Sherif Hashim has found a new exploitable crash in iPhone baseband which may lead to and unlock for iOS 4.2 and iOS 4.1 Baseband 05.14.02 and 02.10.04.

This is what Sherif Hashim tweeted:

hmm.., 95% of the tweets i get (at least the last 500) are either about 5.14 or 2.10

since nearly all my received tweets ask about both BB, I can report very early “initial” 1st step success on both sides, calmed down?

this won’t be feasible before the official 4.2 release at the earliest if everything went fine

Sherif Hashim is the same guy who found the exploit in Baseband 05.13.04 (iOS 4.0/4.0.1), and iPhone 4 baseband 01.59.00 which resulted in UltraSn0w 1.0-1 release.

MuscleNerd has also confirmed the iOS 4.2 unlock is a tweet saying:

There is an unlock on the horizon for both new jailbreakers and old, possibly not released until 4.2 though.

iOS 4.2 final is hitting masses in November as a universal firmware for all iOS based devices (iPhone, iPad and iPod Touch). So, a few more weeks to go and we’ll meet the iOS 4.2 unlock which will also unlock all older firmware baseband. GeoHot is also rumored to be working on LimeSn0w.

via iPhoneHeat

iOS 4.2 beta 3 for iPhone 4, 3GS, 3G, iPod Touch 4G, 3G, 2G and iPad is now available for download. You can download iOS 4.2 beta 3 build 8C5115c for iPhone, iPod Touch and iPad from the iOS dev center if you’re a registered Apple developer.

iOS 4.2 beta 2 was released on September 28th with refined iPad multitasking animation. beta 1 was pushed on Sep 15th with Multitasking, Folders, Game Centre, Wireless printing, AirPlay feature to stream video, music, and photos over Wi-Fi.

We’ll update this post as soon as we know what’s new in iOS 4.2 beta 3. Stay Tuned.

WARNING: Avoid the iOS 4.2 beta firmware if you depend on jailbreak and unlock until further notice.

iOS 4.2 beta is available to developers only. Developers can download iOS 4.2 from the iOS Dev Center. However, if you still want to give it a shot, Google the queries listed below. (Please don’t ask for the links)

Download iOS 4.2 Beta 8C5115c

iOS 4.2 beta 3 is available to developers only. Developers can download iOS 4.2 from the iOS Dev Center. However, if you still want to give it a shot, Google the queries listed below. (Please don’t ask for the links)

Download iOS 4.2 beta for iPad

• iPad1,1_4.2_8C5115c_Restore.ipsw
• ios_4.2_beta_3__ipad__8C5115c.dmg

Download iOS 4.2 beta for iPhone 4

• iPhone3,1_4.2_8C5115c_Restore.ipsw
• ios_4.2_beta_3__iphone_4__8C5115c.dmg

Download iOS 4.2 beta for iPhone 3GS

• iPhone2,1_4.2_8C5115c_Restore.ipsw
• ios_4.2_beta_3__iphone_3gs__8C5115c.dmg

Download iOS 4.2 for iPhone 3G

• iPhone1,2_4.2_8C5115c_Restore.ipsw
• ios_4.2_beta_3__iphone_3g__8C5115c.dmg

Download iOS 4.2 beta for iPod Touch 4G

• iPod4,1_4.2_8C5115c_Restore.ipsw
• ios_4.2_beta_3__ipod_touch__4th_generation__8C5115c.dmg

Download iOS 4.2 beta for iPod Touch 3G

• iPod3,1_4.2_8C5115c_Restore.ipsw
• ios_4.2_beta_3__ipod_touch__3rd_generation__8C5115c.dmg

Download iOS 4.2 beta for iPod Touch 2G

• iPod2,1_4.2_8C5115c_Restore.ipsw
• ios_4.2_beta_3__ipod_touch__2nd_generation__8C5115c.dmg

via iphoneheat.com

Musclenerd recently tweeted that Sunday will more than likely be a Funday. An updated pwnagetool is expected to be released Sunday with iOS 4.1/AppleTv 2 support. This is a good thing for Mac users as both newly released jailbreaking tools Limera1n and Greenpois0n are windows only.

