Results 1 to 2 of 2
Discuss Decrypting the 2.1 ramdisk? at the iPhone 3G - Hackint0sh.org; As you can see in my other threads I have some baseband problems. What ever ...
  1. #1
    Newbie Array

    Join Date
    Jan 2010
    Posts
    7
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    0

    Default Decrypting the 2.1 ramdisk?

    As you can see in my other threads I have some baseband problems. What ever method I use to try and reflash it always fails at "Sending security block..." It times out and after a few retries it gives up.

    I'm on 5.9 so I can't downgrade. But I don't really want to downgrade, I just want to reflash! Also it says "Modem firmware: 2.11.07" so I should still be able to upgrade, but that also fails. I thought I'd try BBUpdaterExtreme with 2.11.07 (fw2.1) but I'm having some troubles getting the required 2.11.07 .eep and .fls files.

    They're supposed to be inside the 2.1 ramdisk? Which I'm guessing is 018-4118-1.dmg? But I can't manage to extract them! I've tried every method I could find so now the only option remaining is asking for help. What's the procedure for decrtypting and then extracting the .eep and .fls files?

    I've got keys from the iphonewiki and xpwntool. It seems to run fine under win7 but I can't mount the resulting decrypted ramdisk. I've tried a bunch of applications to mount it so I'm pretty sure there's something wrong with the decrypted ramdisk.

    I've also tried xpwntool och img3decrypt under VMware OSX but I'm having some issues with the dependencies. I also have working vfdecrypt, cygwin, etc. and would be willing to get what ever else tools that might help.

    If anyone has ever managed to decrypt a ramdisk from a firmware above 2.0, please share the procedure!



  2. #2
    Super Moderator Array Olethros's Avatar

    Join Date
    Sep 2007
    Location
    Norway
    Posts
    8,360
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    439

    Default

    I just did it on Windows 7 - you have the wrong keys

    for example - the update ramdisk 018-4118-1.dmg has these keys. Decrypt with xpwntool.

    IV 4b9a4d90965381c1fec08922f7242644
    Key d77bd81b9d1adc01fe540eecd885547b

    procedure: look at http://www.hackint0sh.org/f203/90394-2.htm#post455536

    This time around, I ran xpwntool on windows, and HFS explorer to extract the required files out of the DMG

    I also got the correct keys out of pwnagetool 2.1's firmware bundles via HFS Explorer.

    About the reloading: you know that the 3G baseband bootloader only allows upgrade, not reload of the same baseband version. That is one of the differences compared to the 2G baseband bootloader.
    Please read the stickies & search forum before posting!
    How to report an iTunes restore/update fail in a useful manner
    -

    iPad 3G 64GB (4.3.3, Redsn0w) oldest SHSH 3.2.2
    iPhone 4 32GB (4.2.1, Redsn0w JB-monte) oldest SHSH 4.1
    iPhone 3GS 32GB (4.3.3; Pwnagetool) factory unlocked oldest SHSH 3.1
    iPhone 8GB (3.1.3; Pwnagetool) AT&T Locked - Unlocked with bootneuter

    -
    Did we solve your problem? Got a dollar or two spare ? Donate!

 

 

Similar Threads

  1. decrypting 018-6482-014.dmg
    By cpc691 in forum iOS 3.x (iPhone OS 3.x)
    Replies: 1
    Last Post: 02-16-2010, 05:46 AM
  2. Decrypting fs.dmg in firmware 3.1
    By CurveBall in forum iOS 3.x (iPhone OS 3.x)
    Replies: 2
    Last Post: 10-04-2009, 07:59 PM
  3. Decrypting dmg file from ipsw on 2.2.1
    By toughmarketing in forum General
    Replies: 1
    Last Post: 06-18-2009, 02:36 AM
  4. Decrypting Firmware
    By Twisty iphoney in forum General
    Replies: 0
    Last Post: 11-14-2007, 04:46 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Powered by vBulletin®
Copyright © 2014 vBulletin Solutions, Inc. All rights reserved.
Search Engine Friendly URLs by vBSEO
(c) 2006-2012 Hackint0sh.org
All times are GMT +2. The time now is 12:18 PM.
twitter, follow us!