• Your favorite

    Apple

    ,

    iPhone

    ,

    iPad

    ,

    iOS

    ,
    Jailbreak
    , and
    Cydia
    site.
  • geohot's thoughts on the new bootloader, 1.1.2 unlock
    geohot, or George Hotz, the guy who unlocked the first iPhone with his infamous hardware method, has posted up his thoughts on the weaknesses and possible exploits (both hardware and software) for the new iPhone boot loader.

    The reason we've been waiting so long to see an unlock solution for OTB 1.1.2 iPhones, if you don't know, is because of the new bootloader that comes with this firmware. Hackers have been plugging away at an unlock solution (big props to drudge, dinopio, roxfan, and the rest of the developers working on this), but they need new iPhone's as well - don't forget to hit up jailbreakme.com and donate to them.

    From geohot:

    Hardware:
    The version check reads from 0xA0021000 and 0xA0021004 to get the version of the main firmware. It then compares the values [0xA0021000]==~[0xA0021004]. If that check fails it ignores the version check. It is also the only bootloader access into high flash. So when A16 goes high, pull any data line high or low. That will cause the check to fail, and hence the version check to be skipped. And they shouldn't be any memory accesses in the bootloader, so it'll be fine.

    Software:
    This exploit is in the the way the secpack signature is padded. They did a lot to remove the really bad signature checking of the old bootloader that IPSF exploited. Although the secpack still has 0x28 bytes of data at the end that isn't checked for normal secpack sigs. The secpack sig is(0x30 header/padding, 0x14 main fw sha, 0x14 secpack sha, 0x28 unchecked padding) So by spoofing the first 0x58 of the RSA, you can set any secpack and main fw sha hash you want. It is very easy in exponent 3 RSA cryptosystems to spoof the first 1/3 of the message bytes. I believe with some clever math and brute force, the whole 0x58 can be spoofed. Any cryptology experts out there?
    geohot's blog
    This article was originally published in forum thread: geohot's thoughts on the new bootloader, 1.1.2 unlock started by Kyle Matthews View original post
    Comments 17 Comments
    1. yowiphone's Avatar
      yowiphone -
      Yeah but there is ALWAYS TURBOSIM!!!
    1. DoerrFan's Avatar
      DoerrFan -
      Geohot is the man
    1. jflc9's Avatar
      jflc9 -
      Geohot rocks my pants.
    1. Bill69's Avatar
      Bill69 -
      What is turbosim?
    1. maXimus's Avatar
      maXimus -
      I have a woody!!!!!!!
    1. fat x nub's Avatar
      fat x nub -
      Quote Originally Posted by maXimus View Post
      I have a woody!!!!!!!
      haha...geohot is the man
    1. magsbadboy's Avatar
      magsbadboy -
      Again... THE MAN!
    1. Dnc95's Avatar
      Dnc95 -
      I have no idea what this all means but thank you very much for all your hard work and keep it up.
    1. cheetah2k's Avatar
      cheetah2k -
      Just grab a turbo sim and be done with it. I've helped 5 mates out with this, and at least for 1.1.2 OTB firmware and the existing jailbreak method, this is the way
    1. Eurisko's Avatar
      Eurisko -
      Boy, the TurboSIM kickbacks on this board must be enormous!
    1. venitronics's Avatar
      venitronics -
      Quote Originally Posted by Eurisko View Post
      Boy, the TurboSIM kickbacks on this board must be enormous!
      Yeah...true.
    1. cheetah2k's Avatar
      cheetah2k -
      I wish.

      But you tell me how to get an OTB 1.1.2 working with BL 4.6?
    1. ReVan's Avatar
      ReVan -
      An update on the exploits. A16 is a buried via, but it is right at the edge of the chip. Just scrape the epoxy away and hook a wire under there. I'd do it but a lot of my hardware stuff is at RIT. And I didn't say the software exploit would be easy, but this paper alludes to 2/3 of the message being spoofable. 2/3 is 3 bytes away from how much we need, and 3 bytes can be brute forced easily enough. Of course 1/3 is trivial to exploit with a cube root, I understand that math well enough.

      Hardware:
      The version check reads from 0xA0021000 and 0xA0021004 to get the version of the main firmware. It then compares the values [0xA0021000]==~[0xA0021004]. If that check fails it ignores the version check. It is also the only bootloader access into high flash. So when A16 goes high, pull any data line high or low. That will cause the check to fail, and hence the version check to be skipped. And they shouldn't be any memory accesses in the bootloader, so it'll be fine.

      Software:
      This exploit is in the the way the secpack signature is padded. They did a lot to remove the really bad signature checking of the old bootloader that IPSF exploited. Although the secpack still has 0x28 bytes of data at the end that isn't checked for normal secpack sigs. The secpack sig is(0x30 header/padding, 0x14 main fw sha, 0x14 secpack sha, 0x28 unchecked padding) So by spoofing the first 0x58 of the RSA, you can set any secpack and main fw sha hash you want. It is very easy in exponent 3 RSA cryptosystems to spoof the first 1/3 of the message bytes. I believe with some clever math and brute force, the whole 0x58 can be spoofed. Any cryptology experts out there?
    1. Eurisko's Avatar
      Eurisko -
      This is old news
    1. iphonesolutionz's Avatar
      iphonesolutionz -
      Yes, old news my friend.
    1. starchest's Avatar
      starchest -
      I don't really understand this, I hope is just some kind of news telling us you are closer to an OTB 1.1.2 full unlock. This is taking a whole more time than I expected. Kinda starting to worry.
    1. Kyle Matthews's Avatar
      Kyle Matthews -
      I'm gonna go ahead and merge this with the other thread of the same subject.