2023-01-13 05:25:27 +01:00
#!/usr/bin/env bash
2021-05-29 13:26:08 +02:00
2023-07-19 12:54:39 +02:00
ipsw_openssh = 1 # OpenSSH will be added to jailbreak/custom IPSW if set to 1.
2023-10-06 15:22:43 +02:00
device_rd_build = "" # You can change the version of SSH Ramdisk and Pwned iBSS/iBEC here. (default is 10B329 for most devices)
2023-07-21 09:12:01 +02:00
jelbrek = "../resources/jailbreak"
2024-02-12 06:33:52 +01:00
ssh_port = 6414
2021-05-29 13:26:08 +02:00
2023-01-13 05:25:27 +01:00
print( ) {
2023-01-22 03:45:37 +01:00
echo " ${ color_B } ${ 1 } ${ color_N } "
2020-03-09 02:30:19 +01:00
}
2023-01-13 05:25:27 +01:00
input( ) {
echo " ${ color_Y } [Input] ${ 1 } ${ color_N } "
2020-09-01 04:25:27 +02:00
}
2023-01-13 05:25:27 +01:00
log( ) {
echo " ${ color_G } [Log] ${ 1 } ${ color_N } "
2020-03-09 02:30:19 +01:00
}
2023-01-13 05:25:27 +01:00
warn( ) {
echo " ${ color_Y } [WARNING] ${ 1 } ${ color_N } "
2020-09-01 04:25:27 +02:00
}
2023-01-13 05:25:27 +01:00
error( ) {
echo -e " ${ color_R } [Error] ${ 1 } \n ${ color_Y } ${ * : 2 } ${ color_N } "
2023-10-02 18:46:29 +02:00
print " * Legacy iOS Kit $version_current ( $git_hash ) "
2024-02-04 12:49:03 +01:00
print " * Platform: $platform ( $platform_ver ) $live_cdusb_str "
2023-03-18 03:44:15 +01:00
exit 1
2020-04-01 04:49:55 +02:00
}
2023-01-22 03:45:37 +01:00
pause( ) {
input "Press Enter/Return to continue (or press Ctrl+C to cancel)"
read -s
}
clean( ) {
2023-12-26 10:29:08 +01:00
kill $httpserver_pid $iproxy_pid $anisette_pid 2>/dev/null
2023-08-19 09:36:15 +02:00
popd & >/dev/null
rm -rf " $( dirname " $0 " ) /tmp/ " * " $( dirname " $0 " ) /iP " */ " $( dirname " $0 " ) /tmp/ " 2>/dev/null
2023-09-02 06:56:49 +02:00
if [ [ $platform = = "macos" ] ] ; then
killall -CONT AMPDevicesAgent AMPDeviceDiscoveryAgent MobileDeviceUpdater
fi
2023-01-22 03:45:37 +01:00
}
2023-08-19 09:36:15 +02:00
clean_sudo( ) {
2023-01-22 03:45:37 +01:00
clean
2023-08-19 09:36:15 +02:00
sudo rm -rf /tmp/futurerestore /tmp/*.json " $( dirname " $0 " ) /tmp/ " * " $( dirname " $0 " ) /iP " */ " $( dirname " $0 " ) /tmp/ "
sudo kill $sudoloop_pid
}
clean_usbmuxd( ) {
clean_sudo
2024-03-05 04:51:54 +01:00
sudo killall usbmuxd 2>/dev/null
2024-06-10 04:41:11 +02:00
if [ [ $( command -v systemctl 2>/dev/null) ] ] ; then
2024-03-05 04:51:54 +01:00
sleep 1
sudo systemctl restart usbmuxd
fi
2022-05-29 16:57:53 +02:00
}
2023-01-13 05:25:27 +01:00
bash_version = $( /usr/bin/env bash -c 'echo ${BASH_VERSINFO[0]}' )
2023-06-19 05:47:18 +02:00
if ( ( bash_version > 3 ) ) ; then
shopt -s compat32
2023-01-13 05:25:27 +01:00
fi
display_help( ) {
2023-04-02 12:18:44 +02:00
echo ' *** Legacy iOS Kit ***
- Script by LukeZGD -
2023-01-13 05:25:27 +01:00
2023-01-13 10:30:26 +01:00
Usage: ./restore.sh [ Options]
2023-01-13 05:25:27 +01:00
List of options:
2023-01-13 10:30:26 +01:00
--debug For script debugging ( set -x and debug mode)
2023-07-01 16:14:19 +02:00
--disable-sudoloop Disable running tools as root for Linux
--disable-usbmuxd Disable running usbmuxd as root for Linux
2023-01-13 05:25:27 +01:00
--entry-device Enable manual device and ECID entry
--help Display this help message
--no-color Disable colors for script output
--no-device Enable no device mode
--no-version-check Disable script version checking
2023-07-19 12:54:39 +02:00
For 32-bit devices compatible with restores/downgrades ( see README) :
2023-11-18 02:48:07 +01:00
--activation-records Enable dumping/stitching activation records
2023-09-04 17:06:58 +02:00
--disable-bbupdate Disable bbupdate and enable dumping/stitching baseband
--ipsw-hacktivate Enable hacktivation for creating IPSW ( iPhone 2G/3G/3GS only)
2023-04-02 12:18:44 +02:00
--ipsw-verbose Enable verbose boot option ( powdersn0w only)
2023-01-13 05:25:27 +01:00
--jailbreak Enable jailbreak option
--memory Enable memory option for creating IPSW
2024-05-07 06:56:14 +02:00
--pwned-recovery Assume that device is in pwned recovery mode
2024-02-26 10:22:31 +01:00
--skip-ibss Assume that pwned iBSS has already been sent to device
2023-01-13 05:25:27 +01:00
* Default IPSW path: <script location>/name_of_ipswfile.ipsw
* Default SHSH path: <script location>/saved/shsh/name_of_blobfile.shsh( 2)
2023-01-13 10:30:26 +01:00
'
2023-01-13 05:25:27 +01:00
}
set_tool_paths( ) {
: '
2023-02-04 07:43:34 +01:00
sets variables: platform, platform_ver, dir
2023-01-13 05:25:27 +01:00
also checks architecture ( linux) and macos version
2023-01-23 16:46:37 +01:00
also set distro, debian_ver, ubuntu_ver, fedora_ver variables for linux
2023-01-13 05:25:27 +01:00
list of tools set here:
2023-11-21 02:59:54 +01:00
bspatch, jq, scp, ssh, sha1sum ( for macos: shasum -a 1) , zenity
2023-01-13 05:25:27 +01:00
these ones "need" sudo for linux arm, not for others:
2024-06-16 06:03:55 +02:00
futurerestore, gaster, idevicerestore, ipwnder, irecovery
2023-01-13 05:25:27 +01:00
tools set here will be executed using:
$name_of_tool
the rest of the tools not listed here will be executed using:
" $dir / $name_of_tool "
'
if [ [ $OSTYPE = = "linux" * ] ] ; then
2024-06-09 11:19:52 +02:00
source /etc/os-release
2023-01-13 05:25:27 +01:00
platform = "linux"
platform_ver = " $PRETTY_NAME "
dir = "../bin/linux/"
# architecture check
if [ [ $( uname -m) = = "a" * && $( getconf LONG_BIT) = = 64 ] ] ; then
2023-06-21 10:46:53 +02:00
platform_arch = "arm64"
2023-01-13 05:25:27 +01:00
elif [ [ $( uname -m) = = "a" * ] ] ; then
2023-06-21 10:46:53 +02:00
platform_arch = "armhf"
2023-01-13 05:25:27 +01:00
elif [ [ $( uname -m) = = "x86_64" ] ] ; then
2023-06-21 10:46:53 +02:00
platform_arch = "x86_64"
2023-01-13 05:25:27 +01:00
else
2023-01-13 10:30:26 +01:00
error " Your architecture ( $( uname -m) ) is not supported. "
2023-01-13 05:25:27 +01:00
fi
2023-06-21 10:46:53 +02:00
dir += " $platform_arch "
2023-01-13 05:25:27 +01:00
2023-02-04 07:43:34 +01:00
# version check
2023-06-19 05:47:18 +02:00
if [ [ -n $UBUNTU_CODENAME ] ] ; then
2023-06-21 09:32:17 +02:00
case $UBUNTU_CODENAME in
2024-06-11 11:18:59 +02:00
"jammy" | "kinetic" ) ubuntu_ver = 22; ;
"lunar" | "mantic" ) ubuntu_ver = 23; ;
"noble" | "oracular" ) ubuntu_ver = 24; ;
2023-06-21 09:32:17 +02:00
esac
if [ [ -z $ubuntu_ver ] ] ; then
2024-06-09 11:19:52 +02:00
source /etc/upstream-release/lsb-release 2>/dev/null
2023-06-21 09:32:17 +02:00
ubuntu_ver = " $( echo " $DISTRIB_RELEASE " | cut -c -2) "
fi
if [ [ -z $ubuntu_ver ] ] ; then
ubuntu_ver = " $( echo " $VERSION_ID " | cut -c -2) "
fi
2023-06-19 05:47:18 +02:00
elif [ [ -e /etc/debian_version ] ] ; then
2023-01-23 16:46:37 +01:00
debian_ver = $( cat /etc/debian_version)
2024-06-11 11:18:59 +02:00
case $debian_ver in
*"sid" | "kali" * ) debian_ver = "sid" ; ;
* ) debian_ver = " $( echo " $debian_ver " | cut -c -2) " ; ;
esac
2024-03-08 03:01:40 +01:00
elif [ [ $ID = = "fedora" || $ID = = "nobara" || $ID_LIKE = = "fedora" ] ] ; then
2023-01-23 16:46:37 +01:00
fedora_ver = $VERSION_ID
fi
2023-02-04 07:43:34 +01:00
# distro check
2023-01-23 16:46:37 +01:00
if [ [ $ID = = "arch" || $ID_LIKE = = "arch" || $ID = = "artix" ] ] ; then
distro = "arch"
elif ( ( ubuntu_ver >= 22 ) ) || ( ( debian_ver >= 12 ) ) || [ [ $debian_ver = = "sid" ] ] ; then
distro = "debian"
2023-08-05 17:00:27 +02:00
elif ( ( fedora_ver >= 37 ) ) ; then
2023-01-23 16:46:37 +01:00
distro = "fedora"
elif [ [ $ID = = "opensuse-tumbleweed" ] ] ; then
distro = "opensuse"
2023-06-19 10:54:58 +02:00
elif [ [ $ID = = "gentoo" || $ID_LIKE = = "gentoo" || $ID = = "pentoo" ] ] ; then
distro = "gentoo"
2023-01-23 16:46:37 +01:00
else
2023-05-19 10:17:38 +02:00
error " Your distro ( $platform_ver ) is not detected/supported. See the repo README for supported OS versions/distros "
2023-01-23 16:46:37 +01:00
fi
2024-06-15 12:39:27 +02:00
bspatch = " $dir /bspatch "
ifuse = " $( command -v ifuse) "
2024-02-07 14:24:48 +01:00
PlistBuddy = " $dir /PlistBuddy "
2024-06-15 12:39:27 +02:00
sha1sum = " $( command -v sha1sum) "
2024-06-10 04:41:11 +02:00
zenity = " $( command -v zenity) "
2023-01-13 05:25:27 +01:00
2023-02-18 01:01:52 +01:00
# live cd/usb check
2023-02-19 03:52:45 +01:00
if [ [ $( id -u $USER ) = = 999 || $USER = = "liveuser" ] ] ; then
2023-02-18 04:56:52 +01:00
live_cdusb = 1
2024-05-16 13:53:26 +02:00
live_cdusb_str = "Live session"
log "Linux Live session detected."
2023-02-18 01:01:52 +01:00
if [ [ $( pwd ) = = "/home" * ] ] ; then
2023-02-19 03:52:45 +01:00
df . -h
if [ [ $( lsblk -o label | grep -c "casper-rw" ) = = 1 || $( lsblk -o label | grep -c "persistence" ) = = 1 ] ] ; then
2023-04-02 12:18:44 +02:00
log "Detected Legacy iOS Kit running on persistent storage."
2024-05-16 13:53:26 +02:00
live_cdusb_str += " - Persistent storage"
2023-02-18 04:56:52 +01:00
else
2023-04-02 12:18:44 +02:00
warn "Detected Legacy iOS Kit running on temporary storage."
2023-02-18 04:56:52 +01:00
print "* You may run out of space and get errors during the downgrade process."
2023-09-04 17:06:58 +02:00
print "* Please move Legacy iOS Kit to a drive that is NOT used for the live USB."
print "* This may mean using another external HDD/flash drive to store Legacy iOS Kit on."
print "* To use one USB drive only, create the live USB using Rufus with Persistent Storage enabled."
2023-02-18 04:56:52 +01:00
pause
2024-05-16 13:53:26 +02:00
live_cdusb_str += " - Temporary storage"
2023-02-18 04:56:52 +01:00
fi
2023-02-18 01:01:52 +01:00
fi
fi
2023-07-18 05:56:33 +02:00
# if "/media" is detected in pwd, warn user of possible permission issues
if [ [ $( pwd ) = = *"/media" * ] ] ; then
2023-09-04 17:06:58 +02:00
warn "You might get permission errors like \"Permission denied\" on getting device info."
2023-07-18 05:56:33 +02:00
print "* If this is the case, try moving Legacy iOS Kit to the Desktop or Documents folder."
fi
2023-07-01 16:14:19 +02:00
if [ [ -z $device_disable_sudoloop ] ] ; then
device_sudoloop = 1 # Run some tools as root for device detection if set to 1. (for Linux)
2023-08-19 09:36:15 +02:00
trap "clean_sudo" EXIT
2023-07-01 16:14:19 +02:00
fi
2023-02-18 04:56:52 +01:00
if [ [ $( uname -m) = = "a" * || $device_sudoloop = = 1 || $live_cdusb = = 1 ] ] ; then
if [ [ $live_cdusb != 1 ] ] ; then
2023-02-18 01:01:52 +01:00
print "* Enter your user password when prompted"
fi
2023-01-16 08:51:36 +01:00
sudo -v
( while true; do sudo -v; sleep 60; done ) &
sudoloop_pid = $!
2023-01-13 05:25:27 +01:00
futurerestore = "sudo "
2023-01-25 11:29:55 +01:00
gaster = "sudo "
2023-01-13 05:25:27 +01:00
idevicerestore = "sudo "
ipwnder = "sudo "
irecovery = "sudo "
2023-02-10 10:17:11 +01:00
irecovery2 = "sudo "
2023-08-23 14:37:39 +02:00
if [ [ ! -d $dir && $( ls ../bin/linux) ] ] ; then
log " Running on platform: $platform ( $platform_ver ) "
2024-06-11 11:18:59 +02:00
error " Failed to find bin directory for $platform_arch , found $( ls -x ../bin/linux) instead. " \
2023-08-23 14:37:39 +02:00
" * Download the \"linux_ $platform_arch \" or \"complete\" version to continue (or do a git clone) "
2023-08-05 17:00:27 +02:00
fi
2023-07-01 16:14:19 +02:00
if [ [ -z $device_disable_usbmuxd ] ] ; then
2024-06-10 04:41:11 +02:00
if [ [ $( command -v systemctl 2>/dev/null) ] ] ; then
2024-03-05 04:51:54 +01:00
sudo systemctl stop usbmuxd
fi
2024-03-06 03:39:52 +01:00
#sudo killall usbmuxd 2>/dev/null
#sleep 1
2023-07-27 07:34:16 +02:00
sudo -b $dir /usbmuxd -pf 2>/dev/null
2023-08-19 09:36:15 +02:00
trap "clean_usbmuxd" EXIT
2023-07-01 16:14:19 +02:00
fi
2023-01-13 05:25:27 +01:00
fi
2024-06-11 11:18:59 +02:00
elif [ [ $( uname -m) = = "iP" * ] ] ; then
error "Running Legacy iOS Kit on iOS is not supported (yet)" "* Supported platforms: Linux, macOS"
2023-01-13 05:25:27 +01:00
elif [ [ $OSTYPE = = "darwin" * ] ] ; then
platform = "macos"
platform_ver = " ${ 1 :- $( sw_vers -productVersion) } "
2023-01-16 08:51:36 +01:00
dir = "../bin/macos"
2023-01-13 05:25:27 +01:00
2024-05-16 13:53:26 +02:00
platform_arch = " $( uname -m) "
if [ [ $platform_arch != "x86_64" ] ] ; then
platform_arch = "arm64"
fi
2023-01-13 05:25:27 +01:00
# macos version check
2024-06-22 09:52:08 +02:00
mac_majver = " ${ platform_ver : 0 : 2 } "
if [ [ $mac_majver = = 10 ] ] ; then
mac_minver = ${ platform_ver : 3 }
mac_minver = ${ mac_minver %.* }
if ( ( mac_minver < 11 ) ) ; then
2024-04-19 04:22:48 +02:00
warn " Your macOS version ( $platform_ver ) is not supported. Expect features to not work properly. "
2024-06-22 09:52:08 +02:00
print "* Supported versions are macOS 10.11 and newer. (10.13/10.15 and newer recommended)"
2024-04-19 04:22:48 +02:00
pause
2023-01-13 05:25:27 +01:00
fi
2024-06-22 09:52:08 +02:00
if ( ( mac_minver <= 11 ) ) ; then
mac_lowver = 1
mac_cocoa = 1
if [ [ -z $( command -v cocoadialog) ] ] ; then
local error_msg = "* You need to install cocoadialog from MacPorts."
error_msg += $'\n* Please read the wiki and install the requirements needed in MacPorts: https://github.com/LukeZGD/Legacy-iOS-Kit/wiki/How-to-Use'
error_msg += $'\n* Also make sure that /opt/local/bin (or /usr/local/bin) is in your $PATH.'
error_msg += $'\n* You may try running this command: export PATH="/opt/local/bin:$PATH"'
error "Cannot find cocoadialog, cannot continue." " $error_msg "
fi
elif [ [ $mac_minver = = 12 ] ] ; then
mac_lowver = 1
fi
if [ [ $( command -v curl) = = "/usr/bin/curl" ] ] && ( ( mac_minver < 15 ) ) ; then
local error_msg = "* You need to install curl from MacPorts."
