Page 8 of 11 FirstFirst 1234567891011 LastLast
Results 71 to 80 of 105
Discuss IPSF reversing started any help ;) at the iPhone "2G" (Rev. 1) - Hackint0sh.org; Originally Posted by nautical i don't think that's right. that offset patch skips the ipsf ...
  1. #71
    mr_
    mr_ is offline
    Senior Professional Array

    Join Date
    Sep 2007
    Posts
    100
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    12

    Default

    Quote Originally Posted by nautical View Post
    i don't think that's right. that offset patch skips the ipsf activation server check. it returns "unlock error" because the binary knows it didn't connect to the server. however, it gives that error after it actually runs the unlock patch. it SHOULD return the at code of 5 after the unlock (unlocked) vs. 4 (unlocked and lockable) which geo's hardware method returns
    This would be very interesting if correct. If IPSF can be pathced to actually unlock as above, it probably means that the unlock token is either the same for all phones or computed locally.

    I always assumed that the unlock token would be computed remotely on a server based on the IMEI and/or serial number and then downloaded to the phone. However, in that case it would be strange if IPSF didn't check the IMEI against their database before computing the token. Perhaps ISPF has "discovered" a master-unlock-token, which could be there so that unlocking would still be possible if the IMEI/token-seed database was somehow lost. Or they have cracked the IMEI-to-token algorithm. In either case, disassembling the unlocking patch would tell us how IPSF unlocks the phone.

    IMO, it would be too risky for someone involved with Apple to have any part in this. More likely that these guys know the Infineon chip intimately, perhaps because they designed it into some other device... And they might thus know some of its vulnerabilities. All pure speculation, of course.


  2. #72
    The Computer Guy! Array compuguy1088's Avatar

    Join Date
    Sep 2007
    Location
    In the Sub-Basement of Solitude
    Posts
    112
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    0

    Default

    Quote Originally Posted by fastshadow View Post
    Having now seen IPSF for myself, I also think they have inside info from Apple. In fact I would not be surprised if IPSF was tacitly sponsored by Apple, through several layers, to provide them deniability.
    I doubt they would do that...there is no evidence of them being tied with IPSF.

  3. #73
    Advanced Array

    Join Date
    Sep 2007
    Posts
    34
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    0

    Default

    Hate to say this but it is a really mot point to crack iPSF right now. The unlock doesn't work on the newer baseband. So it is best just to wait for iPSF to come up with the next solution.

    I approached them awhile back and they said "no" to a site license typa thing, which I think sounds suspicious. They may need to do the "seed" thing...again keep in mind that they said that they unlock the iPhone the same way Apple would do...

  4. #74
    Senior Professional Array

    Join Date
    Jul 2007
    Posts
    195
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    16

    Default

    Well, to be fair, the IPSF solution does survive a baseband update (the phone remains unlocked). Whether it can actually run against the v1.1.1 baseband is another story entirely, of course, but then again nobody has really tried yet, since the native v1.1.1 firmware won't allow you to even install IPSF. I suppose you could downgrade a v1.1.1 phone to v1.0.2, which would leave the baseband firmware at the v1.1.1 level, and then run IPSF in that configuration, but nobody's tried it yet AFAIK.

    The point that is moot, however is that the v1.1.1 firmware won't take a non-AT&T SIM due to activation issues, so it's not of much use until somebody jailbreaks v1.1.1 or otherwise figures out a way to bypass or fake the iTunes activation process.

  5. #75
    Senior Professional Array

    Join Date
    Sep 2007
    Posts
    436
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    0

    Default

    Quote Originally Posted by jhollington View Post
    Well, to be fair, the IPSF solution does survive a baseband update (the phone remains unlocked). Whether it can actually run against the v1.1.1 baseband is another story entirely, of course, but then again nobody has really tried yet, since the native v1.1.1 firmware won't allow you to even install IPSF. I suppose you could downgrade a v1.1.1 phone to v1.0.2, which would leave the baseband firmware at the v1.1.1 level, and then run IPSF in that configuration, but nobody's tried it yet AFAIK.

    The point that is moot, however is that the v1.1.1 firmware won't take a non-AT&T SIM due to activation issues, so it's not of much use until somebody jailbreaks v1.1.1 or otherwise figures out a way to bypass or fake the iTunes activation process.
    I think that ipsf would actully be able to run on 1.1.1 coz we have seen that normally activated iphones ,are able to reinstall third party apps as before ,and we already know that ipsf works with the new firmware , so i believe , this is the right way to go, i'll try this tonight and see what it does with my phone (1.02 unlocked) first attempt- so i have 2 more tries b4 it reaches the '3' state.

    guys has anyone been able to bypass the server thing yet? or anyone even remotely know how to get along that

    thx
    Search before you post

    Alienware M15x

    iPhone 3GS 32Gb


  6. #76
    mr_
    mr_ is offline
    Senior Professional Array

    Join Date
    Sep 2007
    Posts
    100
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    12

    Default

    Quote Originally Posted by jhollington View Post
    Well, to be fair, the IPSF solution does survive a baseband update (the phone remains unlocked). Whether it can actually run against the v1.1.1 baseband is another story entirely, of course, but then again nobody has really tried yet, since the native v1.1.1 firmware won't allow you to even install IPSF. I suppose you could downgrade a v1.1.1 phone to v1.0.2, which would leave the baseband firmware at the v1.1.1 level, and then run IPSF in that configuration, but nobody's tried it yet AFAIK.

