Main Page: Difference between revisions
Jump to navigation
Jump to search
m Add iPod nano 2g demo image |
m remove sysfetch and add albafetch image |
||
| (One intermediate revision by one other user not shown) | |||
| Line 1: | Line 1: | ||
__NOTOC__ | __NOTOC__ | ||
[[File: | [[File:Albafetchdemo.png|thumb|right|albafetch on the [[Nano 2G]] running [[Linux]] 6.10]] | ||
[[File:Photo 2025-12-27 20-36-24.jpg|280px|thumb|right|[[Linux]] 6.14.0 on [[Nano 7G]]]] | [[File:Photo 2025-12-27 20-36-24.jpg|280px|thumb|right|[[Linux]] 6.14.0 on [[Nano 7G]]]] | ||
[[File:EmCORE_Nano2G_Nano4G_Classic.jpg|280px|thumb|right|[[emCORE]] r779 on [[Nano 2G]], [[Nano 4G]] and [[Classic 2G]]]] | [[File:EmCORE_Nano2G_Nano4G_Classic.jpg|280px|thumb|right|[[emCORE]] r779 on [[Nano 2G]], [[Nano 4G]] and [[Classic 2G]]]] | ||
| Line 15: | Line 15: | ||
Not much (yet) unless you're an embedded developer :). | Not much (yet) unless you're an embedded developer :). | ||
Here's the current progress, by iPod model: | |||
[[Nano 3G]] and [[Nano 4G]] | |||
* [[wInd3x]] allows untethered and safe code execution (no permanent modification). | |||
* Rockbox bootloader has been published, but [https://isthererockboxonipodnano3g.freemyipod.org/ the Rockbox port is not yet completed]. | |||
[[Nano 5G]] | |||
* [[wInd3x]] allows untethered and safe code execution (no permanent modification). | |||
* There's a [[U-Boot]] port, and [[Linux|Linux]] boots with an initramfs. | |||
[[Nano 6G]] and [[Nano 7G]] | |||
* Tethered code execution using [[S5Late]] (a vulnerability in DFU_DNLOAD packet parsing code) (also for iPod shuffle (4th generation)) | |||
* Untethered code execution using [[ipod_sun]] (CVE-2010-1797) | |||
[[Nano 7G]] | |||
* There's a [[U-Boot]] port, and [[Linux|Linux]] boots with an initramfs. | |||
There's a set of earlier tooling ([[emCORE]]/[[emBIOS]]/[[iBugger]]) which was exploiting other vulnerabilities and was a lead-up to a port of Rockbox, but it's mostly abandoned. | There's a set of earlier tooling ([[emCORE]]/[[emBIOS]]/[[iBugger]]) which was exploiting other vulnerabilities and was a lead-up to a port of Rockbox, but it's mostly abandoned. | ||
Latest revision as of 18:10, 10 May 2026
This is the wiki for the freemyipod project. Freemyipod is a project aimed at reverse-engineering non-iOS iPods (all models other than the Touch) and creating tools and documentation so that other people can port alternative firmwares to them such as Rockbox or Linux. Freemyipod is a relaunch of Linux4nano.
FAQ
What can I do with my iPod nano (2nd generation), iPod classic (6th generation) or older iPods?
There's an upstream Rockbox port for these devices. Go use that.
What can I do with my iPod nano (3rd generation) or newer?
Not much (yet) unless you're an embedded developer :).
Here's the current progress, by iPod model:
iPod nano (3rd generation) and iPod nano (4th generation)
- wInd3x allows untethered and safe code execution (no permanent modification).
- Rockbox bootloader has been published, but the Rockbox port is not yet completed.
- wInd3x allows untethered and safe code execution (no permanent modification).
- There's a U-Boot port, and Linux boots with an initramfs.
iPod nano (6th generation) and iPod nano (7th generation)
- Tethered code execution using S5Late (a vulnerability in DFU_DNLOAD packet parsing code) (also for iPod shuffle (4th generation))
- Untethered code execution using ipod_sun (CVE-2010-1797)
There's a set of earlier tooling (emCORE/emBIOS/iBugger) which was exploiting other vulnerabilities and was a lead-up to a port of Rockbox, but it's mostly abandoned.
Getting an account
Due to spambots, registration is closed. For an account contact User890104 or q3k.
Updates
- 2026-03-30 - Some of us will be at GPN24 in Karlsruhe! Let us know on IRC/Discord/Matrix if you're also there!
- 2025-12-28 - Hug0 made a lightning talk at 39C3 on iPod Nano reverse engineering.
- 2025-12-26 - Some of us will be at 39C3 in Hamburg! Get in touch with q3k and/or Slackware if you're around!
- 2025-06-12 - Some of us will be at GPN23 in Karlsruhe! Let us know on IRC/Discord/Matrix if you're also there!
- 2024-12-25 - Some of us will be at 38C3 in Hamburg! Come say hi!
- 2024-12-16 - S5Late, a tethered iPod bootrom/DFU exploit for iPod nano (7th generation) (and possibly iPod nano (6th generation)), is released.
- 2023-12-28 - ipod_sun, a tool that enables code execution on the iPod nano (6th generation) and iPod nano (7th generation), is released.
- 2023-01-07 - A preliminary U-Boot port to the iPod nano (5th generation) has been developed.
- 2022-01-04 - The bootrom of iPod nano (5th generation) was successfully dumped, and is in the process of being reverse-engineered!
- 2021-12-31 - An exploit named wInd3x, which exploits the latest vulnerability, is being prepared for iPod nano (4th generation) and iPod nano (5th generation).
- 2021-12-27 - A new vulnerability was discovered in iPod nano (4th generation) and iPod nano (5th generation) bootrom, which allows arbitrary code execution!
Follow our X feed to get status updates automatically. See the Status page for more detailed information. Check our GitHub repositories for the latest changes to our source code.
Project infoReleased Software
|
Basic skillsReverse engineering results |
HardwareExploiting |