/dev/random

After hanging around the osx86 crew last night on IRC, I found out that they had finally cracked the activation service and made a proof of concept tool that would activate the iPhone with a plist file. The developers refused to release the actual tokens that needed to be embedded inside the plist file for activation though, for good reason, as they are DVD Jon’s.

Now, they did tell me one thing. The keys are embedded in the .NET binary in JLJ’s iPhone activation server. So I began working and this led to where I’m at now, a how-to. This post will not provide the tokens, nor will I provide them until JLJ says I can. This article will walk you through the process of obtaining them so you can activate your iPhone on a mac though, as suggested by the developers of the tool.zip we will be using.
As of now, you can just download the newly released iPhoneActivatorTool to activate your phone. This is a newer version of tool.zip that includes the plist file required.

Step 1:
Download the following files:

• JLJ’s PhoneActSrv - Mirror
• tool.zip - mirror
• My iPhone Decrypt App
• Lutz Roeder’s Reflector .NET disassembler

Step 2:
This step is where you’ll actually prepare the data you need to get. You will need windows with .NET framework 2.0+. JLJ’s PhoneActSrv’s binary has the keys stored within it, encrypted using AES. In order to get the keys, we need to disassemble the binary. To do this, you need to open up Reflector and go to File->Open then locate and open the PhoneActSrv.exe file.

Once it’s loaded, you will see the entry in the tree view. Right click on PhoneActSrv and click Export. Make sure you save this somewhere that you will remember, you will spend a lot of time looking at the disassembly. You also need access to it over the mac.

Step 3:
Now, open the directory you saved the disassembly files to. You should see the following files:

• a.cs
• b.cs
• AssemblyInfo.cs
• d.cs
• DotfuscatorAttribute.cs
• e.cs
• e.resources
• f.resources
• Global.cs
• PhoneActSrv.csproj

If you see these files, you did step 2 correct. If not, go back and do it again. This is where you may need some coding experience, as I can’t just hand these keys out. I provide you with enough hints that I feel you can find the keys. Unzip my iPhone Decrypt application and open up iphone_decrypt.c and read the comments. For each variable needed, I provide you with a hint on how to find it. All the values needed are located in the d.cs file.

Once you find them, plug the values into their appropriate arrays in iphone_decrypt.c. Once you have what you think are the values, open up a terminal, go to the directory iphone_decrypt.c is located in and run the following in console.

$ ./build.sh
$ chmod +x iphone_decrypt
$ ./iphone_decrypt

If all goes well, you should see something like the following on the terminal:

kalashnikov:~/Desktop/iPhone-RE/AES decrypt cody$ ./build.sh
kalashnikov:~/Desktop/iPhone-RE/AES decrypt cody$ ./iphone_decrypt
Welcome to the iPhone JLJ key decryptor. Find the data in his app and set the variables in the code to this one.
Setting AES key...done
---1076
Attempting to decrypt the key...done
Key is <?xml version="1.0" encoding="UTF-8" standalone="no"?>
<Document xmlns="http://www.apple.com/itms/" disableHistory="true" disableNavigation="true">
&nbsp;
<Protocol>
    <plist version="1.0">
        <dict>
	
          <key>iphone-activation</key>
          <dict>
            <key>unbrick</key>
            <true/>
            <key>activation-record</key>
            <dict>
              <key>AccountToken</key><data>*snip*</data>
              <key>AccountTokenSignature</key><data>*snip*/data>
            </dict>
          </dict>
	
        </dict>
    </plist>
</Protocol>
&nbsp;
</Document>??V?n9???lsQ?
Freeing up memory...done

If you do, move onto step 4, if not, keep trying.

