Page 5 of 25 FirstFirst 123456789101112131415 ... LastLast
Results 41 to 50 of 243
Discuss Custom Carrier Bundle for iPhone Firmware 2.2.1 & PwnageTool/Quickpwn 2.2.5 (Mac&Win) at the PwnageTool - Hackint0sh.org; Hi Volkspost, you seem to be a real expert in the carrier bundles I wonder ...
  1. #41
    Professional Array

    Join Date
    Aug 2008
    Posts
    66
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    17

    Lightbulb

    Hi Volkspost, you seem to be a real expert in the carrier bundles

    I wonder if you had a chance to look into the carrier updates via iTunes that many people are seeing?
    Carrier updates are just small zip files with .ipcc extension, and they seem to contain exactly the same files that your carrier bundle generator produces.
    All the URLs are listed in http://itunes.com/version (just search for "ipcc").

    What is interesting though, how are they installed on non-jailbroken iPhones, since the partition they reside on is read-only?
    I think there must be a secondary location for the carrier bundles somewhere in /private/var/.

    I tried to create my own ipcc file, keeping the same directory structure as the originals (/Payload/my_carrier.bundle), and then installing it in iTunes by shift-update. However, after restarting the phone, the bundle was not installed, but the whole Payload directory ended up unpacked somewhere into ~/Media/.

    I hope we will discover a way to install carrier bundles via iTunes, because it's so much easier than ssh or re-pwning :hack:

    P.S. May I suggest a 3rd format for your bundle generator - .tar files compatible with XPwn? Tar files preserve access rights and symlinks, so startup script is not necessary.
    Last edited by blackboxxx; 08-19-2008 at 10:21 PM.


  2. #42
    iPhone Moderator Array

    Join Date
    Aug 2007
    Posts
    3,620
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    220

    Default

    Quote Originally Posted by blackboxxx View Post
    Hi Volkspost, you seem to be a real expert in the carrier bundles

    I wonder if you had a chance to look into the carrier updates via iTunes that many people are seeing?
    Carrier updates are just small zip files with .ipcc extension, and they seem to contain exactly the same files that your carrier bundle generator produces.
    All the URLs are listed in http://itunes.com/version (just search for "ipcc").

    What is interesting though, how are they installed on non-jailbroken iPhones, since the partition they reside on is read-only?
    I think there must be a secondary location for the carrier bundles somewhere in /private/var/.

    I tried to create my own ipcc file, keeping the same directory structure as the originals (/Payload/my_carrier.bundle), and then installing it in iTunes by shift-update. However, after restarting the phone, the bundle was not installed, but the whole Payload directory ended up unpacked somewhere into ~/Media/.

    I hope we will discover a way to install carrier bundles via iTunes, because it's so much easier than ssh or re-pwning :hack:

    P.S. May I suggest a 3rd format for your bundle generator - .tar files compatible with XPwn? Tar files preserve access rights and symlinks, so startup script is not necessary.
    Hi blackboxxx!
    Thx for your post. I have been seeing this format before, Apple is using it since FW 2.0. The ones you are referring to a next version to the ones we use now (just some different values). They are slightly different than the acualonce.

    I am investigating the mechanism for a few days now, dont understand it completely for now. installation must be a 2-way process. Besides getting the carrier bundle on the iPhone a symlink with the MCC/MNC has to be created. I do this with the script you are referring to. I still dont know how Apple does this with the bundles.

    Last not least: I tried to - fist manually - create custom carrier bundles as tar archives for use with Winpwn. Thats no problem so far. But same situation: i need to execute a script to check if the symlink is already there (for users of one of Apples partner carriers but on a non-iPhone plan), rename if there and create a new one.

    The Dev Team integrated a great mechanism into pwnageTool for Mac, I used a combination of a LaunchDaemon and a scrit. As far as I understand, that aint work on Windows.

    There is still a way to go. I really appreciate beeing pointed to that issue, will let you know as soon as I find out how Apple mamages to get this done.

    best,
    volkspost
    Read the stickies and search the forum before posting!
    If you want to become a Hackint0sh supporter click here
    ----------
    iPhone 4 factory unlocked, iOS 4.3.1, jailbroken
    iPad Wi-Fi + 3G (1G), iOS 4.3.1, jailbroken
    iPad 2

  3. #43
    Professional Array

    Join Date
    Mar 2008
    Posts
    83
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    12

    Default

    Actually I was able to create my own tar package for use with xpwn in windows. The tar needs to be created with correct permissions set on the files, when you create a tar on windows directly it doesnt run the LaunchDemon script at all because the permission are set to 777 instead of 775. So what I did was create a tar file directly on my iPhone. That way all the files had correct permissions. 775 for the script and 644 for all other files. Then feed that tar to xpwn and it worked like a charm. I am sure winpwn uses the same tars as xpwn.

