Tag Archives: jailbreak

ipod nano 6g hack

How to Hack iPod Nano 6G

Uncategorized, , , , , , , , , , , , , , , ,

This tutorial enables you to remove application icons from the iPod Nano 6G’s SpringBoard and insert blank spaces into the those locations. The iPod Nano in this tutorial is running the current 1.0 firmware and is Windows-formated. This will not work with a Mac-formatted Nano. It’s fairly basic and simple, but shows that booting with a user modified file is possible and is a nice proof of concept and is the first small ‘hack’ as such for the new iPod Nano. Before doing this, read the iPod Nano hacking primer, which James Whelton, the hacker, wrote here: http://nanohack.me/?p=33

Tutorial (via NanoHack.me)

  1. Make sure “Enable disk use” is ticked in iTunes when the Nano is plugged in.
  2. Go to My Computer and then into the NanoEnable hidden folders and go into theiPod_Control, then into Device.
  3. Make a backup of IconState.plist (save it to your desktop or something) and then proceed to open the original with Notepad or any text editor, here is what you’ll see this:
  4. For this tutorial I removed the SBPhotos part of the corresponding string and deleted the SBAlbums and SBGenres. (Note: you aren’t actually deleting the apps, simply removing their visibility from the system).
  5. Save this file.
  6. SyncTug it: hold down the minus volume button and lock button at the same time and as soon as it begins to reboot (screen flashes black for a moment),  unplug the iPod cable from it.
  7. Watch it boot and show  that the Photos and Genres app are missing and a space before the Settings app.

Its that simple and the same ‘SyncTug’ technique can be used on the iPodSettings.xml file to change stuff like wallpaper and whatnot (so far just playing, I’ve altered a few setting with it, have not looked greatly into it). Play around with it and post your findings. In the case you muck something up, just connect it your computer and replace the IconState.plistwith the backup one we made earlier and SyncTug. Failing that, simply restore in iTunes. Something to note also is that if you attempt to press down on an icon and move it, the iPod nano will do a quick reset as it can’t understand why the hell theres a blankspace. The iPod will also sync fine in iTunes and retain this hack.

iPod Nano 6G Jailbreak

Uncategorized, , , , , , , , ,

The iPod Nano hasn’t been “jailbroken” as some sites claim but it has been hacked. Hacker, James Whelton, claims to not have root access over the device. He did not “install” an app. He figured out how to remove an app and insert a blank space into the springboard.

What he’s also done is figured out a way for the iPod to boot with modified files (i.e. the SpingBoard plist), bypassing the procedure it takes to stop this, he hope this will allow us to figure out a way to jailbreak it. Whelton is primarily focusing on exposing some of the (for now) hidden features of the device.

Next is the discovery in some of the device’s plists of reference to support of Movies, TV Shows, Apps, Games, vCards, Calender events and so on, with a few other cool things like a passcode lock.

Below are some screenshots of the code. Be sure to follow us and our YouTube channel for information and tutorials on this story. If you happen to own an iPod Nano 6G, will you be hacking when it’s available? Let us know by leaving a comment!

Making the Move to a Jailbroken iPhone or iPod touch

Uncategorized, , , , , , , , , , , , , ,

If you’re a proud iPhone owner, you’ve probably noticed the fact that Apple has a stranglehold over the Applications Store. Apple has the first and last say over the programs that make it into this outlet, and if the Powers that Be decide that your application is a threat to the company, it will simply not be accepted.

For determined iPhone users, however, there is a route around this virtual monopoly. A jailbroken iPhone is capable of running code for programs that don’t originate in the App Store, opening up programming to anyone and everyone who can string together some code. This new development threatens to give computer programmers across the world the ability to develop applications without fear of being rejected by Apple.

Any of the iPhone models can now be jailbroken, including the newest model, the 3GS. A quick search will bring up your options. Choose wisely, of course: look for a program that can be erased to leave no trace, as you should be forewarned that jailbreaking an iPhone automatically voids Apple’s standard warranty.

