Main Page: Difference between revisions
User890104 (talk | contribs) add note about GPN24 |
User890104 (talk | contribs) show all updates since and including wInd3x |
||
| Line 34: | Line 34: | ||
* {{#dateformat:2023-12-28}} - [[ipod_sun]], a tool that enables code execution on the [[Nano 6G]] and [[Nano 7G]], is released. | * {{#dateformat:2023-12-28}} - [[ipod_sun]], a tool that enables code execution on the [[Nano 6G]] and [[Nano 7G]], is released. | ||
* {{#dateformat:2023-01-07}} - [https://social.hackerspace.pl/@q3k/109655916469636189 A preliminary U-Boot port to the [[Nano 5G]] has been developed.] | * {{#dateformat:2023-01-07}} - [https://social.hackerspace.pl/@q3k/109655916469636189 A preliminary U-Boot port to the [[Nano 5G]] has been developed.] | ||
* {{#dateformat:2022-01-04}} - The bootrom of [[Nano 5G]] was successfully dumped, and is in the process of being reverse-engineered! | * {{#dateformat:2022-01-04}} - The bootrom of [[Nano 5G]] was successfully dumped, and is in the process of being reverse-engineered! | ||
* {{#dateformat:2021-12-31}} - An exploit named wInd3x, which exploits the latest vulnerability, is being prepared for [[Nano 4G]] and [[Nano 5G]]. | * {{#dateformat:2021-12-31}} - An exploit named wInd3x, which exploits the latest vulnerability, is being prepared for [[Nano 4G]] and [[Nano 5G]]. | ||
* {{#dateformat:2021-12-27}} - A new vulnerability was discovered in [[Nano 4G]] and [[Nano 5G]] bootrom, which allows arbitrary code execution! | * {{#dateformat:2021-12-27}} - A new vulnerability was discovered in [[Nano 4G]] and [[Nano 5G]] bootrom, which allows arbitrary code execution! | ||
<!-- | |||
* {{#dateformat:2018-08-25}} - The website software has been updated to MediaWiki 1.31 after about 2 months of downtime. | * {{#dateformat:2018-08-25}} - The website software has been updated to MediaWiki 1.31 after about 2 months of downtime. | ||
* {{#dateformat:2016-06-17}} - The freemyipod project is becoming deprecated, as parts of the code is slowly being integrated in Rockbox. It is likely that no future development on the freemyipod project will take place. Essential parts of emCORE helped building a Rockbox bootloader for iPod Classic, and any future development will take place in the Rockbox project. | * {{#dateformat:2016-06-17}} - The freemyipod project is becoming deprecated, as parts of the code is slowly being integrated in Rockbox. It is likely that no future development on the freemyipod project will take place. Essential parts of emCORE helped building a Rockbox bootloader for iPod Classic, and any future development will take place in the Rockbox project. | ||
Revision as of 04:26, 30 March 2026
This is the wiki for the freemyipod project. Freemyipod is a project aimed at reverse-engineering non-iOS iPods (all models other than the Touch) and creating tools and documentation so that other people can port alternative firmwares to them such as Rockbox or Linux. Freemyipod is a relaunch of Linux4nano.
FAQ
What can I do with my iPod nano (2nd generation), iPod classic (6th generation) or older iPods?
There's an upstream Rockbox port for these devices. Go use that.
What can I do with my iPod nano (3rd generation) or newer?
Not much (yet) unless you're an embedded developer :).
On the iPod nano (3rd generation), iPod nano (4th generation) and iPod nano (5th generation), we have a stable tethered exploit (wInd3x) which allows early, untethered and safe (no permanent modification) code execution. This in turn allows you to run U-Boot and an early Linux port or experiment with reverse-engineering/modifying the original firmware, retailOS.
On the iPod nano (6th generation), iPod nano (7th generation) and iPod shuffle (4th generation), a vulnerability in DFU_DNLOAD packet parsing code can be exploited with S5Late. It allows tethered code execution.
On the iPod nano (6th generation) and iPod nano (7th generation), a font parsing vulnerability (CVE-2010-1797) can be exploited with ipod_sun. It allows untethered code execution.
There's a set of earlier tooling (emCORE/emBIOS/iBugger) which was exploiting other vulnerabilities and was a lead-up to a port of Rockbox, but it's mostly abandoned.
Getting an account
Due to spambots, registration is closed. For an account contact User890104 or q3k.
Updates
- 2026-03-30 - Some of us will be at GPN24 in Karlsruhe! More info here. Let us know on IRC/Discord/Matrix if you're also there!
- 2025-12-28 - Hug0 made a lightning talk at 39C3 on iPod Nano reverse engineering.
- 2025-12-26 - Some of us will be at 39C3 in Hamburg! Get in touch with q3k and/or Slackware if you're around!
- 2025-06-12 - Some of us will be at GPN23 in Karlsruhe! More info here. Let us know on IRC/Discord/Matrix if you're also there!
- 2024-12-25 - Some of us will be at 38C3 in Hamburg! Come say hi!
- 2024-12-16 - S5Late, a tethered iPod bootrom/DFU exploit for iPod nano (7th generation) (and possibly iPod nano (6th generation)), is released.
- 2023-12-28 - ipod_sun, a tool that enables code execution on the iPod nano (6th generation) and iPod nano (7th generation), is released.
- 2023-01-07 - A preliminary U-Boot port to the iPod nano (5th generation) has been developed.
- 2022-01-04 - The bootrom of iPod nano (5th generation) was successfully dumped, and is in the process of being reverse-engineered!
- 2021-12-31 - An exploit named wInd3x, which exploits the latest vulnerability, is being prepared for iPod nano (4th generation) and iPod nano (5th generation).
- 2021-12-27 - A new vulnerability was discovered in iPod nano (4th generation) and iPod nano (5th generation) bootrom, which allows arbitrary code execution!
Follow our X feed to get status updates automatically. See the Status page for more detailed information. Check our GitHub repositories for the latest changes to our source code.
Project infoReleased Software
|
Basic skillsReverse engineering results
Other guides |
HardwareExploiting |