How does QuickPWN work?

Discussion in 'iPod touch 2G Jailbreak: redsn0w, 24kpwn, etc.' started by iPodhacker2G, Apr 10, 2009.

  1. iPodhacker2G

    iPodhacker2G New Member

    Joined:
    Mar 24, 2009
    Messages:
    103
    Likes Received:
    0
    Device:
    2G iPod touch
    Hey everybody! One question that has had me confused for some time is how does quickPwn work withoutc a restore? Xpwn requires a restore and so did redsn0w. How does QuickPWN jailbreak with out any restore OR IPSW!?

    Please Register or Log in to view images

  2. Ipwnnubletz

    Ipwnnubletz Banned

    Joined:
    Dec 8, 2008
    Messages:
    1,952
    Likes Received:
    0
    QuickPwn uploads some files into DFU mode, and modifies the firmware directly on the fly. Other tools inject Cydia, etc into the firmware. It's just different implementation.
  3. mitchell209

    mitchell209 Active Member

    Joined:
    Jan 21, 2009
    Messages:
    8,024
    Likes Received:
    5
    Device:
    iPhone 4 (Black)
    Yeah, it just puts the stuff directly onto your iPod instead of just the Firmware that you restore with. Much easier.
  4. David.

    David. Active Member

    Joined:
    Feb 24, 2009
    Messages:
    2,565
    Likes Received:
    1
    Device:
    4G iPod touch
    Ipwnnubletz, does this take up less space?
  5. mitchell209

    mitchell209 Active Member

    Joined:
    Jan 21, 2009
    Messages:
    8,024
    Likes Received:
    5
    Device:
    iPhone 4 (Black)
    Um, it should. That's what I read from the QuickPwn thread.
  6. Ipwnnubletz

    Ipwnnubletz Banned

    Joined:
    Dec 8, 2008
    Messages:
    1,952
    Likes Received:
    0
    Not necessarily. The root partition doesn't get resized, and you get your full 7 gigs, or whatever you have, but the stuff Cydia writes will be on the media partition.
  7. mitchell209

    mitchell209 Active Member

    Joined:
    Jan 21, 2009
    Messages:
    8,024
    Likes Received:
    5
    Device:
    iPhone 4 (Black)
    Oh. Didn't know that.
  8. fistof40k

    fistof40k New Member

    Joined:
    Jan 6, 2009
    Messages:
    22
    Likes Received:
    0
    Device:
    iPhone 3G (Black)
    it takes less space, i at first used quick freedom with left me with 6.77 gb free but now i used quickpqn and have 7.01 gb free
  9. Ipwnnubletz

    Ipwnnubletz Banned

    Joined:
    Dec 8, 2008
    Messages:
    1,952
    Likes Received:
    0
    Wrong. Read my post above.
  10. jfb392

    jfb392 New Member

    Joined:
    Oct 20, 2007
    Messages:
    2,512
    Likes Received:
    21
    Device:
    iPod touch
    QuickPwn (on the 2G, anyway) uses the redsn0w exploit (2.1.1 iBSS, then memory patches using arm7_go) to strap a ramdisk filled with custom utilities and a pwned kernel.
    The pwned kernel allows for fakesigned utilities on the ramdisk to be run, and these utilities do a number of things, including dump payloads onto the file system and flash patched images to the NOR.

    A restore is not needed because ramdisks can be sent using MobileDevice (iTunes' driver and library for talking to any iDevice).
    On Linux, it is simply sent using LibUSB (which is standard on most distributions).
    Since your device is temporarily pwned (using the redsn0w patch), it can boot the kernel and ramdisk when told to, which then flashes the images (including the 24kpwn exploited LLB), which allows for the untethered jailbreak.

Share This Page