Results 1 to 18 of 18

Your favorite Apple, iPhone, iPad, iOS, Jailbreak, and Cydia site.


Thread: SHAtter jailbreak

  1. #1
    What's Jailbreak?
    Join Date
    Aug 2010
    Location
    Flordia
    Posts
    14
    Thanks
    1
    Thanked 1 Time in 1 Post
    Question SHAtter jailbreak
    To my understanding, this low level bootrom exploit means that all the iOS devices currently released will always be jailbreak-able, right?

    But here is where I am confused, for example, I jailbreak my iPhone 4 on 4.1 firmware with the SHAtter exploit, and Apple releases 4.2, this means I can update and just re-jailbreak? Or would I have to wait for a new jailbreak software to be released? Or is this just simply meaning that jailbreaking newer firmware will be easy, or a snap, and will not be patched until new hardware has been revised?

    If you can, explain EVERY little detail on this exploit and how it will work. I don't know too much about this whole 'low level bootrom exploit'.

  2. #2
    Super Moderator iYeow's Avatar
    Join Date
    Feb 2008
    Location
    Vancouver, Canada
    Posts
    13,955
    Thanks
    76
    Thanked 2,758 Times in 2,647 Posts

    If this is an iboot exploit, you could probably restore to Custom firmware and be already jailbroken when successfully restored.,

  3. #3
    Super Galactic Moderator Orby's Avatar
    Join Date
    Aug 2010
    Location
    Omicron Persei Eight
    Posts
    5,748
    Thanks
    40
    Thanked 632 Times in 556 Posts

    Quote Originally Posted by yeow202 View Post
    If this is an iboot exploit, you could probably restore to Custom firmware and be already jailbroken when successfully restored.,
    Ay, there's the rub.

    SHAtter is in the bootrom exploit family, but SHAtter by itself is likely not enough to produce an untethered jailbreak of an iPhone 4, for instance.

    For every bootrom exploit, you'll need an iBoot exploit as well to flash the exploited code to the NOR on SHSH blob-required devices and to load in an unsigned kernel. Though we have (had) those exploits, Apple releases new firmware (complete with new blobs) to seal holes in iBoot. Meaning new devices and new firmwares need new iBoot exploits to make the bootrom exploit work at all/work untethered (OR you have a old, exploitable iBoot with the blobs for your device to match).

  4. #4
    Super Moderator iYeow's Avatar
    Join Date
    Feb 2008
    Location
    Vancouver, Canada
    Posts
    13,955
    Thanks
    76
    Thanked 2,758 Times in 2,647 Posts

    Thank you for the info.very useful.

  5. #5
    What's Jailbreak?
    Join Date
    Aug 2010
    Location
    Flordia
    Posts
    14
    Thanks
    1
    Thanked 1 Time in 1 Post
    Quote Originally Posted by orbyorb View Post
    Ay, there's the rub.

    SHAtter is in the bootrom exploit family, but SHAtter by itself is likely not enough to produce an untethered jailbreak of an iPhone 4, for instance.

    For every bootrom exploit, you'll need an iBoot exploit as well to flash the exploited code to the NOR on SHSH blob-required devices and to load in an unsigned kernel. Though we have (had) those exploits, Apple releases new firmware (complete with new blobs) to seal holes in iBoot. Meaning new devices and new firmwares need new iBoot exploits to make the bootrom exploit work at all/work untethered (OR you have a old, exploitable iBoot with the blobs for your device to match).
    So, excuse my confusion, with this exploit you are allowed to always be jailbreakable AS LONG as the new patches in iBoot are exploited?
    For example, even jailbroken with SHAtter I should wait until 4.2's firmware itself has been jailbroken?

