Page 3 of 8 FirstFirst 12345 ... LastLast
Results 41 to 60 of 160

Your favorite Apple, iPhone, iPad, iOS, Jailbreak, and Cydia site.


Thread: Let's put our minds together on this 3GS 3.1.3 New Bootrom Issue

  1. #41
    iPhone? More like MyPhone katmeef's Avatar
    Join Date
    Mar 2010
    Location
    Hamilton, ON
    Posts
    265
    Thanks
    14
    Thanked 19 Times in 12 Posts

    Quote Originally Posted by pheroah View Post
    katmeef, I would probably think the same, cracking the private key is not difficult if the length of the keys are small. What we do need is the public keys used by iTunes to decrypt the message, and a few encrypted messages to see how that can work.
    1) don't forget this is the basis of modern day cryptography and internet security
    2) we don't know how long the length of key is which Apple has implemented for their private key.
    3) i don't think apple would use something small enough to be simply brute forced in a period of time small enough to be feasible for our needs..

    "The amount of time required to break a 128-bit key is also daunting. Each of the 2128 (340,282,366,920,938,463,463,374,607,431,768,211,4 56) possibilities must be checked. A device that could check a billion billion keys (1018) per second would still require about 1013 years to exhaust the key space. This is a thousand times longer than the age of the universe, which is about 13,000,000,000 (1.31010) years."

    for reference: [ame=http://en.wikipedia.org/wiki/Brute_force_attack]Brute force attack - Wikipedia, the free encyclopedia[/ame]

  2. #42
    Green Apple
    Join Date
    Sep 2009
    Location
    West Virginia
    Posts
    80
    Thanks
    1
    Thanked 83 Times in 14 Posts

    Quote Originally Posted by jfmherokiller-iphone View Post
    the freezing idea may be possible with a software called cheat engine it can freeze any program including iTunes the freeze would just have to be done at the right time during restore process
    Are you pretty familiar with that "Cheat Engine" software? I got it downloaded and installed but I need a little guidance running it. Thanks so much for directing me toward the program. That would be awesome if it proved itself useable for what we need it for.

  3. #43
    I doubt that they are using 128bit keys, the standard is more like 64bit or 32bit for signing. Now for the novice people here, halfing the number doesn't mean halfing the time required, but this is rather exponential.

    Anyhow, I am not thinking of a brute force attack that is just too long, I was thinking more of the lines of replicating what the iTunes is doing or better still writing a patch that will by pass this routine completely in iTunes, however, someone still needs to tell us if the phone itself uses the keys for anything.

  4. #44
    Green Apple
    Join Date
    Sep 2009
    Location
    West Virginia
    Posts
    80
    Thanks
    1
    Thanked 83 Times in 14 Posts

    Quote Originally Posted by pheroah View Post
    I doubt that they are using 128bit keys, the standard is more like 64bit or 32bit for signing. Now for the novice people here, halfing the number doesn't mean halfing the time required, but this is rather exponential.

    Anyhow, I am not thinking of a brute force attack that is just too long, I was thinking more of the lines of replicating what the iTunes is doing or better still writing a patch that will by pass this routine completely in iTunes, however, someone still needs to tell us if the phone itself uses the keys for anything.
    You seem like you really know what you are talking about. Thanks for seeing this thread and contributing to it!

  5. #45
    iPhone? More like MyPhone katmeef's Avatar
    Join Date
    Mar 2010
    Location
    Hamilton, ON
    Posts
    265
    Thanks
    14
    Thanked 19 Times in 12 Posts

    Quote Originally Posted by pheroah View Post
    I doubt that they are using 128bit keys, the standard is more like 64bit or 32bit for signing. Now for the novice people here, halfing the number doesn't mean halfing the time required, but this is rather exponential.

    Anyhow, I am not thinking of a brute force attack that is just too long, I was thinking more of the lines of replicating what the iTunes is doing or better still writing a patch that will by pass this routine completely in iTunes, however, someone still needs to tell us if the phone itself uses the keys for anything.
    AFAIK iTunes is hashing the IPSW, sending a request to apple with the hashes and the ECID of the phone. Apple churns out signed blobs which sends back to itunes. These blobs are incorporated into the data which is flashed to the phone.

    You could always use wireshark to sniff the packets between your computer and apple..

    I'm pretty sure the verification is performed in the phone's bootrom as opposed to iTunes itself- the bootrom verifies the blobs, (as well as the signatures of the software loaded)... so I'm not seeing how you intend to have them accepted without signing them with apple's key

  6. #46
    Quote Originally Posted by Phillip84 View Post
    You seem like you really know what you are talking about. Thanks for seeing this thread and contributing to it!
    No Worries Phillip, I am a vetran programmer and I have a lot of experiance with encryption and PKIs, I am just very new to iPhone and Apple, I was a MS fan previously.

    So I am in the learning curve like everyone else, and I hope that I can ask a question that will lead us to a new place.

  7. #47
    iPhone? More like MyPhone katmeef's Avatar
    Join Date
    Mar 2010
    Location
    Hamilton, ON
    Posts
    265
    Thanks
    14
    Thanked 19 Times in 12 Posts

    ^^ I answered on the last page regarding what iTunes and the phone do with the blobs (my understanding of the process, anyways), your post was at the same time and bumped the thread over to page 4, not sure if you saw my post...
    Last edited by katmeef; 2010-04-20 at 07:14 PM.

