MENU
Home » 2016 » September » 22 » LLB - The iPhone Wiki
4:17 AM
LLB - The iPhone Wiki





This is the Low Level Bootloader. It runs several setup routines and on firmware versions 2.0 and higher it checks the signature of iBoot before jumping to it.

Those same setup routines are present in iBEC and iBSS. which is why they can be launched directly from DFU Mode .

LLB can be disassembled in a similar manner to the one described for iBoot. The base address for LLB 5.1 is 0x84000000 and the disassembly should yield the following:

LLB and iBoot likely share a common code base, as is evident by similar symbols and strings for the FTL, Image_Load, and others. LLB is specialized, however, to load iBoot, which it does by looking for the Img3 tagged "ibot", as can be seen here:

If iBoot cannot be found, LLB instructs the i-Device to identify itself as Apple Mobile Device (DFU Mode):

Restoring or flashing an LLB patched with Pwnage or 0x24000 Segment Overflow can lead to these changes:

  • ECID checks on boot-up are cancelled
  • A restored firmware is no longer integrity-checked
  • RSA Signature Hash blobs (SHSH ) and APTicket are ignored
  • Jailbreak is always untethered for a pwn-able device
  • Custom boot logos and recovery logos can be applied


Views: 493 | Added by: mega_tyfuk-1982 | Tags: llb | Rating: 0.0/0
Total comments: 0
avatar