A few days ago in an IRC channel the DevTeam and GeoHot discussed and summarized the state of the exploits found in the new baseband 05.12.01 in firmware 3.1.3. GeoHot explains that an exploit that had previously discovered and used in blacksn0w is still present in the new firmware released by Apple. It appears that both he and MuscleNerd are working on the same exploit, and if this were true, it would be a really good start to team up and release a new unlock tool.

Here is their discussion:

< visnet_ > What does geohot tweet mean?
< %geohot > its my bb exploit for safekeeping
< %Par4doX > geohot: did you turn that over to the dev team or are you doing something with it?
< %geohot > my days of turning things over are done
< %geohot > i hope its different from the one they have
< %geohot > but they prob already have it
< %geohot > its the one i orig wanted to release blacksn0w with
< %Par4doX > it’s still there in the new bb
< %geohot > yep, just checked
< %geohot > but then opted to use xemn since it was public
< Evan > Oo, it carries over from 05.11 to 05.12?
< %geohot > why wouldn’t it, apple doesn’t fix things proactivly
< @MuscleNerd > geohot we prob should figure out a way to know if we have same exploit double blind, otherwise we may release 2 different ones at same time
< %geohot > any suggestions?
< @MuscleNerd > not sure how to do that without making it easy to brute force tho
< %geohot > yea, i salted the hash
< @MuscleNerd > yeah
< @MuscleNerd > hmm maybe if we both hash the stack dump
< @Confucious > Can you two take this out of public sight?
< @MuscleNerd > the stack itself, not the header before it or the registers after it
< Her > muscle: any notice about the exploits are the same ?
< %geohot > we are working on it
< %geohot > cryptography, perfect for people who don’t trust each other

We should not expect much for the firmware 3.1.3 since the rumors predict the firmware 3.2 for mid-March. However these news are really good for owners of locked devices.

Fuzzyband is an application that can downgrade the baseband for iPhone 3G. Recently it has been updated to include the support for firmware 3.1.3 baseband 05.12.01. It works only with bootloader 05.08 (early iPhone 3G).

Why do users need to downgrade the baseband? The answer is simple: if they accidentally upgraded the new firmware and need to run unlock software (blacksn0w and ultrasn0w). Unlocked iPhones do not need Fuzzyband. iPhone 3GS users cannot downgrade baseband with Fuzzyband.

Fuzzyband is available for jailbreaked iPhones in Cydia (repository BigBoss, category “System” ).

Sherif Hashim has discovered an exploit which may allow unlock of the latest iPhone OS 3.1.3 baseband 05.12.01. Such unlock utilities for previous baseband versions were called blacksn0w, ultrasn0w и and yellowsn0w. MuscleNerd, the member of DevTeam, has already confirmed it is working. So the timing of the unlcok release is totally up to them right now.

Here is an official update from DevTeam:

“We’ve started to look at his crash but it’s a long road between any given crash and a fully working unlock, and we couldn’t put an ETA on it even if we wanted to. It’s not even guaranteed that an working unlock will come from this particular crash — it’s just too early to tell.”

The iPhone Dev-Team has released PwnageTool 3.1.5 for Mac OS X. It allows iPhone and iPod Touch users to safely upgrade to firmware 3.1.3. With PwnageTool you can preserve jailbreak and ultrasn0w unlock. But if you’re using the blacksn0w unlock with baseband 05.11.07 you will need to stay at firmware 3.1.2.

PwnageTool 3.1.5 creates a custom 3.1.3 IPSW for the following devices:

• iPhone 2G
• iPhone 3G
• iPhone 3GS with early bootrom
• iPod touch 1G
• iPod touch 2G with early bootrom

Warning! Don’t try to use this tool if you have  iPhone 3GS with firmware 3.1.3 – it just won’t work. If you have iPod Touch 1G, iPhone 2G or factory unlocked iPhone 3G , try to use redsn0w – is would be much easier.

You can download PwnageTool 3.1.5. here.

H8sn0w has just released the new version of Sn0wbreeze 1.4. Sn0wbreeze is a jailbreak utility with functionality similar to PwnageTool. The new version supports firmware 3.1.3 jailbreak for the following devices:

• iPhone 2G
• iPhone 3G
• iPhone 3GS – old bootrom
• iPod Touch 1G
• iPod Touch 2G – non MC

Sn0wbreeze is a Windows application, so Mac users have to wait for the upcoming release of PwnageTool by the DevTeam. Alternatively, both Mac and Windows users can use Redsn0w to run jailbreak (no custom firmware though).

You can download the new version of sn0wbreeze here.

MuscleNerd continues to argue that we should not use sn0wbreeze. Especially users who have unlocked their iPhone with blacksn0w utility:

iPhone hacker Geohot, who created popular utilities blackra1n (jailbreak) and blacksn0w (unlock), posted a message on twitter about the new firmware 3.1.3 released by Apple:

Hopefully some vulnerability in the new firmware will be found.

