Extracting firmware

From freemyipod.org
Jump to: navigation, search

The tool for extracting iPod firmware is called extract2g. Extract2g can be found on the freemyipod SVN at http://svn.freemyipod.org/tools/extract2g/. The Windows and the Linux versions can be built with a simple make command. Extract2g supports all of the Nanos and the 5G and 6G iPods (haven't tested any others). If the output says something similar to "Extracting from osos.fw," you should be fine.

To obtain a list of availible files, type in:

extract2g -l dump.img

Please note that "dump.img" can be replaced with whatever your dump file is named. To actually extract the firmwares, type in:

extract2g -A dump.img

You should now have 3 files:

On Nano 4G, you should use the -4 or --4g-compat option in order to dump the correct data from the firmware. This option is considered as a workaround, because the Nano 4G firmwares are detected as Nano 3G's, but the offset is different.

To list the files, type in:

extract2g -l -4 dump.img

To extract all files, type in:

extract2g -A -4 dump.img

You should now have 9 files:

These are your extracted firmware images. To learn more about these, please visit the Firmware page. If you need more information about using extract2g, type in:

extract2g - -help

Removing header

Also if you are using the osos.fw outputted by extract2g in emCORE you need to remove the 2 KiB header from it:

dd if=osos.fw of=osos.out bs=2048 skip=1

Or alternatively, under Windows open osos.fw in HxD and select 'select block' from the edit menu, select from 0x0 to 0x7FF, then delete this region and save.

Then put osos.out into /.boot/AppleOS.bin

Helpful pages

http://home.gna.org/linux4nano/download/crypto_synth-1.0.pdf

http://www.ipodlinux.org/wiki/Firmware

Personal tools
Namespaces
Variants
Actions
Navigation
Info
Software
Basic skills
Reverse engineering Results
Exploiting
Hardware
Toolbox