|
Welcome to the GSM-Forum forums. You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. Only registered members may post questions, contact other members or search our database of over 8 million posts. Registration is fast, simple and absolutely free so please - Click to REGISTER! If you have any problems with the registration process or your account login, please contact contact us . |
|
Register | FAQ | Donate | Forum Rules | Root any Device | ★iPhone Unlock★ | ★ Direct Codes ★ | Direct Unlock Source |
GSM Programming & Reverse Engineering Here you can post all Kind of GSM Programming and Reverse Engineering tools and Secrets. |
| LinkBack | Thread Tools | Display Modes |
04-23-2011, 12:17 | #1 (permalink) |
No Life Poster Join Date: Feb 2009
Posts: 2,370
Member: 972745 Status: Offline Sonork: 100.1627715 Thanks Meter: 216 | BruteForce iPhone NCK can't we dump baseband and decrypt it as it may contain the nck? flashing a modified baseband? which allows the nck to be read and lead to a permanent unlock |
The Following User Says Thank You to shak360 For This Useful Post: |
04-23-2011, 15:11 | #4 (permalink) | |
No Life Poster Join Date: Jul 2006 Location: ..::DZ-25::..
Posts: 529
Member: 315181 Status: Offline Sonork: 100.1593455 Thanks Meter: 301 | Quote:
take a look here : Dogbert's Blog: How to protect better: The Apple iPhone 2G ./br | |
04-23-2011, 15:23 | #5 (permalink) |
No Life Poster Join Date: Mar 2007 Location: Skopje, Macedonia Age: 36
Posts: 4,244
Member: 472933 Status: Offline Sonork: 100.1590967 Thanks Meter: 1,331 | I think is not possible, b`coz iphone security is on server based :/ maybe will be in near future possible to perm. unlock, but not via codes... i think with full dumping perm. never locked iphones via jtag and wrote security in locked... and that is puritania |
04-24-2011, 03:27 | #7 (permalink) | |
No Life Poster Join Date: Feb 2009
Posts: 851
Member: 961957 Status: Offline Sonork: Jabber: [email protected] Thanks Meter: 641 | to even attempt to extract NCK you need baseband exploit to dump seczone you can't just flash modified baseband as it's sigchecked even if you somehow, magically managed to extract and bruteforce valid NCK.. Apple can issue new wildcardticket (via itunes server) and disable the unlock, unlike other handsets such as SL3 security .(. although AFAIK you can capture this using SAM's backup auth token feature, which recently users of factory unlocks purchased unofficaly are doing read below: see if u can see more info on this around it's not a bruteforce but would, in theory allow semi-permanent unlock without additional software Quote:
Last edited by Gecko_UK; 04-24-2011 at 03:35. | |
The Following 2 Users Say Thank You to Gecko_UK For This Useful Post: |
04-24-2011, 09:24 | #11 (permalink) | |
No Life Poster Join Date: Nov 2002 Age: 43
Posts: 1,503
Member: 17689 Status: Offline Sonork: 100.72392 Thanks Meter: 737 | Quote:
dump seczone before factroy unlock dump seczone after factory unlock than work for offline BF flow but there is no nck (that unique code which we think like sl3)at all in iphone factory unlocking its just legit wildcard Wildcard=When activating an iPhone, the ticket is pulled from Apple's server and stored on the device. It contains all the information about sim-/netlocks. Factory- and carrier-unlocked devices receive a wildcard ticket with policies that permit all SIM cards.) Similar argument i had on Twitter where people asking if i can preserve FactoryUnlock with (SAM) thing and misinterpreted my twits as SAM not working But actual thing is SAM is working for Now but if apple relock the device somehow in that case it will not work reason is same (seczone not accessible ) iphone factory unlock hit direct to seczone rewrite and save token to seczone via itune than itune just verify if imei allowed to get nck or not if got means its factory unlock and allow wildcard with imei And i have no doubt about that in our forum we have that potential Bph&Co,DM3,DEJAN,CINEK,ZULEA,SARAS,LASER,FLORIN many other to name who can bring down the iphone protection in days (just depends on interest) wbr | |
04-24-2011, 19:12 | #12 (permalink) |
No Life Poster Join Date: Mar 2006 Location: .: India :. Heaven on Earth
Posts: 2,496
Member: 238812 Status: Offline Sonork: 100.1602669 Thanks Meter: 1,443 | Means if we can write own signed Tickets then it will unlock permanently without any restrictions? Br, Shadab Ahmad |
04-25-2011, 04:47 | #13 (permalink) |
Insane Poster Join Date: Nov 2007
Posts: 75
Member: 636340 Status: Offline Thanks Meter: 110 | seczone/nck and wildcardticket are two separate unlock mechanisms. for either, you need either a private rsa key for generating a valid certificate or a hash collision for not breaking it. dumping the seczone is trivial if the baseband is exploitable, e.g. custom code can be executed. |
05-02-2011, 15:59 | #14 (permalink) |
No Life Poster Join Date: Feb 2009
Posts: 2,370
Member: 972745 Status: Offline Sonork: 100.1627715 Thanks Meter: 216 | couldn't we use custom firmware or tiny umbrella to spoof some of this? like the unlock token? or maybe use custom firmware fkash baseband to a lower version?? |
Bookmarks |
| |
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Bosh 909 - Without NCK signal | Moc | Various | 2 | 10-23-2001 05:20 |
NCK Mambo3 help needed | Blartiartfast | Nokia Legacy Phones ( DCT-1 ,2 ,3 ,L ) | 2 | 05-22-2001 23:25 |
New Siemens x35 Nck Code Generator | Michel | Main Sales Section | 0 | 10-02-2000 23:41 |
NCK code | sergioSLO | Nokia Legacy Phones ( DCT-1 ,2 ,3 ,L ) | 0 | 08-29-2000 17:45 |
ERICSSON NCK & NSCK code after 99W20 | ptkrf | Old Ericsson Phones & Sony Phones | 1 | 06-03-1999 22:17 |
|