iOS 4.0 Did i just find an iTunes verification exploit ?

Discussion in 'iOS Jailbreak & Cydia' started by GazaIan, Jul 10, 2010.

    Let me just tell you the story. [ the fun exploit looking part will be written if blue if you want to skip to it.

    Last night, a friend of my mother's asked me to upgrade his iPhone 3Gs to iOS4. i had fears doing it, because all previous attempts to upgrade had failed. it would always freeze with about a millimeter left in the bar that says Upgrading [ or restoring ] iPhone software... But i decided i would do it anyway [yes, i am crazy ].

    So During the upgrade, the process stopped with just a little bit left in iTunes, and the bar on the iPhone below the Apple logo just over half full.

    After hours of countless attempts, i attempted using RecBoot to kick iPhone out of recovery. Failed miserably.

    Then i had one last idea before i could say the iPhone was officially bricked. i put the iPhone into DFU mode and restored. Failed again. i Didnt cancel the restore, i just left it, Now, for the fun part.

    Now, unintentionally, i openend RecBoot and clicked Enter Recovery, but i forgot that iPhone was in the restore process instead of the Connect to iTunes screen. i looked in iTunes and the progress bar was full AND had changed to that fast moving blue and white [ Please note, i am on a Mac ] as if you were dragging a file to a removable disk or to a Time Capsule. in my own words, this is the bar that appears when a program is getting ready for an operation. Normally, after that, iTunes should say "Verifying iPhone Software..." and the bar on the iPhone should fill up to the max. it didnt. but the iPhone progress bar filled. the iTunes one only said Restoring iPhone software. it skipped verification. If the verification process was really skipped, then i smell exploit.

    And if the verification process WASNT skipped... i just wasted my time. im not a developer [ i have very little Lua knowledge, thats it ] my idea is to create a program similar to RecBoot. For example, when you press enter recovery, it would also upload Cydia to the iDevice at the same time, or even just upload Winterboard to it. Even if they dont launch, it can still be a proof of concept.
    Probbably not, I'm gonna guess that it didn't delete the previous blobs for it and so it used that instead of requesting another set.

