It can be retrieved over IDBUS using Serial Number Reader cable (or Kanzi, they are basically the same thing, except for a different USB PID and a little bit different enclosure) In simple words, by sending this blob to ttrs.apple.com, you can get device's serial number. This mechanism is used by Apple Store/Apple Premium Reseller' staff to. Apple will reportedly launch AR glasses powered by your iPhone within a year. Priced at around $2,000 on the gray market, the proprietary Apple USB cable you need is called Kanzi, and it’s the only one that you can use to access special data buried in an iPhone, once you connect it to a computer.
Annotated photo of the original Alex DCSD PCB
The DCSD Alex cable is used in factories to communicate over serial to run tests and write to the SysCfg (for serial definitions, etc) during production. These cables are produced by ShenZhen Alex Connector Co., Ltd. in China. They can be purchased from obscure markets. There are two known types of DCSD cable. An older one, with lights and only one USB female USB connector, and a newer model, which lacks lights, and has two female USB connectors.
- 1'DCSD Alex' PCB
- 2'DCSD 3.1' PCB
- 3Uses
'DCSD Alex' PCB
Top of the board items of interest
Label | Chip | Datasheet | Notes |
---|---|---|---|
D1 | Low Power Consumption Voltage Regulator with ON/OFF Switch | http://www.s-manuals.com/pdf/datasheet/x/c/xc6215_series_torex.pdf | |
D5 | |||
D6 | Tied to TX and an input voltage of 3.3V on the UART J5 pads, this may be a protection in case the host shorts? | ||
U1 | Micrel 2026A Dual-Channel Power Distribution Switch | https://web.archive.org/web/20141010122122/http://www.xilinx.com/products/boards/ml510/datasheets/mic2076-2bm.pdf | |
U2 | |||
U3 | FTDI FT232RQ UART IC | http://www.ftdichip.com/Support/Documents/DataSheets/ICs/DS_FT232R.pdf | Handles stoplight LED controls |
U4 | Micrel MIC5219 | http://datasheet.datasheetarchive.com/originals/library/Datasheets-EDS7/DSAEDA000124178.pdf | 500mA Peak Output LDO Regulator |
U5 | FTDI FT232RQ UART IC | http://www.ftdichip.com/Support/Documents/DataSheets/ICs/DS_FT232R.pdf | Handles serial mux interface from iPhone |
U6 | SMSC USB2514 4-port USB hub | http://www.mouser.com/catalog/specsheets/2514.pdf |
|
U7 | Microchip 24AA04/24LC04B | http://ww1.microchip.com/downloads/en/DeviceDoc/21708G.pdf | I2C Serial EEPROM (TSSOP Package) |
X1 | MKC 24 MHz Oscillator | N/A | I'm not 100% sure about the value of the chip, but this should be correct |
Back of the board items of interest
Label | Notes |
---|---|
J9 | I believe these are used to flash the U7 EEPROM with USB IDs for use by the SMSC USB Hub, I have yet to dump the contents of the EEPROM to find out for sure. |
J10 | |
J11 | |
J12 |
'DCSD 3.1' PCB
This cable is made specifically for USB-C devices such as the newer models in the iPad Pro line, this cable also supports USB 3.1.USB connection from the main board splits out into a Y-style cable but turns back into one connection in the USB-A male connector .
Top of the board items of interest
Label | Chip | Datasheet | Notes |
---|---|---|---|
U4 | FTDI FT232RQ UART IC | http://www.ftdichip.com/Support/Documents/DataSheets/ICs/DS_FT232R.pdf | Handles stoplight LED controls |
J2A | Presumably test points for UART | ||
USB-A male connector | I haven't actually cut into the hard plastics yet but I presume this is where the actual USB hub is hosted. |
Back of the board items of interest
There's not much on the back of the board that you couldn't technically see from the front, no ICs or anything of interest really.
Annotated photo of the DCSD 3.1 PCB
Other notes
- The Lightning Connector has a specific Accessory ID flashed to it for enabling serial via the Tristar chip.
- This PCB is quite easy to replicate, but without the proper Accessory ID you will need to mimic the protocol similar to how key2fr did in his research.
- In theory, you can use the Tristar for JTAG through a similar board, but JTAG gets disabled by the device during boot due to production fusing status.