2024-03-31 14:00:37 +02:00
error_msg += $'\n* Please read the wiki and install the requirements needed in MacPorts: https://github.com/LukeZGD/Legacy-iOS-Kit/wiki/How-to-Use'
2024-06-11 11:18:59 +02:00
error_msg += $'\n* Also make sure that /opt/local/bin (or /usr/local/bin) is in your $PATH.'
2024-06-11 13:38:13 +02:00
error_msg += $'\n* You may try running this command: export PATH="/opt/local/bin:$PATH"'
2024-01-29 01:53:06 +01:00
error "Outdated curl detected, cannot continue." " $error_msg "
2024-01-27 18:01:48 +01:00
fi
2023-01-13 05:25:27 +01:00
fi
2024-06-22 09:52:08 +02:00
2024-06-10 04:41:11 +02:00
bspatch = " $( command -v bspatch) "
2024-06-22 09:52:08 +02:00
cocoadialog = " $( command -v cocoadialog) "
2024-06-15 12:39:27 +02:00
ifuse = " $dir /ifuse "
2023-06-05 09:28:29 +02:00
ipwnder32 = " $dir /ipwnder32 "
2024-02-07 14:24:48 +01:00
PlistBuddy = "/usr/libexec/PlistBuddy"
2024-06-10 04:41:11 +02:00
sha1sum = " $( command -v shasum) -a 1 "
2024-06-15 12:39:27 +02:00
zenity = " $dir /zenity "
2023-01-13 05:25:27 +01:00
2023-09-02 06:56:49 +02:00
# kill macos daemons
killall -STOP AMPDevicesAgent AMPDeviceDiscoveryAgent MobileDeviceUpdater
2023-01-13 05:25:27 +01:00
else
2023-07-24 03:36:28 +02:00
error " Your platform ( $OSTYPE ) is not supported. " "* Supported platforms: Linux, macOS"
2021-10-02 06:46:35 +02:00
fi
2023-01-13 05:25:27 +01:00
log " Running on platform: $platform ( $platform_ver ) "
2023-08-23 14:37:39 +02:00
if [ [ ! -d $dir ] ] ; then
error " Failed to find bin directory ( $dir ), cannot continue. " \
"* Re-download Legacy iOS Kit from releases (or do a git clone/reset)"
fi
if [ [ $device_sudoloop = = 1 ] ] ; then
sudo chmod +x $dir /*
if [ [ $? != 0 ] ] ; then
2024-06-11 11:18:59 +02:00
error "Failed to set up execute permissions, cannot continue. Try to move Legacy iOS Kit somewhere else."
2023-08-23 14:37:39 +02:00
fi
else
2023-02-06 08:27:47 +01:00
chmod +x $dir /*
fi
2021-10-02 06:46:35 +02:00
2023-07-28 05:24:11 +02:00
futurerestore += " $dir /futurerestore "
2023-01-25 11:29:55 +01:00
gaster += " $dir /gaster "
2024-06-15 12:39:27 +02:00
ideviceactivation = " $dir /ideviceactivation "
ideviceenterrecovery = " $dir /ideviceenterrecovery "
ideviceinfo = " $dir /ideviceinfo "
2023-01-13 05:25:27 +01:00
idevicerestore += " $dir /idevicerestore "
2024-06-15 12:39:27 +02:00
iproxy = " $dir /iproxy "
2023-01-13 05:25:27 +01:00
ipwnder += " $dir /ipwnder "
2024-06-15 12:39:27 +02:00
irecovery += " $dir /irecovery "
2023-02-10 10:17:11 +01:00
irecovery2 += " $dir /irecovery2 "
2024-06-15 12:39:27 +02:00
jq = " $dir /jq "
2024-01-08 00:53:22 +01:00
cp ../resources/ssh_config .
if [ [ $( ssh -V 2>& 1 | grep -c SSH_8.8) = = 1 || $( ssh -V 2>& 1 | grep -c SSH_8.9) = = 1 ||
2024-06-22 09:52:08 +02:00
$( ssh -V 2>& 1 | grep -c SSH_9.) = = 1 || $( ssh -V 2>& 1 | grep -c SSH_1) = = 1 ] ] ; then
2024-01-08 00:53:22 +01:00
echo " PubkeyAcceptedAlgorithms +ssh-rsa" >> ssh_config
fi
2024-01-08 00:54:29 +01:00
scp2 = "scp -F ./ssh_config"
ssh2 = "ssh -F ./ssh_config"
2023-01-13 05:25:27 +01:00
}
2022-10-15 12:50:03 +02:00
2023-01-13 05:25:27 +01:00
install_depends( ) {
log "Installing dependencies..."
2023-08-09 19:52:12 +02:00
rm -f "../resources/firstrun"
2023-01-13 05:25:27 +01:00
if [ [ $platform = = "linux" ] ] ; then
2023-04-02 12:18:44 +02:00
print "* Legacy iOS Kit will be installing dependencies from your distribution's package manager"
2023-01-13 05:25:27 +01:00
print "* Enter your user password when prompted"
pause
2022-10-15 12:50:03 +02:00
fi
2023-01-13 05:25:27 +01:00
2023-01-23 16:46:37 +01:00
if [ [ $distro = = "arch" ] ] ; then
2024-06-15 12:39:27 +02:00
sudo pacman -Sy --noconfirm --needed base-devel ca-certificates ca-certificates-mozilla curl ifuse libimobiledevice libxml2 openssh pyenv python udev unzip usbmuxd usbutils vim zenity zip zstd
2023-01-13 05:25:27 +01:00
2023-01-23 16:46:37 +01:00
elif [ [ $distro = = "debian" ] ] ; then
if [ [ -n $ubuntu_ver ] ] ; then
sudo add-apt-repository -y universe
fi
2023-01-13 05:25:27 +01:00
sudo apt update
2024-06-19 04:10:45 +02:00
sudo apt install -m -y build-essential ca-certificates curl git ifuse libimobiledevice6 libssl3 libssl-dev libxml2 libzstd1 openssh-client patch python3 unzip usbmuxd usbutils xxd zenity zip zlib1g-dev
2024-06-10 04:41:11 +02:00
if [ [ $( command -v systemctl 2>/dev/null) ] ] ; then
2024-03-05 04:51:54 +01:00
sudo systemctl enable --now udev systemd-udevd usbmuxd 2>/dev/null
fi
2023-01-13 05:25:27 +01:00
2023-01-23 16:46:37 +01:00
elif [ [ $distro = = "fedora" ] ] ; then
2024-06-15 12:39:27 +02:00
sudo dnf install -y ca-certificates git ifuse libimobiledevice libxml2 libzstd openssl openssl-devel patch python3 systemd udev usbmuxd vim-common zenity zip zlib-devel
2024-02-11 07:15:16 +01:00
sudo dnf group install -y "C Development Tools and Libraries"
2023-01-13 05:25:27 +01:00
sudo ln -sf /etc/pki/tls/certs/ca-bundle.crt /etc/pki/tls/certs/ca-certificates.crt
2023-01-23 16:46:37 +01:00
elif [ [ $distro = = "opensuse" ] ] ; then
2024-06-15 12:39:27 +02:00
sudo zypper -n install ca-certificates curl git ifuse libimobiledevice-1_0-6 libopenssl-3-devel libxml2 libzstd1 openssl-3 patch pyenv python3 usbmuxd unzip vim zenity zip zlib-devel
2024-02-11 07:15:16 +01:00
sudo zypper -n install -t pattern devel_basis
2023-01-13 05:25:27 +01:00
2023-06-19 10:54:58 +02:00
elif [ [ $distro = = "gentoo" ] ] ; then
2024-06-15 12:39:27 +02:00
sudo emerge -av --noreplace app-arch/zstd app-misc/ca-certificates app-pda/ifuse dev-libs/libxml2 libimobiledevice net-misc/curl openssh python udev unzip usbmuxd usbutils vim zenity zip
2023-06-19 10:54:58 +02:00
2023-01-13 05:25:27 +01:00
elif [ [ $platform = = "macos" ] ] ; then
2023-08-09 19:52:12 +02:00
print "* Legacy iOS Kit will be installing dependencies and setting up permissions of tools"
print "* Enter your user password when prompted"
pause
sudo xattr -cr $dir
chown -R $USER :staff $dir
2023-06-09 02:42:30 +02:00
log "Installing Xcode Command Line Tools"
2023-01-13 05:25:27 +01:00
xcode-select --install
2024-05-16 13:53:26 +02:00
if [ [ $platform_arch = = "arm64" ] ] ; then
2023-06-09 02:42:30 +02:00
log "Installing Rosetta 2"
softwareupdate --install-rosetta
fi
2023-01-13 05:25:27 +01:00
fi
2023-08-09 19:52:12 +02:00
echo " $platform_ver " > "../resources/firstrun"
2023-01-13 05:25:27 +01:00
if [ [ $platform = = "linux" ] ] ; then
# from linux_fix script by Cryptiiiic
2024-06-10 04:41:11 +02:00
if [ [ $( command -v systemctl 2>/dev/null) ] ] ; then
2024-03-05 04:51:54 +01:00
sudo systemctl enable --now systemd-udevd usbmuxd 2>/dev/null
fi
2023-01-16 06:37:50 +01:00
echo "QUNUSU9OPT0iYWRkIiwgU1VCU1lTVEVNPT0idXNiIiwgQVRUUntpZFZlbmRvcn09PSIwNWFjIiwgQVRUUntpZFByb2R1Y3R9PT0iMTIyWzI3XXwxMjhbMC0zXSIsIE9XTkVSPSJyb290IiwgR1JPVVA9InVzYm11eGQiLCBNT0RFPSIwNjYwIiwgVEFHKz0idWFjY2VzcyIKCkFDVElPTj09ImFkZCIsIFNVQlNZU1RFTT09InVzYiIsIEFUVFJ7aWRWZW5kb3J9PT0iMDVhYyIsIEFUVFJ7aWRQcm9kdWN0fT09IjEzMzgiLCBPV05FUj0icm9vdCIsIEdST1VQPSJ1c2JtdXhkIiwgTU9ERT0iMDY2MCIsIFRBRys9InVhY2Nlc3MiCgoK" | base64 -d | sudo tee /etc/udev/rules.d/39-libirecovery.rules >/dev/null 2>/dev/null
2023-01-13 05:25:27 +01:00
sudo chown root:root /etc/udev/rules.d/39-libirecovery.rules
sudo chmod 0644 /etc/udev/rules.d/39-libirecovery.rules
sudo udevadm control --reload-rules
2024-04-14 01:28:04 +02:00
sudo udevadm trigger -s usb
2022-10-15 12:50:03 +02:00
fi
2023-01-13 05:25:27 +01:00
log "Install script done! Please run the script again to proceed"
log "If your iOS device is plugged in, unplug and replug your device"
2023-03-18 03:44:15 +01:00
exit
2023-01-13 05:25:27 +01:00
}
2023-10-04 05:54:59 +02:00
version_update_check( ) {
2023-06-21 10:46:53 +02:00
log "Checking for updates..."
github_api = $( curl https://api.github.com/repos/LukeZGD/Legacy-iOS-Kit/releases/latest 2>/dev/null)
2023-07-02 09:51:07 +02:00
pushd " $( dirname " $0 " ) /tmp " >/dev/null
2023-06-21 10:46:53 +02:00
version_latest = $( echo " $github_api " | $jq -r '.assets[] | select(.name|test("complete")) | .name' | cut -c 25- | cut -c -9)
git_hash_latest = $( echo " $github_api " | $jq -r '.assets[] | select(.name|test("git-hash")) | .name' | cut -c 21- | cut -c -7)
2023-07-02 09:51:07 +02:00
popd >/dev/null
2023-06-21 10:46:53 +02:00
}
version_update( ) {
local url
local req
read -p " $( input 'Do you want to update now? (Y/n): ' ) " opt
if [ [ $opt = = 'n' || $opt = = 'N' ] ] ; then
exit
fi
if [ [ -d .git ] ] ; then
log "Running git pull..."
2024-02-17 09:49:15 +01:00
print "* If this fails for some reason, run: git reset --hard"
print "* To clean more files if needed, run: git clean -df"
2023-06-21 10:46:53 +02:00
git pull
log "Done! Please run the script again"
exit
elif ( ( $( ls bin | wc -l) > 1 ) ) ; then
req = ".assets[] | select (.name|test(\"complete\")) | .browser_download_url"
elif [ [ $platform = = "linux" ] ] ; then
req = " .assets[] | select (.name|test(\" ${ platform } _ $platform_arch \")) | .browser_download_url "
else
req = " .assets[] | select (.name|test(\" ${ platform } \")) | .browser_download_url "
fi
2023-07-02 10:55:16 +02:00
pushd " $( dirname " $0 " ) /tmp " >/dev/null
2023-06-21 10:46:53 +02:00
url = " $( echo " $github_api " | $jq -r " $req " ) "
log " Downloading: $url "
2023-07-02 10:55:16 +02:00
curl -L $url -o latest.zip
if [ [ ! -s latest.zip ] ] ; then
2023-06-21 10:46:53 +02:00
error "Download failed. Please run the script again"
fi
2023-07-02 10:55:16 +02:00
popd >/dev/null
2023-06-21 10:46:53 +02:00
log "Updating..."
cp resources/firstrun tmp 2>/dev/null
2024-01-30 04:19:22 +01:00
rm -r bin/ LICENSE README.md restore.sh
if [ [ $device_sudoloop = = 1 ] ] ; then
sudo rm -rf resources/
fi
2024-02-03 10:45:37 +01:00
rm -r resources/ 2>/dev/null
2023-06-21 10:46:53 +02:00
unzip -q tmp/latest.zip -d .
cp tmp/firstrun resources 2>/dev/null
log "Done! Please run the script again"
exit
}
2023-10-04 05:54:59 +02:00
version_get( ) {
2023-01-13 05:25:27 +01:00
pushd .. >/dev/null
2022-07-24 14:33:27 +02:00
if [ [ -d .git ] ] ; then
2024-02-17 09:49:15 +01:00
if [ [ -e .git/shallow ] ] ; then
log "Shallow git repository detected. Unshallowing..."
git fetch --unshallow
fi
2023-04-02 12:18:44 +02:00
git_hash = $( git rev-parse HEAD | cut -c -7)
2023-06-30 16:41:38 +02:00
local dm = $( git log -1 --format= %ci | cut -c 3- | cut -c -5)
2023-07-02 09:51:07 +02:00
version_current = v${ dm //-/. } .
2023-06-30 16:41:38 +02:00
dm = " 20 $dm "
2023-10-04 05:54:59 +02:00
if [ [ $( uname) = = "Darwin" ] ] ; then
2023-06-30 16:41:38 +02:00
dm = " $( date -j -f "%Y-%m-%d %H:%M:%S" " ${ dm } -01 00:00:00 " +%s) "
2022-08-20 06:45:07 +02:00
else
2023-06-30 16:41:38 +02:00
dm = " $( date --date= " ${ dm } -01 " +%s) "
2022-08-20 06:45:07 +02:00
fi
2023-06-30 16:41:38 +02:00
dm = $(( dm-1))
version_current += $( git rev-list --count HEAD --since= $dm | xargs printf "%02d" )
2023-01-13 05:25:27 +01:00
elif [ [ -e ./resources/git_hash ] ] ; then
2023-04-05 06:03:16 +02:00
version_current = " $( cat ./resources/version) "
2023-04-02 12:18:44 +02:00
git_hash = " $( cat ./resources/git_hash) "
2022-07-24 14:33:27 +02:00
else
2023-01-13 05:25:27 +01:00
log ".git directory and git_hash file not found, cannot determine version."
if [ [ $no_version_check != 1 ] ] ; then
2023-06-21 10:46:53 +02:00
warn "Your copy of Legacy iOS Kit is downloaded incorrectly. Do not use the \"Code\" button in GitHub."
