Wednesday, September 22, 2010

iPod Touch 2G (MC Model) Pwned for Ever

Pod2g the guy behind the SHAtter exploit which will be used with Greenpois0n to create the new iOS 4.1 jailbreak for iPhone 4, iPod touch 4G and iPad, has discovered a new exploit that will pwn iPod touch 2G for ever, the new exploit called usb_control_msg(0xA1, 1) exploit. This is the fourth exploit discovered by Pod2G, really he is talented guy.

The new exploit technicality is complicated to understand through regular users, you can check this in the quote below to see how it works.
A heap overflow exists in the iPod touch 2G (both old and new) bootrom’s DFU Mode when sending a USB control message of request type 0xA1, request 0×1.

On newer devices, the same USB message triggers a double free() when the image upload is marked as finished, also rebooting the device (but that’s not exploitable because the double free() happens in a row). posixninja analyzed and explained this one.
You also have to know that the new exploit will also be used in the upcoming Sn0wbreeze 2.0, to jailbreak iPod touch 2G (MC Models) for ever.
Looks like sb2 will have otb support for ipt2g MC models too! :) thx @pod2g
@jonnyboywashere this exploit is only in the ipt2g, thats why pod2g published it on the wiki
Any way, we can sum up that the new exploit will pwn iPod touch 2G (MC Model) for ever. [via redmondpie & The iPhone Wiki]

You may also like:

0 comments:

Post a Comment

 

My Blog List

Followers

Recommended Gadget

  • ads
  • ads
  • ads
  • ads

Tech. Muse Magazine Copyright © 2009 Gadget Blog is Designed by Ipietoon Sponsored by Online Business Journal