Step 4:
Unzip tool.zip and open up the blank.plist file in something like textmate. It’s just an XML file. blank.plist contains the following:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
	<key>ActivationRecord</key>
	<dict>
		<key>AccountToken</key>
		<data>
		</data>
		<key>AccountTokenCertificate</key>
		<data>
		</data>
		<key>AccountTokenSignature</key>
		<data>
		</data>
		<key>DeviceCertificate</key>
		<data>
		</data>
		<key>FairPlayKeyData</key>
		<data>
		</data>
	</dict>
	<key>Request</key>
	<string>Activate</string>
	
</dict>
</plist>

Copy the AccountToken and AccountTokenCertificate lines and their data lines from the console output of iphone_decrypt. Paste them into the plist file so that it looks like the following:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
	<key>ActivationRecord</key>
	<dict>
		<key>AccountToken</key><data>*snip*</data>
	              <key>AccountTokenSignature</key><data>*snip*</data>
	</dict>
	<key>Request</key>
	<string>Activate</string>
	
</dict>
</plist>

Save this file as activate.plist in the same directory as blank.plist

Step 5:
Activate your iPhone by running the following command in the terminal after changing to the directory that blank.plist is located in.

$ ./tool --activate activate.plist

You should see the following output on the console:

kalashnikov:~/Desktop/tool Folder cody$ ./tool –activate test.plist
iPhoneActivatorTool 1.0
2007-07-04 15:10:43.887 tool[10443] Found iPhone Device: 1
2007-07-04 15:10:43.887 tool[10443] Connecting…
2007-07-04 15:10:43.892 tool[10443] Checking Pairing…
2007-07-04 15:10:43.905 tool[10443] Starting device session…
2007-07-04 15:10:43.990 tool[10443] ActivationState: Unactivated
2007-07-04 15:10:43.990 tool[10443] Deactivating your iPhone…
2007-07-04 15:10:44.002 tool[10443] New ActivationState: Unactivated
2007-07-04 15:10:44.003 tool[10443] Activating your iPhone…
2007-07-04 15:10:44.163 tool[10443] New ActivationState: MismatchedICCID
2007-07-04 15:10:44.163 tool[10443] Your iPhone was successfully activated.

You will probably see a popup about your iPhone having an incorrect SIM card. Just slide the unlock slider at the bottom to the right and you should be ready to go.

Permalink | Comments(26)  |   Del.icio.us  |   Digg  |   Slashdot

After talking to a few people in #OpenID on irc.freenode.org last night, I finally decided I was going to get OpenID working with my own custom database library. The only full featured PHP library I could find was the one produced by JanRain. It’s not that I don’t like the features in the library, but the fact that it’s a PEAR style library, so it requires a few other PEAR libs that I absolutely refuse to use due to bloat, specifically PEAR::DB.

This caused a real issue for me. Function names are extremely different, along with how queries are performed, compared to my mysqli library. Sometime last month I tried to make a PEAR-style wrapper for my class, but for some reason it failed with the library. Well, last night I found the Wordpress OpenID plugin. Knowing that WP runs it’s own MySQL class, I downloaded it and studied the wrapper. This allowed me to see what I had been doing wrong and get a system working before school started today.

Once I had it working, I wrote a simple class I call EasyOpenID. This class allows me to minimize the amount of code in JanRain’s consumer example to very few lines of code. I’ve decided I was going to release this library, so I converted it to FileStore, which is the default the library ships with, and packed it up. I am going to release it here to hopefully get some feedback. If the feedback is good, I will probably continue to expand on the class.

I will have a page up for the library later on tomorrow, but for now, download the file located here. This zip file contains the converted consumer example and my class. The class is released under the new BSD license, while the rest of the code is GPL. Please, provide me with any of your thoughts on the library. Even if you don’t use it on a real, live site, please just let me know what you thought.

Talking with the folks in #OpenID also got me invited to be on the first official OpenID podcast recording, no idea if I’ll be involved, but I’m listening. You will be able to obtain the podcast on http://idcast.org/ sometime tomorrow night or on Thursday. I hope all goes well. Hopefully this new podcast will provide a great resource for developers looking to learn and expand on OpenID.

Permalink | Comments(8)  |   Del.icio.us  |   Digg  |   Slashdot

As some of you may have heard, KDE4 is going to be a major upgrade for the K Desktop Environment. They plan on releasing libraries to allow their applications to run on OSX’s aqua, X11, and win32. Besides those few major upgrades, there has been much work on improving the UI and graphical elements of the system. Today, I will show you how to setup a KDE4 developer snapshot for OSX. This will allow you to run all of the KDE applications without any X server. (Beware: this is a snapshot, so there *is going to be* bugs).