    Great work on the Custom Carrier Bundle by the way. Highly appreciated.

  4. #44
    iPhone Moderator Array

    Join Date
    Aug 2007
    Posts
    3,620
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    220

    Default

    Quote Originally Posted by nathulal View Post
    Actually I was able to create my own tar package for use with xpwn in windows. The tar needs to be created with correct permissions set on the files, when you create a tar on windows directly it doesnt run the LaunchDemon script at all because the permission are set to 777 instead of 775. So what I did was create a tar file directly on my iPhone. That way all the files had correct permissions. 775 for the script and 644 for all other files. Then feed that tar to xpwn and it worked like a charm. I am sure winpwn uses the same tars as xpwn.

    Great work on the Custom Carrier Bundle by the way. Highly appreciated.
    Thanks for the hint I will give it a shot the next days!
    Read the stickies and search the forum before posting!
    If you want to become a Hackint0sh supporter click here
    ----------
    iPhone 4 factory unlocked, iOS 4.3.1, jailbroken
    iPad Wi-Fi + 3G (1G), iOS 4.3.1, jailbroken
    iPad 2

  5. #45
    Professional Array

    Join Date
    Aug 2008
    Posts
    66
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    17

    Default

    Quote Originally Posted by volkspost View Post
    Hi blackboxxx!
    Thx for your post. I have been seeing this format before, Apple is using it since FW 2.0. The ones you are referring to a next version to the ones we use now (just some different values). They are slightly different than the acualonce.

    I am investigating the mechanism for a few days now, dont understand it completely for now. installation must be a 2-way process. Besides getting the carrier bundle on the iPhone a symlink with the MCC/MNC has to be created. I do this with the script you are referring to. I still dont know how Apple does this with the bundles.

    Last not least: I tried to - fist manually - create custom carrier bundles as tar archives for use with Winpwn. Thats no problem so far. But same situation: i need to execute a script to check if the symlink is already there (for users of one of Apples partner carriers but on a non-iPhone plan), rename if there and create a new one.

    The Dev Team integrated a great mechanism into pwnageTool for Mac, I used a combination of a LaunchDaemon and a scrit. As far as I understand, that aint work on Windows.

    There is still a way to go. I really appreciate beeing pointed to that issue, will let you know as soon as I find out how Apple mamages to get this done.

    best,
    volkspost
    Thanks for your prompt reply!
    Just to clarify my suggestion about tar files, I think that once we use a tar bundle in the pwnage process, it becomes a "permanent" part of the firmware, so backing up previous symlink is not really needed. Besides, carrier bundles are not something that you change really often
    But then it's probably only my opinion because my carrier is not one of the supported (and probably will never be - it's Cytamobile-Vodafone Cyprus ). Anyway, even if the symlink already exists, it will be simply overwritten. For those people who use this method on one of the official carrier bundles you could simply display a big red warning that their original symlink will be replaced.

    As for the method of ipcc files installation, I think it happens pretty much the same way as the AppStore apps - i.e., with the help of a service running on the phone. I found some references to CarrierBundleInfo and PhoneCarrierBundleDownloadInstallAgent in iTunesMobileDevice.dll and iTunes.exe respectively, but no specific function responsible for the installation. Maybe someone from the Dev Team could have a look into this?
    Quote Originally Posted by nathulal View Post
    Actually I was able to create my own tar package for use with xpwn in windows. The tar needs to be created with correct permissions set on the files, when you create a tar on windows directly it doesnt run the LaunchDemon script at all because the permission are set to 777 instead of 775. So what I did was create a tar file directly on my iPhone. That way all the files had correct permissions. 775 for the script and 644 for all other files. Then feed that tar to xpwn and it worked like a charm. I am sure winpwn uses the same tars as xpwn.
    Nathulal, LaunchDaemon script is not really necessary.
    I successfully created and applied a tar file with my carrier bundle, symlink and a custom phone number template - all without even jailbreaking the phone!
    The only downside is that you can only do this on Linux or a Mac, as none of the tar programs on Windows seem to support symlinks, and they all set permissions to 777 which is not good.
    Last edited by blackboxxx; 08-20-2008 at 12:46 AM.


