Ex-Chronic Dev Team member pod2g has just discovered another exploit (his fourth) that will pwn iPod touch 2G for life! It’s called the usb_control_msg(0xA1, 1) Exploit. The exploit is different from the SHAtter exploit which is expected to jailbreak iOS 4.1 on the newer iPhone 4 / iPod touch 4G and iPad. It is a buffer overflow that is triggered when a USB control message of the type 0xA1.. oh screw it, if you’re the techy type, you can just read the quote below to see how it works.
The first Beta of iOS 4.1 has been released, and the good news is that Redsn0w 0.9.5b5-5 for both Windows and Mac is compatible with this version of iOS. Simply download the required iOS 4.1 firmware file for iPod touch 2G (non-MC model) and use Redsn0w to jailbreak it. This version of Redsn0w of course will work only on iPhone 3G and iPod touch 2G (non-MC model) only.
I must have been asked this question a zillion times by now via email, twitter and on facebook on “how to check whether or not I have the new bootrom on my iPhone 3GS?”. Since it is very difficult, if not impossible for me to reply to each and everyone individually, I thought posting about it for everyone is the only option.
The iPhone hacker behind sn0wbreeze, f0recast and BlackBreeze today accidently put up a picture on his twitter account, showing version 1.6 of sn0wbreeze which promises to jailbreak iPod touch 2G on iPhone OS 4. The picture in question was removed quickly but the folks at The Technopath were quick enough to grab the image for everyone to see.
