AT+XLOG Vulnerability

From The Apple Wiki

Used as an injection vector in purplesn0w and older versions of ultrasn0w to unlock the X-Gold 608. Currently available in all baseband versions until 04.26.08.

Credit[edit source]


Exploit[edit source]

There is a stack overflow in the AT+XLOG=1,"..." command, which allows unsigned code execution on the X-Gold 608.

j's are junk
R4 = 4
R5 = 5
PC = P

Implementation[edit source]

The exploit is used in ultrasn0w and purplesn0w.