Difference between revisions of "Dumping firmware"

From freemyipod.org
Jump to: navigation, search
(Removed an unfounded speculation about an encryption key)
(From the internet)
Line 12: Line 12:
  
 
===1G-3G Nano firmware structure===
 
===1G-3G Nano firmware structure===
{| border="1" cellpadding="5" cellspacing="0"
+
{| class="wikitable"
 
! Filename !! Description
 
! Filename !! Description
 
|-
 
|-
Line 22: Line 22:
 
===4G Nano firmware structure===
 
===4G Nano firmware structure===
 
The 4G Nanos seem to have a different structure with an interesting new file:
 
The 4G Nanos seem to have a different structure with an interesting new file:
{| border="1" cellpadding="5" cellspacing="0"
+
{| class="wikitable"
 
! Filename !! Description
 
! Filename !! Description
 
|-
 
|-
Line 33: Line 33:
  
 
You can copy over the firmware file and that is the same as extracting a dump.img file from the iPod.
 
You can copy over the firmware file and that is the same as extracting a dump.img file from the iPod.
 +
 
==Helpful pages==
 
==Helpful pages==
 
http://home.gna.org/linux4nano/download/crypto_synth-1.0.pdf
 
http://home.gna.org/linux4nano/download/crypto_synth-1.0.pdf
  
 
http://www.ipodlinux.org/wiki/Firmware
 
http://www.ipodlinux.org/wiki/Firmware

Revision as of 17:07, 5 August 2010

The first step to examining iPod's firmware is getting an image of it. You can retrieve either retrieve an image from the iPod or from the internet.

From the iPod

Getting a firmware dump is very easy in Linux. Just:

  1. Make sure the iPod is plugged in.
  2. Type "dd if=/dev/sdX1 of=dump.img" in the terminal, but make sure you edit the drive to match your configuration.
  3. A dump.img file should be created after a while. If you have a lot of data on your iPod, it can take a very long time.

From the internet

You can download pretty much every firmware version from http://www.felixbruns.de/iPod/firmware/. These files are called .ipsw files, but they are really .zip files in disguise. Open the .ipsw file as a .zip file, and you can view it's contents:

1G-3G Nano firmware structure

Filename Description
Firmware-XX.X.X.X The actual firmware file
manifest.plist An XML file that gives basic info about the Firmware. Probably for iTunes.

4G Nano firmware structure

The 4G Nanos seem to have a different structure with an interesting new file:

Filename Description
Firmware.MSE The actual firmware file
manifest.plist An XML file that gives basic info about the Firmware. Probably for iTunes.
N58s.bootloader.release.rb3 This is a very interesting new file that should be checked out! At the end there are clusters of strings that mention things like "Apple iPod Certification Authority", "S5L8720", and "Secure Boot". This means that the 4G uses the S5L8720 processor, the exact same as the iPod Touch 2G. It is also likely that the 4G Nano uses the same Secure Boot technology as iPhone's and iPod Touch's.

You can copy over the firmware file and that is the same as extracting a dump.img file from the iPod.

Helpful pages

http://home.gna.org/linux4nano/download/crypto_synth-1.0.pdf

http://www.ipodlinux.org/wiki/Firmware