QuickPwn for Mac OS X is out

Sébastien Page ∙ Updated January 23, 2016

A lot is going on today. First, the release of WinPwn 2.5 (see tutorial here) and now the DevTeam informs us on their blog that they have released the long-awaited QuickPwn for Mac.

From the DevTeam:

QuickPwn is not a replacement for PwnageTool, they are different tools and provide different features, QuickPwn is for quickly pwning a device, whereas PwnageTool is designed to custom build and tailor the ipsw production process, both tools will be actively developed in the future.

To use QuickPwn 1.0 Mac OS X your device should be running 2.0.2, if it isn’t then you can upgrade it to 2.0.2 using iTunes and then use the QuickPwn tool, we repeat, it’ll only work on version 2.0.2 of the iPhone or iPod touch firmware.

If you don’t want specific things to happen such as baseband updates then PwnageTool should be used to create a custom .ipsw with your specifics.

QuickPwn for Mac can be downloaded from here (Bittorent) or from our iPhone Downloads section.

SHA1(QuickPwn_1.0.0.tbz)= 22ee0d6814a6bac9b1b9a8c7715dd714bd6bb449

Thanks DevTeam

Read More

How to jailbreak your iPhone using WinPwn 2.5

Sébastien Page ∙ August 29, 2008

We've been waiting for WinPwn 2.5 for quite a bit now (see my previous posts on the topic) but it is finally out!

WinPwn 2.5 makes it stupid simple to jailbreak or unlock your iPhone. Note that so far, you can only jailbreak the iPhone 2G. An unlock method for the iPhone 3G is not available yet but check out my blog every once in a while as I will be staying on top of that and I will be informing you.

So, how to jailbreak the iPhone? Pretty simple. I just created a guide that will show you every step of the process: jailbreak your iPhone with WinPwn 2.5.

This tutorial works for iPhone 2G and 3G. Only a few steps slightly change. Read the tutorial and leave comments.

Read More

How to unlock the iPhone using WinPwn

Sébastien Page ∙ Updated September 7, 2008

WinPwn 2.5 is out and it is making it even easier to unlock or jailbreak your iPhone 2G. So far, it doesn't allow you to unlock the iPhone 3G but the DevTeam is working day and night on it.

I just created and published a tutorial on how to use WinPwn 2.5. This tutorial works whether you have an iPhone 3G or an iPhone 2G. It also works whether you simply want to jailbreak or unlock your iPhone.

Enough talk: use this WinPwn tutorial to unlock your iPhone 2G.

Read More

WinPwn 2.5 Guide

Sébastien Page ∙ Updated March 18, 2016

How to jailbreak 3G iPhone? How to unlock an iPhone 2G? These are 2 questions that will find an answer in the next few paragraphs. Believe it or not but it is illegal to jailbreak or unlock your iPhone but more importantly, it voids your warranty. Basically, you are unlocking/jailbreaking your iPhone at your own risk.

One last thing before we start.... Please do not complain to me if you have problems or if you have to restore several times. I am providing this WinPwn tutorial without any guarantee. I mean, I know it works and I know if you do everything I tell you, you won't have any problem. But I hate receiving insulting emails telling me what a jackass I am (I already know that, haha). If you're having issues, please post in the comments and I will do my best to answer your questions. Any insulting comment will be deleted.

IMPORTANT UPDATE: There is a confirmed bug with WinPwn 2.5 that can cause the WinPwn application to crash during the creation of your IPSW. Some users are finding that increasing the partition size to 700MB will resolve the issue. To specify the root size partition click the "Expert Mode" button before starting the tutorial. You will be asked to resize the partition before the IPSW starts building.

UPDATE 2: A new version of WinPwn (WinPwn 2.5.0.2) is now available and fixes bugs such as crashes. Go to our iPhone Downloads section to download WinPwn 2.5.0.2.

Ok, so let's learn how to jailbreak or unlock an iPhone (note that unlock is only available for iPhone 2G so far).

Download WinPwn 2.5 from our iPhone Downloads section. make sure you have iTunes 7.7 or upper. Download bootloaders 3.9 and 4.6 if you want to unlock your iPhone 3G. Open WinPwn 2.5. You will need the .net framework installed on your PC. It is most likely already here but if WinPwn 2.5 crashes, go to Microsoft website and download the .net framework. Leave the "Basic Mode" on. Choose your device. Select the green thumb up if you are using an official carrier like AT&T. If not, select the red thumb down. The red thumbs down will unlock and activate while the green will not. Answer the rest of the questions WinPwn will ask you. They are pretty simple. Select if you want to use a custom logo or not. For the purpose of this tutorial, we will use a custom logo. Select your firmware. Select the logo you want. Click the "Browse" button should you want to go online find more logos. If you are on an approved carrier such as AT&T in the US, skip to the next step. Otherwise, you will have a message saying: "Could not find BL-39.bin! Do you want to search for the file?" Click the green thumb to find the file that you downloaded in step 1. Your custom firmware will be built, which should take a little while. Once your custom ipsw firmware has been built, WinPwn 2.5 will ask you if you want to see instructions on putting your iPhone into DFU Mode. Click the green thumbs up button for yes or the red thumbs down button for no. For this tutorial, we will assume you want to see instructions. WinPwn will then prompt you to connect your iPhone via USB and make sure it's turned off. Do this then click the green thumbs up button. WinPwn will then say its ready to start Pwnage. Click the green OK button. Follow the steps to get your iPhone into DFU mode. Once you iPhone is in DFU mode WinPwn will begin the pwnage process. You will be informed when pwnage is complete. Notice that your iPhone will display a "Ready to restore Custom IPSW" message. iTunes will now prompt you that you are in recovery mode. Hold down SHIFT and click the Restore button in iTunes. Select the Custom firmware file we created using WinPwn. Your iPhone will now be restored to the jailbroken 2.0.x firmware of your choice!

