o2 iphone 3G jailbreak - it worked

chris (2009-05-18 22:38:10)
3344 views
2 replies
I decided to perform a jailbreak on my O2 iphone today. I used the Pwnage tool v2.1. I didn't use the Expert mode. I just went for simple mode and accepted all the inputs. It all went pretty smoothly, but I was kinda crapping myself once the device was in DTU mode - especially since it turned out I had to then upgrade to iTunes 8 in order to proceed with re-connecting with the device. Anyway, with iTunes updated I restored my backed-up data, so I know have the revised firmware running, with all my apps and contacts and wotnot just as I left them.

Now the fun bit is cruising around the internals of the phone. You can catch a glimpse of an ssh session on the device in the video alongside (no apologies for crappy quality - I shot it with the self same iphone as I was logged in to :S ). Cydia is a neat package which offers a whole bunch of applications for the jailbreaker. Openssh is included. I have installed that and just needed to check the ip address of the device in the Network Settings screen - and then I could just log straight in as root - wahey. So what does it look like?

Well, as expected, it's a Darwin unix kernel running on an ARM architecture:

localhost:~ root# uname -a
Darwin localhost 9.4.1 Darwin Kernel Version 9.4.1: Sun Aug 10 21:23:40 PDT 2008; root:xnu-1228.7.27~12/RELEASE_ARM_S5L8900X iPhone1,2 arm N82AP Darwin

And the disk partitions are layed out as below - suggesting that it's not quite an 8 GB device. It looks like 475 MB has been mopped up elsewhere. It appears the partitions are built with the hfs filesystem - all pretty regular stuff.

Filesystem           1K-blocks      Used Available Use% Mounted on
/dev/disk0s1            512000    421368     85512  84% /
devfs                       25        25         0 100% /dev
/dev/disk0s2           7417368    117520   7299848   2% /private/var

localhost:/cores root# cat /etc/fstab 
/dev/disk0s1 / hfs rw 0 1
/dev/disk0s2 /private/var hfs rw 0 2

Oh, and it conveniently comes with telnet installed, just to show that things work..

localhost:~ root# telnet www.google.co.uk 80
Trying 209.85.229.104...
Connected to www.google.co.uk.
Escape character is '^]'.
GET / HTTP/1.1

HTTP/1.1 302 Found
Location: http://www.google.co.uk/
Cache-Control: private
Content-Type: text/html; charset=UTF-8
Set-Cookie: PREF=ID=a98673ef8f1f6aa9:TM=1242682076:LM=1242682076:S=fQGp6lGRn-T4EEuH; expires=Wed, 18-May-2011 21:27:56 GMT; path=/; domain=.google.com
Date: Mon, 18 May 2009 21:27:56 GMT
Server: gws
Content-Length: 221

..bla bla
telnet>

I know there are easier ways to browse the web, but nothing feels quite so cool as doing it from a terminal running wirelessly off a tiny handheld device sat on the table just next to you

The next task was to tether the phone to my laptop. Through Cydia, you first have to add modmyi to your list of package repositories. It's all very Debian-like - in the filesystem of the pwned device you will see various references to apt libraries and tools. Anyway, once modmyi is added to the repo list, you can install PDANet and from there the tethering process is pretty straightforward - unlimited 3g data FTW!. Shame it canes the battery so badly.

christo

twitter: http://twitter.com/planet_guru
comment
Nate
2009-06-07 01:53:50

Were you able to use o2 and its services on your phone, just like it was before the jailbreak? Or did you unlock it as well and used a different network?
reply iconedit reply
chris
2009-06-08 06:39:30

Were you able to use o2 and its services on your phone, just like it was before the jailbreak? Or did you unlock it as well and used a different network?


Yeah I'm still using O2 and its services. Part of the jailbreak process I thought would remove the sim lock, but when I tried a Vodaophone sim in the device yesterday, it didn't work. Definitely still worth doing tho!

christo
reply icon