The first thing you need to do for this kickass setup is to make sure you have room on your harddrive. I downloaded the ‘everything’ package which was 1.96gb. (There are alternate packages though, listed below). To get these packages, you’ll need a bittorrent client, which I’m not going to go into how to use, then you’ll need to grab the torrent files. You can choose between the following torrent packages:

• Everything: #1 #2
• Qt: #1 #2
• kdesupport: #1 #2
• kdelibs: #1 #2
• kdepimlibs: #1 #2
• kdebase: #1 #2
• kdeedu: #1 #2
• kdegames: #1 #2
• kdenetwork: #1 #2
• kdepim: #1 #2
• koffice: #1 #2

Note: All links labeled #1 are from the official mirror which is linked to at the bottom of this post. All links labeled #2 are my own personal mirror. Also, these files are only for OSX 10.4

Also, as quoted from the official page:

You must install at least Qt, kdesupport, and kdelibs for any of these packages to work. Also, kdepimlibs and kdebase are recommended since a number of things will want them. (…and it has Konqueror)

Once you have downloaded these packages, installation is a breeze. It’s just like installing any other OSX application. Double click on the dpkg, then click on one of the mpkg files provided inside the Finder window.

From here, just continue installing the files until you have everything you want. They will be stored in /opt/kde4. (It’s a Fink distribution). According to the official snapshot page, you need to launch these applications from a terminal window. Now, I did not need to do this, but I do not doubt the knowledge of the developers. (My shell setup is *way* modified compared to the default OSX release.) So to take care of these few issues, you need to run the following in a terminal window:

export PATH=”/opt/kde4/bin:/opt/kde4-deps/bin:/opt/qt4/bin:$PATH”
eval `dbus-launch –auto-syntax`

As I said, according to the main page for these files, it says to try to launch them from the terminal. If launching them by double click does nothing, here is how you can start them:

/opt/kde4/bin/kwrite.app/Contents/MacOS/kwrite

These directions are based off the official ones which can be found here. I would just like to take this time to thank the KDE developers for what they are doing. They are really taking a stand to improve the desktop interface overall. This project really shows the strength open source can have if harnessed properly.

Note: I’m still a gnome guy.

Here are a few screenshots for you:
Kwrite:

Konqueror:

Permalink | Leave a comment  |   Del.icio.us  |   Digg  |   Slashdot

I would like to wish everyone that reads this blog a happy Thanksgiving. Hope you all don’t eat too much. I know I will be tomorrow…maybe even with an Apple. Yep, my new 17″ MacBook Pro finally came on Monday and today is the first day I’ve really put the time into learning how to use OS X. So far, I’m completely amazed, it’s a very nice system. I like how all the applications seem to work together for even simple tasks.

The Kenwood Apple Store was true to their word, they called me the day they came in. I ended up getting to the store around 6:30-7pm and it was packed. These things must be selling like hotcakes because I know they sold 3 of them while we were waiting on the cashier to see if they had any 2gb ram sticks in stock — which they didn’t. So I’m still 1gb of ram short until my reserved stick comes in. They do have a nice deal going right now though. You can get an HP Photosmart C3180 printer for free with your MacBook if you are buying it on a college discount. You have to pay upfront, but you get a rebate for the full price of the printer, similar to how they were running the iPod deals.

So far my experience of moving from Linux to OSX has been pretty grand, as I hinted at above. The built in wireless coupled with my new WRT45G, that I hadn’t tested the wireless on, seem to be working much better than my old setup. It’s so nice having wireless again, no cat5 cable to get tangled up in my mouse. Application-wise, I have already found a replacement for everything I used on Linux. I knew all of these before I even owned a Mac though, since I talk to/code with a few people that own a mac.

