Bootrom Dumper Utility

The Bootrom Dumper Utility (short BDU) is an application that will create a copy (aka dump) of the Bootrom of compatible devices on the local machine from where the application is run.

Credit
Pod2g

Geohot for limera1n

Info / Instructions

 * you need a mac or linux box to use it / build it
 * libusb 1.0.8 required
 * execute it with root privileges (sudo ./bdu)
 * by default compatible only with A4 devices: (iPhone 4, iPod touch (4th generation), iPad, Apple TV (2nd generation))

It's possible to extend the compatibility to older devices as well (iPhone 3GS, iPod (3rd generation)) by changing:
 * the offset to the call of usb_wait_for_image in payload.S

0x7ef @ A4 devices: iPad, iPhone 4, Apple TV (2nd generation), iPod touch (4th generation) 0x8b7 @ iPod touch (3rd generation) 0x8b7 @ iPhone 3GS new bootrom 0x8b7 @ iPhone 3GS old bootrom 0x82c @ iPod touch (2nd generation) new bootrom 0x82d @ iPod touch (2nd generation) old bootrom


 * exploit offsets in bdu.c

// A4: // iPod touch (2nd generation): // iPod touch (3rd generation): // iPhone 3GS new bootrom:
 * 1) define EXPLOIT_LR 0x8403BF9C
 * 2) define LOADADDR_SIZE 0x2C000
 * 1) define EXPLOIT_LR 0x22000000
 * 2) define LOADADDR_SIZE 0x24000
 * 1) define EXPLOIT_LR 0x84033F98
 * 2) define LOADADDR_SIZE 0x24000
 * 1) define EXPLOIT_LR 0x84033FA4
 * 2) define LOADADDR_SIZE 0x24000

Links
Github