Pwnagetool lets you create a custom iOS firmware that is already pre jailbroken so all you have to do is restore with that firmware and you are jailbroken and good to go.

via iphonespot

Step 1

Download the required stuff:

• Download iOS 4.1
• Download Greepois0n

Step 2

iPhone 4: If you don’t need to unlock iPhone, simply update to iOS 4.1 via iTunes. But If you depend on unlock, follow the guide linked below to update your iPhone 4 to iOS 4.1 without upgrading its baseband:

How to Update iPhone 4 to iOS 4.1 without updating baseband

iPhone 3GS: If you don’t need to unlock iPhone 3GS, simply update to iOS 4.1 via iTunes. But If you depend on unlock, AVOID iOS 4.1, Greepois0n, Limera1n and wait for the PwnageTool to come out (hopefully within a week.)

Step 3

Connect your iPhone 4 / 3GS to your computer and turn it off.

Step 4

Now execute the downloaded Greenpois0n jailbreak (from step 1).

Step 5

Now hit the “Prepare to Jailbreak (DFU)” button on the Greepois0n and follow the on screen instructions to put your iPhone 4 / 3GS into DFU mode.

* If you find on screen instructions difficult to follow, we have an easy guide to: put iPhone into DFU Mode.
* If you think your device is in DFU mode but Greenpois0n is not detecting it, hit the “Prepare to Jailbreak (DFU)” button again.

Step 6

Once you’re into DFU mode, Greepois0n will tell you that your device is ready to jailbreak.

Hit the “Jailbreak!” button and Greenpois0n will start jailbreaking your iPhone 4 or iPhone 3GS.

Step 7

Once the process is successfully completed, Quit button will appear on Greenpois0n window.

That’s it. Check for the Cydia icon on your iPhone home screen. Have fun with your jailbroken iPhone 4/3GS on iOS 4.1

via iphoneheat

The Chronic Dev-Team has released Greenpois0n, their utility for jailbreaking the iPhone, iPad, and iPod touch on iOS 4.1.

After much controversy, the tool has been updated to use the bootrom exploit found by Geohot.

Unfortunately, only a Windows version is currently available; however, a mac version and ipt2g support are coming soon.

You can download Greenpois0n from here.

Initially, this will be a Windows-only release. This is due to some technical complications that we soon hope to correct. We apologize for any inconvenience.

Thanks to geohot for the bootrom USB exploit. We have opted to use that instead of SHAtter for the sake of exploit presevation.

This release of greenpois0n supports:
- iPhone 4
- iPhone 3G S
- iPod touch (4th Generation)
- iPod touch (3rd Generation)
- iPad

Soon there will be another release, adding things like support for:
- Apple TV (2nd Generation)
- iPod touch (2nd Generation)

After Limera1n, GeoHot is going to amaze us all over again with LimeSn0w, a potential unlock for iOS 4.1 on iPhone 4, 3GS and 3G. The screenshot and video below [Fake?] shows iPhone 3GS iOS 4.1baseband 05.15.01 unlocking with LimeSn0w installed via Limera1n just like BlackSn0w was available via Blackra1n.

As a matter of fact, when you update iPhone 4 / 3GS to iOS 4.1 to jailbreak with Limera1n it also updates iPhone 4 baseband to 02.10.04 which is not unlockable ATM. So, it would make sense for GeoHot to comes up with his own unlock solution (LimeSn0w?).

The domain http://www.limesn0w.com is registered by GeoHot the same day he registered limera1n.com for Limera1n jailbreak. Domain info for LimeSn0w.com and LimeRa1n.com can be found here and here. The domain ownership enforce our belief that Limesn0w will become reality just like Limera1n.
NOTE: There’s no word from GeoHot himself.

PwnageTool update for iOS 4.1 is expected soon which will jailbreak iPhone and iPod Touch on iOS 4.1 while preserving baseband thus enables you to unlock your iPhone with UltraSn0w.

http://www.twitvid.com/UKHS8

via

Sherif Hashim has discovered another exploitable iPhone baseband crash which could bring an unlock for iOS 4.1 and iOS 4.2.

@sherif_hashim: since nearly all my received tweets ask about both BB, I can report very early “initial” 1st step success on both sides, calmed down?

