Damn. Looks like we can rule out the game approach. We would need to crack the firmware to inject a modified game into the iPod, which in turn we need to crack that firmware. Apple seems to have been quite clever there.
Our last hope is JTAG :( Good luck, JD max schrieb: > I'll give you some infos in a personal mail. > > regards, > max > > > MsTiFtS schrieb: > >> You can install additional games on the classic, right? >> Have you already got any? >> If yes: >> - Rename the .ipg file to .zip and extract it. There should be a file >> named manifest.plist. can you mail me the contents of that? I need to >> know whether these are crypted, and if yes, whether that was already >> cracked, and how that crack works. >> - I doubt it will be easy to modify one, but I read somewhere that that >> certificate/signature stuff would have been cracked. >> If no: >> - Try to find a cracked one and test whether it works. If yes, send me a >> link to that one. >> >> The main problem is that there are checksums of the game storead all >> around, and the file with the checksum is protected against modification >> by that digital signature using that fairplay certificate. The usual way >> to crack this on 5G iPods was to hack the firmware to stop validating >> all that DRM stuff, but since the classic firmware is crypted, I think >> that's impossible. So one needs to somehow replace the executable while >> keeping its hash constant. (Well, I doubt that will work unless they >> used a really dumb hashing algorithm.) Another possibility is to modify >> the hashes in manifest.plist, but then you'll need to re-sign that file >> with the fairplay certificate, but to do that you'll need to get the >> private key of the certificate, and I doubt that somebody besides Apple >> knows that one. The last possibility would be to modify the public key >> against which that signature is validated, but that resides in the >> crypted firmware, bad luck :( >> >> While searching through the web I didn't find any cracked nano3g or >> classic games, probably for exactly these reasons. If there are one, >> they probably managaged to make the iPod think that game was correctly >> installed by iTunes by its legitimate owner using some other way, but I >> doubt that these cracking techniques could be used to modify game code. >> If you see some homebrew game for the classic/nano3g somewhere in the >> wild, please alert me, that will be the key to cracking firmware encryption. >> >> max schrieb: >> >>> I currently own a ipod classic, so you can ask me if you want to test >>> something. (Code should compile on linux/gcc[34]/amd64). >>> >>> regards, >>> max >>> >>> MsTiFtS schrieb: >>> >>> >>>> Injecting a firmware dumper game would be indeed the one and only way to >>>> get this thing cracked, if, and only if, they indeed used the same >>>> encryption for the games. Does someone of you own a nano 3g or a classic >>>> and/or a game for it? Have you tried breaking the game's encryption with >>>> badblox's tool? It would be pretty cool if that worked. Just quickly >>>> make a memory dumper game and run it on a classic or 3g nano and you're >>>> done, at least for these two models, but investigating their encryption >>>> would probably help cracking the 2g nano a lot. Sorry, but I doubt that >>>> the Apple engineers have been that dumb. But it's definitely worth a try. >>>> mat h schrieb: >>>> >>>> >>>>> thats already been done I cant remrber the website but I will do some >>>>> GOOGLEING. It involved extracting the zip archive and putting them in >>>>> the Ipod Games folder created by itunes and letting Itunes load them. >>>>> >>>>> On 9/30/07, *Biscuit Thomas* <[EMAIL PROTECTED] >>>>> <mailto:[EMAIL PROTECTED]>> wrote: >>>>> >>>>> oh right, i saw those on a torrent, the problem being how to get the >>>>> nano to load the binarys >>>>> >>>>> On 9/30/07, GearForce <[EMAIL PROTECTED] >>>>> <mailto:[EMAIL PROTECTED]>> wrote: >>>>> > Actually, that might be a good point to start!!! >>>>> > I don't know for nano 2g because it doesn't have games but I >>>>> know that the >>>>> > 6G (classic) and nano 3G do have game support. >>>>> > A guy called