Main Page: Difference between revisions
User890104 (talk | contribs) |
m Add iPod nano 2g demo image |
||
| Line 1: | Line 1: | ||
__NOTOC__ | __NOTOC__ | ||
[[File:Sysfetch on iPod Nano 2G.jpg|thumb|right|sysfetch on the [[Nano 2G]] running [[Linux]] 6.10]] | |||
[[File:Photo 2025-12-27 20-36-24.jpg|280px|thumb|right|[[Linux]] 6.14.0 on [[Nano 7G]]]] | [[File:Photo 2025-12-27 20-36-24.jpg|280px|thumb|right|[[Linux]] 6.14.0 on [[Nano 7G]]]] | ||
[[File:EmCORE_Nano2G_Nano4G_Classic.jpg|280px|thumb|right|[[emCORE]] r779 on [[Nano 2G]], [[Nano 4G]] and [[Classic 2G]]]] | [[File:EmCORE_Nano2G_Nano4G_Classic.jpg|280px|thumb|right|[[emCORE]] r779 on [[Nano 2G]], [[Nano 4G]] and [[Classic 2G]]]] | ||
Latest revision as of 09:18, 9 May 2026
This is the wiki for the freemyipod project. Freemyipod is a project aimed at reverse-engineering non-iOS iPods (all models other than the Touch) and creating tools and documentation so that other people can port alternative firmwares to them such as Rockbox or Linux. Freemyipod is a relaunch of Linux4nano.
FAQ
What can I do with my iPod nano (2nd generation), iPod classic (6th generation) or older iPods?
There's an upstream Rockbox port for these devices. Go use that.
What can I do with my iPod nano (3rd generation) or newer?
Not much (yet) unless you're an embedded developer :).
On the iPod nano (3rd generation), iPod nano (4th generation) and iPod nano (5th generation), we have a stable tethered exploit (wInd3x) which allows early, untethered and safe (no permanent modification) code execution. This in turn allows you to run U-Boot and an early Linux port or experiment with reverse-engineering/modifying the original firmware, retailOS.
On the iPod nano (6th generation), iPod nano (7th generation) and iPod shuffle (4th generation), a vulnerability in DFU_DNLOAD packet parsing code can be exploited with S5Late. It allows tethered code execution.
On the iPod nano (6th generation) and iPod nano (7th generation), a font parsing vulnerability (CVE-2010-1797) can be exploited with ipod_sun. It allows untethered code execution.
There's a set of earlier tooling (emCORE/emBIOS/iBugger) which was exploiting other vulnerabilities and was a lead-up to a port of Rockbox, but it's mostly abandoned.
Getting an account
Due to spambots, registration is closed. For an account contact User890104 or q3k.
Updates
- 2026-03-30 - Some of us will be at GPN24 in Karlsruhe! Let us know on IRC/Discord/Matrix if you're also there!
- 2025-12-28 - Hug0 made a lightning talk at 39C3 on iPod Nano reverse engineering.
- 2025-12-26 - Some of us will be at 39C3 in Hamburg! Get in touch with q3k and/or Slackware if you're around!
- 2025-06-12 - Some of us will be at GPN23 in Karlsruhe! Let us know on IRC/Discord/Matrix if you're also there!
- 2024-12-25 - Some of us will be at 38C3 in Hamburg! Come say hi!
- 2024-12-16 - S5Late, a tethered iPod bootrom/DFU exploit for iPod nano (7th generation) (and possibly iPod nano (6th generation)), is released.
- 2023-12-28 - ipod_sun, a tool that enables code execution on the iPod nano (6th generation) and iPod nano (7th generation), is released.
- 2023-01-07 - A preliminary U-Boot port to the iPod nano (5th generation) has been developed.
- 2022-01-04 - The bootrom of iPod nano (5th generation) was successfully dumped, and is in the process of being reverse-engineered!
- 2021-12-31 - An exploit named wInd3x, which exploits the latest vulnerability, is being prepared for iPod nano (4th generation) and iPod nano (5th generation).
- 2021-12-27 - A new vulnerability was discovered in iPod nano (4th generation) and iPod nano (5th generation) bootrom, which allows arbitrary code execution!
Follow our X feed to get status updates automatically. See the Status page for more detailed information. Check our GitHub repositories for the latest changes to our source code.
Project infoReleased Software
|
Basic skillsReverse engineering results |
HardwareExploiting |