EDIT: This post is against the rules, sorry. Disregard this post.

EDIT2: Okay nevermind maybe the key is not illegal. So i'll repost what I said before. Yes, I am aware that the chronic dev iphone wiki has a bunch of Keys on them. BUT, they do NOT have the keys for 3.0 beta 2 for the ipod touch 2nd generation. which is what i should have said. the overall point is

I need the Root Filesystem Key for the 3.0 beta 2 for the ipod touch 2nd generation.

And NO, "GenPass" by the Chronic Dev Team does NOT work on the ipod touch 2nd generation.

Thanks!

Asking for illegal material = Ban. Happy wednesday.

I don't see why file system keys are illegal at all.
They can be found on The iPhone Wiki.

They aren't illegal.

Not illegal

Does anyone know what way to compile GenPass (http://code.google.com/p/chronicdev/wiki/GenPass)?

Asking for illegal material = Ban. Happy wednesday.

ha ha ha... funny.. if u can find it on the iphone wiki.. not illegal... phail..

@ Freethatappledevice: what r u trying to do with the key?

I cant find it on the iPhone wiki?

Yeah. I compiled GenPass but it doesn't work for s5l8720x :(

Someone know how to get it?

Yeah. I compiled GenPass but it doesn't work for s5l8720x :(

Someone know how to get it?

How do you compile GenPass.

I'm making a modded PwnageTool and I need ALL of the Keys and IVs.

How do you compile GenPass.

I'm making a modded PwnageTool and I need ALL of the Keys and IVs.

Use xcode to compile it. It does work for the 2g. I can promise you won't be able to create that pwnage tool because you don't have a patched kernel.

Use xcode to compile it. It does work for the 2g. I can promise you won't be able to create that pwnage tool because you don't have a patched kernel.

So how in xcode? step by step please, XCode is a bit general

should be:

gcc genpass.c -o genpass -lcrypto -lssl

if not, there is an os x built model already on the svn repo.

Use xcode to compile it. It does work for the 2g. I can promise you won't be able to create that pwnage tool because you don't have a patched kernel.

Proof it works for the 2G? Anyone have to key?

It doesn't work on the 2G, I believe the salts are different.
If it did, surely the 2G keys would already be on the wiki.

Even if you had the RootFS key, it'd be pretty much useless.
You still wouldn't be able to make a PwnageTool bundle for various reasons (not kernel patch issues, that is taken care of, it's the ramdisk that is now the problem).
Decrypt one of the firmwares that has a key released for it.

Decrypt one of the firmwares that has a key released for it.

And the point of that is????

Well, we can see if we can try to make a GenPass for 2G. That would be one step in the jailbreak imo. What needs to be done about the ramdisks, I might be a bit better at that? :D

And how has the kernel issue been taken care of? Are there patches for it atm?

And the point of that is????

Well, we can see if we can try to make a GenPass for 2G. That would be one step in the jailbreak imo. What needs to be done about the ramdisks, I might be a bit better at that? :D

And how has the kernel issue been taken care of? Are there patches for it atm?The point would be to look around the file system.

You can't make a GenPass for the 2G, unless you can reverse asr.
3.0 on the 2G can already be jailbroken, so you'd be making progress towards absolutely nothing.

The ramdisks are now compressed using a new Snow Leopard API.
If you think you might be better at that, reverse it and implement it in the dmg suite.

The kernel was never a problem for anyone besides myself (since I can't reverse).
The patches aren't out there but can easily be done.

The point would be to look around the file system.

You can't make a GenPass for the 2G, unless you can reverse asr.
3.0 on the 2G can already be jailbroken, so you'd be making progress towards absolutely nothing.

The ramdisks are now compressed using a new Snow Leopard API.
If you think you might be better at that, reverse it and implement it in the dmg suite.

The kernel was never a problem for anyone besides myself (since I can't reverse).
The patches aren't out there but can easily be done.

Chill man. Wait how can the 2G be jailbroken? Never seen it. I know it's possible, but does anyone know exactly how or done it before??

And are the s5l8900x ramdisks compressed too?

Chill man. Wait how can the 2G be jailbroken? Never seen it. I know it's possible, but does anyone know exactly how or done it before??

And are the s5l8900x ramdisks compressed too?The 2G could easily be jailbroken by writing patched images directly to the NOR and using a ramdisk containing a utility to throw a bundle into the file system.

Yes, all ramdisks included in 3.0b2, regardless of processor or device, are compressed.

The 2G could easily be jailbroken by writing patched images directly to the NOR and using a ramdisk containing a utility to throw a bundle into the file system.