Done!

Read More

WinPwn 2.5 is out

Sébastien Page ∙ Updated March 18, 2016

WinPwn 2.5 is out and can be download either from here or from our iPhone Downloads section.

So, what's new on WinPwn 2.5?

QuickPwn Support for 2.0/2.0.1/2.0.2 Root partition resize support Installer support Basic / Expert modes Wizard style interface Automatic updater Support for WinXP and Vista 32/64bit

Notes from cmw:

- ONLINE IMAGE BROWSING IS DOWN DUE TO HIGH TRAFFIC

- Why is it beta? Well it's my way of saying.. Use at your own risk

- You MUST do a full uninstall of winpwn 1/2 before installing the new version

- Make sure you have the latest version of iTunes (Currently 7.7)

How to use WinPwn 2.5?

Use my WinPwn 2.5 Tutorial.

Read More

Tethering coming to the iPhone?

Sébastien Page ∙ August 28, 2008

Gizmodo was tipped by what they call a "pretty legitimate-looking email thread from one of our readers" that Apple and AT&T might be discussing the possibility of offering bringing tethering to the iPhone.

Apparently, their tipster emailed Steve Jobs himself (we know Steve sometimes personally answers emails from random people like you and me). Here is the email he supposedly sent to Steve:

AT&T offers data plans for BlackBerry that include tethering for an additional $30 per month (a total of $60 per month for the BlackBerry+tethering plan).

It seems ludicrous that the same thing is not offered with the iPhone. I understand the desire to prevent tethering with the current data plan, but I am willing to pay more money to allow tethering! With such an advanced device, why can I not do so?

Now here is the reply he supposedly got from Steve:

We agree, and are discussing it with ATT.

Steve

Sent from my iPhone

Not sure how I should take that but that is a pretty interesting rumor...

Read More

QuickPwn vs. Ziphone

Sébastien Page ∙ August 28, 2008

PlanetBeing, a member of the DevTeam, wrote a very interesting post about the similarities and differences between QuickPwn and Ziphone. If you're not an iPhone geek, don't even bother reading this...

Here is what PlanetBeing took into account (as you can see, there are more differences than similarities):

Similarities:

jailbreak payload medium

Differences:

Technique

ZiPhone uses, as the root filesystem device, a pseudo-device that provides a window to an arbitrary section of memory. This memory is not allocated or otherwise reserved by the operating system and hence will be used by other random processes in other random ways and will become more and more corrupted with every CPU clock cycle. The only safe way to use this is to mlock all memory used by the jailbreak binary as soon as possible, and then use data previously uploaded to flash. Anything else will cause either the jailbreak binary to crash at random moments or cause random data to be written to flash. I am not sure why Zibri elected not to implement ZiPhone in a safer fashion.

QuickPwn uses the same mechanism that Apple uses to send its update ramdisk. This memory is both allocated and reserved. It will not crash at random moments, or give you repeating BSD root errors. This is the way the XNU kernel is designed to use ramdisks.

Longevity

ZiPhone hinges on a BUG in iBoot that was quickly fixed by Apple.

QuickPwn uses an iBoot FEATURE that Apple cannot remove without rewriting their own software and undergoing lengthy QA. Even if Apple did change the architecture, it would be straight-forward to simply mimic what they do and adapt to it. The reason QuickPwn can do this is because it relies on a hardware exploit to bootstrap into this phase. Apple cannot fix this problem without changing the manufactured hardware.

Elegance

ZiPhone modifies an existing Apple ramdisk and ships it as a complete set.

QuickPwn contains all-original code and features a very tiny bootstrapper that allows it to use libraries and code that's already on the iPhone.

Not only does ZiPhone's distribution of Apple's binaries violate copyright laws, it also takes up a large portion of room on the ramdisk that could be used for the payload. Keeping its existing algorithm, ZiPhone would never have been able to install Cydia, for example. The maximum feasible ramdisk size is 32 MB; Cydia takes 13 and Apple's library take up a significant amount. With some work, Zibri could possibly make it just under the 32 MB limit, but with the large number of files in Cydia, and the large size of the corruptible area of memory, corruption would be inevitable.

