Main Page: Difference between revisions

From freemyipod
Jump to navigation Jump to search
← Older edit
User890104 (talk | contribs)
Bureaucrats, svnadmins, Administrators
327 edits
No edit summary
svn -> github, twitter -> X
 
(2 intermediate revisions by the same user not shown)
Line 16: Line 16:
On the [[Nano 3G]], [[Nano 4G]] and [[Nano 5G]], we have a stable tethered exploit ([[wInd3x]]) which allows early, untethered and safe (no permanent modification) code execution. This in turn allows you to run [[U-Boot]] and an early [[Linux|Linux port]] or experiment with reverse-engineering/modifying the original firmware, [[retailOS]].
On the [[Nano 3G]], [[Nano 4G]] and [[Nano 5G]], we have a stable tethered exploit ([[wInd3x]]) which allows early, untethered and safe (no permanent modification) code execution. This in turn allows you to run [[U-Boot]] and an early [[Linux|Linux port]] or experiment with reverse-engineering/modifying the original firmware, [[retailOS]].


On the [[Nano 6G]] and [[Nano 7G]], a font parsing vulnerability (CVE-2010-1797) can be exploited with [[ipod_sun]].
On the [[Nano 6G]], [[Nano 7G]] and iPod shuffle (4th generation), a vulnerability in DFU_DNLOAD packet parsing code can be exploited with [[S5Late]]. It allows tethered code execution.


On the [[Nano 7G]] (and possibly [[Nano 6G]]), a vulnerability in DFU_DNLOAD packet parsing code can be exploited with [[S5Late]].
On the [[Nano 6G]] and [[Nano 7G]], a font parsing vulnerability (CVE-2010-1797) can be exploited with [[ipod_sun]]. It allows untethered code execution.


There's a set of earlier tooling ([[emCORE]]/[[emBIOS]]/[[iBugger]]) which was exploiting other vulnerabilities and was a lead-up to a port of Rockbox, but it's mostly abandoned.
There's a set of earlier tooling ([[emCORE]]/[[emBIOS]]/[[iBugger]]) which was exploiting other vulnerabilities and was a lead-up to a port of Rockbox, but it's mostly abandoned.
Line 26: Line 26:


==Updates==
==Updates==
* {{#dateformat:2025-12-28}} - [[User:Hug0|Hug0]] made a lightning talk at 39C3 on [https://www.youtube.com/watch?v=FKHL1yyOKJc iPod Nano reverse engineering].
* {{#dateformat:2025-12-26}} - Some of us will be at 39C3 in Hamburg! Get in touch with [https://events.ccc.de/congress/2025/hub/en/user/q3k q3k] and/or [https://events.ccc.de/congress/2025/hub/en/user/slackware Slackware] if you're around!
* {{#dateformat:2025-12-26}} - Some of us will be at 39C3 in Hamburg! Get in touch with [https://events.ccc.de/congress/2025/hub/en/user/q3k q3k] and/or [https://events.ccc.de/congress/2025/hub/en/user/slackware Slackware] if you're around!
* {{#dateformat:2025-06-12}} - Some of us will be at GPN23 in Karlsruhe! [https://entropia.de/GPN23 More info here]. Let us know on IRC/Discord/Matrix if you're also there!
* {{#dateformat:2025-06-12}} - Some of us will be at GPN23 in Karlsruhe! [https://entropia.de/GPN23 More info here]. Let us know on IRC/Discord/Matrix if you're also there!
Line 58: Line 59:
* {{#dateformat:2009-11-01}} - iBugger core v0.1 successfully running on [[Nano 4G]]! [https://img217.imageshack.us/img217/4122/img0969.jpg]
* {{#dateformat:2009-11-01}} - iBugger core v0.1 successfully running on [[Nano 4G]]! [https://img217.imageshack.us/img217/4122/img0969.jpg]
-->
-->
Follow [https://twitter.com/freemyipod our Twitter feed] to get status updates automatically. See the [[Status]] page for more detailed information. Check our [[Special:Code/freemyipod|SVN activity]] page for the latest changes to our source code.
Follow [https://x.com/freemyipod our X feed] to get status updates automatically. See the [[Status]] page for more detailed information. Check our [https://github.com/freemyipod GitHub repositories] for the latest changes to our source code.


{| cellspacing="3" width="100%"
{| cellspacing="3" width="100%"

Latest revision as of 11:58, 28 February 2026

Linux 6.14.0 on iPod nano (7th generation)
emCORE r779 on iPod nano (2nd generation), iPod nano (4th generation) and iPod classic (6th generation)

This is the wiki for the freemyipod project. Freemyipod is a project aimed at reverse-engineering non-iOS iPods (all models other than the Touch) and creating tools and documentation so that other people can port alternative firmwares to them such as Rockbox or Linux. Freemyipod is a relaunch of Linux4nano.

FAQ

What can I do with my iPod nano (2nd generation), iPod classic (6th generation) or older iPods?

There's an upstream Rockbox port for these devices. Go use that.

What can I do with my iPod nano (3rd generation) or newer?

Not much (yet) unless you're an embedded developer :).

On the iPod nano (3rd generation), iPod nano (4th generation) and iPod nano (5th generation), we have a stable tethered exploit (wInd3x) which allows early, untethered and safe (no permanent modification) code execution. This in turn allows you to run U-Boot and an early Linux port or experiment with reverse-engineering/modifying the original firmware, retailOS.

On the iPod nano (6th generation), iPod nano (7th generation) and iPod shuffle (4th generation), a vulnerability in DFU_DNLOAD packet parsing code can be exploited with S5Late. It allows tethered code execution.

On the iPod nano (6th generation) and iPod nano (7th generation), a font parsing vulnerability (CVE-2010-1797) can be exploited with ipod_sun. It allows untethered code execution.

There's a set of earlier tooling (emCORE/emBIOS/iBugger) which was exploiting other vulnerabilities and was a lead-up to a port of Rockbox, but it's mostly abandoned.

Getting an account

Due to spambots, registration is closed. For an account contact User890104 or q3k.

Updates

Follow our X feed to get status updates automatically. See the Status page for more detailed information. Check our GitHub repositories for the latest changes to our source code.

Project info

Released Software

Basic skills

Reverse engineering results

Hardware

Exploiting

Retrieved from "https://freemyipod.org/index.php?title=Main_Page&oldid=22222"