good work JD! On 9/11/07, JD <[EMAIL PROTECTED]> wrote: > > I did some searches about the iPhone encryption, I will try to sum up > what i found/understand (don't check everything by myself so don't be rude > if I miss something :D). > > First of all the iPhone CPU seems to be an ARM, manufactured by Samsung. > (I can't find the exact ARM ID number) > And some hardware (like the mp3 part) is the same as nano. > http://iphone.fiveforty.net/wiki/index.php/IPhone_Hardware_Facts > http://www.eetimes.com/news/design/showArticle.jhtml?articleID=200001811 > > So there is no *big* hardware clues for the iPhone encryption system to be > different from the nano one. > > Now let's take a look at how they decrypted the firmware: > > The first thing they did is to mount the iPhone system files. > They proceed the same way as we do with our nano: > - Download the .ipsw file from Apple servers. > - Unpack .ipsw to get the system files. > (the .ipsw contains some .dmg files : system files in -38.dmg and > firmware in -39.dmg) > - Mount it in a *n*x OS. > > http://iphone.fiveforty.net/wiki/index.php/Decrypt_Firmware > > If you want to take a look at the iPhone file system (but hate > rapidshare): > http://www.enseirb.fr/~brossill/in2g/ramdisk.tgz > http://www.enseirb.fr/~brossill/in2g/llr.txt > > Then they run strings (http://unixhelp.ed.ac.uk/CGI/man-cgi?strings) > on /usr/sbin/asr (a Mach-O binary). > What is asr ? Nobody says but when we take a look on strings result : > http://www.enseirb.fr/~brossill/in2g/strings.asr.txt > > we found: > http://www.enseirb.fr/~brossill/in2g/help.asr.txt > > So asr seems to deal with partitions, disk images and probably iPhone > system restoration > (some error messages warn about server connection and related things). > > But the most interesting is a 72 characters long string (by string I > mean ASCII) : > > $ strings asr > ... > [EMAIL PROTECTED] > 1K[A0Di > 28c909fc6d322fa18940f03279d70880e59a4507998347c70d5b8ca7ef090ecccc15e82d > K[A0" > [EMAIL PROTECTED]@ > ... > > The first time I heard about that string I was really skeptic, but > it's truly strange ;) > (For those who still doesn't have a cyber-brain: a 72 characters group > in a binary MUST mean something) > > Then they use a version of vfdecrypt (a Mac OSX software for OSX disk > images encryption) > where the input method was changed (two private AES and SHA-1 HMAC > keys instead of 3DES-EDE passphrase). > (HMAC ? 3DES-EDE ? Heeeeelp... ;)) > > http://landonf.bikemonkey.org/static/iphone/vfdecrypt-iphone.tar.gz > > They simply use the 72 char string as a password, put the encrypted > firmware partition in, and... **SHAZAM** > a decrypted iPhone firmware pop out of the hat. ;) > > Facts : > - The iPhone firmware is encrypted with a standard Mac OS X tool for > OS X disk images encryption. > - The key is located in a software which seems to be used to manage > disk restoration. > > I really think our nano 2g is encrypted with the same > tool/algorithms... But as you probably notice they didn't > get the key from the software which decrypt the iPhone firmware before > the OS launch but from the restoration > software. > > The question is : can we confirm that our encrypted firmwares are > encrypted with this method ? > > JD. > > http://iphone.fiveforty.net/wiki/index.php/Main_Page > http://landonf.bikemonkey.org/code/iphone > > _______________________________________________ > Linux4nano-dev mailing list > Linux4nano-dev@gna.org > https://mail.gna.org/listinfo/linux4nano-dev > http://www.linux4nano.org >
-- We explore... and you call us criminals. We seek after knowledge... and you call us criminals. We exist without skin color, without nationality, without religious bias... and you call us criminals. You build atomic bombs, you wage wars, you murder, cheat, and lie to us and try to make us believe it's for our own good... ....yet we're the criminals. ____________WAUSHARE ROX ______________ Join the dark side we've got cheese Annoying people since 1992 If you hate me, I love you too. It ain't my fault I'm better than you Save Water, Drink Beer God Made Women First, Then He Had A Better Idea. If Barbie is soo popular...how come you have to buy her friends? Don't play stupid with me... I'm better at it! You were so cute when you were a baby...What happened? My folks were always asking me to wear underpants. What am I, the pope? I'm calling the police!... Right after I flush some tings. Join the army, see the world, meet interesting people, and kill them.
_______________________________________________ Linux4nano-dev mailing list Linux4nano-dev@gna.org https://mail.gna.org/listinfo/linux4nano-dev http://www.linux4nano.org
