The BootROM (called "SecureROM" by Apple) is the first significant code that runs on an iDevice and is read-only. Finding exploits at the BootROM level is a big achievement, since Apple cannot fix it without a hardware revision.
However, the attack vector of the BootROM is very small and so it is therefore very difficult to find such vulnerabilities. As a result, there has only been 2 vulnerabilities made public in the last 10 years - alloc8 and checkm8 (both from Axi0mX).
Old & New bootrom[edit source]
Certain models, including the iPod touch (2nd generation) and iPhone 3GS, have different bootrom versions. These are most commonly referred to with the terms "old bootrom" and "new bootrom." These "new bootrom" devices were released after 9 September 2009 and have the 0x24000 Segment Overflow fixed. While the new bootrom revisions have an exploit, the exploit needs the assistance of a firmware-based exploit to achieve an untethered jailbreak.
You might also be looking for Apple's stage 2 bootloader, which also uses the "iBoot" name.
Usually also looking at the CPRV (Chip Revision) tag will also tell you whether the device is new unit or not also.
Finding bootrom version[edit source]
From the model number (iPod touch (2nd generation))[edit source]
If the second character of your Model Number is "B" (e.g.- FB533, MB533, or PB533), your iPod has the old bootrom. If the second character is "C" (FC086, MC086 or PC086), your iPod has the new bootrom.
From the serial number (iPhone 3GS)[edit source]
The third digit of the serial number identifies the year of manufacture (9=2009, 0=2010, 1=2011, 2=2012), while the fourth and the fifth indicate the week. There is a gray area between week 40 of 2009 (??940??????) and week 45 of 2009 (??945??????) where some devices have new bootrom whilst others have old bootrom. . Any iPhone made after Week 45 of 2009 (??945?????? and higher or ??0???????? serials) has the new bootrom.
From the DFU Device descriptors (all devices except S5L8900)[edit source]
Windows[edit source]
- Connect Device & Enter DFU Mode
- Open Device Manager, find USB controller, subitem Apple Mobile Device USB Driver
- Right-Click & click Properties
- Go to Details tab & select Device Instance Path in the dropdown box
- The end of the info string will show the bootrom version
Mac OS X[edit source]
- Connect Device & Enter DFU Mode
- Go to System Profiler, and under the Hardware category, go to USB, and click on Apple Mobile Device (DFU Mode)
- The end of the Serial Number string will show the bootrom version in brackets (ie: [iBoot-574.4])
Linux[edit source]
- Make sure your distribution has usbutils installed. (most distributions have it by default)
- Connect Device & Enter DFU Mode
- In terminal, run sudo lsusb -v
- Find the line that says iSerial and your bootrom version will be at the end of the line.
Dumping the bootrom[edit source]
You can use Bootrom Dumper Utility by pod2g to dump the bootrom on devices that are vulnerable to the Limera1n Exploit.
ipwndfu can be used to dump the BootROM on devices vulnerable to checkm8.
Bootrom Exploits[edit source]
- Pwnage 1.0 (Ramdisk + AppleImage2NORAccess) up to Rev.2
- Pwnage 2.0 (DFU + Malformed Certificate) up to Rev.2
- usb_control_msg(0xA1, 1) Exploit (also called "steaks4uce" exploit) only for 240.4 and 240.5.1
- 0x24000 Segment Overflow only for 240.4 and 359.3
- alloc8 Exploit only for 359.3 and 359.3.2
- Limera1n Exploit up to 574.4
- SHAtter up to 574.4
- Checkm8 Exploit up to 3401.0.0.1.16
Revisions[edit source]
- Bootrom Rev.2 in S5L8900
- Bootrom 240.4 in S5L8720 (old version only)
- Bootrom 359.3 in S5L8920 (old version only)
- Bootrom 240.5.1 in S5L8720 (new version only)
- Bootrom 359.3.2 in S5L8920 (new version only)
- Bootrom 359.5 in S5L8922
- Bootrom 574.4 in S5L8930
- Bootrom 838.3 in S5L8940
- ROM in S5L8942
- Bootrom 1062.2 in S5L8945
- Bootrom 1413.8 in S5L8747
- Bootrom 1458.2 in S5L8947
- Bootrom 1145.3 in S5L8950
- Bootrom 1145.3.3 in S5L8955
- Bootrom 1704.10 in S5L8960 and S5L8965
- Bootrom 1992.0.0.1.19 in T7000
- Bootrom 1991.0.0.2.16 in T7001
- Bootrom 2098.0.0.2.4 in S7002
- Bootrom 2234.0.0.3.3 in S8000
- Bootrom 2234.0.0.2.22 in S8003
- Bootrom 2481.0.0.2.1 in S8001
- Bootrom 2651.0.0.1.31 in T8002
- Bootrom 2651.0.0.3.3 in T8004
- Bootrom 2696.0.0.1.33 in T8010
- Bootrom 3135.0.0.2.3 in T8011
- Bootrom 3332.0.0.1.23 in T8015
- Bootrom 3401.0.0.1.16 in T8012
- Bootrom 3865.0.0.4.7 in T8020
- Bootrom 3988.0.0.2.12 in T8006
- Bootrom 4172.0.0.100.14 in T8027
- Bootrom 4479.0.0.100.4 in T8030
- Bootrom 5281.0.0.100.45 in T8101
- Bootrom 5281.0.0.300.17 in T8301
- Bootrom 5540.0.0.400.2 in T8103
- Bootrom 5756.0.0.100.52 in T6000, T6001, and T6002
- Bootrom 6821.0.0.200.16 in T8112
- Bootrom 6338.0.0.200.19 in T8110
- Bootrom 7168.0.0.300.12 in T6020 and T6021
- Bootrom 7195.0.0.300.25 in T8120
S5L8900, used in the iPhone, iPod touch, and iPhone 3G[edit source]
see also VROM (S5L8900)
S5L8720, used in the iPod touch (2nd generation)[edit source]
- Bootrom 240.4 "old bootrom"
- Bootrom 240.5.1 "new bootrom"
S5L8747, used in the Haywire[edit source]
S5L8920, used in the iPhone 3GS[edit source]
- Bootrom 359.3 "old bootrom"
- Bootrom 359.3.2 "new bootrom"