  8. #48
    Green Apple
    Join Date
    Sep 2009
    Location
    West Virginia
    Posts
    80
    Thanks
    1
    Thanked 83 Times in 14 Posts

    Quote Originally Posted by pheroah View Post
    No Worries Phillip, I am a vetran programmer and I have a lot of experiance with encryption and PKIs, I am just very new to iPhone and Apple, I was a MS fan previously.

    So I am in the learning curve like everyone else, and I hope that I can ask a question that will lead us to a new place.
    Oh right on! Well let me ask you something then. Where would a guy like myself start out if he wanted to begin dabbling in programming? Are there any good tutorial resources online? I've searched before but since I know absolutely nothing about the topic I didn't know if what I was looking at was good or not. Sorry for venturing off the main topic but I wanted to take the opportunity to ask you. If you have any advice that you wouldn't mind sharing, just shoot it to me in a message to my inbox on here.

  9. #49

  10. #50
    If you guys are going to hack iTunes though windows a tool I would suggest is ollydb

    Please do not remove or ignore my post above just because I only have 2 posts I know what i'm talking about I make custom installers and modded software myself.
    Last edited by jfmherokiller-iphone; 2010-04-21 at 11:04 AM. Reason: Automerged Doublepost

  11. #51
    Quote Originally Posted by jfmherokiller-iphone View Post
    If you guys are going to hack iTunes though windows a tool I would suggest is ollydb

    Please do not remove or ignore my post above just because I only have 2 posts I know what i'm talking about I make custom installers and modded software myself.
    I tried using ollydb but it crashes when you attach it to iTunes or even when you run iTunes through it. I don't know if it is the W7 that is causing the issue or iTunes is anti-debuggable

  12. #52
    I'm stil wondering how long time it would take for one of you to realize that all you have to do is decrypt an old backup of your phone and edit it to downgrade it to 3.1.2

  13. #53
    Livin the iPhone Life
    Join Date
    Oct 2009
    Location
    Europe
    Posts
    2,830
    Thanks
    76
    Thanked 382 Times in 368 Posts

    Quote Originally Posted by Mosso View Post
    I'm stil wondering how long time it would take for one of you to realize that all you have to do is decrypt an old backup of your phone and edit it to downgrade it to 3.1.2
    If it was easy, it'd have been done by now.

  14. #54
    Quote Originally Posted by dhamien View Post
    If it was easy, it'd have been done by now.


    That's why it already is done.

    But 95% of the people who want a jailbreak doesnt know a ****, like that guy who would recomend olly, or the other guy who would recommend cheat engine, I mean seriously...

  15. #55
    So maybe you can enlighten us, by showing us how it is done, a few steps on the process would really help everyone in the world

  16. #56
    I'm sorry but nothing in the world comes free. Atleast not from me, this is simple and you can find everything you need by using google..

    I'm pretty sure there even is an python script for decrypting Itunes files..

  17. #57
    ok after we decrypt the files then how do we edit them. I have a 3.1.2 backup from a different 3gs I'd like to put on my new 3gs so any help in downgrading with an iphone backup would be great!

  18. #58
    iPhone? More like MyPhone katmeef's Avatar
    Join Date
    Mar 2010
    Location
    Hamilton, ON
    Posts
    265
    Thanks
    14
    Thanked 19 Times in 12 Posts

    Quote Originally Posted by Mosso View Post
    I'm stil wondering how long time it would take for one of you to realize that all you have to do is decrypt an old backup of your phone and edit it to downgrade it to 3.1.2
    as if.... are you saying the backup itunes takes every time it syncs contains the entire filesystem which can be flashed (LOL), or that it contains the SHSH blobs?

    Quote Originally Posted by Mosso View Post
    I'm sorry but nothing in the world comes free. Atleast not from me, this is simple and you can find everything you need by using google..
    I've been using google for over a month since I got this 3gs (obsessively)... you're the first person i've heard saying anything about this...
    Last edited by katmeef; 2010-04-22 at 12:48 AM.

  19. #59
    What's Jailbreak?
    Join Date
    Apr 2010
    Posts
    15
    Thanks
    0
    Thanked 2 Times in 1 Post
    Is it possible to reconstruct the SHSH blob for 3.1.2 by going back in time using Leopard's Time Machine and massaging the right file(s)?

    Found this of interest: http://modmyi.com/forums/3g-s-downgr...s-folders.html
    Last edited by jonskiv; 2010-04-22 at 02:10 AM.

  20. #60
    iPhone? More like MyPhone katmeef's Avatar
    Join Date
    Mar 2010
    Location
    Hamilton, ON
    Posts
    265
    Thanks
    14
    Thanked 19 Times in 12 Posts

    Quote Originally Posted by jonskiv View Post
    Is it possible to reconstruct the SHSH blob for 3.1.2 by going back in time using Leopard's Time Machine and massaging the right file(s)?
    you'd have to be pretty lucky to have had time machine running at exactly the time you were doing a DFU mode restore of a previous OS in the past!

Page 3 of 8 FirstFirst 12345 ... LastLast
Posting Permissions
  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •