iPod touch 2G Jailbreak!

zidane_genome

My sword has a +2 bleeding... wanna test it out?
OP
Member
Joined
May 21, 2006
Messages
2,320
Trophies
0
Age
43
Website
Visit site
XP
305
Country
United States
Within the next few days, the iPhone Dev-Team (those responsible for unlocking and jailbreaking the iPhones) will release redsn0w.

Now all 2nd Gen (2G) iPod Touch users can jailbreak their iPods!

www.redsn0w.com shows a image on their homepage with the hash needed to crack the iPod Touch 2G, and it's being reported on iPod Touch Fans that while Chronic is the one who found the hash, the iPhone Dev Team spent a few hours and have a jailbreak app comming in "a few days".


Originally Posted by Muscle Nerd said:
[32957a35889c4dd2f8dfe483dd9023eafb6b4a22 is a] "escrow" hash of decrypted iBoot for ipt2g (length=0x29000). Not otherwise obtainable except via an exploit (afaict).

The official news came out that redsn0w is going to be a jailbreak developed within the next few days. The Dev-Team was able to find an exploit after further reviewing the 2g and were able to get a jailbreak. The jailbreak will be released within a couple of days and will work on both firmwares.

Very surprisingly this was done even though only 2 members of the Dev-Team actually own iPods and the total time spent working on a 2g jailbreak was roughly 1-2 hours.

Here is a bit more technical stuff.

Originally Posted by Chronic said:
In firmware 2.1.1, only in the iPod Touch 2G firmware. there is a little something that apple lefy behind that they probably should not have. It was most likely for diagnostics, but was not fixed until 2.2, but no big deal there because you can load a 2.1 iBEC over DFU and use that.

For the past few days I have been trying to mess witg it, but I am not able to really look into it because I have no other exploit to, for example, read forbidden areas of memory. Also, it has some hate for naked binaries being passed to it apparently, and i do not know the wrapper format.
Good for the JB community, dev team found a way to…
1. pass the new bootrom sigcheck
2. be able to craft their code in a way that the specific thing will execute it


Originally Posted by Chronic
This exploit is in the 2.1.1 iBoot / iBEC / iBSS
So when DevTeam releases their tool, there would be two methods, since they can very easily make it work on 2.2 and beyond. For 2.1 users, it can be fully automated. Their RedSn0w tool would be able to use the md librarry to tell the device to go to recovery mode, and from there, it can be Pwned. For people on 2.2, it is still ridiculously easy. The only difference is, it would have to be QuickPwn style. You would need to be told to hold home and power for X amount of seconds, etc. etc, and it would also need a 2.1.1 ipsw so it can upload the 2.1.1 iBSS, so that the exploit can be utilized. Please note that I am not involved in RedSn0w development, but have already came across the exploit myself, I just did not know how to utilize it properly. The main point here is that it is gone in 2.2, but a tool they make can easily upload a 2.1.1 iBSS to DFU since it would be considered legit Apple code. It was something that was most likely for testing a certain extra something that is included, and was not removed, nor were any signature checks or anything placed upon it


Source:
http://www.ipodtouchfans.com/forums/...postcount=2127
http://blog.iphone-dev.org/post/7040...rmonuclear-pop
http://chronic-dev.org/blog/2009/01/exploit/
http://chronic-dev.org/blog/2009/01/clarification/
 

kevenka

Well-Known Member
Member
Joined
Jul 15, 2007
Messages
929
Trophies
1
Age
33
Location
Texas
Website
Visit site
XP
411
Country
United States
muhahahah!!!Finally
evil.gif
 

science

science rules
Member
Joined
Jun 9, 2006
Messages
3,697
Trophies
1
Age
33
XP
1,249
Country
Canada
Dupe thread, but this one has more info on it so I'll post this here. This was posted on the dev team's Twitter not too long ago:

vfdecrypt -k 148025cde5c51d51d7733e74c6857dfca70d7240287d6eb039a1ed835413120b0af1e296 -i 018-4056-128.dmg -o ipt2g_mainfs.dmg
 

zidane_genome

My sword has a +2 bleeding... wanna test it out?
OP
Member
Joined
May 21, 2006
Messages
2,320
Trophies
0
Age
43
Website
Visit site
XP
305
Country
United States
If it's a dupe thread, please let me know where else it's posted...

The release is set for 'MAYBE' Sunday, the 18th. If you go to www.redsn0w.com you can see the hash for the 2G jailbreak...

Note, this is for the Second Generation iPod Touch's... the ones with the internal speakers, and volume buttons on the side.

UPDATE:

It will jailbreak 2.1.1, and 2.2 iPods. No need to downgrade, or modify your iPod in any way.

Please check www.redsn0w.com and the iPhone Dev Team's blog for more details!
 

Site & Scene News

Popular threads in this forum

General chit-chat
Help Users
  • No one is chatting at the moment.
    SylverReZ @ SylverReZ: https://www.youtube.com/watch?v=AV8dBxGdNxk