So what applications can you look forward to enjoying once you’ve become an owner of an unlocked iPhone? Perhaps the most talked about and most downloaded is Fring. This one has AT&T (the only cell phone company licensed to sell and provide service for the iPhone) absolutely terrified, and for good reason. Once downloaded, Fring allows you to run Skype from your iPhone. Why does that have AT&T so freaked? Well, if you can use Skype rather than your cell phone minutes, suddenly your wireless company isn’t pulling in all that revenue from you going over your plan. Another app that falls into this “scare the crap out of AT&T” category is SkySMS, which allows you to send text messages for free. For folks who constantly go over their rationed number of text messages each month, that could be enough of a reason to jailbreak right there.

There are some other cool apps out there for those lucky enough to own a jailbroken iPhone. Take BossPrefs, for instance. This exciting application gives you much more precise control over your iPhone’s preferences, including the ability to customize icons. With that kind of functionality, you can have the coolest jailbroken iPhone on the block in no time at all.

A jailbroken iPhone also gives you the ability to add ringtones and change your phone’s wallpaper, functions that are impossible on units that haven’t been modified.

As competition keeps increasing in the mobile phone sector, you can expect Apple to continue to blacklist more and more applications. Take Google, for example. Now that the G-Men are developing Android, Apple is spooked, and they’re running for cover. That means more and more applications developed by Google are being rejected from the Apps Store. We can only expect this trend to continue. Luckily, with a jailbroken iPhone, you can use any of the applications you want.

Apple TV Jailbreak Released

Uncategorized, , , , , , , , , , , , , ,

Quote (via iPhone Dev-Team):

We’re pleased to release PwnageTool 4.1 for Mac OS X (free of charge, blog ads, and donation requests — as always!).  Today’s big new addition to the jailbreak family is AppleTV 2G, which was first shown jailbroken in its release week!

Through a combination of the recently released geohot limera1n exploit , @comex’s recently released pf kernel exploit, and our original pwnage2 exploit, PwnageTool 4.1 works untethered on these devices at firmware 4.1:

  • AppleTV 2G
  • iPad (firmware 3.2.2)
  • iPod touch 4G
  • iPod touch 3G
  • iPhone4
  • iPhone 3GS
  • iPhone 3G

PwnageTool allows you to restore to a custom IPSW file.  For instance, you can restore to a pre-jailbroken firmware while simultaneously maintaining your current baseband (and thus your ultrasn0w carrier unlock).  You can also add whatever packages you want in the “Expert” mode of PwnageTool, if you wish to pre-install Cydia packages.   iPhone 3G users get the additional benefit of selecting their own boot and recovery logos, and features like multitasking and battery charge percentage.

PwnageTool’s main advantage to ramdisk-based methods (limera1n, greenpois0n, redsn0w) is for unlockers — those that need to keep their current baseband and preserve their ultrasn0w unlock.  But in this new age of both bootrom- and userland-based exploits, it’s an excellent platform for continuing the jailbreak through all future firmwares.  More on this later!  In the meantime, please enjoy this free software and please provide any usage feedback in our comment section below.

AppleTV 2G users:  Welcome to the JB family!  Right now, about all you can do is command-line stuff via ssh.  You also have afc2 available, so you can use tools like ifunbox to move files around.  These are the *very* early days of AppleTV 2G jailbreaking, so it’ll take some time for JB app developers to come up with methods to use your AppleTV 2G from the remote, versus the command line.  PS: Your ssh password is “alpine”…please change it when you can :)

Expert mode: By popular demand, the IPSW file selection in Expert mode is now completely manual (doesn’t use Spotlight).  Just pick your IPSW file directly instead of waiting for the Spotlight search to complete.  In Expert mode, the default is to hacktivate (“Activate the iPhone”), so if you have a legit SIM card be sure to deselect that option in Expert mode.

DFU button:  That “DFU” button in PwnageTool is more than it looks like.  It guides you through the DFU process, but then also runs the appropriate exploit to convince your device and iTunes that all is legit.   The DFU button in PwnageTool is not just your average DFU.