2023-10-04 05:54:59 +02:00
print "* Please download Legacy iOS Kit using git clone or from GitHub releases: https://github.com/LukeZGD/Legacy-iOS-Kit/releases"
2022-10-11 03:26:33 +02:00
fi
2022-07-24 14:33:27 +02:00
fi
2023-01-13 05:25:27 +01:00
if [ [ -n $version_current ] ] ; then
2023-04-02 12:18:44 +02:00
print " * Version: $version_current ( $git_hash ) "
2021-05-29 13:26:08 +02:00
fi
2023-10-04 05:54:59 +02:00
popd >/dev/null
}
2022-10-11 03:26:33 +02:00
2023-10-04 05:54:59 +02:00
version_check( ) {
if [ [ $no_version_check = = 1 ] ] ; then
warn "No version check flag detected, update check is disabled and no support will be provided."
return
fi
pushd .. >/dev/null
version_update_check
if [ [ -z $version_latest ] ] ; then
warn "Failed to check for updates. GitHub may be down or blocked by your network."
elif [ [ $git_hash_latest != " $git_hash " ] ] ; then
if [ [ -z $version_current ] ] ; then
print " * Latest version: $version_latest ( $git_hash_latest ) "
print "* Please download/pull the latest version before proceeding."
version_update
elif ( ( $( echo $version_current | cut -c 2- | sed -e 's/\.//g' ) >= $( echo $version_latest | cut -c 2- | sed -e 's/\.//g' ) ) ) ; then
warn " Current version is newer/different than remote: $version_latest ( $git_hash_latest ) "
else
print "* A newer version of Legacy iOS Kit is available."
print " * Current version: $version_current ( $git_hash ) "
print " * Latest version: $version_latest ( $git_hash_latest ) "
print "* Please download/pull the latest version before proceeding."
version_update
2022-10-11 03:26:33 +02:00
fi
fi
2023-01-13 05:25:27 +01:00
popd >/dev/null
}
2023-08-30 04:09:16 +02:00
device_entry( ) {
# enable manual entry
log "Manual device/ECID entry is enabled."
until [ [ -n $device_type ] ] ; do
read -p " $( input 'Enter device type (eg. iPad2,1): ' ) " device_type
done
2024-04-30 05:47:10 +02:00
if [ [ $device_type != "iPhone1" * && $device_type != "iPod1,1" ] ] ; then
2024-04-30 05:45:14 +02:00
until [ [ -n $device_ecid ] ] && [ " $device_ecid " -eq " $device_ecid " ] ; do
read -p " $( input 'Enter device ECID (must be decimal): ' ) " device_ecid
done
fi
2023-08-30 04:09:16 +02:00
}
2024-06-27 06:36:00 +02:00
device_get_name( ) {
device_name = $device_type
case $device_type in
"iPhone1,1" ) device_name = "iPhone 2G" ; ;
"iPhone1,2" ) device_name = "iPhone 3G" ; ;
"iPhone2,1" ) device_name = "iPhone 3GS" ; ;
"iPhone3,1" ) device_name = "iPhone 4 (GSM)" ; ;
"iPhone3,2" ) device_name = "iPhone 4 (GSM, Rev A)" ; ;
"iPhone3,3" ) device_name = "iPhone 4 (CDMA)" ; ;
"iPhone4,1" ) device_name = "iPhone 4S" ; ;
"iPhone5,1" ) device_name = "iPhone 5 (GSM)" ; ;
"iPhone5,2" ) device_name = "iPhone 5 (Global)" ; ;
"iPhone5,3" ) device_name = "iPhone 5C (GSM)" ; ;
"iPhone5,4" ) device_name = "iPhone 5C (Global)" ; ;
"iPhone6,1" ) device_name = "iPhone 5S (GSM)" ; ;
"iPhone6,2" ) device_name = "iPhone 5S (Global)" ; ;
"iPhone7,1" ) device_name = "iPhone 6 Plus" ; ;
"iPhone7,2" ) device_name = "iPhone 6" ; ;
"iPhone8,1" ) device_name = "iPhone 6S" ; ;
"iPhone8,2" ) device_name = "iPhone 6S Plus" ; ;
"iPhone8,4" ) device_name = "iPhone SE 2016" ; ;
"iPhone9,1" ) device_name = "iPhone 7 (Global)" ; ;
"iPhone9,2" ) device_name = "iPhone 7 Plus (Global)" ; ;
"iPhone9,3" ) device_name = "iPhone 7 (GSM)" ; ;
"iPhone9,4" ) device_name = "iPhone 7 Plus (GSM)" ; ;
"iPhone10,1" ) device_name = "iPhone 8 (Global)" ; ;
"iPhone10,2" ) device_name = "iPhone 8 Plus (Global)" ; ;
"iPhone10,3" ) device_name = "iPhone X (Global)" ; ;
"iPhone10,4" ) device_name = "iPhone 8 (GSM)" ; ;
"iPhone10,5" ) device_name = "iPhone 8 Plus (GSM)" ; ;
"iPhone10,6" ) device_name = "iPhone X (GSM)" ; ;
"iPhone11,2" ) device_name = "iPhone XS" ; ;
"iPhone11,4" ) device_name = "iPhone XS Max (China)" ; ;
"iPhone11,6" ) device_name = "iPhone XS Max" ; ;
"iPhone11,8" ) device_name = "iPhone XR" ; ;
"iPhone12,1" ) device_name = "iPhone 11" ; ;
"iPhone12,3" ) device_name = "iPhone 11 Pro" ; ;
"iPhone12,5" ) device_name = "iPhone 11 Pro Max" ; ;
"iPhone12,8" ) device_name = "iPhone SE 2020" ; ;
"iPhone13,1" ) device_name = "iPhone 12 mini" ; ;
"iPhone13,2" ) device_name = "iPhone 12" ; ;
"iPhone13,3" ) device_name = "iPhone 12 Pro" ; ;
"iPhone13,4" ) device_name = "iPhone 12 Pro Max" ; ;
"iPhone14,2" ) device_name = "iPhone 13 Pro" ; ;
"iPhone14,3" ) device_name = "iPhone 13 Pro Max" ; ;
"iPhone14,4" ) device_name = "iPhone 13 mini" ; ;
"iPhone14,5" ) device_name = "iPhone 13" ; ;
2024-06-27 06:47:49 +02:00
"iPhone14,6" ) device_name = "iPhone SE 2022" ; ;
2024-06-27 06:36:00 +02:00
"iPhone14,7" ) device_name = "iPhone 14" ; ;
"iPhone14,8" ) device_name = "iPhone 14 Plus" ; ;
"iPhone15,2" ) device_name = "iPhone 14 Pro" ; ;
"iPhone15,3" ) device_name = "iPhone 14 Pro Max" ; ;
"iPhone15,4" ) device_name = "iPhone 15" ; ;
"iPhone15,5" ) device_name = "iPhone 15 Plus" ; ;
"iPhone16,1" ) device_name = "iPhone 15 Pro" ; ;
"iPhone16,2" ) device_name = "iPhone 15 Pro Max" ; ;
"iPad1,1" ) device_name = "iPad 1" ; ;
2024-06-27 06:47:49 +02:00
"iPad2,1" ) device_name = "iPad 2 (Wi-Fi)" ; ;
2024-06-27 06:36:00 +02:00
"iPad2,2" ) device_name = "iPad 2 (GSM)" ; ;
"iPad2,3" ) device_name = "iPad 2 (CDMA)" ; ;
2024-06-27 06:47:49 +02:00
"iPad2,4" ) device_name = "iPad 2 (Wi-Fi, Rev A)" ; ;
"iPad2,5" ) device_name = "iPad mini 1 (Wi-Fi)" ; ;
2024-06-27 06:36:00 +02:00
"iPad2,6" ) device_name = "iPad mini 1 (GSM)" ; ;
"iPad2,7" ) device_name = "iPad mini 1 (Global)" ; ;
2024-06-27 06:47:49 +02:00
"iPad3,1" ) device_name = "iPad 3 (Wi-Fi)" ; ;
2024-06-27 06:36:00 +02:00
"iPad3,2" ) device_name = "iPad 3 (CDMA)" ; ;
"iPad3,3" ) device_name = "iPad 3 (GSM)" ; ;
2024-06-27 06:47:49 +02:00
"iPad3,4" ) device_name = "iPad 4 (Wi-Fi)" ; ;
2024-06-27 06:36:00 +02:00
"iPad3,5" ) device_name = "iPad 4 (GSM)" ; ;
"iPad3,6" ) device_name = "iPad 4 (Global)" ; ;
2024-06-27 06:47:49 +02:00
"iPad4,1" ) device_name = "iPad Air 1 (Wi-Fi)" ; ;
2024-06-27 06:36:00 +02:00
"iPad4,2" ) device_name = "iPad Air 1 (Cellular)" ; ;
"iPad4,3" ) device_name = "iPad Air 1 (China)" ; ;
2024-06-27 06:47:49 +02:00
"iPad4,4" ) device_name = "iPad mini 2 (Wi-Fi)" ; ;
2024-06-27 06:36:00 +02:00
"iPad4,5" ) device_name = "iPad mini 2 (Cellular)" ; ;
"iPad4,6" ) device_name = "iPad mini 2 (China)" ; ;
2024-06-27 06:47:49 +02:00
"iPad4,7" ) device_name = "iPad mini 3 (Wi-Fi)" ; ;
2024-06-27 06:36:00 +02:00
"iPad4,8" ) device_name = "iPad mini 3 (Cellular)" ; ;
"iPad4,9" ) device_name = "iPad mini 3 (China)" ; ;
2024-06-27 06:47:49 +02:00
"iPad5,1" ) device_name = "iPad mini 4 (Wi-Fi)" ; ;
2024-06-27 06:36:00 +02:00
"iPad5,2" ) device_name = "iPad mini 4 (Cellular)" ; ;
2024-06-27 06:47:49 +02:00
"iPad5,3" ) device_name = "iPad Air 2 (Wi-Fi)" ; ;
2024-06-27 06:36:00 +02:00
"iPad5,4" ) device_name = "iPad Air 2 (Cellular)" ; ;
2024-06-27 06:47:49 +02:00
"iPad6,3" ) device_name = "iPad Pro 9.7\" (Wi-Fi)" ; ;
2024-06-27 06:36:00 +02:00
"iPad6,4" ) device_name = "iPad Pro 9.7\" (Cellular)" ; ;
2024-06-27 06:47:49 +02:00
"iPad6,7" ) device_name = "iPad Pro 12.9\" (Wi-Fi)" ; ;
2024-06-27 06:36:00 +02:00
"iPad6,8" ) device_name = "iPad Pro 12.9\" (Cellular)" ; ;
2024-06-27 06:47:49 +02:00
"iPad6,11" ) device_name = "iPad 5 (Wi-Fi)" ; ;
2024-06-27 06:36:00 +02:00
"iPad6,12" ) device_name = "iPad 5 (Cellular)" ; ;
2024-06-27 06:47:49 +02:00
"iPad7,1" ) device_name = "iPad Pro 12.9\" (2nd gen, Wi-Fi)" ; ;
"iPad7,2" ) device_name = "iPad Pro 12.9\" (2nd gen, Cellular)" ; ;
"iPad7,3" ) device_name = "iPad Pro 10.5\" (Wi-Fi)" ; ;
2024-06-27 06:36:00 +02:00
"iPad7,4" ) device_name = "iPad Pro 10.5\" (Cellular)" ; ;
2024-06-27 06:47:49 +02:00
"iPad7,5" ) device_name = "iPad 6 (Wi-Fi)" ; ;
2024-06-27 06:36:00 +02:00
"iPad7,6" ) device_name = "iPad 6 (Cellular)" ; ;
2024-06-27 06:47:49 +02:00
"iPad7,11" ) device_name = "iPad 7 (Wi-Fi)" ; ;
2024-06-27 06:36:00 +02:00
"iPad7,12" ) device_name = "iPad 7 (Cellular)" ; ;
2024-06-27 06:47:49 +02:00
"iPad8,1" ) device_name = "iPad Pro 11\" (Wi-Fi)" ; ;
"iPad8,2" ) device_name = "iPad Pro 11\" (Wi-Fi, 6GB RAM)" ; ;
2024-06-27 06:36:00 +02:00
"iPad8,3" ) device_name = "iPad Pro 11\" (Cellular)" ; ;
"iPad8,4" ) device_name = "iPad Pro 11\" (Cellular, 6GB RAM)" ; ;
2024-06-27 06:47:49 +02:00
"iPad8,5" ) device_name = "iPad Pro 12.9\" (3rd gen, Wi-Fi)" ; ;
"iPad8,6" ) device_name = "iPad Pro 12.9\" (3rd gen, Wi-Fi, 6GB RAM)" ; ;
"iPad8,7" ) device_name = "iPad Pro 12.9\" (3rd gen, Cellular)" ; ;
"iPad8,8" ) device_name = "iPad Pro 12.9\" (3rd gen, Cellular, 6GB RAM)" ; ;
"iPad8,9" ) device_name = "iPad Pro 11\" (2nd gen, Wi-Fi)" ; ;
"iPad8,10" ) device_name = "iPad Pro 11\" (2nd gen, Cellular)" ; ;
"iPad8,11" ) device_name = "iPad Pro 12.9\" (4th gen, Wi-Fi)" ; ;
"iPad8,12" ) device_name = "iPad Pro 12.9\" (4th gen, Cellular)" ; ;
"iPad11,1" ) device_name = "iPad mini 5 (Wi-Fi)" ; ;
2024-06-27 06:36:00 +02:00
"iPad11,2" ) device_name = "iPad mini 5 (Cellular)" ; ;
2024-06-27 06:47:49 +02:00
"iPad11,3" ) device_name = "iPad Air 3 (Wi-Fi)" ; ;
2024-06-27 06:36:00 +02:00
"iPad11,4" ) device_name = "iPad Air 3 (Cellular)" ; ;
2024-06-27 06:47:49 +02:00
"iPad11,6" ) device_name = "iPad 8 (Wi-Fi)" ; ;
2024-06-27 06:36:00 +02:00
"iPad11,7" ) device_name = "iPad 8 (Cellular)" ; ;
2024-06-27 06:47:49 +02:00
"iPad12,1" ) device_name = "iPad 9 (Wi-Fi)" ; ;
2024-06-27 06:36:00 +02:00
"iPad12,2" ) device_name = "iPad 9 (Cellular)" ; ;
2024-06-27 06:47:49 +02:00
"iPad13,1" ) device_name = "iPad Air 4 (Wi-Fi)" ; ;
2024-06-27 06:36:00 +02:00
"iPad13,2" ) device_name = "iPad Air 4 (Cellular)" ; ;
2024-06-27 06:47:49 +02:00
"iPad13,4" ) device_name = "iPad Pro 11\" (3rd gen, Wi-Fi)" ; ;
"iPad13,5" ) device_name = "iPad Pro 11\" (3rd gen, Wi-Fi, 16GB RAM)" ; ;
"iPad13,6" ) device_name = "iPad Pro 11\" (3rd gen, Cellular)" ; ;
"iPad13,7" ) device_name = "iPad Pro 11\" (3rd gen, Cellular, 16GB RAM)" ; ;
"iPad13,8" ) device_name = "iPad Pro 12.9\" (5th gen, Wi-Fi)" ; ;
"iPad13,9" ) device_name = "iPad Pro 12.9\" (5th gen, Wi-Fi, 16GB RAM)" ; ;
"iPad13,10" ) device_name = "iPad Pro 12.9\" (5th gen, Cellular)" ; ;
"iPad13,11" ) device_name = "iPad Pro 12.9\" (5th gen, Cellular, 16GB RAM)" ; ;
"iPad13,16" ) device_name = "iPad Air 5 (Wi-Fi)" ; ;
2024-06-27 06:36:00 +02:00
"iPad13,17" ) device_name = "iPad Air 5 (Cellular)" ; ;
2024-06-27 06:47:49 +02:00
"iPad13,18" ) device_name = "iPad 10 (Wi-Fi)" ; ;
2024-06-27 06:36:00 +02:00
"iPad13,19" ) device_name = "iPad 10 (Cellular)" ; ;
2024-06-27 06:47:49 +02:00
"iPad14,1" ) device_name = "iPad mini 6 (Wi-Fi)" ; ;
2024-06-27 06:36:00 +02:00
"iPad14,2" ) device_name = "iPad mini 6 (Cellular)" ; ;
2024-06-27 06:47:49 +02:00
"iPad14,3" ) device_name = "iPad Pro 11\" (4th gen, Wi-Fi)" ; ;
"iPad14,4" ) device_name = "iPad Pro 11\" (4th gen, Cellular)" ; ;
"iPad14,5" ) device_name = "iPad Pro 12.9\" (6th gen, Wi-Fi)" ; ;
"iPad14,6" ) device_name = "iPad Pro 12.9\" (6th gen, Cellular)" ; ;
"iPad14,8" ) device_name = "iPad Air 11\" (M2, Wi-Fi)" ; ;
"iPad14,9" ) device_name = "iPad Air 11\" (M2, Cellular)" ; ;
"iPad14,10" ) device_name = "iPad Air 13\" (M2, Wi-Fi)" ; ;
"iPad14,11" ) device_name = "iPad Air 13\" (M2, Cellular)" ; ;
"iPad16,3" ) device_name = "iPad Pro 11\" (M2, Wi-Fi)" ; ;
"iPad16,4" ) device_name = "iPad Pro 11\" (M2, Cellular)" ; ;
"iPad16,5" ) device_name = "iPad Pro 12.9\" (M4, Wi-Fi)" ; ;
"iPad16,6" ) device_name = "iPad Pro 12.9\" (M4, Cellular)" ; ;
2024-06-27 06:36:00 +02:00
"iPod1,1" ) device_name = "iPod touch" ; ;
"iPod2,1" ) device_name = "iPod touch 2" ; ;
"iPod3,1" ) device_name = "iPod touch 3" ; ;
"iPod4,1" ) device_name = "iPod touch 4" ; ;
"iPod5,1" ) device_name = "iPod touch 5" ; ;
"iPod7,1" ) device_name = "iPod touch 6" ; ;
"iPod9,1" ) device_name = "iPod touch 7" ; ;
esac
}
2023-08-30 04:09:16 +02:00
device_manufacturing( ) {
if [ [ $device_type != "iPhone2,1" && $device_type != "iPod2,1" ] ] || [ [ $device_argmode = = "none" ] ] ; then
return
fi
if [ [ $device_type = = "iPhone2,1" && $device_mode != "DFU" ] ] ; then
2024-02-09 01:48:51 +01:00
local week = $( echo " $device_serial " | cut -c 2-)
local year = $( echo " $device_serial " | cut -c 1)
case $year in
9 ) year = "2009" ; ;
0 ) year = "2010" ; ;
1 ) year = "2011" ; ;
2 ) year = "2012" ; ;
esac
if [ [ $year != "2009" ] ] || ( ( week >= 46 ) ) ; then
2023-08-30 04:09:16 +02:00
device_newbr = 1
2024-02-09 01:48:51 +01:00
elif [ [ $year = = "2009" ] ] && ( ( week >= 40 ) ) ; then
2023-08-30 04:09:16 +02:00
device_newbr = 2 # gray area
else
device_newbr = 0
fi
2024-01-16 03:32:23 +01:00
elif [ [ $device_type = = "iPod2,1" && $device_mode = = "Recovery" ] ] ; then
2023-08-30 04:09:16 +02:00
device_newbr = 2
return
fi
2024-02-09 01:48:51 +01:00
case $device_newbr in
0 ) print " * This $device_type is an old bootrom model " ; ;
1 ) print " * This $device_type is a new bootrom model " ; ;
2 ) print " * This $device_type bootrom model cannot be determined. Enter DFU mode to get bootrom model " ; ;
esac
2023-09-04 17:06:58 +02:00
if [ [ $device_type = = "iPhone2,1" && $device_mode = = "DFU" ] ] ; then
print "* Cannot check for manufacturing date in DFU mode"
2024-02-09 01:48:51 +01:00
elif [ [ $device_type = = "iPhone2,1" ] ] ; then
2023-08-30 04:09:16 +02:00
print " * Manufactured in Week $week $year "
fi
}
2023-12-26 03:20:20 +01:00
device_s5l8900xall( ) {
local wtf_sha = "cb96954185a91712c47f20adb519db45a318c30f"
local wtf_saved = "../saved/WTF.s5l8900xall.RELEASE.dfu"
local wtf_patched = " $wtf_saved .patched "
2024-01-02 04:46:15 +01:00
local wtf_patch = "../resources/patch/WTF.s5l8900xall.RELEASE.patch"
2023-12-27 10:53:04 +01:00
local wtf_sha_local = " $( $sha1sum " $wtf_saved " 2>/dev/null | awk '{print $1}' ) "
2024-03-28 15:29:11 +01:00
mkdir ../saved 2>/dev/null
2023-12-27 10:53:04 +01:00
if [ [ $wtf_sha_local != " $wtf_sha " ] ] ; then
2023-12-26 03:20:20 +01:00
log "Downloading WTF.s5l8900xall"
" $dir /pzb " -g "Firmware/dfu/WTF.s5l8900xall.RELEASE.dfu" -o WTF.s5l8900xall.RELEASE.dfu "http://appldnld.apple.com/iPhone/061-7481.20100202.4orot/iPhone1,1_3.1.3_7E18_Restore.ipsw"
2024-03-23 08:29:06 +01:00
rm -f " $wtf_saved "
2023-12-26 03:20:20 +01:00
mv WTF.s5l8900xall.RELEASE.dfu $wtf_saved
fi
2023-12-27 10:53:04 +01:00
wtf_sha_local = " $( $sha1sum " $wtf_saved " | awk '{print $1}' ) "
if [ [ $wtf_sha_local != " $wtf_sha " ] ] ; then
error " SHA1sum mismatch. Expected $wtf_sha , got $wtf_sha_local . Please run the script again "
2023-12-26 03:20:20 +01:00
fi
2024-03-23 08:29:06 +01:00
rm -f " $wtf_patched "
2023-12-26 03:20:20 +01:00
log "Patching WTF.s5l8900xall"
$bspatch $wtf_saved $wtf_patched $wtf_patch
2024-03-23 08:29:06 +01:00
log "Sending patched WTF.s5l8900xall (Pwnage)"
2023-12-26 03:20:20 +01:00
$irecovery -f " $wtf_patched "
device_find_mode DFUreal
sleep 1
}
2023-01-13 05:25:27 +01:00
device_get_info( ) {
: '
usage: device_get_info ( no arguments)
sets the variables: device_mode, device_type, device_ecid, device_vers, device_udid, device_model, device_fw_dir,
device_use_vers, device_use_build, device_use_bb, device_use_bb_sha1, device_latest_vers, device_latest_build,
device_latest_bb, device_latest_bb_sha1, device_proc
'
2023-08-09 19:52:12 +02:00
if [ [ $device_argmode = = "none" ] ] ; then
2023-01-13 05:25:27 +01:00
log "No device mode is enabled."
device_mode = "none"
device_vers = "Unknown"
2023-08-09 19:52:12 +02:00
else
log "Finding device in Normal mode..."
