Difference between revisions of "Main Page"
(→Reverse engineering results) |
|||
| (7 intermediate revisions by 2 users not shown) | |||
| Line 3: | Line 3: | ||
This is the wiki for the freemyipod project. Freemyipod is a project for reverse-engineering iPods with clickwheel ('''no''' iOS devices) and creating tools and documentation so that other people can port alternative firmwares to them such as [http://www.rockbox.org rockbox] or Linux. Freemyipod is a relaunch of [[Linux4nano]]. | This is the wiki for the freemyipod project. Freemyipod is a project for reverse-engineering iPods with clickwheel ('''no''' iOS devices) and creating tools and documentation so that other people can port alternative firmwares to them such as [http://www.rockbox.org rockbox] or Linux. Freemyipod is a relaunch of [[Linux4nano]]. | ||
| − | == What can I do with my iPod Nano 2 | + | == FAQ == |
| + | |||
| + | === What can I do with my iPod Nano 2, iPod Classic or older iPods? === | ||
| + | |||
| + | There's an upstream Rockbox port for these devices. Go use that. | ||
| + | |||
| + | === What can I do with my iPod Nano 3/4/5? === | ||
Not much (yet) unless you're an embedded developer :). | Not much (yet) unless you're an embedded developer :). | ||
| − | We have a stable tethered exploit ([[wInd3x]]) which allows early, untethered and safe (no permanent modification) code execution on Nano 3G-5G. This in turn allows you to run [[U-Boot]] or experiment with reverse-engineering/modifying the original firmware, [[OSOS]] | + | We have a stable tethered exploit ([[wInd3x]]) which allows early, untethered and safe (no permanent modification) code execution on Nano 3G-5G. This in turn allows you to run [[U-Boot]] and an early [[Linux|Linux port]] or experiment with reverse-engineering/modifying the original firmware, [[OSOS]]. |
There's a set of earlier tooling ([[emCORE]]/[[emBIOS]]/[[iBugger]]) which was exploiting other vulnerabilities and was a lead-up to a port of Rockbox, but it's mostly abandoned. | There's a set of earlier tooling ([[emCORE]]/[[emBIOS]]/[[iBugger]]) which was exploiting other vulnerabilities and was a lead-up to a port of Rockbox, but it's mostly abandoned. | ||
| + | |||
| + | === What can I do with my iPod Nano 6/7? === | ||
| + | |||
| + | Nothing, other than helping us find vulnerabilities to get code execution on them. | ||
== Getting an account == | == Getting an account == | ||
| Line 56: | Line 66: | ||
* [[wInd3x]] | * [[wInd3x]] | ||
* [[U-Boot|U-Boot port]] | * [[U-Boot|U-Boot port]] | ||
| + | * [[Linux|Linux port]] | ||
* Legacy: | * Legacy: | ||
** [[iBugger]] | ** [[iBugger]] | ||
| Line 72: | Line 83: | ||
===Reverse engineering results=== | ===Reverse engineering results=== | ||
* [[Firmware]] | * [[Firmware]] | ||
| + | ** [[Bootrom]] | ||
| + | ** [[Boot Process]] | ||
** [[Firmware decryption]] | ** [[Firmware decryption]] | ||
| − | ** [[ | + | ** [[FTL|Flash Translation Layer]] |
| − | *** [[ | + | ** [[RetailOS]] |
| + | *** [[RetailOS Options]] | ||
* [[GUID table]] | * [[GUID table]] | ||
| + | * [[JTAG]] | ||
* Nano 2G | * Nano 2G | ||
** [[Nano2G clock gates]] | ** [[Nano2G clock gates]] | ||
** [[Nano2G LCD init]] | ** [[Nano2G LCD init]] | ||
| − | |||
** [[Nano2G HW analysis]] | ** [[Nano2G HW analysis]] | ||
** [[S5L8701 analysis]] | ** [[S5L8701 analysis]] | ||
| Line 86: | Line 100: | ||
* Nano 5G | * Nano 5G | ||
** [[Nano 5G|General]] | ** [[Nano 5G|General]] | ||
| + | |||
===Other guides=== | ===Other guides=== | ||
* [[Modes]] | * [[Modes]] | ||
Latest revision as of 17:13, 12 February 2023
This is the wiki for the freemyipod project. Freemyipod is a project for reverse-engineering iPods with clickwheel (no iOS devices) and creating tools and documentation so that other people can port alternative firmwares to them such as rockbox or Linux. Freemyipod is a relaunch of Linux4nano.
FAQ
What can I do with my iPod Nano 2, iPod Classic or older iPods?
There's an upstream Rockbox port for these devices. Go use that.
What can I do with my iPod Nano 3/4/5?
Not much (yet) unless you're an embedded developer :).
We have a stable tethered exploit (wInd3x) which allows early, untethered and safe (no permanent modification) code execution on Nano 3G-5G. This in turn allows you to run U-Boot and an early Linux port or experiment with reverse-engineering/modifying the original firmware, OSOS.
There's a set of earlier tooling (emCORE/emBIOS/iBugger) which was exploiting other vulnerabilities and was a lead-up to a port of Rockbox, but it's mostly abandoned.
What can I do with my iPod Nano 6/7?
Nothing, other than helping us find vulnerabilities to get code execution on them.
Getting an account
Due to spambots, registration is closed. For an account contact User890104 or q3k.
Updates
- 2023-01-07 - A preliminary U-Boot port to the Nano 5G has been developed.
- 2022-01-04 - The bootrom of iPod Nano 5G was successfully dumped, and is in the process of being reverse-engineered!
- 2021-12-31 - An exploit named wInd3x, which exploits the latest vulnerability, is being prepared for Nano 4G and Nano 5G.
- 2021-12-27 - A new vulnerability was discovered in iPod Nano 4G and Nano 5G bootrom, which allows arbitrary code execution!
- 2018-08-25 - The website software has been updated to MediaWiki 1.31 after about 2 months of downtime.
Follow our Twitter feed to get status updates automatically. See the Status page for more detailed information. Check our SVN activity page for the latest changes to our source code.
Project infoReleased Software
|
Basic skillsReverse engineering results
Other guides |
HardwareExploiting |
