View Full Version : New iPod checksum reversed

September 17th, 2007, 12:26
Congrats to wtbw, one of our forum members, on getting Slashdotted: http://hardware.slashdot.org/hardware/07/09/17/135205.shtml

September 17th, 2007, 13:00
Maybe he'll post something here about his efforts and success.

Anyway, congrats wtbw.


September 17th, 2007, 15:20
Hey guys, thanks for the congrats, but it was a team effort

It turned out to be standard HMAC SHA-1, with a complicated key generation based on the FireWireGUID (unique for each iPod).. perhaps that's some standard function too (involving LCM and a couple of lookup tables to expand to 16 bytes and then SHA-1ing) but it wasn't something I recognized.

There was a lot of arithmetic obfuscation in it too; ollydbg traces logs were very helpful (and probably faster than coding a proper deobfuscator, though less reusable if they change it all...).

Just a fun weekend...

September 17th, 2007, 20:02
wtbw kicks ass .

September 17th, 2007, 20:07
Even better, he "kicks MATH"!


September 17th, 2007, 21:13
...and as usual, Slashdot is filled with Apple/anti-Apple arguments...

wtbw, you do know the iPod Nano 2nd-generation firmware is encrypted, right?

There's your next "challenge"