| User | Post |
|
6:59 pm
March 10, 2009
|
CHickman
Member
| | | |
|
| posts 3 |
|
|
Post edited 12:03 am – March 11, 2009 by CHickman
Andrew,
Jonathan actually posts recent firmware bundles for the encryption key on this site : http://www.zdziarski.com/iphon…..forensics/
I've got a question for you concerning your installation of xpwn on the mac: What libraries did you install to get the product functional. I've compiled xpwn and can get xpwntools to work, but I continue to get a “BUS ERROR.” What are your thoughts?
**Correction**
I can get xpwntools to take the command, but the end result is the bus error. So, it's actually not working
|
|
|
11:29 pm
March 10, 2009
|
ahoog
Admin
| | Chicago, IL | |
|
| posts 12 |
|
|
Can you share the exact xpwntool command(s) you are running? I'll take a look and let you know what I think. Thanks.
-Andrew
|
|
|
10:23 am
March 17, 2009
|
CHickman
Member
| | | |
|
| posts 3 |
|
|
Post edited 4:13 pm – March 17, 2009 by CHickman
Well, I've got the issue worked out. The problem wasis that I was following the documentation to the T, which is wrong. I kept using the “\” between the key and IV. Silly me, that's why the bus error kept popping up. So, after reviewing the command structure again and again in xpwntool I saw that there was nothing there… and thus I did not put it in this time. Worked, but…. now I can't mount my output. So *sigh* I've got to figure that issue out. The only downside is that I only have a little bit of time to work on this through the week.
Thank you for the response though =)
|
|
|
1:15 pm
March 17, 2009
|
ahoog
Admin
| | Chicago, IL | |
|
| posts 12 |
|
|
Post edited 6:21 pm – March 17, 2009 by ahoog
Glad you got past the first problem. As you now know, the \ are reading markers that indicate the command should be on 1 line even thoguh it wraps in print.
If you let me know the details of the issue you have mounting the image, I can probably assist. There are several typos in the printed iPhone Forenscis book so you have to ether spot them, check the errata or run smack into them.
If you post the full command you are using and the platform you are on, I'll take a look. Thanks.
-Andrew
|
|
|
3:22 pm
March 17, 2009
|
CHickman
Member
| | | |
|
| posts 3 |
|
|
Macintosh:XPwn-0.5.7-Darwin CHickman$ ./xpwntool stage2/018-4451-16.dmg stage2/stage2-decrypted.dmg -k da010f69b0e2034b4ce7b7c90b63bad5 -iv 29ff3d43c4001b978963dee437e25386
Macintosh:XPwn-0.5.7-Darwin CHickman$ cd stage2
Macintosh:stage2 CHickman$ hdid -readwrite stage2-decrypted.dmg
hdid: attach failed – Operation not permitted
I was able to get stage1 taken care of and mounted just fine. Not sure what the problem is though.
|
|
|
6:14 am
March 18, 2009
|
ahoog
Admin
| | Chicago, IL | |
|
| posts 12 |
|
|
I'm leaving shortly and will be out for a week but wanted to suggest 1-2 quick things. First, is it possible the previous image was still mounted? Also, did you try to do under sudo rights? Finally, what version of Mac OS?
I have a plane to catch but will be happy to assist next week.
-Andrew
|
|
Login
Register
Search 
Forums
Topic RSS 