    The point that is moot, however is that the v1.1.1 firmware won't take a non-AT&T SIM due to activation issues, so it's not of much use until somebody jailbreaks v1.1.1 or otherwise figures out a way to bypass or fake the iTunes activation process.
    My understanding is that people report that IPSF fails to unlock 1.0.2 phones with 4.x baseband. Apparently the null version hole that allowed them to load anything they wanted to baseband has been plugged. Otherwise we would have a way to restore GSM/Edge to phones that were dev-unlocked and upgraded to 1.1.1. Plus it would show that 4.x baseband is hackable.

    Quote Originally Posted by i_max2k2 View Post
    I think that ipsf would actully be able to run on 1.1.1 coz we have seen that normally activated iphones ,are able to reinstall third party apps as before ,and we already know that ipsf works with the new firmware , so i believe , this is the right way to go, i'll try this tonight and see what it does with my phone (1.02 unlocked) first attempt- so i have 2 more tries b4 it reaches the '3' state.
    Wait, wait... Where did you hear that 3rd party apps are running on 1.1.1 phones? Maybe their files are still there, but afaik noone has been able to run one. We don't even know whether unsigned apps can run under 1.1.1. Please correct me if I am wrong here.

  7. #77
    Senior Professional Array

    Join Date
    Sep 2007
    Posts
    436
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    0

    Default

    Quote Originally Posted by mr_ View Post
    My understanding is that people report that IPSF fails to unlock 1.0.2 phones with 4.x baseband. Apparently the null version hole that allowed them to load anything they wanted to baseband has been plugged. Otherwise we would have a way to restore GSM/Edge to phones that were dev-unlocked and upgraded to 1.1.1. Plus it would show that 4.x baseband is hackable.



    Wait, wait... Where did you hear that 3rd party apps are running on 1.1.1 phones? Maybe their files are still there, but afaik noone has been able to run one. We don't even know whether unsigned apps can run under 1.1.1. Please correct me if I am wrong here.
    i think i read this on the forum somewhr, can some1 confirm this, anyone wit a legitimately activated phone running on 1.1.1,
    i'll try and find the link in the meantime
    my bad i thot i read somewhr tat we can install third party apps still
    sry
    Last edited by i_max2k2; 10-03-2007 at 03:51 AM.
    Search before you post

    Alienware M15x

    iPhone 3GS 32Gb

  8. #78
    iPhone DevTeam Array

    Join Date
    Aug 2007
    Location
    Always sunny Los Angeles, California
    Posts
    421
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    34

    Default

    Quote Originally Posted by mr_ View Post
    My understanding is that people report that IPSF fails to unlock 1.0.2 phones with 4.x baseband. Apparently the null version hole that allowed them to load anything they wanted to baseband has been plugged.
    IPSF still needs to write to the baseband address space (to do the version nullify), which requires a valid secpack. Their current bbsimfree program naively sends the 3.x secpack, which won't grant write access to the 4.x baseband address space. That's why IPSF fails in the situation you described.

  9. #79
    Rookie Array

    Join Date
    Sep 2007
    Posts
    27
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    0

    Default

    i used IPSF to unlock my phone and like an idiot upgraded to 1.1.1 but then when i downgraded back 1.0.2, my phone was still unlocked. i could make calls, receive them...everything

  10. #80
    iPhone DevTeam Array

    Join Date
    Aug 2007
    Location
    Always sunny Los Angeles, California
    Posts
    421
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    34

    Default

    If you had waited until after the downgrade to 1.0.2 to use your IPSF unlock for the first time, you would have found it wouldn't work (for the reason I mention above). So be thankful you did it in the order you did


 

 

Similar Threads

  1. 3G unlock reversing
    By sabxine in forum Yellowsn0w (3G unlock)
    Replies: 8
    Last Post: 04-27-2009, 02:56 AM
  2. [Pwnagetool] Help with reversing pwnage
    By d0b33 in forum PwnageTool
    Replies: 2
    Last Post: 08-07-2008, 06:58 PM
  3. [1.1.3] Reversing Geohot's IPSF
    By Random in forum iPhone "2G" (Rev. 1)
    Replies: 25
    Last Post: 04-15-2008, 07:31 PM
  4. Reversing 1.11 New Theoretical Approach - Trying it right now
    By kevinsolx in forum iPhone "2G" (Rev. 1)
    Replies: 5
    Last Post: 10-01-2007, 11:08 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Powered by vBulletin®
Copyright © 2014 vBulletin Solutions, Inc. All rights reserved.
Search Engine Friendly URLs by vBSEO
(c) 2006-2012 Hackint0sh.org
All times are GMT +2. The time now is 12:26 AM.
twitter, follow us!