Saturday, June 5, 2010

Latest progress and new updates.

Well, it's been a few months since my last blog post. Since then the iPad has been jailbroken and 3.1.3 untethered jailbreak has been released (a few days later than I had predicted but the delay was for a good reason). Also, within this time, I've been hard at work developing quite a few new tools for the community (since I still don't have a real job to occupy my time), and I've already released a number of them. A few of them include:
  • idevicerestore: A new tool capable of restoring IPSWs to devices without the help of iTunes. Also capable of doing other neat stuff such as upgrading stock firmware without flashing nor (to preserve jailbreaks) or baseband (to preserve unlocks).
  • ideviceactivate: A new utility to designed to activate devices without the help of iTunes. Hopefully soon this will even allow users to activate unlocked devices, or devices without an official AT&T SIM.
  • spirit-linux: An open source version of the Spirit jailbreak for the Linux platform (and possibly soon others).
  • libirecovery: A library to help developers communicating with iBoot, iBSS, iBEC and DFU, as well as a brand new, completely rewritten, and MUCH improved irecovery.
Also, we've begun publishing the source for some of our greenpois0n components to help new developers start learning and building their very own jailbreak programs. Each one of these components is named after a different poison and all are available under the GNU Public License on our Chronic-Dev Github Repositories.
  • GreenPois0n Cyanide: Is a cross-platform iBoot payload toolkit to help developers discover new vulnerabilities and design super fast, low-level iBoot jailbreaks and exploit payloads, much like the way blackra1n/purplera1n works.
  • GreenPois0n Anthrax: Is a cross-platform iPhone ramdisk toolkit to help developers design extremely stable and portable ramdisk jailbreaks, much like the same way quickpwn/redsn0w works.
  • GreenPois0n Dioxin: Is cross-platform MobileDevice toolkit designed to help developers design awesome userlevel jailbreaks, much the same way spirit jailbreak works.
  • GreenPois0n Arsenic: new, cross-platform custom firmware toolkit to help developers design jailbreaks to help preserve baseband and keep unlocks, much in the same way PwnageTool/Sn0wBreeze works.
Along with all that, I also have a long-overdue, updated, and improved version of genpass, which is used to generate vfdecrypt keys to decrypt iPhone filesystems. This I plan on posting as soon as 4.0 leaves beta. Still, there's a whole lot to look forward to in the near future. The new iPhone4g is rumored to be announced in only a few days. Hopefully, soon after the iPhone4g is released, we'll finally get the new unlock, discovered by Sherif Hashim and implemented by iPhone Dev Team (and/or geohot), a new untethered iBoot vulnerability (the one I talked about in my last post) which was discovered by both geohot and Chronic-Dev Team, and even, (possibly, the holy grail of exploits), a brand new bootrom code execution vulnerability discovered by myself personally (and probably geohot too of course).

That's a LOT of work done in such a short amount of time, but we honestly couldn't have done it without the amazing help and support of this wonderful community. Now, I'm calling on you again to help us out. Help keep us up-to-date with the latest apple devices. Since the new iPhone4g is planned to be announced very soon, I'm starting my new iPhone4g donations fund. We hackers are all kids at heart and need new toys to help keep us motivated and interested in developing new exploits and tools to keep the community happy and supplied. Also, since many of you will be upgrading to the new iPhone4g soon, I want to point out that many of us hackers are still struggling to work with old iPhone2g and iPod1g devices, so even just donations of old or broken devices is a priceless gift to us. I'm confident you will all rise to the occasion and lend us a hand so we can continue to pursue our research and development efforts. Thank you all for all your loving support in the past and your continued effort to help make this one of the largest and most diverse communities on the planet.

79 comments:

  1. Great stuff man... Thanks for all your hard work!!!!!

    ReplyDelete
  2. Just amazing!
    My life changed when I got my iPhone and of course, iPhone is only 40% without a JB... So thank you all for such a hard exciting and wonderful work; you all are on the edge of the edge... EPiC!!!

    A big hi from Barcelona and thank you again! ;)
    CeKMTL

    ReplyDelete
  3. (im Noyer): WOW great job man! a lot of new things... thanks :D!

    ReplyDelete
  4. Good Job man. This is amazing.

    ReplyDelete
  5. thanks fellas I have just donated a lttle to help out bc you guys have helped me alot.

    ReplyDelete
  6. This comment has been removed by the author.

    ReplyDelete
  7. how do I install I am new to linux?

    ReplyDelete
  8. This is great news and ofcause we all need to give something back for all your hard work. After all it gives all our iPhone happy going and that
    should be paid back somehow. So a little donation is not to much.
    MuggeGHQ

    ReplyDelete
  9. U guys rock..!!..

    cheers frm India.

    ReplyDelete
  10. just left a donation link on my webpage. i like to help what i can.
    Looking forward to all your nice applications etc :-)

    ReplyDelete
  11. We at JHC do support you, and will get the Crew ready to donate as well. I will post the link for donations on the blog as well.

    ReplyDelete
  12. Post is up on the blog!!!
    http://jailbreakinghelpcenter.blogspot.com/2010/06/donations-to-chronic-devs.html

    Once again thanks, will put up the donation in soon.

    ReplyDelete
  13. a new possible bootrom exploit :DDDDDDDDDDDDDD OMG MAD!!! :) you guys are awesome. And the fact that so many exploits were found at a similar time is good because we might have a JB for 4.0 right away. :D

    ReplyDelete
  14. I have a question or two before I donate. Let me start with context:

    I'm in the awkward position of being totally contract-free and living in Germany, but I'm moving back to the US in about two months. That basically means that in 2 months, I'm in the market for a new smart phone, and will be looking to get one fast. My buying decision has a lot to do with what gets announced tomorrow, but also a lot to do with the state of the jailbreak scene in two months as well.

    Ideally, the new phone coming out tomorrow (assuming it is, since that's pretty safe) will be everything I'm looking for it to be in terms of hardware. Apple has a nice history of effing that up (3Gs) but let's assume. That leaves basically the jailbreak as the only thing between me and buying a new iPhone when I get home. Ideally, exploits you currently have, unreleased, apply to the new hardware, and a jailbreak comes pretty soon. But you clearly have no way to test that without hardware. Assuming the big overhaul expected changes exploitability totally, you need something to bang on even sooner.


    So my question is, where is this chipin money going? Is first priority to get a new iPhoneHD/4G/whatevertheycallit? if you over fundraise, does the money go to other team members to also get them devices?

    I'm not at all one of those dinks that "demands results for my money," I know that's not how this works. But those questions do have bearing on how much I give.

    And finally, if I say "Here's $35, but you have to use the $5 to get yourself a nice beer" is that cool?

    ReplyDelete
  15. @alexwhittemore of course there's always the possibility of apple closing some our vulnerabilities in their next refresh, but it's highly unlikely they'll fix /ALL/ of them. If there's enough extra donations then it definitely goes towards getting more devices for other members. And any extra money after that goes towards any other expenses the team needs might have including iphone usb cables (we go though very quickly), serial cables, logic analyzers, web hosting, etc.. But any extra beer money (if labeled as such) is always very much appreciated =P

    ReplyDelete
  16. How do i use ideviceactivate to activate my 3GS which sits on "insert sim card" screen?...newayz awesome work guys....

    ReplyDelete
  17. I can't wait until these tools get to the point where mere mortals can use them. I wish I had the experience to hack stuff like this but it is all over my head, still at least someone can :)

    ReplyDelete
  18. Chipped in $20 and looking forward to all you guys do. Your work is much appreciated!

    ReplyDelete
  19. You guys from Dev Team are doing great work. I would happily invest some money. But where are the latest tools by the way or when will they be released?

    ReplyDelete
  20. @Vakas most of these tools are still in a rough state and not quite really ready to be packaged up and used by the end-users. The exciting part of this is the fact we've decided to start developing in a more public way so anyone can follow our progress and (hopefully) pitch in and help out. As for the greenpois0n stuff, it's actually very large consisting of many components so we've made the decision to release that code slowly over a period of time to give other developers a chance to become familiar with the architecture and to give ourselves a chance to do some cleanup of the code and make any last minute modifications.

    ReplyDelete
  21. hi,how can i unlock my iphone 3g....version 3.1.3 with baseband 5.12.1.....any replies will be appreciated....thanx

    ReplyDelete
  22. Is there any chance of the iPhone to gain FM recieving capabilities after the greenpoison jailbreak?

    ReplyDelete
  23. Yeah. hi,how can i unlock my iphone 3g....version 3.1.3 with baseband 5.12.1.....any replies will be appreciated.... howw???

    thnx for ur job =)

    ReplyDelete
  24. Great work p0sixninja (and DEV-Team)! Just made a small donation to support the cause.

    ReplyDelete
  25. hi,how can i unlock my iphone 3g....version 3.1.3 with baseband 5.12.1.....any replies will be appreciated.... howw???

    ReplyDelete
  26. Donated to be futureproof, haven't used your stuff before. But probably will do in the future.

    Keep up the great work!

    ReplyDelete
  27. Well this is great news! I'll see what I can do about sending some donations your way, I have a bunch of ipods/ parts that you can have.

    ReplyDelete
  28. Good job. Congratulations.

    If you need some Beta tester, I'm here with my locked 3GS.

    ReplyDelete
  29. Hey, when will you release iDeviceActivate? I'm stuck on the emergencycall screen since two months! .D

    ReplyDelete
  30. any one compile this for windows?
    Does it work for i0S 4 GM?

    ReplyDelete
  31. Hi I'm a linux user, but I've managed my iphone under windows everytime. How can I use my iphone under linux in order to try these new tools?
    Thanks

    ReplyDelete
  32. ideviceactivate doesn't work on 3 iphone 3g and 3gs... what's the matter?

    ReplyDelete
  33. @Posixninja: Will the new jailbreak support also hacktivation?

    ReplyDelete
  34. Great job with the bootrom exploit. iDroid will get a whole lot awesomer after this is released. The jailbreak community has been on fire lately. Thanks for the hard work!

    ReplyDelete
  35. if we have the original bootrom exploit and a new one on the 3gs does this mean i will be able to load any firmware like the 3g.

    ReplyDelete
  36. This comment has been removed by the author.

    ReplyDelete
  37. remember me? well my Spirit-Linux tutorial can be found @ http://thegbill.wordpress.com/spirit-linux-tutorial/
    i hope it finds itself into the readme one day :) thanks for all ur work P0sixninja :P
    Good Luck and Thanks,
    gbillings
    btw i cant connect to the IRC it says that i hace reached session limit... pls respond ty!

    ReplyDelete
  38. Thanks for sharing your information. iPhone is a really wonderful item. it's can accepting many more.iPhone Application Development

    ReplyDelete
  39. Does idevicerestore allows me to install any firmware? I have a 3.1.1 ipod touch 3g. I need to install 3.1.2 or 3.1.3 to use spirit, but now apple doesn't allow me to upgrade to that versions...
    Any way I can do that?

    ReplyDelete
  40. Hello, please answer this to me ...
    When i can use idevicerestore and ideviceactivate ?

    When are you going to release those ?

    ReplyDelete
  41. I managed to compile this under Ubuntu VM, it starts perfect, but when I get to the point where it says "waiting for device to enter restore mode", I left the iphone sit there about 30 minutes and nothing. Can you please help me? Thank you

    ReplyDelete
  42. first of all i love how you guys work so hard to help the community. Especially free of charge. I have never had a iphone before and just bought the iphone 4 (my first iphone xD). I got so excited when i got it. Now i am waiting patiently for the hacktivation, jailbreak and unlock. Can't wait till its released. Being on Tmobile and having an Iphone 4 sitting on my table not able to be used is really sad :( I hope at least the hacktivation will be released soon (at least i can use it as a glorified ipod for the time being xD)

    Anyway, great work on all the hacks. I am new to all this but I plan on trying my best to help you guys in anyway I can as i start to learn more about this stuff xD.

    ReplyDelete
  43. First of all i wanna thank you for all the effort you put in for the JB scene, great work.. I just want to ask u a question, how is the ideviceactivate going, have u discovered anything new ever since developing it, meaning what i'm searching for is a Hacktivator for 3gs, new bootrom on iOS4, i know that the Spirit v2 is just around the corner and comex, might release it very soon, but i also believe that his userland JB does not get u past the activation screen, but once jailbroken, i should be able to get root access through usb, so i was just wondering if it was possible to inject the hactivation payload through usb, at that particular moment, once its jailbroaken, what do u think? am i way out???

    ReplyDelete
  44. p0sixninja,
    It appears all of your tools are linux only. Any plans to make these work under mac os x or windows?

    ReplyDelete
  45. an iBoot exploit for 4.1, me hopes,
    btw where can i donate now, is the iphone 4 chipin alright??

