I’ve been working around Apple iPhone firmwares for a long time, but on iPods my only experience was on the time of some cache-playing hacks that came out on iPod nano 6th generation on firmware 1.0 (nanohack.me).
I wanted to check some plists on the firmware a while ago and because it took me a long time to decrypt the 1.2 firmware with the new addresses I’m just logging my work here for further use by me or anyone else interested.
First with the use of extract2g extract the .fw files.
./extract2g -4 -A /iPod nano 6g Hacking/iPod_1.2_36B10147 copy/Firmware.MSE
then I skipped the 2 byte headers and get the .img instead of .fw to be able to mount the image by:
dd if=./rsrc.fw of=./skiprsrc.img iseek=2 count=321546
this would be the new fdisk print output:
I’m working around the .plist files and also SilverDB files to be able to modify them and put them back in a working condition.