Anyone here remember 74 steps?

Discussion in 'iPod touch 1.1.x Jailbreak' started by brisingr, Jul 9, 2008.

  1. brisingr

    brisingr New Member

    Jun 25, 2008
    Likes Received:
    Hi! Remember 74 steps? Or the "less-than insta-jb"?
    There you go:

    RESTORE IPOD FIRST then download iphuc http://[].com/files/61742428/
    1. Load on iPod
    2. Exit iTunes, and kill ituneshelper.exe process
    3. Extract iPhuc to directory on computer
    4. Copy iTunesMobileDevice.dll from C:\Program Files\Common
    Files\Apple\Mobile Device Support\bin to the same folder as iPhuc.exe
    5. Copy readline5.dll from to the
    same folder as iPhuc.exe
    6. Run iPhuc.exe
    7. Plug in your iPod
    8. In iPhuc type "getfile /dev/rdisk0s1 rdisk0s1 314572800", this will
    take a while as it's a 300mb file
    9. Make a backup copy of rdisk0s1 that you just downloaded.
    10. You now need to do some hex editing. The tool I use for doing this
    is HxD ( Open rdisk0s1 with your hex
    11. Search for the ASCII string "noexec" in the file. The second hit
    should look like the /etc/fstab file: /dev/disk0s1 / hfs ro 0 1
    /dev/disk0s2 /private/var hfs rw,noexec 0 2
    Only, of course, hex editors will just display newlines as a '.'
    character or similar. This series of characters are often found at
    0xF8F9000-0xF8F9045. They will have the following character codes:
    2F 64 65 76 2F 64 69 73 6B 30 73 31 20 2F 20 68 66 73 20 72 6F 20 30 20
    31 0A 2F 64 65 76 2F 64 69 73 6B 30 73 32 20 2F 70 72 69 76 61 74 65 2F
    76 61 72 20 68 66 73 20 72 77 2C 6E 6F 65 78 65 63 20 30 20 32 0A
    (In "find" make sure it's set to find hex values)
    12. Change these to /dev/disk0s1 / hfs rw 0 1 /dev/disk0s2 /private/var
    hfs rw 0 2
    With newlines padding the end of the string so it ends up being exactly
    the same size as the old /etc/fstab. The new series of characters ought
    to be:
    2F 64 65 76 2F 64 69 73 6B 30 73 31 20 2F 20 68 66 73 20 72 77 20 30 20
    31 0A 2F 64 65 76 2F 64 69 73 6B 30 73 32 20 2F 70 72 69 76 61 74 65 2F
    76 61 72 20 68 66 73 20 72 77 20 30 20 32 0A 0A 0A 0A 0A 0A 0A 0A
    13. Save your changes. I'm assuming that you're replacing the old
    rdisk0s1 file on your hard drive with this modified version. As a final
    safety check, make sure the file sizes of your modified version and your
    backup versions are exactly the same, down to the last byte.
    14. Upload the modified rdisk0s1 image to your iPod. In iPhuc, type
    "putfile rdisk0s1 /dev/rdisk0s1".
    15. Exit iPhuc and reboot your iPod
    16. Open iPhuc again so it connects to your freshly rebooted iPod. As a
    check, type "getfile /etc/fstab". This will download fstab to iPhuc's
    directory. Open it up with your favorite text editor and confirm that
    the changes we have made are still there. If they are, congratulations.
    You have a jailbroken iPod. Sort of.
    17. We now need to install ssh and associated tools. This is all now old
    territory, but unfortunately, everything is either "one-click" or
    designed for Macs. Thus we need to do some sweating here. Download You will also need
    cygwin1.dll from
    18. Open CMD and do:
    dropbearkey -t rsa -f dropbear_rsa_host_key
    dropbearkey -t dss -f dropbear_dss_host_key
    You should now have two files in that directory, dropbear_rsa_host_key
    and dropbear_dss_host_key. Copy or move these into your iPhuc directory.
    19. Download and extract
    into your iPhuc directory.
    20. Download and extract into your iPhuc
    directory. Make sure dropbear, fd6, au.asn.ucc.matt.dropbear.plist,
    glob6, goto, osh and sh6 are in the same directory as iPhuc.exe. Move
    them there if you have to.
    21. Open up iPhuc and type in "mkdir /etc/dropbear",
    22. "cd /etc/dropbear".
    /etc/dropbear/dropbear_dss_host_key, /bin/chmod, /bin/sh and
    23. "putfile dropbear_rsa_host_key"
    24. "putfile dropbear_dss_host_key"
    25. "cd /bin"
    26. "putfile chmod"
    27. Rename sh6 in your iPhuc directory to sh, then "putfile sh" in
    28. "cd /usr/bin"
    29. "putfile dropbear"
    30. Make sure /etc/dropbear/dropbear_rsa_host_key,
    /etc/dropbear/dropbear_dss_host_key, /bin/chmod, /bin/sh and
    /usr/bin/dropbear now exist on your iPod with iPhuc.
    31. "cd /usr/sbin"
    32. "getfile update"
    33. In Windows Explorer, rename "update", which you just downloaded, to
    34. Rename "chmod" in the iPhuc folder to "update".
    35. In iPhuc, "putfile update", so you're replacing /usr/sbin/update
    with chmod.
    36. "cd /System/Library/LaunchDaemons/"
    37. "getfile"
    38. Open in a text editor
    Right after it says <string>/usr/sbin/update</string> add:
    39. Save the file. Upload the modified version with "putfile"
    40. Also, "putfile au.asn.ucc.matt.dropbear.plist"
    41. Reboot the iPod twice. The first reboot should set the required
    permissions. The second should start the ssh server (since proper
    permissions are now set). And close iPhuc.
    42. Theoretically, SSH should be working now. Find out the IP of your
    iPod in the iPod's wireless settings.
    43. Try to ssh to it with Putty
    Username root, password alpine.
    So, okay, now we need to get sftp running, do some clean-up and then I
    think we can install and be good.
    Download WinSCP (
    44. Download You will need
    /libexec/sftp-server, /usr/bin/scp and /usr/lib/libarmfp.dylib from that
    archive. Extract them all to your iPhuc folder.
    45. Using iPhuc's putfile capability, put sftp-server in /usr/libexec/,
    put scp in /usr/bin/, and put libarmfp.dylib in /usr/lib/.
    46. Remember that BSD_Base folder you extracted? We need to raid it for
    some commands. You will need /bin/ls, /bin/mv, /bin/pwd, and /bin/csh.
    Copy those to your iPhuc directory.
    47. In iPhuc:
    cd /bin
    putfile ls
    putfile mv
    putfile pwd
    putfile csh
    48. SSH into your iPod. What we now need to do is chmod them all
    49. In SSH, "/bin/chmod 555 /bin/ls"
    50. "/bin/chmod 555 /bin/mv"
    51. "/bin/chmod 555 /bin/pwd"
    52. "/bin/chmod 555 /bin/csh"
    53. "/bin/chmod 555 /usr/bin/scp"
    54. "/bin/chmod 555 /usr/libexec/sftp-server"
    Theoretically, sftp should work now, yes.
    55. Also upload glob6 to "/bin" with iPhuc and in SSH, "/bin/chmod 555
    56. Type "/bin/csh" to test out this shell (in SSH). This has advantages
    of not requiring you to type in the full path of every executable in the
    57. In SSH "cd /var/root".
    58. Type ls. You should have a Library, Mediaold, and Media directory.
    59. "mv Media Media_sym"
    60. "mv Mediaold Media"
    61. Reboot your iPod and check your iPod in iTunes.
    On to installing AppTap
    62. Download and install 7-zip ( We need it to
    crack open the dumb Nullsoft installer.
    63. Download the Windows installer for at
    64. Use 7-zip to open AppTappInstaller.exe and extract the
    folder from it.
    65. Use SFTP to upload Installer.App into /Applications on your iPod.
    66. In SSH, type "/bin/chmod -Rf +x /Applications/"
    67. Slide to unlock your iPod then in SSH type
    /Applications/ and hit return to launch
    68. After AppTapp opens, press control+c in SSH to close it
    69. Open Safari on the iPod and navigate to Please make sure while you're
    doing this that the hacked TIFF image isn't loaded again. So if starts
    loading, hit the X.
    70. Tap yes to add it to Installer
    71. Back in ssh, type "/Applications/" and hit
    return to launch Installer again.
    72. Install the Community Sources package.
    73. Install Trip1PogoStick located under the "System" category to
    enable scrolling and applications.
    74. Restart the iPod. You should be done.