  6. #46
    Professional Array

    Join Date
    Mar 2008
    Posts
    83
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    12

    Default

    Quote Originally Posted by blackboxxx View Post
    Thanks for your prompt reply!
    Nathulal, LaunchDaemon script is not really necessary.
    I successfully created and applied a tar file with my carrier bundle, symlink and a custom phone number template - all without even jailbreaking the phone!
    The only downside is that you can only do this on Linux or a Mac, as none of the tar programs on Windows seem to support symlinks, and they all set permissions to 777 which is not good.
    Hmm, thats interesting, I was aware that windows tar programs set the permissions to 777 (that is why I created my tar on the iPhone itself to preserve the permissions), but I wasnt aware that you can add symlinks to a tar as well and that it will preserve it. Thats great to know. Since xpwn and winpwn support tar custom package I can just create a tar that includes the symlink and get rid of the launchdeamon. Thats great, I am going to try that. Thanks for the sharing you knowledge.

    On more careful reading I realized you mentioning you did it without jailbreaking. How did you do that? I thought you would need to jailbreak to get any kind of write access to the system partition.
    Last edited by nathulal; 08-20-2008 at 02:32 AM.

  7. #47
    Professional Array

    Join Date
    Aug 2008
    Posts
    66
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    17

    Default

    Quote Originally Posted by nathulal View Post
    On more careful reading I realized you mentioning you did it without jailbreaking. How did you do that? I thought you would need to jailbreak to get any kind of write access to the system partition.
    Jailbreak is needed to modify system partition on the phone. Nothing prevents you from modifying the filesystem image and flashing it (except for signature checking of course, but pwnage takes care of that ).
    Ipsw tool (part of XPwn) with an -e option skips certain steps of the pwnage process; -e "Filesystem Jailbreak" does not apply fstab and Services.plist patches, so the system partition remains read-only.
    Other filesystem modifications still occur, including activation, patching kernel etc.
    So in the end phone is pwned and activated, but not jailbroken.
    Last edited by blackboxxx; 08-20-2008 at 04:27 AM.

  8. #48
    Professional Array

    Join Date
    Mar 2008
    Posts
    83
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    12

    Default

    Quote Originally Posted by blackboxxx View Post
    Jailbreak is needed to modify system partition on the phone. Nothing prevents you from modifying the filesystem image and flashing it (except for signature checking of course, but pwnage takes care of that ).
    Ipsw tool (part of XPwn) with an -e option skips certain steps of the pwnage process; -e "Filesystem Jailbreak" does not apply fstab and Services.plist patches, so the system partition remains read-only.
    Other filesystem modifications still occur, including activation, patching kernel etc.
    So in the end phone is pwned and activated, but not jailbroken.
    Ahh didnt think it through. Thanks for pointing it out. Makes sense once you explained it ;-)

  9. #49
    iPhone Moderator Array

    Join Date
    Aug 2007
    Posts
    3,620
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    220

    Default

    One last comment on the tar generation. I do generate the complete bundle including the scripts, LaunchDaemen on the webserver. On my first tests I aswell got the tar working, the permissions "inside" keep clean.
    All of the installation work (on the automatic pwnage-use) is done on the iPhone by the iPhone-OS on the first start. The needed files are "in place" on the iPhone, the LaunchDeamon I create gets executed it starts a script that is sitting inside the bundle. The script creates the symlink then for the custom bundle already sitting in /System/Library/Carrier Bundles. If it's one of Apple's partner carriers, the existing symlink gets renamed to old_. I did this on request cause one user wanted to make sure an easy way back to factory setting.
    Last step the script does is deleting the LaunchDaemon and then self terminte.
    I looked into the way the dev team installs BootNeuter back at Pwnage for 1.1.4, it's pretty much the same way.
    Will try to get the Winpwn version working on weekend - will let you know.
    Read the stickies and search the forum before posting!
    If you want to become a Hackint0sh supporter click here
    ----------
    iPhone 4 factory unlocked, iOS 4.3.1, jailbroken
    iPad Wi-Fi + 3G (1G), iOS 4.3.1, jailbroken
    iPad 2

  10. #50
    Professional Array

    Join Date
    Sep 2007
    Posts
    52
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    9

    Default

    any changes required for the bundles to work with 2.0.2?


 

 

Similar Threads

  1. [1.1.3/1.1.4](all)[Tutorial] Create custom carrier bundle in a minute
    By volkspost in forum Genius Bar - HowTos, Guides and Tutorials
    Replies: 23
    Last Post: 11-20-2009, 10:24 PM
  2. Replies: 1
    Last Post: 09-23-2008, 01:56 PM
  3. MacNN: PwnageTool and QuickPwn jailbreak 2.1 firmware
    By hackint0sh in forum Latest Headlines
    Replies: 0
    Last Post: 09-15-2008, 05:30 PM
  4. Replies: 12
    Last Post: 05-14-2008, 08:27 AM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Powered by vBulletin®
Copyright © 2014 vBulletin Solutions, Inc. All rights reserved.
Search Engine Friendly URLs by vBSEO
(c) 2006-2012 Hackint0sh.org
All times are GMT +2. The time now is 06:46 AM.
twitter, follow us!