  6. #6
    Livin the iPhone Life j3st3r's Avatar
    Join Date
    Mar 2008
    Location
    Louisiana
    Posts
    2,447
    Thanks
    42
    Thanked 405 Times in 395 Posts

    correct

  7. #7
    What's Jailbreak?
    Join Date
    Aug 2010
    Location
    Flordia
    Posts
    14
    Thanks
    1
    Thanked 1 Time in 1 Post
    I get it now. Same exploit means easier jailbreak because they don't have to find another. Thank you!

  8. #8
    What's Jailbreak? dt0theh's Avatar
    Join Date
    Jan 2008
    Location
    rhode island
    Posts
    16
    Thanks
    23
    Thanked 1 Time in 1 Post
    hey guys thanks for the info.. a little confused tho. maybe someone can clearify for me.. when shatter comes out and i jailbreak my 4.1 iphone 4 if i restore for any reason after and try to bring it to apple to say be fixed or whatever will the restore wipe the info? or will apple be able to tell? thanks everyone! sorry if this was answered already.. i did not see it anywhere.....
    Last edited by dt0theh; 09-12-2010 at 02:22 PM. Reason: add statement

  9. #9
    I have never heard of apple finding out after a factory restore, and have returned/ had replaced many of iPhone that were previously jailbroken with zero problems.

  10. #10
    Quote Originally Posted by dt0theh View Post
    hey guys thanks for the info.. a little confused tho. maybe someone can clearify for me.. when shatter comes out and i jailbreak my 4.1 iphone 4 if i restore for any reason after and try to bring it to apple to say be fixed or whatever will the restore wipe the info? or will apple be able to tell? thanks everyone! sorry if this was answered already.. i did not see it anywhere.....
    Once you restore it and have an AT&T sim in there you should be fine. I've gotten my iPhone checked twice already, and had no problems. They just swapped mine out. So I don't believe they should be able to tell if it were previously jailbroken or unlocked, unless you didn't restore it at all.

  11. The Following User Says Thank You to sammysalsa8 For This Useful Post:

    dt0theh (09-12-2010)

  12. #11
    What's Jailbreak? dt0theh's Avatar
    Join Date
    Jan 2008
    Location
    rhode island
    Posts
    16
    Thanks
    23
    Thanked 1 Time in 1 Post
    k just makin sure cause i see ppl sayin shatter is a perm jb... thought maybe with that a restore wouldnt work... thanks

  13. #12
    Super Galactic Moderator Orby's Avatar
    Join Date
    Aug 2010
    Location
    Omicron Persei Eight
    Posts
    5,748
    Thanks
    40
    Thanked 632 Times in 556 Posts

    Quote Originally Posted by dt0theh View Post
    k just makin sure cause i see ppl sayin shatter is a perm jb... thought maybe with that a restore wouldnt work... thanks
    Permanent just means Apple can't close the hole used for the exploit with any software update. Any jailbreak can be undone purely by restoring the device's firmware to Apple's stock one from DFU mode.

    Also, Brokencydez, that's not entirely right. Jailbreaks are almost always a combination of exploits. blackra1n is a combination of the usb_control_msg(0x21,2) for iBoot and 0x2400 Segment Overflow in the VROM exploits (and redsn0w uses this same attack route for 3.1.2), Spirit uses three exploits (sneaky dots in backup restores, incomplete code signing, and the BPF_STX kernel stack overwrite).

    We've got the bootrom (I actually now think SHAtter isn't a "bootrom" exploit, but is elsewhere in the hardware and is therefore unfixable like a bootrom exploit, allowing unsigned code over USB) one down, but the iBoot hole needed to launch/flash unsigned code is still, and will be, needed in the future as long as SHSH blobs are enforced in the capacity Apple designed them to be.

  14. The Following 3 Users Say Thank You to Orby For This Useful Post:

    BrokeNCYDEz (09-12-2010), dt0theh (09-12-2010), RocketshipVirus (09-12-2010)

  15. #13
    What's Jailbreak? dt0theh's Avatar
    Join Date
    Jan 2008
    Location
    rhode island
    Posts
    16
    Thanks
    23
    Thanked 1 Time in 1 Post
    thanks for the info guys.. you cleared things up for me, i appreciate it !