Click here to read the full post.

Read More

WinPwn 2.5 preparing for beta release

Sébastien Page ∙ August 28, 2008

cmw just posted on his site that he was preparing WinPwn 2.5 for a beta release. Yeahh! I'll let you know when the beta is out and available.

WinPwn 2.5 ( Update 08/28/08 )

Yay! Squpix fixed the 2.0.2 bug and we are now preparing for beta release! Get your iPhone/iTouch's ready it's winpwning time. Thanks again for the support.

In the meanwhile, here is a screenshot of WinPwn 2.5 in action. You may see more here.

Read More

iPhone apps crashing on launch fix

Sébastien Page ∙ August 28, 2008

Since the recent update to 2.0.2, many users reported that their applications crash really often when trying to open them. A few fix were offered, including decreasing the amount of iPhone applications on your device or, downgrading to an earlier version of iTunes.

These 2 fixes delivered different results but it seems the folks at iPhone Atlas finally discovered a real fix to this problem.

On the iPhone, select Settings > General > Erase all Content and Settings.

On a Mac, delete the following support files from the computer:

/Library/Receipts/AppleMobileDeviceSupport.pkg /Library/Receipts/iTunesAccess.pkg /Library/Receipts/iTunesX.pkg ~/Library/iTunes/Device Support (the entire folder) /System/Library/Extensions/AppleMobileDevice.kext /System/Library/PrivateFrameworks/DeviceLink.framework /System/Library/PrivateFrameworks/MobileDevice.framework ~/Library/iTunes/iPhone Software Updates (all contents)

On a Windows XP PC, delete the files in settings/[yourusername]/Application Data/Apple Computer/iTunes/iPhone Software Updates

On a Windows Vista PC, delete the files in C:/users/[yourusername]/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates

Delete the iTunes application

Restart the computer

Install iTunes 7.7

This method is obviously not for the average noobie as it requires some basics skills but that's the only solution so far to fix this issue with your iPhone.... at leat until Apple releases a new firmware update.

Thanks iPhone Atlas

Read More

T-Zones hack for iPhone

Sébastien Page ∙ Updated February 5, 2016

T-Mobile just changed their IP address for T-Zones, causing all hacked iPhones using T-Zones to stop working. BigBoss was on it right away by releasing an update to TZones Hack in a matter of hours.

The upgrade is available in Cydia and only works with iPhone firmware 2.0+. This means if you're still on 1.1.4, well, it's time to upgrade or:

you can fix proxy.pac yourself but editing the file /var/preferences/proxy.pac and changing “10.0.0.0″ to “25.0.0.0″. (The 2.0 version is a bit more flexible allowing addresses from both 10.* and 25.* to both be covered.

For those of you who don't know what I'm talking about, T-Mobile has a $6 data plan called T-Zones. You can use this plan if you're on a jailbroken iPhone, instead of paying the usual $20 from AT&T. This is obviously again T-Mobile's TOS so you may do this at your own risks...

How to use T-Zones on your unlocked iPhone?

Subscribe to T-Zones Install TZones Hack available in Cydia Restart your phone If does not work, verify your EDGE settings in Settings > General > Network, EDGE to be APN: wap.voicestream.com. Username and Password should be blank

Thanks Boss

Read More

Take your iPhone apart with a suction cup!

Sébastien Page ∙ Updated January 29, 2016

Interesting finding over at hackint0sh... One smart user found a way to take his iPhone 3G apart, using a suction cup.

Here is how it works:

Remove the two screws on either side of the charging port Apply a suction cup, to the glass screen. Try to mount it right below the home button. Pull the suction cup toward you and the screen should come out (bottom first) You will see 3 cables running from the top right corner of the screen to the main board of the phone. 3 cables are numbered 1, 2, and 3. Remove the cables in that order. Once the three cables are detached, the entire LCD unit is now separate from the main board.

This can be a handy trick, should you want to fix light leak for example, as this user did. No need to say that your iPhone warranty will be voided in a heartbeat...

Read More

iPhone 2.0.2 security flaw puts private data at risk

Sébastien Page ∙ August 27, 2008

You thought that password-protecting your iPhone would keep you safe? Think again! A pretty big security breach was found in iPhone firmware 2.0.2, putting some of your data at risk. Fortunately for the most paranoid of us, there is a way to avoid it.

What's this security flaw about?

Password protect your iPhone Slide and unlock and tap "Emergency call" Double tap the home button You're in! You're in the favorites more precisely

Now anyone using your phone can make a call to your favorites. On top of that, they can edit your contacts, view and listen to your voicemails, SMS, have access to email and Safari...

Apple will most likely fix this issue in the next firmware update but if you can't wait a couple weeks, here is how to fix it:

Go to Settings Tap General Tap Home Button Select either Home or iPod

This way, when someone uses the method described above, they will either be taken to the home screen or to the iPod screen.

Read More