BadBlox, managed to break the DRM encryption of the >>>>> games >>>>> > binary. >>>>> > I have the code for it if you want. >>>>> > So basically, you can decrypt the game binary, edit ARM >>>>> instructions to dump >>>>> > the RAM to the HDD and the re-encrypt it and run it as a game. >>>>> > I know this BadBlox also built a memory dumper built into the >>>>> osos image so >>>>> > we can use that (although he did that when the osos wasn't >>>>> encrypted..). >>>>> > So on old games which can be cracked (like mini golf or >>>>> whatever, not sure >>>>> > about new games like Sims). >>>>> > If anyone can give it a try.. >>>>> > I don't know a lot about ARM assembly. >>>>> > But if you need more info tell me. >>>>> > This just might be the place we were looking for. >>>>> > >>>>> > On 9/30/07, [EMAIL PROTECTED] >>>>> <mailto:[EMAIL PROTECTED]> >>>>> <[EMAIL PROTECTED] >>>>> <mailto:[EMAIL PROTECTED]>> >>>>> > wrote: >>>>> > > >>>>> > > >>>>> > > Message: 1 >>>>> > > Date: Sat, 29 Sep 2007 07:21:27 -0400 >>>>> > > From: "Biscuit Thomas" <[EMAIL PROTECTED] >>>>> <mailto:[EMAIL PROTECTED]>> >>>>> > > Subject: Re: [Linux4nano-dev] Update to rc4 key search (optimized) >>>>> > > To: "Hardware and developpement mailing list." >>>>> > > <[email protected] <mailto:[email protected]>> >>>>> > > Message-ID: >>>>> > > < >>>>> [EMAIL PROTECTED] >>>>> <mailto:[EMAIL PROTECTED]>> >>>>> > > Content-Type: text/plain; charset="iso-8859-1" >>>>> > > >>>>> > > actually it would have to be arm code, i do believe it might >>>>> still be >>>>> > > under >>>>> > > some form of drm, however. >>>>> > > >>>>> > >>>>> >>>>> _______________________________________________ >>>>> Linux4nano-dev mailing list >>>>> [email protected] <mailto:[email protected]> >>>>> https://mail.gna.org/listinfo/linux4nano-dev >>>>> http://www.linux4nano.org >>>>> >>>>> >>>>> >>>>> >>>>> -- >>>>> We explore... and you call us criminals. >>>>> We seek after knowledge... and you call us criminals. >>>>> We exist without skin color, without nationality, without religious >>>>> bias... and you call us criminals. >>>>> You build atomic bombs, you wage wars, you murder, cheat, and lie to >>>>> us and try to make us believe it's for our own good... >>>>> ....yet we're the criminals. >>>>> >>>>> ____________WAUSHARE ROX ______________ >>>>> Join the dark side we've got cheese >>>>> Annoying people since 1992 >>>>> If you hate me, I love you too. It ain't my fault I'm better than you >>>>> Save Water, Drink Beer >>>>> God Made Women First, Then He Had A Better Idea. >>>>> If Barbie is soo popular...how come you have to buy her friends? >>>>> Don't play stupid with me... I'm better at it! >>>>> You were so cute when you were a baby...What happened? >>>>> My folks were always asking me to wear underpants. What am I, the pope? >>>>> I'm calling the police!... Right after I flush some tings. >>>>> Join the army, see the world, meet interesting people, and kill them. >>>>> ------------------------------------------------------------------------ >>>>> >>>>> _______________________________________________ >>>>> Linux4nano-dev mailing list >>>>> [email protected] >>>>> https://mail.gna.org/listinfo/linux4nano-dev >>>>> http://www.linux4nano.org >>>>> >>>>> >>>> _______________________________________________ >>>> Linux4nano-dev mailing list >>>> [email protected] >>>> https://mail.gna.org/listinfo/linux4nano-dev >>>> http://www.linux4nano.org >>>> >>>> >>>> >>> _______________________________________________ >>> Linux4nano-dev mailing list >>> [email protected] >>> https://mail.gna.org/listinfo/linux4nano-dev >>> http://www.linux4nano.org >>> >>> >>> >> _______________________________________________ >> Linux4nano-dev mailing list >> [email protected] >> https://mail.gna.org/listinfo/linux4nano-dev >> http://www.linux4nano.org >> >> > > > _______________________________________________ > Linux4nano-dev mailing list > [email protected] > https://mail.gna.org/listinfo/linux4nano-dev > http://www.linux4nano.org > > _______________________________________________ Linux4nano-dev mailing list [email protected] https://mail.gna.org/listinfo/linux4nano-dev http://www.linux4nano.org