@mrpauldurden: @sherif_hashim very early first steps means.. you’ve found a crash that can potentially prove to be an expoitable vulnerability?

@sherif_hashim: @mrpauldurden a bit more sure than this, yeah

Hashim previously found a baseband crash in iOS 4.0 that was instrumental in bringing the unlock for devices on that firmware.

Veeence suggests that the unlock won’t be released till iOS 4.2; however, it will still support iOS 4.1.

@veeence: A new exploitable baseband crash has been found. An unlock will very likely be released after iOS 4.2 and will unlock both BB’s of 4.1 & 4.2

We’ll bring you more information as it becomes available.

via iclarified.com

As you may know Geohot came out of no where yesterday and released his Limera1n jailbreak. Because of this the Chronic Dev Team decided to wait and not release their jailbreak. Why you ask?

The reason for not releasing today is because chronic dev team is going to use Geohot’s Limera1n exploit in Greenpois0n instead of their own SHAtter exploit.

This is a very smart decision as if they were to release their own tool with the SHAtter exploit implemented then that would be a waste of an exploit. SHAtter will be saved and used on a later firmware or even better yet a next gen idevice.

Check out the official Greenpois0n page: http://greenpois0n.com/

via iphonespot

Limera1n surprise

After a few very dramatic days in the jailbreak community, geohot has come out of nowhere to release limera1n.  It’s a bootrom-level jailbreak that works on the iPhone3GS, iPhone4, iPod touch 3G, iPod touch 4G, the iPad, and (technically) the AppleTV 2G.

DO NOT USE LIMERA1N IF YOU USE THE ULTRASN0W CARRIER UNLOCK — wait for PwnageTool to incorporate the limera1n exploit. This is so that you can avoid updating your baseband and losing the unlock (possibly forever).

Limera1n uses a different exploit than SHAtter, and in fact covers more devices.  Although some may question geohot’s dramatic and competitive style, he obviously does have considerable skill pulling this together in just over a day (although he’s had the underlying exploit for months).  Credit also goes to @comex, who provides the untethered aspect of limera1n via another one of his growing list of kernel hacks.

The release of limera1n has (hopefully!) averted the burning of 2 bootrom holes at once (both his and SHAtter).Releasing SHAtter now would be a complete waste of a perfectly good bootrom hole in light of limera1n, and so it can be held until Apple closes limera1n’s hole.  While there’s no guarantee that Apple won’t also close SHAtter by then, it provides a ray of hope for devices after Apple’s bootrom respin.  Meanwhile, look for an alternate implementation of the limera1n exploit in greenpois0n (and possibly other tools), where it should undergo more testing too.

Limera1n wasn’t tested very thoroughly and does have some issues.  Geohot typically works these out in subsequent (and rapid) releases (there are already 3 beta versions of it as of Saturday night!).  In the meantime, feel free to discuss any problems and their solutions in our comments section.

via Dev Team blog

Geohot Releases Limera1n, Jailbreak Most iOS Devices

Geohot has released Limera1n, his tool to jailbreak all i-devices on the latest Apple iOS 4.1 firmware. There has been a lot of drama with the release as Geohot stole comex’s untethered exploit and used it on his own tool. The dev team warns that the jailbreak may be unstable and could cause problems as the tool uses a beta version of comex’s untethered exploit. Use at your own risk, UNLOCKERS STAY AWAY or you could possibly lose your iphone unlock forever. Wait until the dev team releases their jailbreak tool.

Download Limera1n HERE

Limera1n Details:
● Jailbreak iPhone 3GS, iPod Touch 3G, iPad, iPhone 4, iPod Touch 4G
● 3GS new bootrom is broken, fix pending
● 4.0-4.1 and beyond+++

There is too much to keep up with as twitter is blowing up with vulgar statements and comments between jailbreak teams. To stay up to date with all thats going on you can check out the following twitters:

• Pod2G http://twitter.com/#!/pod2g
• Chronic Dev http://twitter.com/#!/chronicdevteam
• PosixNinja http://twitter.com/#!/p0sixninja
• Comex http://twitter.com/#!/comex
• Chpwn http://twitter.com/#!/chpwn