Does 6G even have a DFU? How can one enter it? 3mpty schrieb: > Same problem with it... > > I'm gonna try the DFU file creation with my 6G to see the differences > between the files. > The earlier the easier? :) > > 3mpty > > 2009/2/23, Ari <[email protected]>: >> I tried compiling dfu-util (the original version from OpenMoko, not >> the dev team hacked version that runs the pwnage2 exploit) to upload a >> file to a 3G iPod touch (the one that is downloaded by iTunes, to be >> specific) but it errored out every time, even though it recognized the >> nano as a DFU device... I'm sure a simple patch would fix this, but >> I'm not smart enough to write one :p >> >> If the system is extremely similar, we'll have to find a gid key to >> decrypt these 8702 files or whatever... The iPhone's gid key was used >> to decrypt the 8900 files, until Apple switched to img3 which featured >> a more complex encryption system. You can find a little more >> information on the iPhone keys at >> http://wikee.iphwn.org/s5l8900:encryption_keys >> and http://www.theiphonewiki.com/wiki/index.php?title=AES_Keys >> >> By the way, where is this IRC channel you're talking about? >> >> Ari >> >> On Feb 23, 2009, at 12:16 PM, Taylor Gordon wrote: >> >>> Very nice! >>> >>> Indeed, it It looks like maybe Ari would be a great help in >>> developing an >>> exploit for the ipod nano 3g/4g. The hardware does look much alike. >>> >>> I believe that TheSeven had compiled a modified version of iran and >>> wrote a >>> "junk" file to the ipod to test the transfer and he was succesful. Im >>> guessing out next step is to look closely at this "Apple Safe boot" >>> file >>> downloaded by itunes and see if it is anything similar to the iPhone >>> iBoot. >>> >>> BTW - As you guys probably know the DFU files are also encrypted but >>> there >>> might be some interesting keys in there. We might even be able to >>> find the >>> buffer overflow in the certificate like with the i/touch/phone. I >>> should be >>> on IRC sometime later today. >>> >>> Taylor >>> On Mon, Feb 23, 2009 at 11:15 AM, Ari <[email protected]> wrote: >>> >>>> Interesting! Clearly the iPod nano 3G is built off the iPhone... I >>>> think it's likely that we'll find an iPod nano exploit similar to one >>>> of the iPhone ones we've found over the years! >>>> >>>> The 8900 does seem to be the same as the iPod nano's format, but it >>>> is >>>> called 8900 because that's the suffix of the iPhone's application >>>> processor (the S5L8900), so the 8702 format is not necessarily an >>>> earlier version of the format, just an earlier processor. >>>> >>>> And Raoul did not "generate" these files, they are downloaded by >>>> iTunes when a DFU 3G iPod nano is detected :) >>>> >>>> Although I'm not a member of the iPhone dev team, I do have some >>>> knowledge of the iPhone platofrm, as I'm a member of the Chronic Dev >>>> Team (http://chronic-dev.org/blog/), who jailbroke the iPod touch 2G >>>> before the iPhone dev team released theirs. In addition, I wrote >>>> iJailBreak, the original automated iPod touch Mac jailbreak back in >>>> the 1.1.1 days at http://ijailbreak.com/. >>>> >>>> Ari >>>> >>>> On Feb 23, 2009, at 10:14 AM, 3mpty wrote: >>>> >>>>> How did it generate it? >>>>> >>>>> By the way, take a look at this >>>> http://wikee.iphwn.org/s5l8900:8900_format >>>>> ... >>>>> I bet that the format is identical (all the struct fields seem to >>>>> match), >>>>> only an earlier version (8900 vs 8702). >>>>> >>>>> Someone should contact iPhone Dev Team guys... >>>>> >>>>> 3mpty >>>>> >>>>> 2009/2/22 Raoul Guggenheim <[email protected]> >>>>> >>>>>> Hello >>>>>> Found the DFU mode on my nano 3g >>>>>> And it generated those restoring files! have fun >>>>>> >>>>>> >>>>>> _______________________________________________ >>>>>> Linux4nano-dev mailing list >>>>>> [email protected] >>>>>> https://mail.gna.org/listinfo/linux4nano-dev >>>>>> http://www.linux4nano.org >>>>>> >>>>> _______________________________________________ >>>>> Linux4nano-dev mailing list >>>>> [email protected] >>>>> https://mail.gna.org/listinfo/linux4nano-dev >>>>> http://www.linux4nano.org >>>> >>>> _______________________________________________ >>>> Linux4nano-dev mailing list >>>> [email protected] >>>> https://mail.gna.org/listinfo/linux4nano-dev >>>> http://www.linux4nano.org >>>> >>> _______________________________________________ >>> Linux4nano-dev mailing list >>> [email protected] >>> https://mail.gna.org/listinfo/linux4nano-dev >>> http://www.linux4nano.org >> >> _______________________________________________ >> Linux4nano-dev mailing list >> [email protected] >> https://mail.gna.org/listinfo/linux4nano-dev >> http://www.linux4nano.org >> > > _______________________________________________ > Linux4nano-dev mailing list > [email protected] > https://mail.gna.org/listinfo/linux4nano-dev > http://www.linux4nano.org >
_______________________________________________ Linux4nano-dev mailing list [email protected] https://mail.gna.org/listinfo/linux4nano-dev http://www.linux4nano.org