Official Bittorrent Releases

PwnageTool 4.1 Torrent  - PwnageTool_4.1.dmg.5898597.TPB.torrent

SHA1 Sum = 4f216e5863d191f30f84b6201e8c2bbea031e691

Unofficial Mirrors

The following links are unofficial download mirrors, you download these archives at your own risk, we accept no responsibility if your computer explodes or if it becomes part of a NASA attacking botnet or even worse if your hands fall off mid-way during the use of these files. We do not check these links and we accept no responsibility with regard to the validity of the files, the other content that these links may provide or with the content that is on the third-party linked site.

Always check the files that you have downloaded against our published SHA1 hash.

We would prefer that you downloaded the official bittorrent release that is linked above, but you are welcome to try these if you really must.

Mirror owners should email direct dmg download links only (no rapidshare type sites please) to blog@iphone-dev.org — please don’t place mirrors in the comments as they will be deleted.

  • http://zaone.ro/PwnageTool_4.1.dmg
    • greenpois0n eta

    Greenpois0n iOS 4.1 Jailbreak Coming 10/10/10 @ 10:10:10 AM GMT

    Uncategorized, , , , , , , , , , , , , ,

    The greenpois0n jailbreak software for iOS 4.1 is expected to be released this Sunday, October 10, 2010, at 10:10:10 AM GMT. Unfortunately, however, the jailbreak only works on the iPhone 4, iPod touch 4, iPad, and AppleTV 2. Earlier today, members of the Chronic DevTeam announced the ETA for the much awaited jailbreak:

    If you’d like to download greenpois0n, be sure to visit the download page on October 10, 2010 at 10:10 AM GMT (time conversions listed below). TechGeec.com will have tutorials up as soon as the jailbreak is released so be sure to subscribe to our YouTube channel and follow us on Twitter to stay updated.

    Apple TV Has Been Jailbroken! But No Apps Yet!

    Uncategorized, , , ,



    Not too long ago (just a moment ago) I told you Apple TV could be jailbroken using the SHAtter exploit. Yesterday, I heard that the device can be restored in iTunes, which meant the race to jailbreak Apple TV could begin. Now, 9to5Mac has just noted that an Apple TV jailbreak has been achieved, by none other than MuscleNerd himself.

    MuscleNerd released this screenshot in the above image, As you can see, this Apple TV jailbreak isn’t ready to go even in Alpha yet (it’s basically three steps down from alpha. If anyone know what that is leave a comment and you MIGHT get a treat) nor can it run apps. But, it won’t be long until MuscleNerd puts together a public release.

    Apple TV Can Be Restored in iTunes! It’s Asking to Be Jailbroken!

    Uncategorized, ,



    Apple TV shipments are making their way to those lucky few who pre-ordered as well as arriving into Apple store shelves around the US. This is allowing us to find out more about the device.

    The most best discovery is that not only does the Apple TV come with a USB port, which allows you to connect the device to your computer, but it appears as a “iDevice” in iTunes, which you can restore yourself. At this point the Apple TV is asking to get jailbroken.

    According to info received by TechFlash, jailbreakers have found a way to put the device in DFU Mode, and are trying to jailbreak the device right now.

    TechGeec.com will let you know when a jailbreak is achieved.

    iOS 4.1 Jailbreak (ALL Devices) Release Date – Sn0wbreeze & iReb

    Uncategorized, , , , , , , , , , , , , , , , , , , , , , ,

    To make this short and sweet, iH8sn0w, maker of the extremely popular jailbreak too, Sn0wbreeze, has announced a release date for Sn0wbreeze 2.0. It will be released Wednesday September 23, 2010. Here’s the devices it will jailbreak:

    • iPhone 2G — Works out the box
    • iPhone 3G — Works out the box
    • iPhone 3GS (old bootrom) — Requires you to be already jailbroken. (If you are the old bootrom on Spirit or Jailbreakme use Spirit2Pwn on http://repo.woowiz.net)
    • iPhone 3GS (new bootrom) — Requires you to be on 3.1.2
    • iPhone 4 (When exploit is released)
    • iPod Touch 1G — Works out the box
    • iPod Touch 2G (MB) — Works Out the Box
    • iPod Touch 2G (MC) — Requires you to be on 3.1.2
    • iPod Touch 3G — Requires you to be on 3.1.2
    • iPod Touch 4 — (When exploit is released)
    • iPad — (When exploit is released)

    This new version is said to jailbreak iOS 3.1.x, 4.0, 4.0.1, and 4.1.

    A new version of iReb is also said to be released. iREB is a tool for Windows and Mac that will bypass any errors while restoring to a custom IPSW in iTunes.

    A jailbreak tutorial will be posted here as well as on our YouTube channel on Wednesday showing how to perform the jailbreak. We will also upload a video demonstrating how to jailbreak the iPod touch 4 & iPhone 4 when the exploits are released. Follow @TechGeec to stay up-to-date and if you have any questions, leave a comment below and we’ll get back to you ASAP.

    Jailbreakers – Stay Away from iOS 4.1

    Uncategorized, , , , , , , , , , , , , , ,

    As many of you probably know, today Apple released a new firmware for the iPhone and iPod touch, iOS 4.1. If you are currently jailbroken and would like to keep your jailbreak, do not update! There is currently two known ways to jailbreak this firmware, one way would be through redsn0w, another and much more simplistic way, is through an updated version of jailbreakme.com. Right now we’re just waiting on Comex, creator of jailbreakme, to release the jailbreak(s). Here’s the newest post from the iPhone Dev-Team regarding iOS 4.1:

    Quote (via iPhone Dev-Team):

    This time of year there are lots of new iPhone owners, and not everybody knows that accepting new iOS updates is the surest way to lose your jailbreak and/or unlock.  While those of you who have Cydia or TinyUmbrella backups of your FW hashes will always be able to get back to 4.0.1 if you make this mistake, this doesn’t hold for unlockers. There’s currently no known way to revert your baseband — if you update your baseband you’ll lose the ultrasn0w unlock, possible forever.

    Please stay away from this 4.1 release until a safe jailbreak procedure (which also preserves ultrasn0w) is developed and released.

    P.S.  There are a tiny number of iPhone3G owners who can revert their basebands due to a flaw in very early bootloaders…you will already know if you fit in this category!

    ProSwitcher, Multifl0w, & Circuitous Alternative for iOS 4 (ALL DEVICES)

    Uncategorized, , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
    Video tutorial below.

    As we all know, Apple decided to come out with their own version of multitasking in iOS4. The problem is that it’s not “true” multitasking. In this tutorial, I will explain how to use Apple’s multitasking bar with Backgrounder. This disables Apple’s multitasking and replaces it with Backgrounder’s multitasking.

    This is great for older iDevices with 128MB RAM (iPod touch 1G, iPod touch 2G, iPhone 2G, iPhone 3G) because they don’t support Apple’s multitasking but it will still work perfectly using this method.


    Steps:

    1. Open Cydia and download Backgrounder
    2. Open Backgrounder and go to Global. Make sure “Backgrounder” is checked as ‘Backgrounding Method’ and “Fall Back to Native” is TURNED OFF

    3. SSH into the directory: /System/Library/CoreServices/SpringBoard.app
    4. Locate the N72AP.plist (or N82AP.plist)
    5. Backup the .plist file. Edit your .plist in any text editing software and add the following key after <dict> and before </dict>:

    <key>multitasking</key>
    <true/>

    6. Copy the newly edited .plist file back to the directory on your iDevice (OR save it if you edited it straight from your SSH client) and REBOOT.
    7. Open Cydia and download a package, “Remove Recents”.
    8. Respring (or reboot if you don’t know how to respring).

    How to SSH on Windows
    How to SSH on Mac