2024-03-06 03:39:52 +01:00
if [ [ $platform = = "linux" ] ] ; then
print "* If it gets stuck here, try to restart your PC"
fi
2023-01-13 05:25:27 +01:00
fi
2023-01-16 10:31:31 +01:00
$ideviceinfo -s >/dev/null
if [ [ $? = = 0 ] ] ; then
2023-01-13 05:25:27 +01:00
device_mode = "Normal"
2023-06-15 08:21:05 +02:00
else
$ideviceinfo >/dev/null
if [ [ $? = = 0 ] ] ; then
device_mode = "Normal"
fi
2023-01-13 05:25:27 +01:00
fi
if [ [ -z $device_mode ] ] ; then
2023-08-09 19:52:12 +02:00
log "Finding device in Recovery/DFU mode..."
2023-07-18 05:56:33 +02:00
device_mode = " $( $irecovery -q | grep -w "MODE" | cut -c 7-) "
2023-01-13 05:25:27 +01:00
fi
2024-05-07 06:56:14 +02:00
if [ [ $device_mode = = "Recovery" && $device_pwnrec = = 1 ] ] ; then
device_mode = "DFU"
fi
2023-01-13 05:25:27 +01:00
if [ [ -z $device_mode ] ] ; then
2023-05-19 10:17:38 +02:00
local error_msg = $'* Make sure to trust this computer by selecting "Trust" at the pop-up.'
[ [ $platform = = "macos" ] ] && error_msg += $'\n* Make sure to have the initial setup dependencies installed before retrying.'
2023-01-13 05:25:27 +01:00
[ [ $platform != "linux" ] ] && error_msg += $'\n* Double-check if the device is being detected by iTunes/Finder.'
2023-04-02 12:18:44 +02:00
error_msg += $'\n* For more details, read the "Troubleshooting" wiki page in GitHub.\n* Troubleshooting link: https://github.com/LukeZGD/Legacy-iOS-Kit/wiki/Troubleshooting'
2023-01-13 05:25:27 +01:00
error "No device found! Please connect the iOS device to proceed." " $error_msg "
fi
2023-08-09 19:52:12 +02:00
log "Getting device info..."
2023-12-26 03:20:20 +01:00
if [ [ $device_mode = = "WTF" ] ] ; then
2023-12-30 15:10:04 +01:00
device_proc = 1
2023-12-27 04:05:20 +01:00
device_wtfexit = 1
2023-12-30 15:10:04 +01:00
device_s5l8900xall
2023-12-26 03:20:20 +01:00
fi
2023-01-13 05:25:27 +01:00
case $device_mode in
2023-12-26 03:20:20 +01:00
"DFU" | "Recovery" )
2023-08-30 04:09:16 +02:00
if [ [ -n $device_argmode ] ] ; then
device_entry
else
2024-05-16 13:53:26 +02:00
device_type = $( $irecovery -q | grep "PRODUCT" | cut -c 10-)
2023-08-30 15:27:36 +02:00
device_ecid = $( printf "%d" $( $irecovery -q | grep "ECID" | cut -c 7-) ) # converts hex ecid to dec
2023-08-30 04:09:16 +02:00
fi
2024-05-02 04:53:02 +02:00
if [ [ $device_type = = "iPhone1,1" && -z $device_argmode ] ] ; then
2024-05-03 03:57:04 +02:00
print "* Device Type Option"
2024-05-02 04:53:02 +02:00
print "* Select Y if the device is an iPhone 2G, or N if it is an iPod touch 1"
read -p " $( input 'Is this device an iPhone 2G? (Y/n): ' ) " opt
if [ [ $opt = = 'n' || $opt = = 'N' ] ] ; then
device_type = "iPod1,1"
fi
fi
2023-08-05 17:00:27 +02:00
device_model = $( $irecovery -q | grep "MODEL" | cut -c 8-)
2023-10-30 18:36:38 +01:00
device_vers = $( echo "/exit" | $irecovery -s | grep -a "iBoot-" )
2023-02-08 04:46:52 +01:00
[ [ -z $device_vers ] ] && device_vers = "Unknown"
2023-08-30 04:09:16 +02:00
device_serial = " $( $irecovery -q | grep "SRNM" | cut -c 7- | cut -c 3- | cut -c -3) "
device_manufacturing
2024-01-16 03:32:23 +01:00
if [ [ $device_type = = "iPod2,1" && $device_newbr != 2 ] ] ; then
2023-06-16 05:27:18 +02:00
device_newbr = " $( $irecovery -q | grep -c '240.5.1' ) "
2023-06-20 17:52:23 +02:00
elif [ [ $device_type = = "iPhone2,1" ] ] ; then
device_newbr = " $( $irecovery -q | grep -c '359.3.2' ) "
2023-06-16 05:27:18 +02:00
fi
2024-01-18 09:18:44 +01:00
device_pwnd = " $( $irecovery -q | grep "PWND" | cut -c 7-) "
2023-04-02 12:18:44 +02:00
; ;
2023-01-13 05:25:27 +01:00
"Normal" )
2023-08-30 04:09:16 +02:00
if [ [ -n $device_argmode ] ] ; then
device_entry
else
device_type = $( $ideviceinfo -s -k ProductType)
[ [ -z $device_type ] ] && device_type = $( $ideviceinfo -k ProductType)
device_ecid = $( $ideviceinfo -s -k UniqueChipID)
fi
2023-08-05 17:00:27 +02:00
device_model = $( $ideviceinfo -s -k HardwareModel)
2023-01-13 05:25:27 +01:00
device_vers = $( $ideviceinfo -s -k ProductVersion)
2024-05-23 18:20:58 +02:00
device_det = $( echo " $device_vers " | cut -c 1)
2023-09-23 13:17:11 +02:00
device_build = $( $ideviceinfo -s -k BuildVersion)
2023-01-13 05:25:27 +01:00
device_udid = $( $ideviceinfo -s -k UniqueDeviceID)
2023-06-16 15:51:35 +02:00
[ [ -z $device_udid ] ] && device_udid = $( $ideviceinfo -k UniqueDeviceID)
2023-06-16 05:27:18 +02:00
if [ [ $device_type = = "iPod2,1" ] ] ; then
device_newbr = " $( $ideviceinfo -k ModelNumber | grep -c 'C' ) "
2023-06-20 17:52:23 +02:00
elif [ [ $device_type = = "iPhone2,1" ] ] ; then
2023-07-06 10:34:00 +02:00
device_serial = " $( $ideviceinfo -k SerialNumber | cut -c 3- | cut -c -3) "
2023-06-16 05:27:18 +02:00
fi
2023-04-02 12:18:44 +02:00
; ;
2023-01-13 05:25:27 +01:00
esac
2023-08-19 11:15:20 +02:00
2023-08-30 04:13:11 +02:00
if [ [ $device_argmode = = "none" ] ] ; then
device_entry
fi
2023-08-05 17:00:27 +02:00
device_model = " $( echo $device_model | tr '[:upper:]' '[:lower:]' ) "
device_model = " ${ device_model %?? } " # remove "ap" from the end
2023-08-19 11:15:20 +02:00
if [ [ -z $device_type && -n $device_model ] ] ; then
case $device_model in
k48 ) device_type = "iPad1,1" ; ;
k93 ) device_type = "iPad2,1" ; ;
k94 ) device_type = "iPad2,2" ; ;
k95 ) device_type = "iPad2,3" ; ;
k93a ) device_type = "iPad2,4" ; ;
p105 ) device_type = "iPad2,5" ; ;
p106 ) device_type = "iPad2,6" ; ;
p107 ) device_type = "iPad2,7" ; ;
j1 ) device_type = "iPad3,1" ; ;
j2 ) device_type = "iPad3,2" ; ;
j2a ) device_type = "iPad3,3" ; ;
p101 ) device_type = "iPad3,4" ; ;
p102 ) device_type = "iPad3,5" ; ;
p103 ) device_type = "iPad3,6" ; ;
j71 ) device_type = "iPad4,1" ; ;
j72 ) device_type = "iPad4,2" ; ;
j73 ) device_type = "iPad4,3" ; ;
j85 ) device_type = "iPad4,4" ; ;
j86 ) device_type = "iPad4,5" ; ;
j87 ) device_type = "iPad4,6" ; ;
j85m ) device_type = "iPad4,7" ; ;
j86m ) device_type = "iPad4,8" ; ;
j87m ) device_type = "iPad4,9" ; ;
j96 ) device_type = "iPad5,1" ; ;
j97 ) device_type = "iPad5,2" ; ;
j81 ) device_type = "iPad5,3" ; ;
j82 ) device_type = "iPad5,4" ; ;
m68 ) device_type = "iPhone1,1" ; ;
n82 ) device_type = "iPhone1,2" ; ;
n88 ) device_type = "iPhone2,1" ; ;
n90 ) device_type = "iPhone3,1" ; ;
n90b ) device_type = "iPhone3,2" ; ;
n92 ) device_type = "iPhone3,3" ; ;
n94 ) device_type = "iPhone4,1" ; ;
n41 ) device_type = "iPhone5,1" ; ;
n42 ) device_type = "iPhone5,2" ; ;
n48 ) device_type = "iPhone5,3" ; ;
n49 ) device_type = "iPhone5,4" ; ;
n51 ) device_type = "iPhone6,1" ; ;
n53 ) device_type = "iPhone6,2" ; ;
n56 ) device_type = "iPhone7,1" ; ;
n61 ) device_type = "iPhone7,2" ; ;
n71 ) device_type = "iPhone8,1" ; ;
n71m ) device_type = "iPhone8,1" ; ;
2023-12-27 10:53:04 +01:00
n66 ) device_type = "iPhone8,2" ; ;
2023-08-19 11:15:20 +02:00
n66m ) device_type = "iPhone8,2" ; ;
2023-12-27 10:53:04 +01:00
n69 ) device_type = "iPhone8,4" ; ;
2023-08-19 11:15:20 +02:00
n69u ) device_type = "iPhone8,4" ; ;
d10 ) device_type = "iPhone9,1" ; ;
d11 ) device_type = "iPhone9,2" ; ;
d101 ) device_type = "iPhone9,3" ; ;
d111 ) device_type = "iPhone9,4" ; ;
n45 ) device_type = "iPod1,1" ; ;
n72 ) device_type = "iPod2,1" ; ;
n18 ) device_type = "iPod3,1" ; ;
n81 ) device_type = "iPod4,1" ; ;
n78 ) device_type = "iPod5,1" ; ;
n102 ) device_type = "iPod7,1" ; ;
2023-12-27 10:53:04 +01:00
n112 ) device_type = "iPod9,1" ; ;
2023-08-19 11:15:20 +02:00
esac
fi
2023-01-13 05:25:27 +01:00
device_fw_dir = " ../resources/firmware/ $device_type "
2023-08-05 17:00:27 +02:00
if [ [ -s $device_fw_dir /hwmodel ] ] ; then
device_model = " $( cat $device_fw_dir /hwmodel) "
2023-01-13 05:25:27 +01:00
fi
2024-03-23 08:29:06 +01:00
all_flash = " Firmware/all_flash/all_flash. ${ device_model } ap.production "
2023-01-13 05:25:27 +01:00
device_use_bb = 0
2023-01-21 04:36:29 +01:00
device_latest_bb = 0
2023-01-13 05:25:27 +01:00
# set device_proc (what processor the device has)
case $device_type in
2023-09-01 15:26:45 +02:00
iPhone1,[ 12] | iPod1,1 )
device_proc = 1; ; # S5L8900
2023-09-03 14:12:16 +02:00
iPhone3,[ 123] | iPhone2,1 | iPad1,1 | iPod[ 234] ,1 )
2024-05-02 04:53:02 +02:00
device_proc = 4; ; # A4/S5L8720/8920/8922
2023-01-13 05:25:27 +01:00
iPad2,[ 1234567] | iPad3,[ 123] | iPhone4,1 | iPod5,1 )
2023-04-02 12:18:44 +02:00
device_proc = 5; ; # A5
2023-01-13 05:25:27 +01:00
iPad3,[ 456] | iPhone5,[ 1234] )
2023-04-02 12:18:44 +02:00
device_proc = 6; ; # A6
2023-01-13 05:25:27 +01:00
iPad4,[ 123456789] | iPhone6,[ 12] )
2023-04-02 12:18:44 +02:00
device_proc = 7; ; # A7
2023-12-26 10:29:08 +01:00
iPhone7,[ 12] | iPad5,[ 1234] | iPod7,1 )
2023-04-02 12:18:44 +02:00
device_proc = 8; ; # A8
2023-12-26 10:29:08 +01:00
iPhone8,[ 124] )
device_proc = 9; ; # A9
2024-04-09 15:29:28 +02:00
iPhone9,[ 1234] | iPhone10* | iPad6* | iPod9,1 )
2024-05-02 04:53:02 +02:00
device_proc = 10; ; # A10 (or A9 iPad/A11 device)
2024-01-29 08:16:30 +01:00
iPhone* | iPad* )
device_proc = 11; ; # Newer devices
2023-01-13 05:25:27 +01:00
esac
2024-06-27 06:36:00 +02:00
device_get_name
2024-01-29 08:16:30 +01:00
if ( ( device_proc > 10 ) ) ; then
2024-06-27 06:36:00 +02:00
print " * Device: $device_name ( ${ device_type } , ${ device_model } ap) in $device_mode mode "
2023-08-05 17:00:27 +02:00
print " * iOS Version: $device_vers "
print " * ECID: $device_ecid "
echo
2024-01-29 08:16:30 +01:00
warn "This device is not supported by Legacy iOS Kit."
print "* You may still continue but features will be very limited."
pause
elif [ [ -z $device_proc ] ] ; then
error " Unrecognized device $device_type . Enter the device type properly. "
2023-08-05 17:00:27 +02:00
fi
2023-09-02 06:56:49 +02:00
2023-12-26 03:20:20 +01:00
if [ [ $device_mode = = "DFU" && $device_proc = = 1 && $device_wtfexit != 1 ] ] ; then
log "Found an S5L8900 device in DFU mode. Please re-enter WTF mode for good measure."
2023-09-02 06:56:49 +02:00
print "* Force restart your device and place it in normal or recovery mode, then run the script again."