Heck, in the three days I’ve had this thing, I’ve already spent $50 in software. I bought textmate since it appears to be the best coding text editor on the planet for the mac and web 2.0 crew. I’m definitely liking it so far, but I’m on the hunt for PHP plugins now. They are a bit saturated with Ruby plugins. ;) I still need to get a legal copy of Photoshop CS2 for this box though. If only it was cheaper…

I’ve also had the joy of being able to run a lot of my favorite Linux applications on this thing. Fink is quite a nice system. I already have X11 running at startup, without that stupid xterm. I’ve modified my shell settings so everything I need to start X apps from Terminal.app is there and ready to go. I suggest all of you go out and install Xdroplets. Combined with this custom X11 setup and Xdroplets, I have a pretty standard application interface for running my old applications, such as XMMS or Konqueror for testing.

To give you some idea of how fast this laptop is, I have two benchmarks for you. While I was writing this post, I started a compile of Apache 2.0.59 to start setting up my development environment for ThreadBound. Here are the command that I ran:

$ ./configure
$ export MAKEOPTS=”-j6″
$ time make

What are the results? Astounding, considering this is a 10-20 minute compile on my old Athlon64 3200+ laptop…

real 1m37.240s
user 0m53.671s
sys 0m37.242s

The other benchmark is from when I installed Windows XP on my friend’s MacBook Pro, which is identical to the one I bought. After installing Counter-Strike: Source, we ran the video stress test. These machines averaged 114 FPS on it. This test set all of the settings on high, so we tried it. We were getting about 60-90 FPS at 1680×1050 during games. This just goes to show you the performance of this machine. Considering that people don’t know that the x1600 graphics cards they ship with are underclocked by around 45% below what ATI ships them as, due to heat. So I’m going to have to overclock them a bit and see how it does.

Here is a nice picture of my MacBook Pro:

Macbook Pro Core 2 Duo Opening Hosted on Zooomr

More pictures of it can be found here.

Permalink | Comment(1)  |   Del.icio.us  |   Digg  |   Slashdot

Many of you have seen my post from a few weeks ago that talked about theming your myspace without ads. (This Post) Well, after that post, my fake test account has gotten quite a few interesting requests from spammers. So guess what, I’m going to break down how these accounts draw you into becoming their friends so they can send you ads.

From what I’ve seen, there are two types of these accounts. You have the fake accounts with modified layouts which disguise the number of friends, and you have the accounts that have been stolen. The ones I have been receiving come from the first time. So, let’s begin.

The first thing you need to do is make an account. I suggest creating a fake email account just for this purpose, but that’s up to you. Once you have your account created, you’ll need to log in and find a teenage girl styled theme. These usually consist of clashing colors with pink, green, blue, and maybe even yellow. The main point here is to think like a designer with an iq lower than one hundred.

This next step is an all important step. You need to get your image. Usually, these consist of fake pictures of high schoolers, high school girls, guys playing football, models, etc. The goal here is to stand out.

Now, we come to the hook. Set the profile to private so people have to be your friend to see your profile. (This is why you want an attention getting picture) Okay, so people will be your friend, now what? Hide the real number of friends. This is an amazing strategy that would fool most people without the firefox web developer toolbar. (I immediately disable embedded css on myspace pages, which is how I found this out) All you have to do is fill out your “about me” fields with fake, but interesting information, then in the “I’d like to meet” section, paste the code located at http://codymays.net/files/myspacecode.txt (Note: this is not my code. I ripped it from a spammer’s account, so change the images and stuff) and save your profile.

Amazing isn’t it? In this small amount of time, you have a spam system ready to go. All you have to do now is google for some myspace pages, start adding friends and sending messages saying that people should add you as a friend since myspace gives you errors when you try.

In all seriousness though, this is the exact reason the myspace revolution is going to have to come to an end. It is a whole new system for spammers to hit a target audience with, and it works quite well. Ask the developers of myspace. They are probably floating on a yacht somewhere. My intentions in writing this article is that people will stop falling for such stupid setups… I can wish can’t I?

Example profiles made by real spammers here and here

Permalink | Comment(1)  |   Del.icio.us  |   Digg  |   Slashdot