 2 FirstFirst 12

Similar Threads

  1. Two Questions???
    By faisal_sherry in forum iPhone 3G
    Replies: 0
    Last Post: 10-17-2009, 01:44 PM
  2. Questions?
    By BlindSoul in forum Distributions
    Replies: 2
    Last Post: 03-25-2009, 02:53 PM
  3. [1.1.3 OTB UK] A few questions if you may
    By benmooe in forum iPhone "2G" (Rev. 1)
    Replies: 4
    Last Post: 02-06-2008, 07:21 AM
  4. I have some questions.
    By thewind27 in forum General
    Replies: 3
    Last Post: 12-06-2007, 05:22 AM
  5. Just a few Questions ?
    By jazzsond in forum iPhone "2G" (Rev. 1)
    Replies: 2
    Last Post: 11-23-2007, 10:37 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Powered by vBulletin®
Copyright © 2014 vBulletin Solutions, Inc. All rights reserved.
Search Engine Friendly URLs by vBSEO
(c) 2006-2012 Hackint0sh.org
All times are GMT +2. The time now is 09:54 PM.
twitter, follow us!