2023-12-26 03:20:20 +01:00
exit
2023-09-02 06:56:49 +02:00
fi
2023-01-13 05:25:27 +01:00
# set device_use_vers, device_use_build (where to get the baseband and manifest from for ota/other)
# for a7/a8 other restores 11.3+, device_latest_vers and device_latest_build are used
case $device_type in
2023-08-19 11:15:20 +02:00
iPhone1,1 | iPod1,1 )
device_use_vers = "3.1.3"
2023-09-01 15:26:45 +02:00
device_use_build = "7E18"
2023-08-19 11:15:20 +02:00
; ;
iPhone1,2 | iPod2,1 )
2023-06-15 08:21:05 +02:00
device_use_vers = "4.2.1"
device_use_build = "8C148"
; ;
2023-05-27 08:33:27 +02:00
iPad1,1 | iPod3,1 )
device_use_vers = "5.1.1"
device_use_build = "9B206"
; ;
iPhone2,1 | iPod4,1 )
device_use_vers = "6.1.6"
device_use_build = "10B500"
; ;
2023-01-13 05:25:27 +01:00
iPhone3,[ 123] )
device_use_vers = "7.1.2"
device_use_build = "11D257"
2023-04-02 12:18:44 +02:00
; ;
2023-01-13 05:25:27 +01:00
iPad2,[ 1245] | iPad3,1 | iPod5,1 )
device_use_vers = "9.3.5"
device_use_build = "13G36"
2023-04-02 12:18:44 +02:00
; ;
2023-03-18 03:44:15 +01:00
iPad2,[ 367] | iPad3,[ 23] | iPhone4,1 )
2023-01-13 05:25:27 +01:00
device_use_vers = "9.3.6"
device_use_build = "13G37"
2023-04-02 12:18:44 +02:00
; ;
2023-03-18 03:44:15 +01:00
iPad3,[ 56] | iPhone5,[ 12] )
2023-01-13 05:25:27 +01:00
device_use_vers = "10.3.4"
device_use_build = "14G61"
2023-04-02 12:18:44 +02:00
; ;
2023-03-18 03:44:15 +01:00
iPad3,4 | iPad4,[ 12345] | iPhone5,[ 34] | iPhone6,[ 12] )
2023-01-13 05:25:27 +01:00
device_use_vers = "10.3.3"
device_use_build = "14G60"
2023-06-19 05:47:18 +02:00
; ;
esac
2024-02-10 09:08:05 +01:00
local latestver
2023-06-19 05:47:18 +02:00
case $device_type in
2023-01-13 05:25:27 +01:00
iPad4,[ 123456789] | iPhone6,[ 12] | iPhone7,[ 12] | iPod7,1 )
2023-01-24 03:23:17 +01:00
device_latest_vers = "12.5.7"
device_latest_build = "16H81"
2023-04-02 12:18:44 +02:00
; ;
2024-04-09 14:18:14 +02:00
iPad[ 56] * | iPhone[ 89] * | iPhone10* | iPod9,1 )
2024-02-10 09:08:05 +01:00
log " Getting latest iOS version for $device_type "
latestver = " $( curl " https://api.ipsw.me/v4/device/ $device_type ?type=ipsw " | $jq -j ".firmwares[0]" ) "
device_latest_vers = " $( echo " $latestver " | $jq -j ".version" ) "
device_latest_build = " $( echo " $latestver " | $jq -j ".buildid" ) "
2023-08-05 17:00:27 +02:00
; ;
2023-01-13 05:25:27 +01:00
esac
# set device_use_bb, device_use_bb_sha1 (what baseband to use for ota/other)
2023-05-19 10:17:38 +02:00
# for a7/a8 other restores 11.3+, device_latest_bb and device_latest_bb_sha1 are used instead
2023-01-13 05:25:27 +01:00
case $device_type in
iPhone4,1 ) # MDM6610
device_use_bb = "Trek-6.7.00.Release.bbfw"
device_use_bb_sha1 = "22a35425a3cdf8fa1458b5116cfb199448eecf49"
2023-04-02 12:18:44 +02:00
; ;
2024-02-09 17:35:04 +01:00
iPad2,[ 67] ) # MDM9615 9.3.6 (32bit)
device_use_bb = "Mav5-11.80.00.Release.bbfw"
device_use_bb_sha1 = "aa52cf75b82fc686f94772e216008345b6a2a750"
; ;
iPhone5,[ 12] | iPad3,[ 56] ) # MDM9615 10.3.4 (32bit)
2023-01-13 05:25:27 +01:00
device_use_bb = "Mav5-11.80.00.Release.bbfw"
device_use_bb_sha1 = "8951cf09f16029c5c0533e951eb4c06609d0ba7f"
2023-04-02 12:18:44 +02:00
; ;
2023-01-13 05:25:27 +01:00
iPad4,[ 235] | iPhone5,[ 34] | iPhone6,[ 12] ) # MDM9615 10.3.3 (5C, 5S, air, mini2)
device_use_bb = "Mav7Mav8-7.60.00.Release.bbfw"
device_use_bb_sha1 = "f397724367f6bed459cf8f3d523553c13e8ae12c"
2023-06-19 05:47:18 +02:00
; ;
esac
case $device_type in
2024-01-23 02:19:07 +01:00
iPad4,[ 235689] | iPhone6,[ 12] ) # MDM9615 12.4-latest
2023-01-13 05:25:27 +01:00
device_latest_bb = "Mav7Mav8-10.80.02.Release.bbfw"
device_latest_bb_sha1 = "f5db17f72a78d807a791138cd5ca87d2f5e859f0"
2023-04-02 12:18:44 +02:00
; ;
2023-01-13 05:25:27 +01:00
esac
2023-04-02 12:18:44 +02:00
# disable baseband update if var is set to 1 (manually disabled w/ --disable-bbupdate arg)
if [ [ $device_disable_bbupdate = = 1 ] ] ; then
2023-06-26 11:35:06 +02:00
device_disable_bbupdate = " $device_type "
2023-04-02 12:18:44 +02:00
fi
2023-02-13 11:49:22 +01:00
# if latest vers is not set, copy use vers to latest
2023-01-13 05:25:27 +01:00
if [ [ -z $device_latest_vers || -z $device_latest_build ] ] ; then
device_latest_vers = $device_use_vers
device_latest_build = $device_use_build
device_latest_bb = $device_use_bb
device_latest_bb_sha1 = $device_use_bb_sha1
fi
}
device_find_mode( ) {
2023-02-04 07:43:34 +01:00
# usage: device_find_mode {DFU,Recovery,Restore} {Timeout (default: 24 for linux, 4 for other)}
2023-01-13 05:25:27 +01:00
# finds device in given mode, and sets the device_mode variable
local usb
2023-02-04 07:43:34 +01:00
local timeout = 4
2023-01-13 05:25:27 +01:00
local i = 0
local device_in
2023-09-01 15:26:45 +02:00
local mode = " $1 "
2023-12-30 15:10:04 +01:00
local wtfreal
2023-01-13 05:25:27 +01:00
2023-09-02 06:56:49 +02:00
if [ [ $mode = = "Restore" ] ] ; then
:
elif [ [ $mode = = "Recovery" ] ] ; then
2023-09-01 15:26:45 +02:00
usb = 1281
elif [ [ $device_proc = = 1 ] ] ; then
usb = 1222
2023-12-26 03:20:20 +01:00
if [ [ $mode = = "DFUreal" ] ] ; then
mode = "DFU"
usb = 1227
2023-12-30 15:10:04 +01:00
elif [ [ $mode = = "WTFreal" ] ] ; then
mode = "WTF"
wtfreal = 1
2023-12-26 03:20:20 +01:00
elif [ [ $mode = = "DFU" ] ] ; then
2023-09-01 15:26:45 +02:00
mode = "WTF"
fi
else
usb = 1227
fi
2023-01-13 05:25:27 +01:00
if [ [ -n $2 ] ] ; then
timeout = $2
2023-10-22 03:30:02 +02:00
elif [ [ $platform = = "linux" ] ] ; then
2023-02-04 07:43:34 +01:00
timeout = 24
2023-01-13 05:25:27 +01:00
fi
2022-05-28 12:21:26 +02:00
2023-09-01 15:26:45 +02:00
log " Finding device in $mode mode... "
2023-01-13 05:25:27 +01:00
while ( ( i < timeout ) ) ; do
2023-09-02 06:56:49 +02:00
if [ [ $mode = = "Restore" ] ] ; then
2023-09-03 14:12:16 +02:00
device_find_all
if [ [ $? = = 4 ] ] ; then
2023-09-02 06:56:49 +02:00
device_in = 1
fi
elif [ [ $platform = = "linux" ] ] ; then
2023-01-13 05:25:27 +01:00
device_in = $( lsusb | grep -c " 05ac: $usb " )
2023-09-01 15:26:45 +02:00
elif [ [ $( $irecovery -q 2>/dev/null | grep -w "MODE" | cut -c 7-) = = " $mode " ] ] ; then
2023-01-13 05:25:27 +01:00
device_in = 1
2022-05-28 12:56:10 +02:00
fi
2023-01-13 05:25:27 +01:00
if [ [ $device_in = = 1 ] ] ; then
2023-09-01 15:26:45 +02:00
log " Found device in $mode mode. "
device_mode = " $mode "
2023-01-13 05:25:27 +01:00
break
2021-10-21 13:42:50 +02:00
fi
2023-01-13 05:25:27 +01:00
sleep 1
( ( i++) )
done
2022-05-28 12:21:26 +02:00
2023-01-13 05:25:27 +01:00
if [ [ $device_in != 1 ] ] ; then
2023-10-22 03:30:02 +02:00
if [ [ $timeout != 1 && $timeout != 25 ] ] ; then
2023-09-01 15:26:45 +02:00
error " Failed to find device in $mode mode (Timed out). Please run the script again. "
2023-01-13 05:25:27 +01:00
fi
return 1
2023-12-30 15:10:04 +01:00
elif [ [ $mode = = "WTF" && $wtfreal != 1 ] ] ; then
2023-12-26 03:20:20 +01:00
device_s5l8900xall
2021-10-21 13:42:50 +02:00
fi
2023-01-13 05:25:27 +01:00
}
2021-10-21 13:42:50 +02:00
2023-03-04 11:35:14 +01:00
device_sshpass( ) {
# ask for device password and use sshpass for scp and ssh
local pass = $1
if [ [ -z $pass ] ] ; then
read -s -p " $( input 'Enter the root password of your iOS device: ' ) " pass
echo
fi
if [ [ -z $pass ] ] ; then
pass = "alpine"
fi
2023-05-19 10:17:38 +02:00
scp = " $dir /sshpass -p $pass $scp2 "
ssh = " $dir /sshpass -p $pass $ssh2 "
2023-03-04 11:35:14 +01:00
}
2024-01-19 18:11:26 +01:00
device_iproxy( ) {
2024-02-15 06:18:49 +01:00
local port = 22
2024-01-19 18:11:26 +01:00
log "Running iproxy for SSH..."
2024-02-15 06:18:49 +01:00
if [ [ -n $1 ] ] ; then
port = $1
fi
$iproxy $ssh_port $port >/dev/null &
2024-01-19 18:11:26 +01:00
iproxy_pid = $!
sleep 1
}
2023-09-03 14:12:16 +02:00
device_find_all( ) {
# find device stuff from palera1n legacy
local opt
2023-12-26 03:20:20 +01:00
if [ [ $1 = = "norec" ] ] ; then
return
fi
2023-09-03 14:12:16 +02:00
if [ [ $platform = = "macos" ] ] ; then
opt = " $( system_profiler SPUSBDataType 2> /dev/null | grep -B1 'Vendor ID: 0x05ac' | grep 'Product ID:' | cut -dx -f2 | cut -d' ' -f1 | tail -r) "
elif [ [ $platform = = "linux" ] ] ; then
opt = " $( lsusb | cut -d' ' -f6 | grep '05ac:' | cut -d: -f2) "
fi
case $opt in
1227 ) return 1; ; # dfu
1281 ) return 2; ; # recovery
1222 ) return 3; ; # wtf
2024-06-16 06:03:55 +02:00
12[ 9a] [ 0123456789abcdef] ) return 4; ; # normal
2023-09-03 14:12:16 +02:00
esac
}
2024-06-13 07:54:56 +02:00
device_dfuhelper2( ) {
local top = "SIDE"
if [ [ $device_type = = "iPad" * ] ] ; then
top = "TOP"
fi
echo
print "* Press the VOL UP button."
sleep 1
print "* Press the VOL DOWN button."
sleep 1
print " * Press and hold the $top button. "
for i in { 10..01} ; do
echo -n " $i "
sleep 1
done
echo -e " \n $( print " * Press and hold VOL DOWN and $top buttons. " ) "
for i in { 05..01} ; do
echo -n " $i "
sleep 1
done
echo -e " \n $( print " * Release $top button and keep holding VOL DOWN button. " ) "
for i in { 08..01} ; do
echo -n " $i "
device_find_all $1
opt = $?
if [ [ $opt = = 1 ] ] ; then
echo -e " \n $( log 'Found device in DFU mode.' ) "
device_mode = "DFU"
return
fi
sleep 1
done
echo
device_find_mode DFU
}
2023-09-02 06:56:49 +02:00
device_dfuhelper( ) {
2023-09-03 14:12:16 +02:00
local opt
local rec = "recovery mode "
if [ [ $1 = = "norec" ] ] ; then
rec =
fi
2023-09-02 06:56:49 +02:00
print "* Get ready to enter DFU mode."
2023-09-03 14:12:16 +02:00
print "* If you already know how to enter DFU mode, you may do so right now before continuing."
read -p " $( input " Select Y to continue, N to exit $rec (Y/n) " ) " opt
2023-09-02 06:56:49 +02:00
if [ [ $opt = = 'N' || $opt = = 'n' ] ] ; then
2023-09-03 14:12:16 +02:00
if [ [ -z $1 ] ] ; then
log "Exiting recovery mode."
$irecovery -n
fi
2023-09-02 06:56:49 +02:00
exit
fi
2023-12-26 03:20:20 +01:00
device_find_all $1
2023-09-03 14:12:16 +02:00
opt = $?
if [ [ $opt = = 1 ] ] ; then
log "Found device in DFU mode."
2023-09-03 15:12:34 +02:00
device_mode = "DFU"
2023-09-03 14:12:16 +02:00
return
fi
2023-09-02 06:56:49 +02:00
print "* Get ready..."
2023-09-03 14:12:16 +02:00
for i in { 02..01} ; do
2023-09-02 06:56:49 +02:00
echo -n " $i "
sleep 1
done
2024-06-13 07:54:56 +02:00
case $device_type in
2024-06-22 09:52:08 +02:00
iPhone1,* | iPad1,1 | iPad1[ 12] * ) :; ;
2024-06-13 07:54:56 +02:00
iPhone1* | iPad[ 81] * ) device_dfuhelper2; return ; ;
esac
2023-12-27 04:01:02 +01:00
local top = "TOP"
local home = "HOME"
case $device_type in
iPhone7* | iPhone8,[ 12] | iPhone9* ) top = "SIDE" ; ;
esac
if [ [ $device_type = = "iPhone9" * ] ] ; then
home = "VOL DOWN"
fi
echo -e " \n $( print " * Hold $top and $home buttons. " ) "
2023-09-02 06:56:49 +02:00
for i in { 10..01} ; do
echo -n " $i "
2023-12-26 03:20:20 +01:00
device_find_all $1
2023-09-03 14:12:16 +02:00
opt = $?
if [ [ $opt = = 1 ] ] ; then
echo -e " \n $( log 'Found device in DFU mode.' ) "
2023-09-03 15:12:34 +02:00
device_mode = "DFU"
2023-09-03 14:12:16 +02:00
return
fi
2023-09-02 06:56:49 +02:00
sleep 1
done
2023-12-27 04:01:02 +01:00
echo -e " \n $( print " * Release $top button and keep holding $home button. " ) "
2023-09-02 06:56:49 +02:00
for i in { 08..01} ; do
echo -n " $i "
2023-12-26 03:20:20 +01:00
device_find_all $1
2023-09-03 14:12:16 +02:00
opt = $?
if [ [ $opt = = 1 ] ] ; then
echo -e " \n $( log 'Found device in DFU mode.' ) "
2023-09-03 15:12:34 +02:00
device_mode = "DFU"
2023-09-03 14:12:16 +02:00
return
fi
2023-09-02 06:56:49 +02:00
sleep 1
done
echo
2023-12-30 15:10:04 +01:00
if [ [ $2 = = "WTFreal" ] ] ; then
device_find_mode WTFreal
else
device_find_mode DFU
fi
2023-09-02 06:56:49 +02:00
}
2023-01-13 05:25:27 +01:00
device_enter_mode( ) {
# usage: device_enter_mode {Recovery, DFU, kDFU, pwnDFU}
# attempt to enter given mode, and device_find_mode function will then set device_mode variable
local opt
case $1 in
2023-12-30 15:10:04 +01:00
"WTFreal" )
if [ [ $device_mode = = "WTF" ] ] ; then
return
elif [ [ $device_mode = = "Normal" ] ] ; then
device_enter_mode Recovery
fi
if [ [ $device_mode = = "Recovery" ] ] ; then
device_dfuhelper norec WTFreal
return
fi
log " Found an S5L8900 device in $device_mode mode. Your device needs to be in WTF mode to continue. "
print "* Force restart your device and place it in normal or recovery mode, then re-enter WTF mode."
2024-01-02 04:46:15 +01:00
print "* You can enter WTF mode by doing the DFU mode procedure."
2023-12-30 15:10:04 +01:00
device_find_mode WTFreal 100
; ;
2023-01-13 05:25:27 +01:00
"Recovery" )
if [ [ $device_mode = = "Normal" ] ] ; then
print "* The device needs to be in recovery/DFU mode before proceeding."
2023-04-02 12:18:44 +02:00
read -p " $( input 'Send device to recovery mode? (Y/n): ' ) " opt
2023-01-13 05:25:27 +01:00
if [ [ $opt = = 'n' || $opt = = 'N' ] ] ; then
2023-03-18 03:44:15 +01:00
exit
2023-01-13 05:25:27 +01:00
fi
log "Entering recovery mode..."
$ideviceenterrecovery " $device_udid " >/dev/null
2023-04-02 12:18:44 +02:00
device_find_mode Recovery 50
2023-01-13 05:25:27 +01:00
fi
2023-04-02 12:18:44 +02:00
; ;
2023-01-13 05:25:27 +01:00
"DFU" )
if [ [ $device_mode = = "Normal" ] ] ; then
device_enter_mode Recovery
2023-12-26 03:20:20 +01:00
elif [ [ $device_mode = = "WTF" ] ] ; then
device_s5l8900xall
return
elif [ [ $device_mode = = "DFU" ] ] ; then
2023-01-13 05:25:27 +01:00
return
fi
2023-09-03 14:12:16 +02:00
device_dfuhelper
2023-04-02 12:18:44 +02:00
; ;
2023-01-13 05:25:27 +01:00
"kDFU" )
local sendfiles = ( )
2024-03-09 16:00:11 +01:00
local ip = "127.0.0.1"
2023-01-13 05:25:27 +01:00
2023-06-19 05:47:18 +02:00
if [ [ $device_mode != "Normal" ] ] ; then
2023-01-13 05:25:27 +01:00
device_enter_mode pwnDFU
return
fi
patch_ibss
2024-01-19 18:11:26 +01:00
device_iproxy
2023-01-13 05:25:27 +01:00
log "Please read the message below:"
2023-09-15 04:46:37 +02:00
print "* Follow these instructions to enter kDFU mode."
print "1. Install \"OpenSSH\" and \"Core Utilities\" in Cydia or Zebra."
2023-08-13 02:29:44 +02:00
if [ [ $device_det = = 1 ] ] ; then
2023-09-15 04:46:37 +02:00
print " - Jailbreak with kok3shiX, and enable \"use legacy patches\""
print " - Also install \"Dropbear\" from my repo: https://lukezgd.github.io/repo"
2023-08-13 02:29:44 +02:00
fi
2023-09-15 04:46:37 +02:00
print " - After installing these requirements, lock your device."
print "2. You will be prompted to enter the root password of your iOS device."
