Results 1 to 5 of 5
Discuss XPwn, Linux at the PwnageTool - Hackint0sh.org; I've Pwn my 114 already fully functional with a linux box, here is the log: ...
  1. #1
    Advanced Array

    Join Date
    Sep 2007
    Posts
    38
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    0

    Default XPwn, Linux

    I've Pwn my 114 already fully functional with a linux box, here is the log:

    xpwn-build # ./xpwn 'iPhone1,1_1.1.4_4A102_Restore.ipsw'
    ... Connecting
    ... Loading IPSW
    loading: 022-3894-4.dmg (128495616)
    loading: 022-3896-4.dmg (18764938)
    loading: 022-3900-4.dmg (18764938)
    loading: Firmware/all_flash/all_flash.m68ap.production/applelogo.img2 (14474)
    loading: Firmware/all_flash/all_flash.m68ap.production/batterycharging.img2 (73866)
    loading: Firmware/all_flash/all_flash.m68ap.production/batterylow0.img2 (59530)
    loading: Firmware/all_flash/all_flash.m68ap.production/batterylow1.img2 (67722)
    loading: Firmware/all_flash/all_flash.m68ap.production/DeviceTree.m68ap.img2 (43146)
    loading: Firmware/all_flash/all_flash.m68ap.production/iBoot.m68ap.RELEASE.img2 (145546)
    loading: Firmware/all_flash/all_flash.m68ap.production/LLB.m68ap.RELEASE.img2 (51338)
    loading: Firmware/all_flash/all_flash.m68ap.production/manifest (175)
    loading: Firmware/all_flash/all_flash.m68ap.production/needservice.img2 (24714)
    loading: Firmware/all_flash/all_flash.m68ap.production/recoverymode.img2 (53386)
    loading: Firmware/dfu/iBEC.m68ap.RELEASE.dfu (103562)
    loading: Firmware/dfu/iBSS.m68ap.RELEASE.dfu (107658)
    loading: Firmware/dfu/WTF.s5l8900xall.RELEASE.dfu (9354)
    loading: kernelcache.release.s5l8900xrb (3356266)
    loading: Restore.plist (1603)
    ... Opening ramdisk
    ... Reading ramdisk
    ... Will send kernel at: kernelcache.release.s5l8900xrb
    ... Sending ramdisk
    Response: setenv filesize 0x80000
    ]
    ... Sending kernelcache
    Response: setenv filesize 0x33366a
    ]
    ... Clearing boot arguments
    Response: setenv boot-args ""
    ]
    ... Setting auto-reboot
    Response: setenv auto-boot true
    ]
    ... Saving environment
    Response: saveenv
    ]
    ... Setting up ramdisk
    Response: setenv boot-args "-v pmd0=0x09400000.0x80000 pmd1=0x8000000.0x8000000 rd=md0"
    ]
    ... Booting
    Disconnected. Please wait patiently until it has rebooted to the SpringBoard.
    If you get repeating 'bsd root' messages, it means the ramdisk somehow got corrupted in memory before it could be loaded
    xpwn-build #

    All went fine, i've see the phone saying: flashing the NOR... and it rebooted without losing any data, notice that i've not restored from iTunes

    I haven't try the ipsw builder, but it 'only' build a custom firmware that can be restored by a pwned phone via iTunes; the hacking part is done once by the xpwn executable
    Last edited by masterzorag; 05-13-2008 at 01:34 AM.



  2. #2
    Rookie Array

    Join Date
    Jan 2008
    Posts
    20
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    0

    Default

    Can you make a tutorial? o something like that : O

  3. #3
    Advanced Array

    Join Date
    Sep 2007
    Posts
    38
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    0

    Default

    Quote Originally Posted by Lilbebo View Post
    Can you make a tutorial? o something like that : O
    Extract xpwn.tar.bz2, by default it creates one named xpwn-build
    Place iPhone1,1_1.1.4_4A102_Restore.ipsw in the same folder, xpwn-build
    Open a terminal: xterm, aterm, konsole... one of those and cd into xpwn-build:
    # cd /path/to/xpwn-build

    You see the command prompt
    xpwn-build #

    Put in restore mode and type:
    ./xpwn 'iPhone1,1_1.1.4_4A102_Restore.ipsw'

    Done!

  4. #4
    Advanced Array

    Join Date
    Dec 2007
    Location
    Mexico City
    Posts
    34
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    0

    Default

    how about the usage of ./ipsw ?

    have you tried?

  5. #5
    Advanced Array

    Join Date
    Sep 2007
    Posts
    38
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    0

    Default

    Quote Originally Posted by rgallego View Post
    how about the usage of ./ipsw ?

    have you tried?
    Placing bl39.bin and bl46.bin into xpwn-build, custom ipsw generated succesfully!

    xpwn-build# ./ipsw iPhone1,1_1.1.4_4A102_Restore.ipsw custom.ipsw \
    -unlock -3 bl39.bin -4 bl46.bin \
    bundles/Installer.bundle/files \
    bundles/BootNeuter.bundle/files \
    bundles/YoutubeActivation.bundle/files \
    bundles/BSDSubsystem.bundle/files


 

 

Similar Threads

  1. Replies: 0
    Last Post: 01-27-2010, 10:26 PM
  2. [Release] XPwn (experimental pwnage tool for Linux)
    By planetbeing in forum PwnageTool
    Replies: 33
    Last Post: 08-07-2008, 06:00 PM
  3. [Advice] Can i use XPwn 2.0 on a 1.1.3
    By w32dabagle in forum PwnageTool
    Replies: 0
    Last Post: 07-23-2008, 06:33 AM
  4. [XPwn] Can not Jailbreak ?
    By trooper09 in forum PwnageTool
    Replies: 8
    Last Post: 07-06-2008, 04:32 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Powered by vBulletin®
Copyright © 2014 vBulletin Solutions, Inc. All rights reserved.
Search Engine Friendly URLs by vBSEO
(c) 2006-2012 Hackint0sh.org
All times are GMT +2. The time now is 09:42 AM.
twitter, follow us!