Results 1 to 7 of 7
Discuss Entering the stream at the Redsn0w - Hackint0sh.org; Admittedly, I haven't read as much as normally would, but I'm looking for some pointers ...
  1. #1
    Newbie Array

    Join Date
    Mar 2011
    Posts
    4
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    0

    Default Entering the stream

    Admittedly, I haven't read as much as normally would, but I'm looking for some pointers to get me going.

    I'm working with an iPhone 3G (Model MB048LL), running a completely stock iOS version 4.0 (8A293), and reporting a Modem Firmware of 05.13.04. This phone has never been jailbroken before.

    I don't currently have a valid AT&T SIM to work with, and I've yet to sync it with iTunes.

    My end goal is to experiment some with the different versions of iOS available, and to unlock the phone to use with a different carrier. A longer term goal is to poke around the internals some more, disassemble some of the key parts, and learn a bit more about what's going on under the hood, as well as how the various tools work.

    Here's what I think I've gleaned thus far.

    If I'm comfortable running iOS 4.2.1 on the phone (as opposed to 3.x for speed), then I need not worry about saving my SHSH (as 4.2.1 appears to be the last release for the 3G HW). It seems that the untethered jailbreak is far more convenient, but I'm unclear as to which tools support that. I'm also a bit unclear as to the baseband/modem versions and how those factor in (it appears that certain modern basebands have no hacks/vulnerabilities, and one may need to crate a custom iOS upgrade [ipsw] image to pair an older/vulnerable baseband with newer software?).

    Understanding that I need to crawl before I walk, and walk before I run, any pointers would be appreciated.



  2. #2
    Super Moderator Array Olethros's Avatar

    Join Date
    Sep 2007
    Location
    Norway
    Posts
    8,360
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    439

    Default

    Quick answer:

    Greepois0n, pwnagetool 4.2 (and the not recommended sn0wbreeze) all include the feedface untethered exploit for 4.2.1

    You need to use 4.2.1 custom IPSW (via pwnagetool 4.2) to prevent baseband update, otherwise there is no way to downgrade the baseband again.

    On iOS 4.0, you can use redsn0w or pwnagetool to jailbreak and hacktivate (you need to either hacktivate or find a way to legit activate)
    Please read the stickies & search forum before posting!
    How to report an iTunes restore/update fail in a useful manner
    -

    iPad 3G 64GB (4.3.3, Redsn0w) oldest SHSH 3.2.2
    iPhone 4 32GB (4.2.1, Redsn0w JB-monte) oldest SHSH 4.1
    iPhone 3GS 32GB (4.3.3; Pwnagetool) factory unlocked oldest SHSH 3.1
    iPhone 8GB (3.1.3; Pwnagetool) AT&T Locked - Unlocked with bootneuter

    -
    Did we solve your problem? Got a dollar or two spare ? Donate!

  3. #3
    Newbie Array

    Join Date
    Mar 2011
    Posts
    4
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    0

    Default

    Thanks, Olethros.

    Upgrading with a stock 4.2.1 includes a newer Baseband version, for which there is no way to rolled back (downgrade). Got it. Using pwnagetool, one can create a custom ipsw that includes the 4.2.1 iOS but an older version of baseband (or perhaps does not update the baseband at all).

    I presume that the newest baseband does not have an unlock hack (yet)? Perhaps this is where one can upgrade to the 06.15.00 (from the iPad2), which is exploitable/unlockable?

    First step it to do the simple redsn0w/pwnagetool JB on 4.0 and have a look around.

    Is there anywhere that describes how the hacks work a bit further? i.e., descriptions of the different security checks and the order in which they work?

  4. #4
    Super Moderator Array Olethros's Avatar

    Join Date
    Sep 2007
    Location
    Norway
    Posts
    8,360
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    439

    Default

    Pwnagetool custom IPSW doesn't update the baseband at all. This part of Apple's restore/upgrade script is skipped.

    There are no unlocks for recent 3G or 3GS basebands (any version higher than 05.13.04)

    The iPad baseband can be loaded onto the 3G or 3GS, and can then be unlocked, but this is not recommended. It can't be reversed and can cause other problems.