    What do you think? Would you have done it?
  2. Xandu

    Xandu New Member

    Mar 9, 2008
    Likes Received:
    iPhone 3GS (Black)
    ZOMG, good thing I got my iPod after that..
  3. Ryan

    Ryan Well-Known Member

    Jan 19, 2008
    Likes Received:
    Nexus 4
    luckerly i didnt get my ipod till xmas, and by then we could just use

    but yeah, i would still have done that, it would just have taken a bit longer
  4. cameleon1267

    cameleon1267 Member

    Oct 11, 2007
    Likes Received:
    iPhone 4 (Black)
    I did it the first time and it worked great. Then they came up with something like 20 steps.
  5. shotgunfool

    shotgunfool Active Member

    Oct 7, 2007
    Likes Received:
    iPod touch
    i tried it.

    failed at step 45 xD
  6. veryniceipod

    veryniceipod Retired Moderator

    Sep 14, 2007
    Likes Received:
    iPhone 3GS (Black)
    I remember that! I failed it when i tried the first time, but the second time went great. Wow.. we have come a long way.
  7. jimbeam

    jimbeam Active Member

    Nov 19, 2007
    Likes Received:
    iPhone 3G (Black)
    took me for or five tries. It was the first time I used a hexediter or done anything like this. I was up for over 30 hrs at one point trying to figure it out.

    I thought there was applications you could download to the touch when I first got it. So I googled and found a post about this and tryed it. I never thought to join one of these forums to get help. I had to figure it out on my own. It wasn't until came out and the sene exploded before I realized there were forums for this. LOL!
  8. Mortel

    Mortel Active Member

    Dec 6, 2007
    Likes Received:
    3G iPod touch
    I got my iPod after this was already obsolete, lucky me.

    Please Register or Log in to view images

    I would have still done it though, even though back then I wouldn't know what the heck any of this stuff was.
  9. Hiratai

    Hiratai Banned

    Dec 2, 2007
    Likes Received:
    iPhone 4 (Black)
    Yeah we were just talking about it on IRC.
  10. stabbyjoe12

    stabbyjoe12 Member

    Jan 5, 2008
    Likes Received:
    iPad w/ 3G
    i could never get past lie 50:<

Share This Page