Page 1 of 2 12 LastLast
Results 1 to 10 of 15
Discuss My Efforts on 1.1.1 at the iPhone "2G" (Rev. 1) - Hackint0sh.org; I have started an effort of trying my luck at cracking 1.1.1. First let me ...
  1. #1
    Senior Professional Array

    Join Date
    Sep 2007
    Posts
    159
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    14

    Default My Efforts on 1.1.1

    I have started an effort of trying my luck at cracking 1.1.1. First let me start out by explianing what I KNOW about this process.

    Fact: The new firmware is encrypted

    Fact: The new firmware can only be accessed and managed by the new iTunes 7.4 (released along side the 1.1.1 firmware)

    Fact: iTunes CAN sync with this new firmware so it must have a method for getting into the phone and managing files, contacts, book marks etc........ the only way it can do this theoretically is either through a sync server running on the phone AND/OR via root access to the file system

    FACT: iTunes has to have the key in it, to manage the phone.......

    Theory: Decompile iTunes, and figure out what its doing so we can utilize the same method to get in, and jailbreak it.

    This is my initial thoughts on the idea anyone else interested can pm me or watch here for updates and what i learn along the way.



  2. #2
    Newbie Array

    Join Date
    Oct 2007
    Posts
    1
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    0

    Default

    Hi,

    If iTune need not go online to activate iphone then the key should be inside iTune. Else, your assumption is wrong and the actual key can be computed from apple server.

  3. #3
    Senior Professional Array

    Join Date
    Sep 2007
    Posts
    159
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    14

    Default

    you may be right, however a packet sniffer or monitor app should flush out the data needed. The we could figure out how that key is generated, and write our own. I still belive iTunes is the key to getting in.

  4. #4
    Senior Professional Array

    Join Date
    Sep 2007
    Posts
    159
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    14

    Default

    So after going through itunesmobilesync.dlll i found some references to the Activation of 1.1.1, references to the NOR, and references to updating the baseband. This leads me to conclude that iTunes has root access to the file system, and dosent proxy in and run a sync tool.

  5. #5
    Senior Professional Array skanero's Avatar

    Join Date
    Aug 2007
    Location
    Chile
    Posts
    252
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    19

    Default

    keep up the good work dude!
    Ci3 iMac - C2D Alum MacBook
    iPhone 4 (iOS 5)
    Currently studying engineering and developing iOS apps
    "Think or Drink" iOS Drinking Game: http://itunes.apple.com/us/app/think...4196?l=es&mt=8


  6. #6
    Amazingly Knowledgeable Array carlosvaldosta's Avatar

    Join Date
    Sep 2007
    Posts
    763
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    46

    Default

    Interesting. The question that i have, is since itunes has root access, and obviously has acess to updating the bb and modem firmware, then it would make sense that if we could write a hacked version of 1.1.1(and trick itunes into thinking its real?) then have itunes restore the hacked version onto the iphone, we could do whateveer we want.

  7. #7
    Newbie Array

    Join Date
    Sep 2007
    Posts
    7
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    0

    Default

    Can you find the same references in the old (itunes 7.3...) versions of the dll? for other version firmware of course
    Last edited by EnderQ; 10-05-2007 at 05:51 PM.

  8. #8
    Senior Professional Array

    Join Date
    Sep 2007
    Posts
    159
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    14

    Default

    Correct. A hacked version of the firmware would be awesome. This effort may also help the dev team in figuring out the encryption used on the DMG files, as iTunes I would bet also has to decrypt the firmware prior to sending it through the pipe.

  9. #9
    Amazingly Knowledgeable Array carlosvaldosta's Avatar

    Join Date
    Sep 2007
    Posts
    763
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    46

    Default

    Huh.... i am having PSP flashbacks again ;P

    Another idea... Technically if you unlocked a 1.0.2 phone, then upgrade to 1.1.1 it is still unlocked, just really needs to be jailbroken right? I bet when someone decrypts either 1.1.1 or rev itunes 7.4.3, someone could compile a "fake itunes" to activate a upgraded iphone.
    Last edited by carlosvaldosta; 10-05-2007 at 05:58 PM.

  10. #10
    peu
    peu is offline
    Respected Professional Array peu's Avatar

    Join Date
    Aug 2007
    Location
    Buenos Aires Argentina (I like ribs)
    Posts
    501
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    34

    Default

    I hope to be wrong, but I think itunes just serves the phone with an encrypted package, the decrypt software, almost for sure embedded in hardware, decrypts it using the also stored in hardware secret key, and if it checksums OK aplies all the changes inside the phone, without itunes doing anything, maybe just an after process checkup.

    cheers

    5>evaders>JB 6.12
    4S>5.01>>5.11>redsnow>JB 5.1.1
    4>Limera1n B1>4.3.2>IOS5 GM>redsnow>JB 5.0
    3GS>blackra1n RC3>3.1.2>Spirit>Unlock 3.1.2>Jailbreakme.com>Ultrasn0w 2.0>JB 4.01
    3G>redsn0w 0.72>ultrasn0w>Unlock 3.0>pwnage 3.14>JB 3.1.2
    2G>hardware unlock>elite-team virginizer>upgrade to 1.1.1>toc2rta JB>anysim 1.1>unlock 1.1.1>Restored to 1.1.3>Ziphone 2.2>Unlock 1.1.3>Modified Ziphone>iClarified unlock patch>Unlocked 1.1.4>QuickPWN>2.0.2>2.1>2.2>2.2.1>redsn0w 0.71>JB 3.0


 

 
Page 1 of 2 12 LastLast

Similar Threads

  1. MacNN: iPhone 3.1.3 undoes jailbreaking, unlocking efforts
    By hackint0sh in forum Latest Headlines
    Replies: 0
    Last Post: 02-02-2010, 11:50 PM
  2. MacNN: iPhone 3.1.3 undoes most jailbreaking, unlocking efforts
    By hackint0sh in forum Latest Headlines
    Replies: 0
    Last Post: 02-02-2010, 11:10 PM
  3. MacNN: Apple ceases efforts to bring ZFS support to Mac OS X
    By hackint0sh in forum Latest Headlines
    Replies: 0
    Last Post: 10-23-2009, 10:50 PM
  4. MacNN: Apple spends $390,000 on Q2 lobbying efforts
    By hackint0sh in forum Latest Headlines
    Replies: 0
    Last Post: 08-24-2009, 07:10 PM
  5. MacNN: Comcast going local in web jam clearing efforts
    By hackint0sh in forum Latest Headlines
    Replies: 0
    Last Post: 06-04-2008, 11:40 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Powered by vBulletin®
Copyright © 2014 vBulletin Solutions, Inc. All rights reserved.
Search Engine Friendly URLs by vBSEO
(c) 2006-2012 Hackint0sh.org
All times are GMT +2. The time now is 08:35 AM.
twitter, follow us!