First off, really nice work on the PwnageTool. I can only imagine the number of hours that have gone into the reverse engineering effort...

Now, the issues I had with iPwner:

Tried about 3 times in a row and each time it would get past the boot log messages, screen would clear, tool would start, then I would get a message saying that /dev/disk0s1 couldn't be mounted (or something along those lines). After that, the phone would reboot with the regular Apple logo, and it wasn't Pwned.

On the fourth attempt, I finally saw messages saying that it was writing the images and whatnot, then the phone rebooted with the pineapple logo, a couple seconds later the spinner would start, get about 1/4 of the way around, then the phone would promptly reboot. Kept doing that over and over again. The only way I was able to save the phone was by putting it manually in DFU mode, and then restoring with iTunes (luckily it was my dev phone).

After restoring, I tried another time and finally everything worked (phone was Pwned). I just wanted to report all of the problems I had. I'm guessing all of these problems might be related to the RAM disk volatility issue.

Finally, a question about IPSW Builder:

Is it possible to install a custom IPSW file on a Pwned phone which hasn't been activated yet? iTunes doesn't seem to allow this, but perhaps there is a way I don't know about. If not, then technically doesn't PwnageTool require another tool to jailbreak/activate the phone? (I used iNdependence, of course)

Obviously it would be trivial to add this capability to the iPwner stage, but I'm just wondering if I'm missing something...

Thanks,
-- 0p

You could just put it in recovery mode then chose the restore file on a new phone.

/me slaps forehead. Thanks.

So then, theoretically, that could be something which Apple can block in the future (by having iTunes validate the .ipsw file before installing). However, then it would simply be a matter of patching iTunes (or creating a .ipsw installer app which mimics iTunes).

Yup, can't really see how Apple is going to get around this one... other than with future iPhones. Guess that could be one of the reasons why there's been a recent run on iPhones...

-- 0p

Quick question related to Independence!

Does removing the mobiledevice.framework and reinstalling itunes so that Independence works again after installing the SDK in anyway effect pwnage? Will it still work as it should?

And lastly - seeing as some people have problems getting restore mode - how about a button letting you put the phone into restore mode on Independence? Thanks!

Originally Posted by Spinstorm

Does removing the mobiledevice.framework and reinstalling itunes so that Independence works again after installing the SDK in anyway effect pwnage? Will it still work as it should?

It shouldn't affect pwnage at all. I'm assuming that pwnage works with the version of the MobileDevice framework which comes with iTunes given that most people don't have the SDK installed on their system.

And actually, you don't even need to reinstall iTunes completely. You can just right-click iTunes.mpkg, select "Show Package Contents", navigate to Contents/Resources, and then double-click AppleMobileDeviceSupport.pkg. Just make sure that you've actually deleted the MobileDevice.framework (or moved it out of the way) as it won't be overwritten (since the one which comes with the SDK is newer).

And lastly - seeing as some people have problems getting restore mode - how about a button letting you put the phone into restore mode on Independence? Thanks!

Funny thing... the MobileDevice function which iNdependence uses to put the phone in recovery mode is exactly the thing which is the cause of a lot of bugs. It doesn't always work (and often causes iNdependence to freeze up). So I could put in a button, but it isn't an ideal solution.

Anyways, I'll see what I can do...

-- 0p