- In USB-C capable Macs Apple takes care to note the low speed USB2 pins on the TOP or BOTTOM of the connector (which are usually identical to support passive USB-C <-> USB-A cables). This suggests that these pairs may be treated differently just like how the lightning DCSD cable had a proper TOP and BOTTOM side, which would provide a second USB device on the same plug.
Uses
Verbose Boot
One use of the cable was to view verbose boot. You could access this by setting debug uarts in iRecovery or nvram, however, since iOS 9, this output has been obfuscated.
Shell over serial
Using qwertyoruiopz'sserialsh, it is possible to get shell over serial. This is useful, because it does not require any additional daemons other than those shipped with iOS. An example use case for this would be protecting against bootloops.
Debugging the kernel
Using the DCSD cable, it is possible to attach GDB to the iOS kernel, and pause it's running.
Retrieved from 'https://www.theiphonewiki.com/w/index.php?title=DCSD_Cable&oldid=102920'
If you’ve got the skills, then spending a few grand on a special type of iPhone or iPad and a special USB-cable may be enough to truly hack the iPhone and expose all of its secrets. That’s not to say that it’s easy or legal to do so, but a huge investigation reveals details about the underworld of iPhone hacking, which appears to be a flourishing and lucrative business.
How to use Keygen MS Visio Pro? For activation & registration process, get crack.exe setup file located in torrent link; Generate from there only a registration code to implement in Windows; Let, you can expand further files to create a zip code; Go to the trial version, click over update button; Just impose copied data to the key blinking folder. May 28, 2020 Microsoft Visio 2020 Crack Multilingual Product Key free torrent Pre-cracked. The professional version of Microsoft Visio 2019 Crack is is a choice of business-oriented organizations, graphics designers and for small business owners, because of its moderate pricing and inclusion of some remarkable features. Jun 16, 2020 Open the “Crack” or “Patch” file, copy and paste into installation directory and run. Or use the keygen serial license to activate the Program. All done enjoy the Microsoft Visio Latest Version 2020. Microsoft visio download. Jul 22, 2020 Microsoft Visio 2020 Crack + Product Key (Torrent) Free Download. Microsoft Visio 2020 Crack is a simple or complex scheme. More, It provides various forms, objects, and embedded templates with which you want to work. So, You can also create and import forms to complete this extra time. The main idea behind Visio is to facilitate user planning. Aug 18, 2020 Microsoft Visio 2020 Crack Download Full Version. Microsoft Visio 2020 Crack program is simplified and communicates complex information using a data-linked diagram. You can advance the diagram made simple and easy to understand. As well as you can create the flowcharts, network diagram, org chart, floor plans, engineering design and also using more modern shapes and templates.
Priced at around $2,000 on the gray market, the proprietary Apple USB cable you need is called Kanzi, and it’s the only one that you can use to access special data buried in an iPhone, once you connect it to a computer. According to Motherboard’s months-long investigation, you also need to buy developer-fused iPhones that can cost you four or five figures — the iPhone 6 is $1,300, the iPhone 8 Plus costs $5,000, and the iPhone XR is a whopping $20,000.
These dev-fused devices are special types of iPhones that are used for testing and debugging purposes. Thus, the iPhones do not have all the standard software defenses enabled, and security researchers would be able to learn some of the secrets hidden behind the security in iOS.
Kanzi Connect
Dev-fused iPhones that were never intended to escape Apple’s production pipeline have made their way to the gray market, where smugglers and middlemen sell them for thousands of dollars to hackers and security researchers. Using the information gleaned from probing a dev-fused device, researchers can sometimes parlay what they’ve learned into developing a hack for the normal iPhones hundreds of millions of people own.
Comparatively, the iPhone that you buy in stores is “prod-fused,” which means it can’t offer hackers access to the special dev mode. Here’s how one former Apple employee described it:
Kanzi Apples
Prod fused means there’s a specific pin on the board that is ‘blown’ in the production phase. The board checks that pin to see if the device is prod or not. If it isn’t, and the firmware is dev version, then certain features are enabled.
Kanzi Apple Store
While Apple has been trying its best not to lose access to any of the dev-fused phones it has made over the years, it looks like there’s a thriving black market for them and you can easily find a model to suit your needs.