  16. #14
    What's Jailbreak?
    Join Date
    Aug 2010
    Location
    Flordia
    Posts
    14
    Thanks
    1
    Thanked 1 Time in 1 Post
    Quote Originally Posted by orbyorb View Post
    Permanent just means Apple can't close the hole used for the exploit with any software update. Any jailbreak can be undone purely by restoring the device's firmware to Apple's stock one from DFU mode.

    Also, Brokencydez, that's not entirely right. Jailbreaks are almost always a combination of exploits. blackra1n is a combination of the usb_control_msg(0x21,2) for iBoot and 0x2400 Segment Overflow in the VROM exploits (and redsn0w uses this same attack route for 3.1.2), Spirit uses three exploits (sneaky dots in backup restores, incomplete code signing, and the BPF_STX kernel stack overwrite).

    We've got the bootrom (I actually now think SHAtter isn't a "bootrom" exploit, but is elsewhere in the hardware and is therefore unfixable like a bootrom exploit, allowing unsigned code over USB) one down, but the iBoot hole needed to launch/flash unsigned code is still, and will be, needed in the future as long as SHSH blobs are enforced in the capacity Apple designed them to be.
    One more question, regarding the recent picture @pod2g posted on twitter, what is this picture supposed to indicate exactly?:
    Hey, @p0sixninja 's epic greenpois0n works well on iPhon... on Twitpic

  17. #15
    The new JB is tethered? Thats me fooked then. I live in the uk but have an iphone I bought in the US wshich was locked to at&t. If I update it, I will lose my unlock as well as being able to tether it to my pc. Will there be a work around solution OR am I screwed bigtime?? Thanks guys

  18. #16
    Super Galactic Moderator Orby's Avatar
    Join Date
    Aug 2010
    Location
    Omicron Persei Eight
    Posts
    5,748
    Thanks
    40
    Thanked 632 Times in 556 Posts

    Quote Originally Posted by BigCol View Post
    The new JB is tethered? Thats me fooked then. I live in the uk but have an iphone I bought in the US wshich was locked to at&t. If I update it, I will lose my unlock as well as being able to tether it to my pc. Will there be a work around solution OR am I screwed bigtime?? Thanks guys
    No no no. Not boned, or at least not in the manner you're thinking.

    If the past jailbreaks are indicative of the future BigCol, you will be able to hacktivate your phone as part of the jailbreaking process. HOWEVER, the current 4.1 for all phones contains a baseband update which is not currently unlockable or downgradable (and your phone would only work on AT&T).

    EDIT: Read Semaphore's blog (http://thefirmwareumbrella.blogspot.com) to learn how to use TinyUmbrella to update your iPhone 4 (and only the iPhone 4) to any newer firmware without touching the baseband. That'll come in handy if/when you update to jailbreak on 4.x but like being able to use your phone in the UK.

  19. #17
    Quote Originally Posted by BrokeNCYDEz View Post
    One more question, regarding the recent picture @pod2g posted on twitter, what is this picture supposed to indicate exactly?:
    Hey, @p0sixninja 's epic greenpois0n works well on iPhon... on Twitpic
    Basically it means he is close to being done with the next big jailbreak. Geohot used to do this alot too and everyone would get all hyped up when it would be a few WEEKS before he ever released. Like orbyorb said it takes more than one exploit to make the magic happen, so we have to let them figure a way to let those exploits mesh nicely.

  20. #18
    If your going to use tinyumbrella to go from 4.0(x) do a restore not a update. If you do a update you will update the baseband. So it is very important to just restore. I just did it to my i4 and it worked great. Still on baseband 1.59.00 and version 4.1 (8B117). Now waiting for jailbreak.
    Last edited by XFaega; 09-12-2010 at 10:26 PM.

Posting Permissions
  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •