La gente de Geohot publicó en WIKI como funciona su PurpleRa1n Jailbreak:
----- * Purplera1n envía los comandos de recuperación de entrada utilizando iTunesMobileDevice * Una vez en la recuperación (iBoot), envía la variable Exploit de entorno IBoot * El Exploit adiciona un comando GeoHot que corre entonces el payload * La comando "geohot" se ejecuta, el control es transferido de iboot ahora a la payload * Se realiza entonces el cliente PurpleRa1n
Dentro del payload: * El payload por defecto restaura el entorno y lo preserva para la nvram (fija el auto-arranque a true) * Le coloca parches a la iBoot para cargar img3s sin firmar sin importar los tags * Carga la imagen purplera1n (enviado con payload) * Empieza la función de no parches * IIb se descifra, parcheado, y el aumentado de tamaño a 0x24200. este es el segmento residente 0x24000 en la variable Exploit * Un pequeño código de carga es colocado en 0x20000 para fijar la carga * Iboot se descifra, parcheado * Todo lo demás es como se lee * Ni se escribe de vuelta, ni se hace patcher * Kernel está cargado, descifrado, y parcheado * Ramdisk está cargado (enviado con payload) y se trasladó a la región del Kernel 0x44000000. * El Kernel parcheado es arrancado (booted) * El Control de la carga está ahora transferido a ramdisk
Dentro de ramdisk * Launchd se ejecuta, todo sucede aquí * / Dev/disk0s1 está montado * Fstab y servicios son sustituidos aquí para permitir que disk0s1 y afc2 escriban respectivamente * Freeze.app se transfiere y el cargador de aplicaciones Freeze.app tiene bit SUID * El Kernel parcheado se lee a partir del final de la RAM del dispositivo y escrito al sistema de ficheros * Ramdisk está hecho, procede el reiniciado... -----
i got an iphone 3gs w/c wont turned on. it got stuck on purplera1n's entering recovery mode.. the iphone wont turn on now.. can you help? i tried to connect to itunes sa i can do a recovery but it doesnt seem to see the iphone
Well, lol, at least I know how to write a sentence. It was painful to read your post! I do have to say, I don't think I trust a "hacker" (cough... ya... right...) who doesn't even know how to turn on his spell check (although, to be honest, most of your mistakes were at a 4th grade grammar level). That being said, I should be fair, you don't get a lot of opportunity to socialize and talk like a normal person when you play video games in your parents basement all day... just sayin'
What is somewhat frustrating is that Apple is taking North America for a ride. many other countries banned the sale of locked iPhones ande I don't see a reason why we can't lobby for that in US and Canada. I know that JB is different but an unlocked phone is a right since we are entering in a contract for service. Price with no contract should include an officially unlocked phone too.
Unless we all go for this, it won't happen.
cheers
I just think he released this information knowing that there is another way to jailbreak. And even without him releasing this information Apple probably only knows how to fix this bug.He seems like pretty smart guy and totally not like an idiot. What I know for sure that he really likes public attention,so he feels like a rock star or something lol
1st thought:
It is impossible to write flawless software once it has reached a certain level of complexity. So there will always be a way to break in.
2nd thought:
The only thing that counts for Apple is profit. They have no other mission.
Many customers (me included) wouldn't pay for an iPhone without the ability to bypass Apple's censorship. Jailbreaking is fun and attracts customers == $$$ for Apple. This is why I'm persuaded that Apple will always and deliberately leave a hole open for jailbreaking. Just follow the money.
Oh fredrik! Compared to what people pay for their overpriced contracts AppStore is peanuts. Jailbreak is not Crackul0us. All jailbreakers I know pay deliberately for the apps. I want to support the independent developers.
Guess you Bought it Hook-Lin-Sinker also?..
YEP your Boys are still Behind the game!..
BET:
George will beat them to the NEXT Jailbreak, BUT
the Dev-Team will "SAY" there doing the Right thing!
George will let it out, Then the Dev-Team "AGAIN" will
say they HAD the SAME Break!.. NOBODY will convince you of this, but that is JUST what happened this time and will happen again..
YOUR boys are behind George and they KNOW it! But it's for the BEST!....
You're wrong. GeoHotz is a good man. If he didn't release the ra1n Dev-Team wouldn't release the sn0w. What are you scare of, it's the cat & mouse game. Let's play & enjoy.
Oh ya Jeff, not sure if you're quite smart enough to know all this stuff, but.... RedSn0w is not a reworked version of purplerain. It works differently (and in this case, works better, without the bugs). I know more than a few people who used purplerain, and then decided to do a full restore and re-jailbreak with RedSn0w just so that their phones weren't screwed up. This I know - the Dev Team always acts professionally, and humbly, being very good at communicating and keeping people in the loop. Georgie has always come across as arrogant, conceited, and a know-it-all. I don't know about you, but I don't tend to trust those kind of people.
Um, noooooooo, they were doing the responsible thing, for the good of the most people, rather than just wanting to be self promoting. It's quite evident from Georgie's comments that he could care less about the people and is only in this for his own fame. He rushed out a faulty product, so that Apple could close the holes before the iPhone arrived in the rest of the world (yes, there are actually real countries with real people, outside of the USA).
And, tell me this, why, now after the Dev Team has releases RedSn0w, does Georgie feel the need to once again have his name out there, explaining exactly everything? Methinks he wants Apple to plug the hole, so that he can get the great savior... however, what happens if he can't find another hole. Think about it, Apple has been getting better and better at making jailbreaking harder and harder.
Guess you Bought the "Responsible" Thing Huh?
They didn't have it, it was released as Purplera1n . THEN the Dev-Team said "Oh We had the Same Break"..
With out George they had Nada!.. But NOBODY will convince you of this, You Bought it, Hook-Line-Sinker!
But he did it First!..
Even following Twitter Posts of ALL of them!..
Again, YOU will Never be convinced. I ran Purplera1n, & Redsn0w..
I had ZERO problem with Either, and after the original Package for Windows of PR a Mac Version came out, I ran this also. THEY all do the SAME IDENTICAL thing, So WHY hold it back (If you have it) when 3.01 has been announced and 3.1 in the Works? I Don't think they Had it till George Released it, then there Reply was "WE HAD the SAME BREAK"?....
Either way, Spilled Milk Now!
NOT spilled milk now. This is NOT about purplerain being released first. This is about Georgie releasing all the how's and what's. You have yet to answer why one would do that???
GeoHot knows more than one exploit, Dev Team don't. Even if Apple close it, GeoHot can use one of the other exploits he found. 3GS will always be unlockable according to GeoHot and he knows more about the iPhone than Dev Team put together.