Apple has just released new firmware 3.1.3 (7E18) for iPhone 3GS, iPhone 3G, iPhone 2G, iPod touch, iPod touch 2G and iPod touch 3G.

The update includes:

• Improves accuracy of reported battery level on iPhone 3GS
• Resolves issue where third-party apps would not launch in some instances
• Fixes bug that may cause an app to crash when using the Japanese Kana keyboard
• Other security updates (more info)

So this is a minor update, which fixing only the accuracy of the 3GS battery meter and the stability of some third-party app launches. This update is avaliable via iTunes.

New firmware 3.1.3 also introduces a new version of the baseband, the 05.12.01. So if you need unlock do not update! DevTeam also warns us:

If you care about your jailbreak and unlock, don’t update your device – 3G and 3G(S) owners should pay particular attention to this warning.
PwnageTool and redsn0w are not yet compatible with 3.1.3

Experimenters show that the latest version of redsn0w 0.9.2 is able to jailbreak iPhone 2G, iPhone 3G and iPod touch 1G. Just point it at the 3.1.2 IPSW (download here) after doing update or restore to firmware 3.1.3. Sounds like DevTeam will release an updated version of redsn0w that will handle firmware 3.1.3 officially. They say iPod touch 2G with firmware 3.1.3 is also jailbreakable.

Users report that unlock software, blacksn0w and ultrasn0w, doesn;t work with the new baseband.

Redsn0w is a cross-platform jailbreaking tool for iPhone and iPod Touch. New version redsn0w 0.9.2 supports the latest firmware 3.1.2.

redsn0w 0.9.2 supports:

• All iPhones and iPod touches
• Windows and Mac OSX (x86)
• Apple firmwares 3.0 and 3.1.2

We expect to see Linux version quite soon.

If you need a carrier unlock, redsn0w will handle iPhone 2G by itself (by installing the BootNeuter utility). For the iPhone 3G and iPhone 3GS use Cydia after you’re jailbroken to install ultrasn0w (baseband 04.26) or blacksn0w (baseband 05.11).

If you have a late-model iPhone 3GS, or if you have an iPod touch 2G whose serial number begins with “MC” (newer than week 40 of last year), or any iPod touch 3G, you can use redsn0w to jailbreak but you are currently restricted to “tethered” rebooting. That means you need to connect your device to a computer each time you boot it – so just try no to reboot.

You can download the latest version of redsn0w here.

Redsn0w is a cross-platform jailbreaking, unlocking, and customizing tool for iPhone and iPod Touch. New version redsn0w 0.9b3 supports the latest firmware 3.1.2. The most recent release before this one was redsn0w 0.8, which targeted Apple firmware 3.0/3.0.1.

redsn0w 0.9 beta3 supports:

• All iPhones and iPod touches except the iPod touch 3G
• Windows and Mac OSX (x86)
• Apple firmwares 3.0-3.1.2

When it’s out of beta, it will support the iPod touch 3G, PPC OSX, and Linux.

If you need a carrier unlock, redsn0w will handle iPhone 2G by itself (by installing the BootNeuter utility). For the iPhone 3G and iPhone 3GS use Cydia after you’re jailbroken to install ultrasn0w (baseband 04.26) or blacksn0w (baseband 05.11).

If you have a late-model iPhone 3GS, or if you have an iPod touch 2G whose serial number begins with “MC” (newer than week 40 of last year), you can use redsn0w to jailbreak but you are currently restricted to “tethered” rebooting. That means you need to connect your device to a computer each time you boot it – so just try no to reboot.

You can download redsn0w 0.9b3 here.

Geohot has released his BlackSn0w utility. BlackSn0w is an unlock for the iPhone 3G and iPhone 3GS. It supports the latest firmware 3.1 and 3.1.2 with baseband 05.11.07 and enables official tethering. Available for both Windows and Mac.

Here is a quick tutorial:
If you havn’t done the jailbreak: go to blackra1n.com, download blackra1n, run it, follow the instructions (it is really simple) to perform the jailbreak. Run balckra1n app on iPhone and install BlackSnow.
If your device is already jailbroken – run Cydia, add repository blackra1n.com and install blacksn0w. That’s it!

The latest version of blackra1n is RC3. It now has hacktivation support, 15 second speed improvement, Tiger+PPC support.

PS: If you just bought a new iPhone 3GS or have one that was made recently (approximately after 40th week after iPhone 3GS release): your device has a new BootROM. Unfortunately it is impossible to run regular jailbreak with this new BootROM. There is a sloution – tethered jailbreak. Everything including unlock will work fine. However every time you restart your iPhone, you need to plug it to a computer with blackra1n installed.

Geohot has posted the first screenshot of his blacksn0w baseband 05.11.07 unlock for the iPhone 3G and 3GS. The unlock which will be run after completing a jailbreak with the blackra1n jailbreak is expected to be released on November 4th.

