The Hitchhacker’s Guide to iPhone Lightning and JTAG Hacking (DEF CON 30 Presentation)
HTML-код
- Опубликовано: 20 сен 2024
- At DEF CON 30 I talked about a project I've been working on with a couple of friends for the past few month: The Tamarin Cable! An open-source Kanzi Cable.
Thanks to DEF CON for having me!
Links:
- Tamarin Firmware: github.com/sta...
- OpenOCD fork with Tamarin support: github.com/sta...
- Twitter: / ghidraninja
- Patreon: / stacksmashing
Original DEF CON recording: • DEF CON 30 - stacksmas...
This is such a big thing!
And it's quite funny that a 750$ device being out of stock led to creating an alternative costing less than 1%!
Wow, I remember when this channel was called Ghidra Ninja and you were making Ghidra tutorials when it was first released. To see you go from there to speaking at Defcon is incredible, huge respect.
Beautiful! Although I was secretly hoping you'd call it "The Harambe Cable"
🤣
RIP Harambe. From Cincinnati Ohio with love
I love this stuff! Cable not available? Build your own. Protocol not working? Build your own. Analyser not working? Build your own :3
God dammit that pico will never cease to amaze with how absolutely ridiculously good it is at putting every commercial product at shame, from an oscilloscope to a gamecube modchip to a god damn iphone jtag adapter. Great job Stacksmashing but also great job to all the people at the rpi foundation!
The pico is just a standard (slightly overpriced actually) microcontroller. There are a million different chips out there with more functionality than the pico.
Teensy board is just an example, much more powerful than Pico or Arduino.
Overpriced? Name one available microcontroller with similar features and availability :D
@@stacksmashing availability is usually a bad sign :). If there is stock of your product during a global shortage, it means that not so many people is using them.
The pico is a flashless MCU, which makes it almost impossible to compare with any useful industrial grade MCU in the market, because 99% of the general purpose ones have some amount of flash.
So to compare it you would have to add the price of the flash chip as well, or you can compare die size vs price, as you wish.
In both cases is not the cheapest MCU, nor the one with most features/price, and the quality assurance process I’m sure is way below the industry standards as well.
Just my personal opinion, nothing against lowering the entry barrier to embedded development. I just believe Teensy is a much more compelling product for that price, and STM MCUs are way better for the price you pay.
BTW, congratulations on the great videos and talks you do, you manage to explain complex concepts in an easy to understand, graphical way. I know how much time and effort goes into it, thanks a lot for it!
@@santiagogf89
> it means that not so many people is using them
Well, it's pretty new. And (per raspi foundation) rather focused on education/individual makers rather than mass production.
> and the quality assurance process I’m sure is way below the industry standards as well
Maybe in terms of the failure rate. But the documentation and ecosystem is pretty certainly much better.
There are some chips that are also somewhat easy to get into that are potentially cheaper (ESP32, STM32), but then the boards for them that are actually useful for development cost about as much as an RP2040 one.
I personally like to use the ESP32(-C3) because of the integrated RF comms and am not very impressed by the RP2040 itself, but I do think it's a great chip for starters and one-offs. The Raspi ecosystem tends to be hard to beat, we see this in the SBC market as well.
"As soon as I am on a wifi that doesnt scam you" every defcon participant ever.
I think he said scare
Super awesome! That audience was so dead, I can imagine you were nervous.
Great stuff! Your presentation was fantastic. I’m excited to see what comes out of the community from this 😏
I'm so happy to see your talk on def con! Thank you very much!
Amazing talk, I wish I could've been there in-person to see it!
Here is something that might interest you: there is a 3-Pin connector on the back of some iPads only used for keyboards. However, only Apple and Logitech manufacture keyboards that use this connector, leading me to believe that it uses some proprietary protocol for communication. Maybe you can be the first to reverse engineer it and build a rubber-ducky-esque peripheral for the iPad?
Anyway, I love your vids, you are part of why I enjoy tinkering around with embedded devices. :)
Awesome work! And a great presentation, thanks for sharing
WOW! Great work boss
What a time to be alive.
Great Project! I have some question about your presentation. Can you share about your environments? (e.g. macOS Version, Architecture, etc...) I tried this process several times but It's not working on my M1 macbook.
Great talk Thomas! I am curious though, which peripheral did the single swd bit reset?
Really Inspiring to see~!
Wow such amazing talents proper development ❤🎉
Very nice work.
Nice work 👍
I'm liking this because the title 😆
Amazing!
Legend
Based
gestern noch über nen neues vid gesprochen und da ist es haha.
Can I use this to play morrowind on my iPhone 15
Why is the commercial cable SO expensive?
du hast gerade eine neue tür für jailbreakers geöffnet. respekt
Super cool
with that, the possibility to dump the flash memory?
Awesome!
But the last iphone people were able to jailbreak is the 12 right ?
bravo!
I know what i'm doing this weekend :D
We need more of your content. Give it now !
What sort of basic tools could I buy to get started in this sort of thing? Not necessarily this particular video ... I know how to buy a pico.
Get a logic analyzer(any kind). That will get you started. Also when you buy a pico/arduino/rpi buy any kind of device that uses spi/iic/1wire to communicate. For example eeprom, accelerometer etc. So you can start learning about communications.
And I expect that you have at least high school level knowledge of electronics + bjt and mosfet.
ich verstehe rein gar nichts von dem was er dort sagt... finde es aber auf der andere seite total interessant :D
19:43 HE WHAT????
Forked…
Lee Edward Allen Eric Lewis Matthew
👏👏
Well… iPhone is usb c now rip
was für Lieferengpässe?
Wer sagt was von Lieferengpässen?
Er im Video
hey epl.... CRY ME ARIIIVEEERRR XD
hi
Nyan cat 😂😂😂🤣🤣🤣🤣🤣😂😂😂🤣🤣🤣🤣🤣🤣😂😂😂😂🤣🤣🤣🤣
Just.. just disable the comments, everytime there's mention of iPhones the comments are 'can i jailbreak the iphone SE 2022 spring model with this?=???'
Does this method lead to iCloud Bypass for iPhone 11 and up?