2023-08-13 02:29:44 +02:00
print " - The default root password is: alpine"
2023-09-15 04:46:37 +02:00
print " - Your input will not be visible, but it is still being entered."
print "3. On entering kDFU mode, the device will disconnect."
print " - Proceed to unplug and replug the device when prompted."
print " - Alternatively, press the TOP or HOME button."
2023-01-13 05:25:27 +01:00
pause
echo "chmod +x /tmp/kloader*" > kloaders
if [ [ $device_det = = 1 ] ] ; then
2023-08-17 15:07:52 +02:00
echo ' [ [ $( uname -a | grep -c "MarijuanARM" ) = = 1 ] ] && /tmp/kloader_hgsp /tmp/pwnediBSS || \
2023-04-02 12:18:44 +02:00
/tmp/kloader /tmp/pwnediBSS' >> kloaders
2023-09-14 10:10:52 +02:00
sendfiles += ( "../resources/kloader/kloader_hgsp" "../resources/kloader/kloader" )
2024-02-10 12:38:16 +01:00
elif ( ( device_det <= 5 ) ) ; then
2023-11-14 10:26:19 +01:00
opt = "kloader_axi0mX"
2024-03-09 16:00:11 +01:00
case $device_type in
iPad2,4 | iPad3* ) opt = "kloader5" ; ; # needed for ipad 3 ios 5, unsure for ipad2,4
esac
log " Using $opt for $device_type iOS $device_det "
echo " /tmp/ $opt /tmp/pwnediBSS " >> kloaders
sendfiles += ( " ../resources/kloader/ $opt " )
2023-03-31 15:59:01 +02:00
else
2023-04-02 12:18:44 +02:00
echo "/tmp/kloader /tmp/pwnediBSS" >> kloaders
sendfiles += ( "../resources/kloader/kloader" )
2023-01-13 05:25:27 +01:00
fi
sendfiles += ( "kloaders" "pwnediBSS" )
2023-03-04 11:35:14 +01:00
device_sshpass
2023-01-13 05:25:27 +01:00
log "Entering kDFU mode..."
2023-02-08 04:46:52 +01:00
print "* This may take a while, but should not take longer than a minute."
2023-03-04 11:35:14 +01:00
if [ [ $device_det = = 1 ] ] ; then
2023-09-15 04:46:37 +02:00
print "* If the script is stuck here, reboot and re-jailbreak the device, and try again."
2023-09-07 04:37:06 +02:00
print "* Follow the steps in the GitHub wiki under \"A6(X) devices, jailbroken on iOS 10\""
2023-03-04 11:35:14 +01:00
fi
2023-10-03 15:31:18 +02:00
log " Sending files to device: ${ sendfiles [*] } "
2024-02-12 06:33:52 +01:00
$scp -P $ssh_port ${ sendfiles [@] } root@127.0.0.1:/tmp
2023-01-13 05:25:27 +01:00
if [ [ $? = = 0 ] ] ; then
2023-10-03 15:31:18 +02:00
log "Running kloader"
2024-02-12 06:33:52 +01:00
$ssh -p $ssh_port root@127.0.0.1 "bash /tmp/kloaders" &
2023-01-13 05:25:27 +01:00
else
warn "Failed to connect to device via USB SSH."
if [ [ $device_det = = 1 ] ] ; then
print "* Try to re-install both OpenSSH and Dropbear, reboot, re-jailbreak, and try again."
print "* Alternatively, place your device in DFU mode (see \"Troubleshooting\" wiki page for details)"
2023-04-02 12:18:44 +02:00
print "* Troubleshooting link: https://github.com/LukeZGD/Legacy-iOS-Kit/wiki/Troubleshooting#dfu-advanced-menu-for-32-bit-devices"
2023-01-13 05:25:27 +01:00
elif [ [ $device_det = = 5 ] ] ; then
print "* Try to re-install OpenSSH, reboot, and try again."
else
print "* Try to re-install OpenSSH, reboot, re-jailbreak, and try again."
print "* Alternatively, you may use kDFUApp from my Cydia repo (see \"Troubleshooting\" wiki page for details)"
2023-04-02 12:18:44 +02:00
print "* Troubleshooting link: https://github.com/LukeZGD/Legacy-iOS-Kit/wiki/Troubleshooting#dfu-advanced-menu-kdfu-mode"
2023-01-13 05:25:27 +01:00
fi
input "Press Enter/Return to try again with Wi-Fi SSH (or press Ctrl+C to cancel and try again)"
read -s
2023-09-04 17:06:58 +02:00
log "Trying again with Wi-Fi SSH..."
2023-01-13 05:25:27 +01:00
print "* Make sure that your iOS device and PC/Mac are on the same network."
2023-09-07 04:37:06 +02:00
print "* To get your iOS device's IP Address, go to: Settings -> Wi-Fi/WLAN -> tap the 'i' or '>' next to your network name"
2024-03-09 16:00:11 +01:00
ip =
until [ [ -n $ip ] ] ; do
read -p " $( input 'Enter the IP Address of your device: ' ) " ip
2023-08-29 16:14:03 +02:00
done
2023-10-03 15:31:18 +02:00
log " Sending files to device: ${ sendfiles [*] } "
2024-03-09 16:00:11 +01:00
$scp ${ sendfiles [@] } root@$ip :/tmp
2023-01-13 05:25:27 +01:00
if [ [ $? != 0 ] ] ; then
error "Failed to connect to device via SSH, cannot continue."
fi
2023-10-03 15:31:18 +02:00
log "Running kloader"
2024-03-09 16:00:11 +01:00
$ssh root@$ip "bash /tmp/kloaders" &
2023-01-13 05:25:27 +01:00
fi
2023-02-19 03:52:45 +01:00
local attempt = 1
local device_in
2024-03-09 16:00:11 +01:00
local port
if [ [ $ip = = "127.0.0.1" ] ] ; then
port = " -p $ssh_port "
fi
2024-02-08 04:31:27 +01:00
while ( ( attempt <= 5 ) ) ; do
2024-02-07 14:24:48 +01:00
log " Finding device in kDFU mode... (Attempt $attempt of 5) "
2023-02-19 03:52:45 +01:00
if [ [ $( $irecovery -q 2>/dev/null | grep -w "MODE" | cut -c 7-) = = "DFU" ] ] ; then
device_in = 1
fi
if [ [ $device_in = = 1 ] ] ; then
log "Found device in kDFU mode."
device_mode = "DFU"
break
fi
2023-11-14 10:26:19 +01:00
if [ [ $opt = = "kloader_axi0mX" ] ] ; then
2024-03-09 16:00:11 +01:00
print "* Keep the device plugged in"
$ssh $port root@$ip "bash /tmp/kloaders" &
2023-11-14 10:26:19 +01:00
else
print "* Unplug and replug your device now"
fi
2023-02-19 03:52:45 +01:00
( ( attempt++) )
done
2024-02-08 04:31:27 +01:00
if ( ( attempt > 5 ) ) ; then
2023-02-19 03:52:45 +01:00
error "Failed to find device in kDFU mode. Please run the script again"
fi
2023-01-13 05:25:27 +01:00
kill $iproxy_pid
2023-04-02 12:18:44 +02:00
; ;
2023-01-13 05:25:27 +01:00
"pwnDFU" )
local irec_pwned
local tool_pwned
2023-12-30 15:10:04 +01:00
if [ [ $device_proc = = 1 ] ] ; then
device_enter_mode DFU
return
fi
2023-10-24 03:39:57 +02:00
if [ [ $device_mode = = "DFU" ] ] ; then
2023-04-02 12:18:44 +02:00
irec_pwned = $( $irecovery -q | grep -c "PWND" )
fi
2024-02-26 10:22:31 +01:00
if [ [ $device_skipibss = = 1 ] ] ; then
2024-05-07 06:56:14 +02:00
warn "Skip iBSS flag detected, skipping pwned DFU check. Proceed with caution"
return
elif [ [ $device_pwnrec = = 1 ] ] ; then
warn "Pwned recovery flag detected, skipping pwned DFU check. Proceed with caution"
2024-02-26 10:22:31 +01:00
return
2024-03-01 16:32:15 +01:00
elif [ [ $device_mode = = "DFU" && $mode != "pwned-ibss" && $device_boot4 != 1 &&
$device_proc != 4 ] ] && ( ( device_proc < 7 ) ) ; then
2023-02-10 07:33:48 +01:00
print "* Select Y if your device is in pwned iBSS/kDFU mode."
2024-03-03 11:54:49 +01:00
if [ [ $device_proc = = 5 ] ] ; then
print "* Select N if this is not the case. (pwned using checkm8-a5)"
else
print "* Select N to place device to pwned DFU mode using ipwndfu/ipwnder."
fi
2024-01-27 18:01:48 +01:00
print "* Failing to answer correctly will cause \"Sending iBEC\" to fail."
2023-01-13 05:25:27 +01:00
read -p " $( input 'Is your device already in pwned iBSS/kDFU mode? (y/N): ' ) " opt
if [ [ $opt = = "Y" || $opt = = "y" ] ] ; then
log "Pwned iBSS/kDFU mode specified by user."
return
fi
2023-05-08 10:07:18 +02:00
elif [ [ $irec_pwned = = 1 && $device_proc = = 7 ] ] ; then
2024-02-13 04:26:53 +01:00
if [ [ $platform != "macos" ] ] ; then
2023-05-08 10:07:18 +02:00
device_ipwndfu rmsigchks
fi
2023-03-04 00:36:11 +01:00
return
2023-01-13 05:25:27 +01:00
fi
if [ [ $device_proc = = 5 ] ] ; then
print "* DFU mode for A5 device - Make sure that your device is in PWNED DFU mode."
2024-06-23 18:36:41 +02:00
print "* You need to have an Arduino and USB Host Shield for checkm8-a5."
print "* Use my fork of checkm8-a5: https://github.com/LukeZGD/checkm8-a5"
2024-03-05 04:51:54 +01:00
print "* Also make sure that you have NOT sent a pwned iBSS yet."
2023-01-13 05:25:27 +01:00
print "* If you do not know what you are doing, select N and restart your device in normal mode."
2024-06-23 18:36:41 +02:00
read -p " $( input 'Is your device in PWNED DFU mode using checkm8-a5? (y/N): ' ) " opt
2023-01-13 05:25:27 +01:00
if [ [ $opt != "Y" && $opt != "y" ] ] ; then
local error_msg = $'\n* Please put the device in normal mode and jailbroken before proceeding.'
2024-05-14 14:28:37 +02:00
error_msg += $'\n* Exit DFU mode by holding the TOP and HOME buttons for about 15 seconds.'
2023-01-13 05:25:27 +01:00
error_msg += $'\n* For usage of kDFU/pwnDFU, read the "Troubleshooting" wiki page in GitHub'
error "32-bit A5 device is not in PWNED DFU mode." " $error_msg "
fi
device_ipwndfu send_ibss
return
fi
2023-01-13 12:19:22 +01:00
device_enter_mode DFU
2023-08-05 17:00:27 +02:00
if ( ( device_proc > 7 ) ) ; then
# A8/A9/A10 uses gaster
log "Placing device to pwnDFU mode using gaster"
$gaster pwn
tool_pwned = $?
2023-08-26 15:50:43 +02:00
$gaster reset
2023-10-13 14:06:39 +02:00
elif [ [ $device_type = = "iPod2,1" ] ] ; then
2023-10-23 04:10:27 +02:00
# touch 2 uses ipwndfu
2023-10-13 14:06:39 +02:00
device_ipwndfu pwn
2023-10-25 09:46:35 +02:00
tool_pwned = $?
2023-10-13 08:11:18 +02:00
elif [ [ $platform = = "linux" ] ] ; then
2023-10-23 04:10:27 +02:00
if [ [ $device_type = = "iPhone2,1" || $device_type = = "iPod3,1" ] ] ; then
# 3gs/touch 3 linux uses ipwnder
2023-10-13 08:11:18 +02:00
log "Placing device to pwnDFU mode using ipwnder"
$ipwnder -p
tool_pwned = $?
2024-01-12 11:54:05 +01:00
elif [ [ $device_proc = = 4 ] ] ; then
2024-04-08 11:59:55 +02:00
# A4 linux uses ipwndfu/ipwnder
local selection = ( "ipwndfu" "ipwnder (SHAtter)" "ipwnder (limera1n)" )
input "PwnDFU Tool Option"
print "* Select tool to be used for entering pwned DFU mode."
print "* This option is set to ipwndfu by default (1). Select this option if unsure."
print "* If the first option does not work, try the other option(s)."
input "Select your option:"
select opt2 in " ${ selection [@] } " ; do
case $opt2 in
"ipwndfu" )
device_ipwndfu pwn
tool_pwned = $?
break
; ;
"ipwnder (SHAtter)" )
$ipwnder -s
tool_pwned = $?
break
; ;
"ipwnder (limera1n)" )
$ipwnder -p
tool_pwned = $?
break
; ;
esac
done
2023-10-13 08:11:18 +02:00
else
2024-01-12 11:54:05 +01:00
# the linux checkm8 section. success rates are absolute garbage here
# A6 linux uses ipwndfu, A7 linux uses gaster
log "Please read the message below:"
2023-10-13 08:11:18 +02:00
print "* Unfortunately, success rates for checkm8 are very low on Linux."
print "* Pwning using a Mac or another iOS device using iPwnder Lite are better options."
print "* For more details, read the \"Troubleshooting\" wiki page in GitHub"
print "* Troubleshooting links:"
print " - https://github.com/LukeZGD/Legacy-iOS-Kit/wiki/Troubleshooting"
print " - https://github.com/LukeZGD/Legacy-iOS-Kit/wiki/Pwning-Using-Another-iOS-Device"
print "* If pwning gets stuck, you can press Ctrl+C to cancel."
2024-01-12 11:54:05 +01:00
if [ [ $device_proc = = 7 ] ] ; then
log "Placing device to pwnDFU mode using gaster"
$gaster pwn
tool_pwned = $?
else
device_ipwndfu pwn
tool_pwned = $?
fi
2023-10-13 08:11:18 +02:00
fi
elif ( ( device_proc > 5 ) ) && [ [ $( uname -m) != "x86_64" ] ] ; then
2023-08-05 17:00:27 +02:00
# A6/A7 asi mac uses ipwnder_lite
2023-06-05 09:28:29 +02:00
log "Placing device to pwnDFU mode using ipwnder_lite"
2023-08-17 15:07:52 +02:00
opt = " ${ ipwnder } 2 -p "
$opt
2023-01-25 11:29:55 +01:00
tool_pwned = $?
2023-01-13 05:25:27 +01:00
else
2023-10-13 14:06:39 +02:00
# A4/A6/A7 mac uses ipwnder32/ipwnder_lite
2023-10-13 08:11:18 +02:00
local selection = ( "ipwnder32" "ipwnder_lite" )
input "PwnDFU Tool Option"
print "* Select tool to be used for entering pwned DFU mode."
print "* This option is set to ipwnder32 by default (1). Select this option if unsure."
print "* If the first option does not work, try many times and/or try the other option(s)."
2023-08-05 17:00:27 +02:00
input "Select your option:"
2023-06-05 09:28:29 +02:00
select opt2 in " ${ selection [@] } " ; do
case $opt2 in
"ipwnder32" ) opt = " $ipwnder32 -p " ; break; ;
* )
opt = " $ipwnder "
2023-08-17 15:07:52 +02:00
if ( ( device_proc > 5 ) ) ; then
2023-10-13 08:11:18 +02:00
opt += "2 -p"
2023-06-05 09:28:29 +02:00
fi
break
; ;
esac
done
2023-10-13 14:06:39 +02:00
if ( ( device_proc > 5 ) ) ; then
2024-01-12 11:54:05 +01:00
log "Please read the message below:"
2023-10-13 14:06:39 +02:00
print "* If you have an older Mac with Core 2 Duo, success rates for checkm8 are low."
2023-10-13 08:11:18 +02:00
print "* Pwning using another Mac or iOS device using iPwnder Lite are available options if needed."
2023-09-27 07:10:57 +02:00
print "* For more details, read the \"Troubleshooting\" wiki page in GitHub"
print "* Troubleshooting links:"
print " - https://github.com/LukeZGD/Legacy-iOS-Kit/wiki/Troubleshooting"
print " - https://github.com/LukeZGD/Legacy-iOS-Kit/wiki/Pwning-Using-Another-iOS-Device"
print "* If pwning gets stuck, you can press Ctrl+C to cancel."
fi
2024-01-12 11:54:05 +01:00
log " Placing device to pwnDFU mode using $opt "
2023-06-05 09:28:29 +02:00
$opt
2023-01-13 05:25:27 +01:00
tool_pwned = $?
fi
irec_pwned = $( $irecovery -q | grep -c "PWND" )
# irec_pwned is instances of "PWND" in serial, must be 1
2023-08-26 15:50:43 +02:00
# tool_pwned is error code of pwning tool, must be 0
2023-01-13 05:25:27 +01:00
if [ [ $irec_pwned != 1 && $tool_pwned != 0 ] ] ; then
2023-05-08 10:07:18 +02:00
device_pwnerror
2023-01-13 05:25:27 +01:00
fi
2023-08-17 15:07:52 +02:00
if [ [ $opt = = " ${ ipwnder } 2 -p " && $device_proc = = 6 ] ] ; then
${ ipwnder } 2 --upload-iboot
fi
2023-10-24 03:39:57 +02:00
if [ [ $platform = = "macos" ] ] || ( ( device_proc > 7 ) ) ; then
2023-01-13 05:25:27 +01:00
return
2023-10-24 03:39:57 +02:00
elif [ [ $device_proc = = 7 ] ] ; then
2023-01-13 05:25:27 +01:00
device_ipwndfu rmsigchks
elif [ [ $device_proc != 4 ] ] ; then
device_ipwndfu send_ibss
fi
2023-04-02 12:18:44 +02:00
; ;
2023-01-13 05:25:27 +01:00
esac
}
2023-05-08 10:07:18 +02:00
device_pwnerror( ) {
2024-01-12 11:54:05 +01:00
local error_msg = $'\n* Exit DFU mode first by holding the TOP and HOME buttons for about 10 seconds.'
2023-05-08 10:07:18 +02:00
if [ [ $platform = = "linux" && $device_proc != 4 ] ] ; then
2023-09-27 07:10:57 +02:00
error_msg += $'\n* Unfortunately, success rates for checkm8 are very low on Linux.'
