my original idea was to overwrite TLB to point 0x60000000 to 0x5FF00000, but it doesn't work for some reason. I assumed it was DMA, however I never tried overwriting or mirroring the addresses of hardware devices. Solve the answer why and instant pwn on boot
Upgraded my iPad 2nd to iOS 7.1.2 (11D257) exploiting @p0sixninja's iOS 5.x iBoot HFS heap buffer overflow. With this, featuring custom logo & verbose boot! 
pic.twitter.com/LGheCxIMm8
-
-
- Još 2 druga odgovora
Novi razgovor -
-
-
Is it not possible to hide that Apple everytime?
-
not sure, it takes a second for it to start overwriting toe code. maybe some tricks could work
Kraj razgovora
Novi razgovor -
-
-
I like how some people like to work on obsolete software and hardware
- Još 2 druga odgovora
Novi razgovor -
-
-
Is it tethered or untethered?
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
-
-
Tweet je nedostupan.
-
Nyan has a guide on exploiting the 5.x overflow.
- Još 3 druga odgovora
-
-
-
Very good !
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.