Discuss [XPwn] Can not Jailbreak ? at the PwnageTool - Hackint0sh.org; I upgraded my iphone from 1.1.3 to 1.1.4 prior to using Xpwn. I downloaded iphone ...
[XPwn] Can not Jailbreak ?
I upgraded my iphone from 1.1.3 to 1.1.4 prior to using Xpwn. I downloaded iphone 1.1.4 ipsw and ran ./ipsw and received no errors.
#./ipsw iPhone1,1_1.1.4_4A102_Restore.ipsw custom.ipsw -e "Phone Activation" bundles/Installer.bundle/files
I then renamed the custom.ipsw to the iPhone1.1.4 .ipsw name and ran ./xpwn with the custom ipsw, it will not flash my 1.1.4 iphone. This is the output I receive:
. . . Connecting
. . . Loading IPSW
Hashing IPSW. . .
Matching IPSW. . .
error: cannot load IPSW file
However, if I execute an unmodified iphone 1.1.4 ipsw, it executes fine and flashes my iphone. So I am thinking the problem either lies with me or the ipsw.
I am running Ubuntu 8.04, my iPhone is already activated, youtube is already activated on my phone.
Any help will be appreciated! Thank you
Perhaps the documentation is unclear. XPwn generates the IPSWs and prepares the iPhone to accept custom IPSWs. It cannot actually duplicate the procedure iTunes uses to restore the phone. That requires reverse engineering the iPhone's usbmux protocol as well as the high level restore protocol, which we do not have yet.
It's probably clear to anyone familiar with PwnageTool in general, but not clear to people who are not already familiar with how it's supposed to work.
As such, xpwn takes in as an argument the unmodified 1.1.4 restore IPSW. Please read the README for why it needs it.
Here's a brief overview of what ought to occur: You use xpwn on your phone, which lets you restore with custom ipsws later. You use "ipsw" to generate an ipsw. Then you boot Windows or OS X and use iTunes to restore with the ipsw you built. Yes, I know. Somebody is working on reversing the protocol. Go hassle "bushing".
Last edited by planetbeing; 06-18-2008 at 02:17 AM.
Ah, that make sense. With the release of Wine 1.0, do you think it is possible to hook xpwn through wine and run the windows flash utility? It looks like xpwn already listens for the iphone. So I imagine by saying to wine, "Hey, this the iphone," and Wine says, "Hey this the flash program," it might work... But I don't know anything about reverse engineering.
When I saw this released, I got all excited because I don't want to keep walking into an Apple Store. So you already got one guy willing to try it on his iphone ;-) using Linux.
It's not that we need Windows, it's just that we need iTunes. Here's how iTunes communicates with the iPhone:
There's a kernel driver that gets loaded into either the Windows kernel or OS X kernel. This kernel communicates with something called the iTunes Mobile Device dll or framework on the userland side of things. Apple then uses the iTunes Mobile Device framework to do restore, sync'ing, etc. Applications like iphuc use the userland framework to communicate with the iPhone.
iTunes is not going to work with wine because the critical piece, the kernel driver, naturally cannot be loaded with wine into the Linux kernel.
xpwn uses libibooter, which talks to the iPhone without Apple's kernel driver (we use libusb, which basically allows userland programs to act as USB drivers, sort of analogous to FUSE). However, we only know the iPhone's recovery protocol, which is simple compared to the normal iTunes protocol. The normal iTunes protocol is complex, and uses SSL to encrypt the data. Since we control both endpoints, it's not really going to stop us from reversing it, but it makes it kind of annoying.
I always wanted to reverse the usbmux protocol (as we call it), but my time is being sucked up by iPhone Linux, so that's on hold. Once we have that, we can attack the problem from another angle entirely. cmw's idea is to just write NAND flash directly, bypassing the whole IPSW rigmarole. We have a ways to go before that can happen however.
Anyway, I apologize for not being able to do restores without iTunes yet. The primary goal was originally to allow users without access to a Mac to use pwnage, but now that it has become an ideological thing, we suddenly have to do a lot more work to be entirely proprietary-free.
Yeah, it would be cool if we could do the restore without Windows.
I use primarly Linux, and when I want to do the restore, I must go to my parents box, install iTunes there (which is deletet by them immediately when noticed) and do the restore. I've tried to do this in virtual machine, but VMWare nor VirtualBox doesn't support iPhone fully (VMWare lately detects it and allows to sync, but restore always fails).
So please please please, find some time for this task *kitty eyes*.
It doesn't have to be on top of normal iTunes protocol, recovery / dfu protocol is sufficient I guess.
Last edited by M4v3R; 06-19-2008 at 10:22 AM.
Haha, we don't actually have a say in the matter, you know. Here's how it breaks down:
Originally Posted by M4v3R
USB -> iBoot protocol (meaning, iBoot on top of USB): This is what we have.
USB -> usbmux -> SSL -> lockdownd -> MobileSync: This is what iTunes uses to sync music, etc.
USB -> usbmux -> SSL -> lockdownd -> restored: This is what iTunes uses to restore.
iBoot, by itself, cannot perform a restore. It merely boots the OS to take care of the actual software restore. In order to do iTunes style restores (i.e., with restored), we need to understand like. Four layers of protocol. I mean, it's probably not a huge problem, but someone needs to spend time that I haven't got looking at it.
If you want, I can provide you with a USB snoop log for a restore and you can work it out yourself.
Anyway, without "restored" (the d in lockdownd and restored stand for "daemon") we have to have our own code already running on the iPhone to do "restores" in our own way, and if we can do that, we must already have a jailbreak anyway so there's no need for it. Chicken and the egg, you know.
Hope this helps
Hope this helps:
apparently, itunes can now work under wine including iphone and ipod syncing...i have not tested this myself.
Cool. Should restore if it syncs, barring any problems with Wine handling the reconnection of USB devices. (iPhone has to connect and reconnect during restore).
Originally Posted by jtreanor
As planetbeing noted above, you cannot load a custom IPSW with the "xpwn" or "ipsw" binaries. The "xpwn" binary patches the signature checking so that any custom IPSW can be restored, but you need iTunes running in either Windows or Mac OS X in order to restore.
Originally Posted by trooper09
By ArB in forum iPhone "2G" (Rev. 1)
Last Post: 12-17-2008, 07:36 PM
By Xcelerate in forum PwnageTool
Last Post: 07-24-2008, 05:03 AM
By w32dabagle in forum PwnageTool
Last Post: 07-23-2008, 07:33 AM
By masterzorag in forum PwnageTool
Last Post: 05-27-2008, 04:57 PM