2023-09-04 17:06:58 +02:00
error_msg += $'\n* Pwning using a Mac or another iOS device using iPwnder Lite are better options.'
2024-04-08 11:59:55 +02:00
elif [ [ $platform = = "linux" && $device_proc = = 4 ] ] ; then
error_msg += $'\n* Unfortunately, pwning may have low success rates for PCs with an AMD CPU.'
error_msg += $'\n* Pwning using an Intel PC or another device may be better options.'
2023-10-12 13:54:16 +02:00
elif [ [ $platform = = "macos" ] ] ; then
2024-03-31 14:00:37 +02:00
error_msg += $'\n* If you get the error "No backend available" in ipwndfu, install libusb in Homebrew/MacPorts'
2023-05-08 10:07:18 +02:00
fi
error_msg += $'\n* For more details, read the "Troubleshooting" wiki page in GitHub'
2023-07-03 09:22:35 +02:00
error_msg += $' \n * Troubleshooting links:
- https://github.com/LukeZGD/Legacy-iOS-Kit/wiki/Troubleshooting
- https://github.com/LukeZGD/Legacy-iOS-Kit/wiki/Pwning-Using-Another-iOS-Device'
2023-05-08 10:07:18 +02:00
error "Failed to enter pwnDFU mode. Please run the script again." " $error_msg "
}
2023-01-13 05:25:27 +01:00
device_ipwndfu( ) {
local tool_pwned = 0
2024-06-10 04:41:11 +02:00
local python2 = $( command -v python2 2>/dev/null)
local pyenv = $( command -v pyenv 2>/dev/null)
2023-08-05 17:00:27 +02:00
local pyenv2 = " $HOME /.pyenv/versions/2.7.18/bin/python2 "
2023-01-15 09:41:05 +01:00
2023-08-23 14:37:39 +02:00
if [ [ -z $pyenv && -e " $HOME /.pyenv/bin/pyenv " ] ] ; then
pyenv = " $HOME /.pyenv/bin/pyenv "
2023-01-22 07:28:52 +01:00
fi
2024-06-22 09:52:08 +02:00
if [ [ $platform = = "macos" ] ] && ( ( mac_majver < 12 ) ) ; then
2023-10-26 07:13:59 +02:00
python2 = "/usr/bin/python"
elif [ [ -n $python2 && $device_sudoloop = = 1 ] ] ; then
python2 = " sudo $python2 "
2023-08-05 17:00:27 +02:00
elif [ [ -z $python2 && ! -e $pyenv2 ] ] ; then
warn "python2 is not installed. Attempting to install python2 before continuing"
2023-09-04 17:06:58 +02:00
print "* You may install python2 from pyenv by running: pyenv install 2.7.18"
2023-08-23 14:37:39 +02:00
if [ [ -z $pyenv ] ] ; then
2023-08-05 17:00:27 +02:00
warn "pyenv is not installed. Attempting to install pyenv before continuing"
print "* You may install pyenv by running: curl https://pyenv.run | bash"
log "Installing pyenv"
curl https://pyenv.run | bash
pyenv = " $HOME /.pyenv/bin/pyenv "
2023-08-23 14:37:39 +02:00
if [ [ ! -e $pyenv ] ] ; then
error "Cannot detect python2 from pyenv, its installation may have failed." \
"* Also try installing pyenv and python2 manually before retrying."
fi
2023-08-05 17:00:27 +02:00
fi
log "Installing python2 using pyenv"
2023-08-23 14:37:39 +02:00
print "* This may take a while, but should not take longer than a few minutes."
2023-08-05 17:00:27 +02:00
$pyenv install 2.7.18
if [ [ ! -e $pyenv2 ] ] ; then
warn "Cannot detect python2 from pyenv, its installation may have failed."
2023-10-26 07:13:59 +02:00
print "* Try installing pyenv and/or python2 manually:"
print " pyenv: > curl https://pyenv.run | bash"
print " python2: > $pyenv install 2.7.18 "
2023-08-05 17:00:27 +02:00
error "Cannot detect python2 for ipwndfu, cannot continue."
fi
fi
if [ [ -e $pyenv2 ] ] ; then
2023-01-22 06:12:36 +01:00
log "python2 from pyenv detected"
2023-01-22 07:28:52 +01:00
python2 =
if [ [ $device_sudoloop = = 1 ] ] ; then
python2 = "sudo "
fi
2023-08-05 17:00:27 +02:00
python2 += " $pyenv2 "
2023-01-13 16:02:51 +01:00
fi
2024-01-30 04:19:22 +01:00
mkdir ../saved/ipwndfu 2>/dev/null
2024-02-26 03:41:17 +01:00
rm -f ../saved/ipwndfu/pwnediBSS
if [ [ $1 = = "send_ibss" && $device_boot4 = = 1 ] ] ; then
cp iBSS.patched ../saved/ipwndfu/pwnediBSS
elif [ [ $1 = = "send_ibss" ] ] ; then
2023-12-26 03:20:20 +01:00
device_rd_build =
2023-08-23 14:37:39 +02:00
patch_ibss
2024-01-30 04:19:22 +01:00
cp pwnediBSS ../saved/ipwndfu/
2023-08-23 14:37:39 +02:00
fi
2023-01-13 05:25:27 +01:00
device_enter_mode DFU
2023-10-25 09:46:35 +02:00
local ipwndfu_comm = "c2ba7abe6b1b8dee962ce8ae7a02fc64d3242d28"
local ipwndfu_sha1 = "e385cdf51c8f4faaba43140a468ecbf00c4387ab"
2024-01-30 04:19:22 +01:00
if [ [ ! -s ../saved/ipwndfu/ipwndfu || $( cat ../saved/ipwndfu/sha1) != " $ipwndfu_sha1 " ] ] ; then
rm -rf ../saved/ipwndfu-*
2023-10-25 09:46:35 +02:00
download_file https://github.com/LukeZGD/ipwndfu/archive/$ipwndfu_comm .zip ipwndfu.zip $ipwndfu_sha1
2024-01-30 04:19:22 +01:00
unzip -q ipwndfu.zip -d ../saved
mv ../saved/ipwndfu-*/* ../saved/ipwndfu
echo " $ipwndfu_sha1 " > ../saved/ipwndfu/sha1
rm -rf ../saved/ipwndfu-*
2023-01-13 05:25:27 +01:00
fi
2023-10-02 18:46:29 +02:00
if [ [ -d /opt/local/lib ] ] ; then
ln -sf /opt/local/lib ~/lib
elif [ [ -d /opt/homebrew/lib ] ] ; then
ln -sf /opt/homebrew/lib ~/lib
fi
2023-01-13 16:02:51 +01:00
2024-01-30 04:19:22 +01:00
pushd ../saved/ipwndfu/ >/dev/null
2023-01-13 12:19:22 +01:00
case $1 in
"send_ibss" )
2023-10-26 07:13:59 +02:00
log "Sending iBSS using ipwndfu..."
2023-09-17 07:26:13 +02:00
$python2 ipwndfu -l pwnediBSS
2023-01-13 12:19:22 +01:00
tool_pwned = $?
2023-09-17 07:26:13 +02:00
rm pwnediBSS
2023-01-13 12:19:22 +01:00
if [ [ $tool_pwned != 0 ] ] ; then
2023-08-19 09:36:15 +02:00
popd >/dev/null
2023-10-02 17:06:08 +02:00
local error_msg
2023-10-12 13:54:16 +02:00
if [ [ $platform = = "macos" ] ] ; then
2024-03-31 14:00:37 +02:00
error_msg += $'\n* If you get the error "No backend available," install libusb in Homebrew/MacPorts\n'
2023-10-02 17:06:08 +02:00
fi
error_msg += "* You might need to exit DFU and (re-)enter PWNED DFU mode before retrying."
error "Failed to send iBSS. Your device has likely failed to enter PWNED DFU mode." " $error_msg "
2023-01-13 12:19:22 +01:00
fi
2023-10-26 07:13:59 +02:00
print "* ipwndfu should have \"done!\" as output."
2023-04-02 12:18:44 +02:00
; ;
2023-01-13 12:19:22 +01:00
"pwn" )
log "Placing device to pwnDFU Mode using ipwndfu"
2023-01-13 16:02:51 +01:00
$python2 ipwndfu -p
2023-01-13 12:19:22 +01:00
tool_pwned = $?
if [ [ $tool_pwned != 0 ] ] ; then
2023-05-08 10:07:18 +02:00
device_pwnerror
2023-01-13 12:19:22 +01:00
fi
2023-04-02 12:18:44 +02:00
; ;
2023-01-13 12:19:22 +01:00
"rmsigchks" )
log "Running rmsigchks..."
2023-01-13 16:02:51 +01:00
$python2 rmsigchks.py
2023-04-02 12:18:44 +02:00
; ;
2023-06-15 08:21:05 +02:00
"alloc8" )
if [ [ ! -s n88ap-iBSS-4.3.5.img3 ] ] ; then
log "Downloading iOS 4.3.5 iBSS"
2023-08-05 17:00:27 +02:00
" ../ $dir /pzb " -g "Firmware/dfu/iBSS.n88ap.RELEASE.dfu" -o n88ap-iBSS-4.3.5.img3 http://appldnld.apple.com/iPhone4/041-1965.20110721.gxUB5/iPhone2,1_4.3.5_8L1_Restore.ipsw
2023-06-15 08:21:05 +02:00
fi
log "Installing alloc8 to device"
$python2 ipwndfu -x
2023-12-11 03:16:55 +01:00
if [ [ $platform = = "macos" ] ] ; then
2024-03-31 14:00:37 +02:00
print "* If you get the error \"No backend available,\" install libusb in Homebrew/MacPorts"
2023-12-11 03:16:55 +01:00
fi
2023-06-15 08:21:05 +02:00
; ;
2023-01-13 12:19:22 +01:00
esac
2024-01-30 04:19:22 +01:00
if [ [ $device_sudoloop = = 1 ] ] ; then
sudo rm *.pyc libusbfinder/*.pyc usb/*.pyc usb/backend/*.pyc
fi
2023-07-09 14:47:13 +02:00
popd >/dev/null
2023-10-25 09:46:35 +02:00
return $tool_pwned
2023-01-13 05:25:27 +01:00
}
2022-05-28 12:21:26 +02:00
2023-01-13 05:25:27 +01:00
download_file( ) {
# usage: download_file {link} {target location} {sha1}
local filename = " $( basename $2 ) "
log " Downloading $filename ... "
curl -L $1 -o $2
2024-05-02 04:53:02 +02:00
if [ [ ! -s $2 ] ] ; then
error " Downloading $2 failed. Please run the script again "
fi
if [ [ -z $3 ] ] ; then
return
fi
2023-01-13 05:25:27 +01:00
local sha1 = $( $sha1sum $2 | awk '{print $1}' )
if [ [ $sha1 != " $3 " ] ] ; then
error " Verifying $filename failed. The downloaded file may be corrupted or incomplete. Please run the script again " \
2023-01-17 03:19:51 +01:00
" * SHA1sum mismatch. Expected $3 , got $sha1 "
2023-01-13 05:25:27 +01:00
fi
}
2022-09-20 14:28:20 +02:00
2023-01-13 05:25:27 +01:00
device_fw_key_check( ) {
2023-04-02 12:18:44 +02:00
# check and download keys for device_target_build, then set the variable device_fw_key (or device_fw_key_base)
local key
local build = " $device_target_build "
if [ [ $1 = = "base" ] ] ; then
build = " $device_base_build "
2023-06-07 07:24:24 +02:00
elif [ [ $1 = = "temp" ] ] ; then
build = " $2 "
2023-04-02 12:18:44 +02:00
fi
local keys_path = " $device_fw_dir / $build "
2023-01-13 05:25:27 +01:00
log " Checking firmware keys in $keys_path "
if [ [ -e " $keys_path /index.html " ] ] ; then
2023-04-02 12:18:44 +02:00
if [ [ $( cat " $keys_path /index.html " | grep -c " $build " ) != 1 ] ] ; then
2023-01-13 05:25:27 +01:00
log "Existing firmware keys are not valid. Deleting"
rm " $keys_path /index.html "
2022-10-08 06:25:24 +02:00
fi
2023-01-13 05:25:27 +01:00
fi
2022-10-08 06:25:24 +02:00
2023-01-13 05:25:27 +01:00
if [ [ ! -e " $keys_path /index.html " ] ] ; then
2023-04-02 12:18:44 +02:00
log " Getting firmware keys for $device_type - $build "
2023-01-13 05:25:27 +01:00
mkdir -p " $keys_path " 2>/dev/null
2023-04-02 12:18:44 +02:00
local try = ( " https://github.com/LukeZGD/Legacy-iOS-Kit-Keys/raw/master/ $device_type / $build /index.html "
" https://api.m1sta.xyz/wikiproxy/ $device_type / $build "
" http://127.0.0.1:8888/firmware/ $device_type / $build " )
for i in " ${ try [@] } " ; do
curl -L $i -o index.html
if [ [ $( cat index.html | grep -c " $build " ) = = 1 ] ] ; then
break
2022-09-20 14:28:20 +02:00
fi
2023-04-02 12:18:44 +02:00
done
if [ [ $( cat index.html | grep -c " $build " ) != 1 ] ] ; then
2024-03-19 15:10:35 +01:00
local error_msg = "* You may need to run wikiproxy to get firmware keys."
error_msg += $'\n* For more details, go to the "Troubleshooting" wiki page in GitHub.'
error_msg += $'\n* Troubleshooting link: https://github.com/LukeZGD/Legacy-iOS-Kit/wiki/Troubleshooting#running-wikiproxy'
error "Failed to download firmware keys." " $error_msg "
2022-07-22 09:41:52 +02:00
fi
2023-01-13 05:25:27 +01:00
mv index.html " $keys_path / "
fi
2023-04-02 12:18:44 +02:00
if [ [ $1 = = "base" ] ] ; then
device_fw_key_base = " $( cat $keys_path /index.html) "
2023-06-07 07:24:24 +02:00
elif [ [ $1 = = "temp" ] ] ; then
device_fw_key_temp = " $( cat $keys_path /index.html) "
2023-04-02 12:18:44 +02:00
else
device_fw_key = " $( cat $keys_path /index.html) "
fi
2023-01-13 05:25:27 +01:00
}
2022-09-20 14:28:20 +02:00
2024-01-23 14:29:58 +01:00
ipsw_get_url( ) {
2023-01-15 15:31:49 +01:00
local build_id = " $1 "
2024-01-23 14:29:58 +01:00
local url = " $( cat " $device_fw_dir / $build_id /url " 2>/dev/null) "
ipsw_url =
2024-04-28 08:09:38 +02:00
log " Checking URL in $device_fw_dir / $build_id /url "
if [ [ $( echo " $url " | grep -c '<' ) != 0 || $url != *" $build_id " * ] ] ; then
2023-09-14 10:10:52 +02:00
rm " $device_fw_dir / $build_id /url "
url =
fi
2023-06-15 08:21:05 +02:00
if [ [ -z $url ] ] ; then
log " Getting URL for $device_type - $build_id "
2023-09-14 10:10:52 +02:00
url = " $( curl " https://api.ipsw.me/v4/ipsw/ $device_type / $build_id " | $jq -j ".url" ) "
if [ [ $( echo " $url " | grep -c '<' ) != 0 ] ] ; then
url = " $( curl " https://api.ipsw.me/v4/device/ $device_type ?type=ipsw " | $jq -j " .firmwares[] | select(.buildid == \" $build_id \") | .url " ) "
fi
2024-04-12 16:58:30 +02:00
mkdir -p $device_fw_dir /$build_id 2>/dev/null
2023-08-05 17:00:27 +02:00
echo " $url " > $device_fw_dir /$build_id /url
2023-06-15 08:21:05 +02:00
fi
2024-01-23 14:29:58 +01:00
ipsw_url = " $url "
}
download_comp( ) {
# usage: download_comp [build_id] [comp]
local build_id = " $1 "
local comp = " $2 "
ipsw_get_url $build_id
2023-01-15 15:31:49 +01:00
download_targetfile = " $comp . $device_model "
if [ [ $build_id != "12" * ] ] ; then
download_targetfile += "ap"
fi
download_targetfile += ".RELEASE"
if [ [ -e " ../saved/ $device_type / ${ comp } _ $build_id .dfu " ] ] ; then
cp " ../saved/ $device_type / ${ comp } _ $build_id .dfu " ${ comp }
else
log " Downloading ${ comp } ... "
2024-01-23 14:29:58 +01:00
" $dir /pzb " -g " Firmware/dfu/ $download_targetfile .dfu " -o ${ comp } " $ipsw_url "
2023-01-15 15:31:49 +01:00
cp ${ comp } " ../saved/ $device_type / ${ comp } _ $build_id .dfu "
fi
}
2023-01-13 05:25:27 +01:00
patch_ibss( ) {
# creates file pwnediBSS to be sent to device
local build_id
case $device_type in
2023-05-27 08:33:27 +02:00
iPad1,1 | iPod3,1 ) build_id = "9B206" ; ;
2023-06-15 09:32:45 +02:00
iPhone2,1 | iPod4,1 ) build_id = "10B500" ; ;
2023-09-14 10:22:25 +02:00
iPhone3,[ 123] ) build_id = "11D257" ; ;
2023-06-15 09:32:45 +02:00
* ) build_id = "12H321" ; ;
2023-01-13 05:25:27 +01:00
esac
2023-10-06 15:22:43 +02:00
if [ [ -n $device_rd_build ] ] ; then
build_id = " $device_rd_build "
2023-06-15 08:21:05 +02:00
fi
2023-01-15 15:31:49 +01:00
download_comp $build_id iBSS
2023-09-14 10:10:52 +02:00
device_fw_key_check temp $build_id
2024-06-14 03:12:24 +02:00
local iv = $( echo $device_fw_key_temp | $jq -j '.keys[] | select(.image == "iBSS") | .iv' )
local key = $( echo $device_fw_key_temp | $jq -j '.keys[] | select(.image == "iBSS") | .key' )
2023-10-04 05:22:29 +02:00
log "Decrypting iBSS..."
2023-09-14 10:10:52 +02:00
" $dir /xpwntool " iBSS iBSS.dec -iv $iv -k $key
2023-10-04 05:22:29 +02:00
log "Patching iBSS..."