    ReplyDelete
  46. I tried the ideviceactivate and always get this:
    ----
    Creating activation request
    Unable to locate beginning of ActivationInfo
    Unable to fetch activation request
    ----
    Tried this on Ubuntu 10.04 LTS on Parallel Desktop OS X
    my idevice is: Iphone 4 (straight from the box) with
    connect to iTunes screen. Cannot activate it using iTunes because it ask for zipcode and SSN# hence trying it with ideviceactivate.

    Please any help would be appreciate it, can I use
    ideviceactivate on this iPhone?

    ReplyDelete
  47. as Paijo I have the same problem with the SSN# as well with trying it with an iphone 4

    ReplyDelete
  48. same question iphone4 ATT locked: in itunes need enter Zip& SSN
    when use not original SIm to activate get this

    Creating activation request
    Unable to find device activation node
    Unable to fetch activation request

    without sim- this:
    Creating activation request
    Unable to get IntegratedCircuitCardIdentity from lockdownd
    Unable to get InternationalMobileSubscriberIdentity from lockdownd
    Unable to find device activation node
    Unable to fetch activation request

    or ideviceactivate can help with this:(
    plz help
    snx

    ReplyDelete
  49. Just to let you know, that the majority of people in the community actually do understand that programming takes time, and then to try to make it as idiot proof as possible is nothing short of a miracle. Nothing but reverence for your work and the teams work on this end. Thank You for using your expertise to work on this JB with your Greenpois0n tools.

    ReplyDelete
  50. Awesome Awesome Awesome Awesome Awesome Awesome Awesome Awesome Awesome Awesome Awesome Awesome Awesome Awesome Awesome Awesome Awesome Awesome Awesome Awesome Awesome Awesome Awesome Awesome Awesome Awesome Awesome Awesome Awesome Awesome Awesome Awesome Awesome Awesome Awesome Awesome Awesome Awesome Awesome Awesome Awesome Awesome

    ReplyDelete
  51. Hello,

    I want to modify syringe so it can boot another ramdisk.
    I saw that the ramdisk is inside /include/resources/ramdisk.h
    I wrote that binary data to the disk and noticed the img3 header, that is 64 bytes long. Then I stripped it, and was able to mount the unencrypted HFS+ disk image that starts just after the img3 header.

    First question: is it possible to just reuse the img3 header that I stripped off with another ramdisk (e.g. msftguy's ramdisk.dmg.ssh), so I can replace the syringe ramdisk in ramdisk.h with my new one.

    Second: can someone give me some ramdisk theory, or give a good link about that. For instance, what gets executed first when the ramdisk loads ? Or do I always have to issue a command to the device to get things started, like "reboot", that loads sshd in the msftguy's ramdisk case, because he replaced /sbin/reboot with sshd ?

    One more thing: I don't have access to a Mac, but I can still compile stuff (C/C++/obj-C) directly on an iPhone device.

    P.S.: I posted the same comment on msft.guy blog as he seems to work on syringe and customs ramdisks.

    ReplyDelete
  52. hmm that trouble on HFS/IMG3 was for nothing, all can be done with the tools from posixninja/planetbeing xpwn project on git.

    Now I need some help on anthrax. I want my launchd to execute a binary I added on the ramdisk (let's say it's an hello world, nothing more), and that is pseudo signed with ldid -S.

    I tried:
    * adding libSystem and libgcc to the ramdisk and using printf/fprintf/write to STDOUT_FILENO or STDERR_FILENO
    * compiling the hello world app with the syscall.S provided in anthrax and the -static -nostdlib options, and using write
    * adding a console_setup to the hello world app like the one in launchd.c
    * etc...
    and nothing would ever print :(

    So, what's the right way ?
    It has to be possible because dyld is able to print error messages to the console.

    big thanks to anyone that can help to sort this out

    ReplyDelete
  53. Hi Josh,
    I'm working on a project and I need some help from you, I will pay if you can help me. I wanted to contact you but I didn't find your email. Please contact me at flaviu_flw@yahoo.com or give me your email or something.
    Regards,
    Flaviu

    ReplyDelete
  54. Guys, Where The Link To Downloading This Tool. I Wanna Test It ASAP!!!!!

    ReplyDelete
  55. Hi,
    I'm trying to compile the linux toolkit for restoring/pushing firmware to my iPod touch, but I'm encountering a dependency error: It wants, I think, an older version of libusb-dev than I have installed.

