Difference between revisions of "Main Page"
User890104 (talk | contribs) (→Updates) |
User890104 (talk | contribs) (→FAQ) |
||
(One intermediate revision by the same user not shown) | |||
Line 16: | Line 16: | ||
On the 6th and 7th generation, a font parsing vulnerability (CVE-2010-1797) can be exploited with [[ipod_sun]]. | On the 6th and 7th generation, a font parsing vulnerability (CVE-2010-1797) can be exploited with [[ipod_sun]]. | ||
+ | |||
+ | On the 7th generation (and possibly 6th generation), a vulnerability in DFU_DNLOAD packet parsing code can be exploited with [[S5Late]]. | ||
There's a set of earlier tooling ([[emCORE]]/[[emBIOS]]/[[iBugger]]) which was exploiting other vulnerabilities and was a lead-up to a port of Rockbox, but it's mostly abandoned. | There's a set of earlier tooling ([[emCORE]]/[[emBIOS]]/[[iBugger]]) which was exploiting other vulnerabilities and was a lead-up to a port of Rockbox, but it's mostly abandoned. |
Latest revision as of 12:03, 16 December 2024
This is the wiki for the freemyipod project. Freemyipod is a project aimed at reverse-engineering non-iOS iPods (all models other than the Touch) and creating tools and documentation so that other people can port alternative firmwares to them such as rockbox or Linux. Freemyipod is a relaunch of Linux4nano.
FAQ
What can I do with my iPod nano (2nd generation), iPod classic or older iPods?
There's an upstream Rockbox port for these devices. Go use that.
What can I do with my iPod nano (3rd generation) or newer?
Not much (yet) unless you're an embedded developer :).
On the 3rd, 4th and 5th generation, we have a stable tethered exploit (wInd3x) which allows early, untethered and safe (no permanent modification) code execution. This in turn allows you to run U-Boot and an early Linux port or experiment with reverse-engineering/modifying the original firmware, retailOS.
On the 6th and 7th generation, a font parsing vulnerability (CVE-2010-1797) can be exploited with ipod_sun.
On the 7th generation (and possibly 6th generation), a vulnerability in DFU_DNLOAD packet parsing code can be exploited with S5Late.
There's a set of earlier tooling (emCORE/emBIOS/iBugger) which was exploiting other vulnerabilities and was a lead-up to a port of Rockbox, but it's mostly abandoned.
Getting an account
Due to spambots, registration is closed. For an account contact User890104 or q3k.
Updates
- 2024-12-16 - S5Late, a tethered iPod bootrom/DFU exploit for Nano 7G (and possibly Nano 6G), is released.
- 2023-12-28 - ipod_sun, a tool that enables code execution on the iPod nano 6th and 7th generation, is released.
- 2023-01-07 - A preliminary U-Boot port to the Nano 5G has been developed.
- 2022-01-04 - The bootrom of iPod Nano 5G was successfully dumped, and is in the process of being reverse-engineered!
- 2021-12-31 - An exploit named wInd3x, which exploits the latest vulnerability, is being prepared for Nano 4G and Nano 5G.
- 2021-12-27 - A new vulnerability was discovered in iPod Nano 4G and Nano 5G bootrom, which allows arbitrary code execution!
- 2018-08-25 - The website software has been updated to MediaWiki 1.31 after about 2 months of downtime.
Follow our Twitter feed to get status updates automatically. See the Status page for more detailed information. Check our SVN activity page for the latest changes to our source code.
Project infoReleased Software
|
Basic skillsReverse engineering results
Other guides |
HardwareExploiting |