Yes, all ramdisks included in 3.0b2, regardless of processor or device, are compressed.

Yeah, QuickPwn style. Just send ramdisks over. But if you use the whole PwnaeTool custom .ipsw crap, and add Cydia bundles etc. into the RootFS, do you need to patch the ramdisks?

Plus, how did the Russian haxx0r make QuickPwn to work with 3G if the ramdisks are compressed? Can they be uncompressed?

I'm kinda confused, am I getting something worng lol?

Yeah, QuickPwn style. Just send ramdisks over. But if you use the whole PwnaeTool custom .ipsw crap, and add Cydia bundles etc. into the RootFS, do you need to patch the ramdisks?

Plus, how did the Russian haxx0r make QuickPwn to work with 3G if the ramdisks are compressed? Can they be uncompressed?

I'm kinda confused, am I getting something worng lol?Yes, ramdisks still need to be decrypted and modified with a custom IPSW to patch out the SHA1 check done on the image.

You can still decrypt the ramdisk, but you cannot modify any of the files, since you cannot read them.
You can however, clear them out and add your own files.

Yes, ramdisks still need to be decrypted and modified with a custom IPSW to patch out the SHA1 check done on the image.

You can still decrypt the ramdisk, but you cannot modify any of the files, since you cannot read them.
You can however, clear them out and add your own files.

Cool! Do you know how to decrypt the ramdisk? I know how to for the RootFS, but I never knew about the ramdisks. Can you at least tell me how to decrypt the 2.2.1 ramdisk for s5l8720x? Matters to me more than 3.0 imo.

Cool! Do you know how to decrypt the ramdisk? I know how to for the RootFS, but I never knew about the ramdisks. Can you at least tell me how to decrypt the 2.2.1 ramdisk for s5l8720x? Matters to me more than 3.0 imo.You decrypt a ramdisk just like any other Img3-wrapped file; with xpwntool and the image's key pair.
The key pairs can be found in PwnageTool and QuickPwn bundles.
Note that both ramdisks have different keys that cannot be interchanged (say, if you have the key pair for the update ramdisk, you cannot decrypt the restore ramdisk with the same pair).

You decrypt a ramdisk just like any other Img3-wrapped file; with xpwntool and the image's key pair.
The key pairs can be found in PwnageTool and QuickPwn bundles.
Note that both ramdisks have different keys that cannot be interchanged (say, if you have the key pair for the update ramdisk, you cannot decrypt the restore ramdisk with the same pair).

Oh cool thanks. That's why you have a [restore ramdisk].dmg.patch file in PwnageTool. The same way you have a patch for all the .img3's instead of having to mount it with a FileVault Key liek the RootFS to patch it.

kk I get it nao! But in beta1 the img3's were unencrypted. Were the ramdisks unencrypted too? And all that is encrypted in beta2+ right?

Oh cool thanks. That's why you have a [restore ramdisk].dmg.patch file in PwnageTool. The same way you have a patch for all the .img3's instead of having to mount it with a FileVault Key liek the RootFS to patch it.

kk I get it nao! But in beta1 the img3's were unencrypted. Were the ramdisks unencrypted too? And all that is encrypted in beta2+ right?The ramdisk consists of changes to asr and restored.
I don't know why the files aren't extracted and patched (it may just be easier or quicker, haven't looked into it).
The ramdisk doesn't have any kind of key though, it is encrypted like images.
Likewise, the RootFS isn't encrypted the same as images, it is protected by FileVault.

And yes, you're correct, beta 1 didn't have encryption on the images (they were just wrapped with an Img3 container), however, the file system was still FileVault protected.
In beta 2, encryption returned, but it isn't a big deal since we have access to the AES engine (since all devices have already been compromised, whatever encryption they throw at us can be broken).

Yeah, QuickPwn style. Just send ramdisks over. But if you use the whole PwnaeTool custom .ipsw crap, and add Cydia bundles etc. into the RootFS, do you need to patch the ramdisks?

Plus, how did the Russian haxx0r make QuickPwn to work with 3G if the ramdisks are compressed? Can they be uncompressed?

I'm kinda confused, am I getting something worng lol?

they utilize the custom ramdisk built into QuickPwn, not the restore ramdisk as that would restore it instead of pwn it.

KK One more question, what is the syntax (in iRecvoery or rslite) to send a ramdisk over to the ipod. also the code to prepare it (2.1.1 iBSS , etc) and how to boot it (like a ramdisk command in iboot or something). thanks!