iPod Touch 2G Jailbreak- redsn0w

Discussion in 'iOS Archive' started by Carson, Jan 14, 2009 with 7 replies and 777 views.

  1. Carson

    Carson Retired Retired

    Messages:
    7,565
    Ratings:
    2,531
    [Click here to view the link]

    The official news came out that redsn0w is going to be a jailbreak developed within the next few days. The Dev-Team was able to find an exploit after further reviewing the 2g and were able to get a jailbreak. The jailbreak will be released within a couple of days and will work on both firmwares.

    Very surprisingly this was done even though only 2 members of the Dev-Team actually own iPods and the total time spent working on a 2g jailbreak was roughly 1-2 hours.

    Here is a bit more technical stuff.


    Quote:
    Originally Posted by Chronic
    In firmware 2.1.1, only in the iPod Touch 2G firmware. there is a little something that apple lefy behind that they probably should not have. It was most likely for diagnostics, but was not fixed until 2.2, but no big deal there because you can load a 2.1 iBEC over DFU and use that.

    For the past few days I have been trying to mess witg it, but I am not able to really look into it because I have no other exploit to, for example, read forbidden areas of memory. Also, it has some hate for ****d binaries being passed to it apparently, and i do not know the wrapper format.

    Good for the JB community, dev team found a way to
    1. pass the new bootrom sigcheck
    2. be able to craft their code in a way that the specific thing will execute it


    Quote:
    Originally Posted by Chronic
    This exploit is in the 2.1.1 iBoot / iBEC / iBSS
    So when DevTeam releases their tool, there would be two methods, since they can very easily make it work on 2.2 and beyond. For 2.1 users, it can be fully automated. Their RedSn0w tool would be able to use the md librarry to tell the device to go to recovery mode, and from there, it can be Pwned. For people on 2.2, it is still ridiculously easy. The only difference is, it would have to be QuickPwn style. You would need to be told to hold home and power for X amount of seconds, etc. etc, and it would also need a 2.1.1 ipsw so it can upload the 2.1.1 iBSS, so that the exploit can be utilized. Please note that I am not involved in RedSn0w development, but have already came across the exploit myself, I just did not know how to utilize it properly. The main point here is that it is gone in 2.2, but a tool they make can easily upload a 2.1.1 iBSS to DFU since it would be considered legit Apple code. It was something that was most likely for testing a certain extra something that is included, and was not removed, nor were any signature checks or anything placed upon it


    Source:
    [Click here to view the link]
    [Click here to view the link]
    [Click here to view the link]
    [Click here to view the link]
     
  2. nickcas

    nickcas Member

    Messages:
    1,688
    Ratings:
    805
    I posted this a little while ago.
     
  3. UKmonkey

    UKmonkey Getting There

    Messages:
    639
    Ratings:
    32
    I don't get there site. What is it just an image?
     
  4. OP
    Carson

    Carson Retired Retired

    Messages:
    7,565
    Ratings:
    2,531
    A mystery.

    However, inside the star is a picture of the IC CHip which contains the ARM Processor, which is where all the work is done.
     
  5. Hovi

    Hovi Aaron is forever my ***** Retired

    Messages:
    6,875
    Ratings:
    4,436
    So they said they havnt got a whole lot to work, does that mean no installer or non-apple apps? Im a absolute noob as far as jailbreaking
     
  6. nickcas

    nickcas Member

    Messages:
    1,688
    Ratings:
    805

    lol, no. They got a jailbreak working and they're releasing an app to do it in the next few days.
     
  7. Forgoten Dynasty

    Forgoten Dynasty Free Sosa #bangbang Premium

    Messages:
    5,901
    Ratings:
    2,476
    WOW I AM SO PUMPED lmao
    I will wright a tutorial as soon as this is released.
     
  8. OP
    Carson

    Carson Retired Retired

    Messages:
    7,565
    Ratings:
    2,531
    Update 1: Here is the first screenshot of a jailbroken iPod Touch 2G. Right now the jailbreak process is far too manual to be useful to most people. But this is a first step (well, second step if you include the initial exploit).
    When we announced yellowsn0w, we made the mistake of giving an ETA for its release…and that really clobbered the last day of 2008 for us. So we won’t be issuing a formal ETA for the ipt2G jailbreak. But we are putting a lot of energy into it.
    [​IMG]
    Update 2: A picture is worth a 1000 words but a video might be better in this day of Photoshop and fake YouTube videos. So we’re thinking of doing what we did before Christmas for yellowsn0w — show a demo of the jailbreak on Musclenerd’s [Click here to view the link] (announced via his [Click here to view the link] over there on the right hand side). Since Qik provides a live chatroom right next to the video, we’ll probably be in there too right after the video’s over. Note: anybody posing as any devteam member on that chat right now is faking it. We won’t be on that chat except for a very specific time that we’ll announce. (We may possibly not even do the chat since it’s so ripe for abuse).