I AM DMS

iPhone Cracked

Leave it to people unhappy with letting technology be used at it was intended.

IRC channel #iPhone found a way to get a serial interface working on the iPhone.  Why?  Good question.  Maybe because among the big bunch of geeks, nobody knows what to do with a telephone because nobody ever calls them.

So how do you get access to the iPhone serial interface? Here are the directions:

Here is how:
- the serial has the same pinouts as iPod serial
- use a 6.8kish resistor from pin 21 to gnd
- tie pin 11-sergnd to the real ground
- use iphoneinterface to send the following commands in recovery mode:
- setenv debug-uarts 1
- saveenv
- reboot

This would give you full shell access.  Now your questions please… “dottie” is the password for the root.  No, Apple didn’t think to make it appear hackproof just for entertainment (though it would be entertaining if they did).

The list of commands are:
help           this list
script         run script at specific address
go             jump directly to address
bootx          boot a kernel cache at specified address
diags          boot into diagnostics (if present)
tsys           boot into tsys (if present)
bdev           block device commands
image          flash image inspection
fs             file system commands
fsboot         try to boot kernel at /kernelcache
devicetree     create a device tree from the specified address
ramdisk        create a ramdisk from the specified address
tftp           tftp via ethernet to/from device
eload          tftp via ethernet from hardcoded install server
halt           halt the system (good for JTAG)
reboot         reboot the device
poweroff       power off the device
md             memory display – 32bit
mdh            memory display – 16bit
mdb            memory display – 8bit
mw             memory write – 32bit
mwh            memory write – 16bit
mwb            memory write – 8bit
mws            memory write – string
crc            POSIX 1003.2 checksum of memory
task           examine system tasks
printenv       print one or all environment variables
setenv         set an environment variable
clearenv       clear all environment variables
saveenv        save current environment to flash
run            use contents of environment var as script
bgcolor        set the display background color
setpicture     set the image on the display
iic            iic read/write
radio          Manipulate the radio board.
setbusclock    Set bus clock to the given frequency in Hz.
setcorevoltage Set core voltage to the given voltage in mV.
syscfg         flash SysCfg inspection
charge         Manage the charger chip.
powernvram     Access Power NVRAM.
usb            run a USB command
nand           nand flash routines
chunk          chunk a file7/6/2007