Archive for July, 2009

Unknown firmware/Updating firmware on unactivated iPhone

July 29, 2009 3 comments

Today I was in an interesting circumstance. I needed to jailbreak/unlock an iPhone, but had no idea what firmware was on the phone. Since the phone was unactivated I couldn’t pull up the settings icon nor could I use iTunes to figure it out. After searching and searching and finding nothing, I did the following and it worked like a charm.

  1. Turn the phone off
  2. Hold down the Home button and plug the phone into the computer via USB
  3. Continue holding Home until the screen shows the “connect to iTunes” screen
  4. Open iTunes on your computer, click “OK”
  5. Hold down Shift and click on Restore
  6. Choose the firmware file you want (one downloaded from the iPhoneWiki’s System page works) to install on the phone and proceed as directed

I ended up doing things this way because nothing else I could find on the net worked (mostly this meant field test mode didn’t work). While this doesn’t tell you what firmware version you are using, it gets you to a point where you will at least know. After this, I just ran redsn0w and it was a done deal!

Categories: iPhone Tags: ,

iPhone Rootkit

July 10, 2009 Leave a comment

I just got done reading the Phrack article on MacOS X Rootkits I blogged about a while ago. It was a very good article, and I’m sure a lot of the techniques can be tweaked to work on an iPhone. This got me wondering about iPhone rootkits. Would they be harder or easier to detect/program? I think they would probably be easier to program. Why would you even need to hide the files or processes or even ports that the rootkit uses? Users can’t really access the filesystem or terminal to see those sorts of things. Detection, however, is a different story. Since you’d most likely have to jailbreak the iPhone either using traditional software or an exploit, it should be easy to detect. The real way to hide would be to make iTunes think everything was normal. This includes backups of the device sent to iTunes and all communication with iTunes.

There is another Phrack article I haven’t read yet called Persistent BIOS Infection. I wonder if there is a way for persistent iPhone infection! Definitely something to look in to.

Categories: Uncategorized