GeoHot has just released a new video which shows his new hack in action. It’s called Blacksn0w and is able to unlock the new baseband 05.11.07 of the iPhone 3G and iPhone 3GS.

This new baseband appeared in firmware 3.1. So all users who own locked iPhone can unlock it and use with any cellular provider. Users who have upgraded to firmware 3.1 or 3.1.2 by mistake can also use blacksn0w.

BlackSn0w will be released November 4.

The famous iPhone hacker GeoHot started working on unlock of the new baseband 05.11.07 several days ago. Today he published the first results that can be defined as very positive.

So he managed to take control of the baseband, running the code written directly by himself. This measns that soon all users of locked OTB iPhones with firmware 3.1 and 3.1.2 will be able to unlock ther devices.

The new project is called blacksn0w.

via

Few hours ago GeoHot left a new message on Twitter – he officially started looking for an exploit in the new baseband 05.11.07.

All iPhone 3G/3GS owners with native firmware 3.1 or higher will be finally able to unlock the phone. This also applies to iPhone owners who updated to firmware 3.1 or 3.1.2 by mistake.

via ispazio

Here are download links for the latest versions of software for iPhone and iPod jailbreaking, activating and unlocking:

BlackRa1n

blackra1n for Windows and MAC OS (jailbreak for all devices, firmware 3.1.2)

• http://blackra1n.com/

BlackSn0w

BlackSn0w for Windows and MAC OS (unlock for iPhone 3G and iPhone 3GS, firmware 3.1, 3.1.2)

• Avaliable in Cydia (repository http://blackra1n.com/) and via BlackRa1n utility

PwnageTool

MAC PwnageTool 3.1.5 (supports firmware 3.1.3, jailbreak for iPhone 2G, iPhone 3G, iPhone 3GS, iPod Touch 1G and iPod Touch 2G, unlock for iPhone 2G)

• PwnageTool 3.1.5 Torrent
• http://begolli.com/downloads/mac/PwnageTool_3.1.5.dmg
• http://download.sourcekills.com/files/devteam/PwnageTool_3.1.5.dmg
• http://www.hackthatphone.net/PwnageTool_3.1.5.dmg
• http://zombisoft.com/tools/PwnageTool_3.1.5.dmg
• http://www.ipodtouchmasterfr.com/files/PwnageTool_3.1.5.dmg
• http://apfelportal.de/host/images/PwnageTool_3.1.5.dmg
• http://files.bestblog.de/iphone/PwnageTool_3.1.5.dmg
• http://www.accesoriigsm.net/PwnageTool_3.1.5.dmg

MAC PwnageTool 3.1.4 (supports firmware 3.1.2, jailbreak for iPhone 2G, iPhone 3G, iPhone 3GS, iPod Touch 1G and iPod Touch 2G, unlock for iPhone 2G)

• PwnageTool 3.14 Torrent
• http://downloads2.touch-mania.com/PwnageTool_3.1.4.dmg
• http://download.sourcekills.com/PwnageTool_3.1.4.dmg
• http://old.bielsipod.de/Daten/PwnageTool_3.1.4.dmg
• http://www.hackthatphone.net/PwnageTool_3.1.4.dmg
• http://miphone.ca/iphone-dev/PwnageTool_3.1.4.dmg
• http://www.appleturk.net/ATWT/PwnageTool_3.1.4.dmg
• http://www.apfelphone.net/dl/PwnageTool_3.1.4.dmg
• http://apfelportal.de/host/images/dev-team/PwnageTool_3.1.4.dmg

Redsn0w

redsn0w 0.9.4 (firmware 3.1.3, iPhone 2G/3G, iPod Touch 1G/2G)

• Mac OSX x86
• Windows

redsn0w 0.9.2 (firmwares 3.0 – 3.1.2, all iPhones and iPod Touches except the iPod touch 3G)

• Mac OSX x86
• Windows

redsn0w 0.8 MAC (firmware 3.0 and 3.0.1, all versions of iPhone and iPod Touch)

• torrent
• http://thebigboss.org/hostedfiles/redsn0w-mac_0.8.zip

redsn0w 0.8 Windows (firmware 3.0 and 3.0.1, all versions of iPhone and iPod Touch)

• torrent
• http://thebigboss.org/hostedfiles/redsn0w-win_0.8.zip

redsn0w 0.8 Linux (firmware 3.0 and 3.0.1, all versions of iPhone and iPod Touch)

• torrent
• http://thebigboss.org/hostedfiles/redsn0w-linux_0.8.tar.bz2

PurpleRa1n

Purplera1n for MAC (Beta jailbreak for iPhone 3GS, firmware 3.0)

• http://purplera1n.com/purplera1n.zip

Purplera1n for Windows (Beta jailbreak for iPhone 3GS, firmware 3.0)

• http://purplera1n.com/purplera1n.exe

UltraSn0w

Current version is ultrasn0w 0.92, download in Cydia (unlock for iPhone 3G and iPhone 3GS, firmware 3.0 and 3.0.1)

Read the rest of this entry »