• Your favorite

    Apple

    ,

    iPhone

    ,

    iPad

    ,

    iOS

    ,
    Jailbreak
    , and
    Cydia
    site.
  • GeoHot and DevTeam Discuss Exploits for New Baseband


    Well folks, we're almost there. In the very near future, baseband 05.12.01 could be unlockable for those of us unfortunate enough to be stuck in this position. Now it doesn't necessarily mean 3.1.3 will be worked on, but its good news none the less for those unfortunate users, and for the possibility of a group effort for the next unlock between GeoHot and the DevTeam. Discussed in an IRC channel, GeoHot and the DevTeam's MuscleNerd, share some thoughts on the exploits they have found, and by the looks of things, might actually team up to dish out an ultimate serving of Jailbreaking goodness.

    GeoHot explains that there is an exploit that he had previously discovered and wanted to use with the release of blacksn0w, which has now found to still exist in 3.1.3. He goes on to discuss how he had originally wanted to implement this exploit in blacksn0w but opted to go with an open source route, which makes sense to keep things slightly on the downlow.

    It sounds as though GeoHot and MuscleNerd (Dev Team) may possibly be working on the same exploit, and if that's the case, it would be incredibly logical for them to team up rather than releasing two different exploits, which in the end could just cause more greif when upgrading in the future.

    Here is the excerpt posted by @visnet's twitter that is going around from the IRC Channel.

    Originally Posted by :
    What does geohot tweet mean?
    <%geohot> its my bb exploit for safekeeping
    <%Par4doX> geohot: did you turn that over to the dev team or are you doing something with it?
    <%geohot> my days of turning things over are done
    <%geohot> i hope its different from the one they have
    <%geohot> but they prob already have it
    <%geohot> its the one i orig wanted to release blacksn0w with
    <%Par4doX> it’s still there in the new bb
    <%geohot> yep, just checked
    <%geohot> but then opted to use xemn since it was public
    Oo, it carries over from 05.11 to 05.12?
    <%geohot> why wouldn’t it, apple doesn’t fix things proactivly
    <@MuscleNerd> geohot we prob should figure out a way to know if we have same exploit double blind, otherwise we may release 2 different ones at same time
    <%geohot> any suggestions?
    <@MuscleNerd> not sure how to do that without making it easy to brute force tho
    <%geohot> yea, i salted the hash
    <@MuscleNerd> yeah
    <@MuscleNerd> hmm maybe if we both hash the stack dump
    <@Confucious> Can you two take this out of public sight?
    <@MuscleNerd> the stack itself, not the header before it or the registers after it
    muscle: any notice about the exploits are the same ?
    <%geohot> we are working on it
    <%geohot> cryptography, perfect for people who don’t trust each other
    So take it as you will and share your thoughts. Again, we don't expect much for 3.1.3 (Rumor has it OS 3.2 will drop mid March), but this is good news for those of you in an utterly awful situation if your phone has become more like an really expensive iPod Touch.
    This article was originally published in forum thread: GeoHot and DevTeam Discuss Exploits for New Baseband started by nickhesson View original post
    Comments 151 Comments
    1. Melech518's Avatar
      Melech518 -
      Too funny!
    1. SuperVee3's Avatar
      SuperVee3 -
      i don't post much.... but i sure do a lot of reading and wow!
    1. sonificator's Avatar
      sonificator -
      WOW - finally found that I am not alone. Have 3GS 3.1.2 (05.11.07) jailbroken tethered with blackra1n, working perfecty for a month.. This morning couldn't get service. Tried rebotting and re-jailbraiking. I get the face image but nothing happens for 2-3 mintues and then the phone goes into hard rese again.

      It seems that restoring with a custom firmware is the next step - which one 3.1.2 or 3.1.3 and with which tools - I am on a PC, but if necessary can get access to Mac ?
    1. Cer0's Avatar
      Cer0 -
      Is your SHSH "on file"? If so then changing your hosts file you should be able to shift-restore to a 3.1.2 firmware.
    1. sonificator's Avatar
      sonificator -
      Quote Originally Posted by cerote View Post
      Is your SHSH "on file"? If so then changing your hosts file you should be able to shift-restore to a 3.1.2 firmware.
      It is, but hosts/shift-restore to a 3.1.2 didn't work out, tried several times on different computers - kept getting the 'non eligible' messages from itunes.

      I realized that I have 2 days left to return/buy another unit, so that's the plan - hope I don't get the very latest bootrom and don't encounter this problem again!
    1. Cer0's Avatar
      Cer0 -
      Most likely you will get the latest bootrom. Did you edit your hosts properly?
    1. sonificator's Avatar
      sonificator -
      Quote Originally Posted by cerote View Post
      Most likely you will get the latest bootrom. Did you edit your hosts properly?
      Seemed like I did. Have no choice at this point. I thought it was possible to update to a "custom" 3.1.3 via shift-restore (saw that in some post), and now I think I am locked in??
    1. Cer0's Avatar
      Cer0 -
      You can only install custom firmware if you have the old bootrom. Can you PM me your part in the hosts file of the change you made?

      So, open the file C:WindowsSystem32driversetchosts (Windows) or /etc/hosts (Mac OS X) and add the following entry to the bottom of the file.

      74.208.10.249 gs.apple.com

    1. Stewie Griffin's Avatar
      Stewie Griffin -
      Quote Originally Posted by DrBoHoHYkgYTRnmVThg View Post
      book luxury new york hotelscheap hotel jesolothe tides hotel south beach fl
      What the deuce
    1. Effenpig!'s Avatar
      Effenpig! -
      Quote Originally Posted by DrBoHoHYkgYTRnmVThg View Post
      book luxury new york hotelscheap hotel jesolothe tides hotel south beach fl
      Awesome. Now go drink some bleach....
    1. Cer0's Avatar
      Cer0 -
      Gone.