    Not wanting to risk some library collision catastrophe, I'm stumped as to how I might fix the issue. Any suggestions? :-/

    Thanks for focusing on Linux toolkits for iOS devices. Would love to see precompiled binaries, but most of the dependencies I've installed will be handy at some stage anyway, I'm sure..

    ReplyDelete
  56. Really intelligent piece of writing buddy, keep it up and I will keep tweeting your blog posts for you so you can get the readers you deserve! joomla websites | joomla development

    ReplyDelete
  57. My brother changed my iphone4 password during drunk, n he forgot the passwords once he wake up, now i'm stuck with that.....! itunes store will not help having errors each and everytime when i tried to restore back. Please help me to get-rid of it step by step......! i don't mind loosing all my data....Please help.

    ReplyDelete
  58. You made certain good points there. I did a search on the subject matter and found the majority of people will have the same opinion with your blog. Affordable web hosting plans

    ReplyDelete
  59. I just love it ….. well i don’t have any doubt about your articles… your articles are awesome… Honestly you are simply the best.Thanks for sharing this with us. Buy Azelex Online

    ReplyDelete
  60. I am looking for some information and it is amazing and disturbing how many blogs related to Buy Vermox, Propecia 1mg Online are in the web. I know that they are products that many people use and need, but it is funny to watch so many information about those products. Anyway your inputs for this subject are very interesting.

    ReplyDelete
  61. I recently came across your blog and have been reading along. I thought I would leave my first comment. I don’t know what to say except that I have enjoyed reading. Nice blog. I will keep visiting this blog very often.
    Cell phone repair mississauga
    iphone repair mississauga
    Cell phone unlocking mississauga
    mississauga iphone repair

    ReplyDelete
  62. I recently came across your blog and have been reading along. I thought I would leave my first comment. I don’t know what to say except that I have enjoyed reading.web hosting companies

    ReplyDelete
  63. I like your article so that I read all of your articles in a day.Please continue and keep on writing excellent posts.
    Clomid Clomiphene 50 mg

    ReplyDelete
  64. I am very enjoyed for this blog. Its an informative topic. It help me very much to solve some problems. Its opportunity are so fantastic and working style so speedy. I think it may be help all of you. Buy Vermox, Buy Propecia 1mg Thanks a lot for enjoying this beauty blog with me. I am appreciating it very much! Looking forward to another great blog. Good luck to the author! all the best!

    ReplyDelete
  65. I enjoyed reading your articles. This is truly a great read for me. I have bookmarked it and I am looking forward to reading new articles an i keep a nice post.celebrex 200mg

    ReplyDelete
  66. best hosting
    Good job! i like your posts Waiting for your next article. keep posting.

    ReplyDelete
    Replies
    1. Wow, I love your site, big thank you to these ideas, and note in the first place that I fully agree with you! Let me emphasize, yes your article was excellent. I definitely enjoyed every little bit of it,
      .Plagiarism Software

      Delete
  67. This is an excellent site and tips are so brilliant..Very useful information is shared with great points.Helped me lot.Thanks for presenting.
    best web hosting company

    ReplyDelete
  68. Well, this post would be of great help to anyone who would come to read this one. Thanks a lot for sharing your thoughts. buy provigil

    ReplyDelete
  69. Thanks for taking the time to discuss this, I feel strongly about it and love learning more on this topic. If possible, as you gain expertise, would you mind updating your blog with more information? It is extremely helpful for me.
    Easterndrugs coupon code

    ReplyDelete
  70. nice posting , The mangomedia is one of the leading Joomla Website Development in India ,Our services Joomla Website Design,Wordpress Development ,Durpal Development ,Logo Design ,Brochure Design,Flash Design,SEO ,SEM Services in India,Chennai.

    ReplyDelete
  71. Cool, there are plenty of sites that offer wall art prints but this is the best!

    ReplyDelete
  72. is there any one help me to how to restore iphone without using itunes ????

    ReplyDelete
  73. Thank you guy for your hard work, But I need to Jailbreak and Unlock iPhone 4 to be used on T-Mobile Macedonia. Can you help me pls?

    ReplyDelete
  74. These kind of posts are always inspiring and I prefer to read quality content so I am happy to find out many good point here in the post, writing is simply great, thank you for the post.

    ReplyDelete
  75. The ability to read awoke inside me some long dormant craving to be mentally alive.
    Business IT Support London

    ReplyDelete