    Safest option is to stay with 05.13.04 via custom IPSW
    Please read the stickies & search forum before posting!
    How to report an iTunes restore/update fail in a useful manner
    -

    iPad 3G 64GB (4.3.3, Redsn0w) oldest SHSH 3.2.2
    iPhone 4 32GB (4.2.1, Redsn0w JB-monte) oldest SHSH 4.1
    iPhone 3GS 32GB (4.3.3; Pwnagetool) factory unlocked oldest SHSH 3.1
    iPhone 8GB (3.1.3; Pwnagetool) AT&T Locked - Unlocked with bootneuter

    -
    Did we solve your problem? Got a dollar or two spare ? Donate!

  5. #5
    Newbie Array

    Join Date
    Mar 2011
    Posts
    4
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    0

    Default

    Thanks, that all makes sense and matches what else I've read.

    The redsn0w jailbreak and subsequent cydia package installs and ultrasn0w unlock all worked without a hitch.

    One additional point: the only way to upgrade iOS from 4.0 to 4.2.1 is through iTunes, is that correct?

    I would have thought that with a jailbreak in place, that it might be possible to upgrade without iTunes, but evidently, that's not the case (which would lead me to believe that the upgrade process relies upon bootloader code that isn't completely broken)?


  6. #6
    Super Moderator Array Olethros's Avatar

    Join Date
    Sep 2007
    Location
    Norway
    Posts
    8,360
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    439

    Default

    You have an incorrect understanding of the upgrade process. From iOS 1.1 onwards it is the iPhone that actually drives the upgrade, all iTunes really does is merge the SHSH with the IPSW and send this to the iPhone and then the iPhone takes over and actually runs the upgrade or restore.

    While the iPhone is running the restore/upgrade, it is booted from a ramdisk that is included in the ipsw. So your existing jailbroken iOS isn't active at all.

    There are at least two tools written by members of the jailbreak scene that can replace iTunes for restore/update. They aren't ready for the average user yet (maybe in a few months)
    Please read the stickies & search forum before posting!
    How to report an iTunes restore/update fail in a useful manner
    -

    iPad 3G 64GB (4.3.3, Redsn0w) oldest SHSH 3.2.2
    iPhone 4 32GB (4.2.1, Redsn0w JB-monte) oldest SHSH 4.1
    iPhone 3GS 32GB (4.3.3; Pwnagetool) factory unlocked oldest SHSH 3.1
    iPhone 8GB (3.1.3; Pwnagetool) AT&T Locked - Unlocked with bootneuter

    -
    Did we solve your problem? Got a dollar or two spare ? Donate!

  7. #7
    Newbie Array

    Join Date
    Mar 2011
    Posts
    4
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    0

    Default

    Thanks. Found this website with some of the details I was looking for: http://www.theiphonewiki.com/wiki/in...?title=S5L8900 Seems to have boot chain and exploits detailed.

    Looks like I've more reading to do.
    Last edited by superCG; 03-15-2011 at 12:40 AM. Reason: found more info.

 

 

Similar Threads

  1. Problems when entering recovery mode
    By dapper21 in forum iPhone "2G" (Rev. 1)
    Replies: 1
    Last Post: 07-25-2008, 05:43 PM
  2. Replies: 8
    Last Post: 10-23-2007, 10:45 PM
  3. Sam & Dev Team Unlocking by just entering code??
    By jpuma1616 in forum General
    Replies: 0
    Last Post: 09-17-2007, 12:35 AM
  4. Problem entering recovery mode...
    By gmoney10111 in forum General
    Replies: 3
    Last Post: 08-26-2007, 03:43 PM
  5. AT&T unlock iPhone with entering codes?
    By jowo in forum General
    Replies: 9
    Last Post: 08-03-2007, 12:06 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Powered by vBulletin®
Copyright © 2014 vBulletin Solutions, Inc. All rights reserved.
Search Engine Friendly URLs by vBSEO
(c) 2006-2012 Hackint0sh.org
All times are GMT +2. The time now is 03:19 AM.
twitter, follow us!