2023-09-14 10:10:52 +02:00
" $dir /iBoot32Patcher " iBSS.dec pwnediBSS --rsa
" $dir /xpwntool " pwnediBSS pwnediBSS.dfu -t iBSS
cp pwnediBSS pwnediBSS.dfu ../saved/$device_type /
2023-01-13 16:02:51 +01:00
log " Pwned iBSS saved at: saved/ $device_type /pwnediBSS "
2023-09-14 10:10:52 +02:00
log " Pwned iBSS img3 saved at: saved/ $device_type /pwnediBSS.dfu "
2023-01-13 05:25:27 +01:00
}
2022-05-28 12:56:10 +02:00
2023-01-15 15:31:49 +01:00
patch_ibec( ) {
# creates file pwnediBEC to be sent to device for blob dumping
local build_id
case $device_type in
2023-09-16 15:28:32 +02:00
iPad1,1 | iPod3,1 )
build_id = "9B206" ; ;
2023-11-14 10:26:19 +01:00
iPhone2,1 | iPhone3,[ 123] | iPod4,1 )
build_id = "10A403" ; ;
2023-09-16 15:28:32 +02:00
iPad2,[ 367] | iPad3,[ 25] )
build_id = "12H321" ; ;
iPad3,1 )
build_id = "10B146" ; ;
iPhone5,3 )
build_id = "11B511" ; ;
iPhone5,4 )
build_id = "11B651" ; ;
2023-10-25 09:46:35 +02:00
* )
build_id = "10B329" ; ;
2023-01-15 15:31:49 +01:00
esac
2023-10-06 15:22:43 +02:00
if [ [ -n $device_rd_build ] ] ; then
build_id = " $device_rd_build "
2023-06-15 08:21:05 +02:00
fi
2023-01-15 15:31:49 +01:00
download_comp $build_id iBEC
2023-06-07 07:24:24 +02:00
device_fw_key_check temp $build_id
2023-09-14 10:10:52 +02:00
local name = "iBEC"
2024-06-14 03:12:24 +02:00
local iv = $( echo $device_fw_key_temp | $jq -j '.keys[] | select(.image == "iBEC") | .iv' )
local key = $( echo $device_fw_key_temp | $jq -j '.keys[] | select(.image == "iBEC") | .key' )
2023-06-15 08:21:05 +02:00
local address = "0x80000000"
if [ [ $device_proc = = 4 ] ] ; then
address = "0x40000000"
fi
2023-01-15 15:31:49 +01:00
mv iBEC $name .orig
2023-10-04 05:22:29 +02:00
log "Decrypting iBEC..."
2023-09-14 10:10:52 +02:00
" $dir /xpwntool " $name .orig $name .dec -iv $iv -k $key
2023-10-04 05:22:29 +02:00
log "Patching iBEC..."
2023-10-25 09:46:35 +02:00
if [ [ $device_proc = = 4 || -n $device_rd_build ] ] ; then
2024-02-04 12:49:03 +01:00
" $dir /iBoot32Patcher " $name .dec $name .patched --rsa --ticket -b "rd=md0 -v amfi=0xff cs_enforcement_disable=1" -c "go" $address
2023-09-16 15:28:32 +02:00
else
$bspatch $name .dec $name .patched " ../resources/patch/ $download_targetfile .patch "
fi
2023-09-14 10:10:52 +02:00
" $dir /xpwntool " $name .patched pwnediBEC.dfu -t $name .orig
rm $name .dec $name .orig $name .patched
cp pwnediBEC.dfu ../saved/$device_type /
log " Pwned iBEC img3 saved at: saved/ $device_type /pwnediBEC.dfu "
2023-01-15 15:31:49 +01:00
}
2024-06-10 04:41:11 +02:00
ipsw_nojailbreak_message( ) {
local hac
local tohac
case $device_type in
iPhone[ 23] ,1 ) hac = " (and hacktivate)" ; tohac = 1; ;
esac
2024-06-13 07:54:56 +02:00
log " Jailbreak option is not available for this version. You may jailbreak $hac later after the restore "
2024-06-10 04:41:11 +02:00
print "* To jailbreak, select \"Jailbreak Device\" in the main menu"
if [ [ $tohac = = 1 ] ] ; then
print "* To hacktivate, go to \"Other Utilities -> Hacktivate Device\" after jailbreaking"
fi
}
2023-01-13 05:25:27 +01:00
ipsw_preference_set( ) {
2023-07-18 05:56:33 +02:00
# sets ipsw variables: ipsw_jailbreak, ipsw_memory, ipsw_verbose
2023-08-26 15:50:43 +02:00
2023-11-18 02:24:52 +01:00
if ( ( device_proc >= 7 ) ) ; then
return
fi
2023-06-07 07:24:24 +02:00
case $device_latest_vers in
2024-03-23 08:29:06 +01:00
[ 76543] * ) ipsw_canjailbreak = 1; ;
2023-06-07 07:24:24 +02:00
esac
2023-11-18 02:24:52 +01:00
if [ [ $device_target_vers = = " $device_latest_vers " && $ipsw_canjailbreak != 1 ] ] ; then
2023-01-13 05:25:27 +01:00
return
2023-08-26 15:50:43 +02:00
elif [ [ $device_target_vers != " $device_latest_vers " ] ] ; then
ipsw_canjailbreak =
2023-01-13 05:25:27 +01:00
fi
2023-11-18 02:24:52 +01:00
2023-05-27 08:33:27 +02:00
case $device_target_vers in
2024-06-10 04:41:11 +02:00
9.3.[ 4321] | 9.[ 321] * | [ 8765] * | 4.[ 32] * ) ipsw_canjailbreak = 1; ;
2024-03-14 05:00:52 +01:00
3.1.3 )
2024-06-10 04:41:11 +02:00
case $device_proc in
1 ) ipsw_canjailbreak = 1; ;
* ) ipsw_nojailbreak_message; ;
esac
2024-03-14 05:00:52 +01:00
; ;
2023-05-27 08:33:27 +02:00
esac
2024-06-10 04:41:11 +02:00
2023-12-27 11:40:25 +01:00
if [ [ $device_proc = = 5 ] ] ; then
case $device_target_vers in
2024-06-10 04:41:11 +02:00
8.[ 210] * ) ipsw_canjailbreak = ; ;
2023-12-27 11:40:25 +01:00
esac
2024-06-10 04:41:11 +02:00
elif [ [ $device_type = = "iPhone1,2" || $device_type = = "iPhone2,1" || $device_type = = "iPod2,1" ] ] ; then
2024-03-14 05:00:52 +01:00
case $device_target_vers in
2024-06-10 04:41:11 +02:00
4* ) ipsw_canjailbreak = 1; ;
2024-03-14 13:53:41 +01:00
3.1.3 ) :; ;
2024-03-14 05:00:52 +01:00
3.1* )
ipsw_canjailbreak = 1
warn "Jailbreak option might have issues on versions below 3.1.3. I recommend selecting 3.1.3 or newer instead"
; ;
esac
2024-06-10 04:41:11 +02:00
else
case $device_target_vers in
4.[ 10] * ) ipsw_nojailbreak_message; ;
esac
2023-12-27 11:40:25 +01:00
fi
2023-11-18 02:24:52 +01:00
if [ [ $device_target_powder = = 1 ] ] ; then
case $device_target_vers in
2024-06-10 04:41:11 +02:00
9* ) ipsw_canjailbreak = 1; ;
2023-11-18 02:24:52 +01:00
esac
2023-09-01 07:30:40 +02:00
elif [ [ $device_target_other = = 1 && $ipsw_canjailbreak != 1 ] ] ; then
2023-08-29 16:14:03 +02:00
return
2023-06-16 15:51:35 +02:00
fi
2024-06-19 04:10:45 +02:00
if [ [ $ipsw_isbeta = = 1 ] ] ; then
2024-06-18 04:43:00 +02:00
warn "iOS beta detected, disabling jailbreak option"
ipsw_canjailbreak =
2024-06-08 15:38:44 +02:00
fi
2024-06-19 04:10:45 +02:00
if [ [ $ipsw_fourthree = = 1 ] ] ; then
ipsw_jailbreak = 1
elif [ [ $ipsw_jailbreak = = 1 ] ] ; then
warn "Jailbreak flag detected, jailbreak option enabled by user."
elif [ [ -z $ipsw_jailbreak && $ipsw_canjailbreak = = 1 ] ] ; then
2023-01-13 05:25:27 +01:00
input "Jailbreak Option"
print "* When this option is enabled, your device will be jailbroken on restore."
2023-07-18 05:56:33 +02:00
print "* I recommend to enable this option to have the jailbreak and Cydia pre-installed."
2023-08-13 02:29:44 +02:00
print "* This option is enabled by default (Y). Select this option if unsure."
2024-01-06 10:32:10 +01:00
if [ [ $device_type = = "iPad2" * && $device_target_vers = = "4.3" * && $device_target_tethered != 1 ] ] ; then
warn "This will be a semi-tethered jailbreak. Arduino is required to boot to a jailbroken state."
print "* To boot jailbroken later, go to: Other Utilities -> Just Boot"
fi
2023-01-13 05:25:27 +01:00
read -p " $( input 'Enable this option? (Y/n): ' ) " ipsw_jailbreak
2023-01-13 10:30:26 +01:00
if [ [ $ipsw_jailbreak = = 'N' || $ipsw_jailbreak = = 'n' ] ] ; then
ipsw_jailbreak =
log "Jailbreak option disabled by user."
else
2023-01-13 05:25:27 +01:00
ipsw_jailbreak = 1
log "Jailbreak option enabled."
fi
echo
fi
2024-01-30 04:03:35 +01:00
if [ [ $ipsw_jailbreak = = 1 && -z $ipsw_hacktivate && $ipsw_canhacktivate = = 1 ] ] ; then
2023-08-15 13:09:04 +02:00
input "Hacktivate Option"
print "* When this option is enabled, your device will be activated on restore."
print "* Enable this option if you have no valid SIM card to activate the phone."
print "* This option is disabled by default (N). Select this option if unsure."
read -p " $( input 'Enable this option? (y/N): ' ) " ipsw_hacktivate
if [ [ $ipsw_hacktivate = = 'Y' || $ipsw_hacktivate = = 'y' ] ] ; then
log "Hacktivate option enabled by user."
ipsw_hacktivate = 1
else
log "Hacktivate option disabled."
ipsw_hacktivate =
fi
echo
fi
2024-01-30 04:03:35 +01:00
case $device_type in
iPhone2,1 | iPod2,1 ) ipsw_canmemory = 1; ;
2024-02-09 17:35:04 +01:00
iPad[ 23] ,[ 23] ) ipsw_canmemory = 1; ;
2024-01-30 04:03:35 +01:00
iPhone3,1 | iPad1,1 | iPad2* | iPod[ 34] ,1 )
case $device_target_vers in
[ 34] * ) ipsw_canmemory = 1; ;
esac
; ;
esac
if [ [ $ipsw_jailbreak = = 1 || $device_type = = " $device_disable_bbupdate " ||
$device_target_powder = = 1 || $device_target_tethered = = 1 ||
$ipsw_canmemory = = 1 ] ] && [ [ -z $ipsw_memory ] ] ; then
2023-01-13 05:25:27 +01:00
input "Memory Option for creating custom IPSW"
2023-07-18 05:56:33 +02:00
print "* When this option is enabled, system RAM will be used for the IPSW creation process."
print "* I recommend to enable this option to speed up creating the custom IPSW."
2024-01-30 04:03:35 +01:00
print "* However, if your PC/Mac has less than 8 GB of RAM, disable this option."
2023-08-13 02:29:44 +02:00
print "* This option is enabled by default (Y). Select this option if unsure."
2023-01-13 05:25:27 +01:00
read -p " $( input 'Enable this option? (Y/n): ' ) " ipsw_memory
if [ [ $ipsw_memory = = 'N' || $ipsw_memory = = 'n' ] ] ; then
log "Memory option disabled by user."
ipsw_memory =
else
log "Memory option enabled."
2023-01-13 10:30:26 +01:00
ipsw_memory = 1
2023-01-13 05:25:27 +01:00
fi
echo
fi
2023-04-02 12:18:44 +02:00
if [ [ $device_target_powder = = 1 && -z $ipsw_verbose ] ] ; then
2023-01-13 05:25:27 +01:00
input "Verbose Boot Option"
2023-07-18 05:56:33 +02:00
print "* When this option is enabled, the device will have verbose boot on restore."
2023-08-13 02:29:44 +02:00
print "* This option is enabled by default (Y). Select this option if unsure."
2023-01-13 05:25:27 +01:00
read -p " $( input 'Enable this option? (Y/n): ' ) " ipsw_verbose
2023-01-13 10:30:26 +01:00
if [ [ $ipsw_verbose = = 'N' || $ipsw_verbose = = 'n' ] ] ; then
ipsw_verbose =
log "Verbose boot option disabled by user."
else
2023-01-13 05:25:27 +01:00
ipsw_verbose = 1
log "Verbose boot option enabled."
fi
echo
fi
2023-04-02 12:18:44 +02:00
ipsw_custom_set
2023-01-13 05:25:27 +01:00
}
shsh_save( ) {
# usage: shsh_save {apnonce (optional)}
# sets variable shsh_path
local version = $device_target_vers
local build_id = $device_target_build
local apnonce
local shsh_check
local buildmanifest = " ../resources/manifest/BuildManifest_ ${ device_type } _ ${ version } .plist "
local ExtraArgs =
if [ [ $1 = = "apnonce" ] ] ; then
apnonce = $2
elif [ [ $1 = = "version" ] ] ; then
version = $2
fi
2023-06-16 12:13:53 +02:00
if [ [ $version = = " $device_latest_vers " || $version = = "4.1" ] ] ; then
if [ [ $version != "4.1" ] ] ; then
build_id = " $device_latest_build "
fi
2023-01-13 05:25:27 +01:00
buildmanifest = " ../saved/ $device_type / $build_id .plist "
if [ [ ! -e $buildmanifest ] ] ; then
2023-05-27 08:33:27 +02:00
if [ [ -e " $ipsw_base_path .ipsw " ] ] ; then
2023-01-13 05:25:27 +01:00
log " Extracting BuildManifest from $version IPSW... "
2023-04-02 12:18:44 +02:00
unzip -o -j " $ipsw_base_path .ipsw " BuildManifest.plist -d .
2023-01-13 05:25:27 +01:00
else
log " Downloading BuildManifest for $version ... "
2023-08-05 17:00:27 +02:00
" $dir /pzb " -g BuildManifest.plist -o BuildManifest.plist " $( cat " $device_fw_dir / $build_id /url " ) "
2023-01-13 05:25:27 +01:00
fi
mv BuildManifest.plist $buildmanifest
fi
fi
2023-03-03 17:10:28 +01:00
shsh_check = ${ device_ecid } _${ device_type } _${ device_model } ap_${ version } -${ build_id } _${ apnonce } *.shsh*
2023-01-13 05:25:27 +01:00
2023-01-22 06:12:36 +01:00
if [ [ $( ls ../saved/shsh/$shsh_check 2>/dev/null) && -z $apnonce ] ] ; then
2023-01-13 05:25:27 +01:00
shsh_path = " $( ls ../saved/shsh/$shsh_check ) "
log " Found existing saved $version blobs: $shsh_path "
return
fi
2023-08-09 19:52:12 +02:00
rm -f *.shsh*
2023-01-13 05:25:27 +01:00
ExtraArgs = " -d $device_type -i $version -e $device_ecid -m $buildmanifest -o -s -B ${ device_model } ap -b "
if [ [ -n $apnonce ] ] ; then
ExtraArgs += " --apnonce $apnonce "
else
ExtraArgs += "-g 0x1111111111111111"
fi
2023-01-13 16:02:51 +01:00
log " Running tsschecker with command: $dir /tsschecker $ExtraArgs "
2023-01-13 05:25:27 +01:00
" $dir /tsschecker " $ExtraArgs
shsh_path = " $( ls $shsh_check ) "
2023-01-21 04:36:29 +01:00
if [ [ -z " $shsh_path " ] ] ; then
2023-01-13 05:25:27 +01:00
error " Saving $version blobs failed. Please run the script again " \
2023-01-17 03:19:51 +01:00
" * It is also possible that $version for $device_type is no longer signed "
2023-01-13 05:25:27 +01:00
fi
2023-01-21 04:36:29 +01:00
if [ [ -z $apnonce ] ] ; then
cp " $shsh_path " ../saved/shsh/
fi
log " Successfully saved $version blobs: $shsh_path "
2023-01-13 05:25:27 +01:00
}
ipsw_download( ) {
local version = " $device_target_vers "
local build_id = " $device_target_build "
2023-04-02 12:18:44 +02:00
local ipsw_dl = " $1 "
2024-01-23 14:29:58 +01:00
ipsw_get_url $build_id
2024-03-17 12:00:41 +01:00
if [ [ -z $ipsw_dl ] ] ; then
ipsw_dl = " ../ ${ ipsw_url ##*/ } "
ipsw_dl = " ${ ipsw_dl %????? } "
fi
2023-01-13 05:25:27 +01:00
if [ [ ! -e " $ipsw_dl .ipsw " ] ] ; then
2024-03-17 02:42:24 +01:00
if [ [ -n $version ] ] ; then
print " * The script will now proceed to download iOS $version IPSW. "
fi
2024-01-23 14:29:58 +01:00
print " * If you want to download it yourself, here is the link: $ipsw_url "
2023-01-13 05:25:27 +01:00
log "Downloading IPSW... (Press Ctrl+C to cancel)"
2024-01-23 14:29:58 +01:00
curl -L " $ipsw_url " -o temp.ipsw
2023-01-23 07:04:37 +01:00
mv temp.ipsw " $ipsw_dl .ipsw "
2023-01-13 05:25:27 +01:00
fi
2023-04-02 12:18:44 +02:00
ipsw_verify " $ipsw_dl " " $build_id "
}
2023-01-13 05:25:27 +01:00
2023-04-02 12:18:44 +02:00
ipsw_verify( ) {
local ipsw_dl = " $1 "
local build_id = " $2 "
2023-11-03 13:50:16 +01:00
local cutver
local device
2024-04-28 08:09:38 +02:00
local IPSWSHA1
local IPSWSHA1E = $( cat " $device_fw_dir / $build_id /sha1sum " 2>/dev/null)
2024-01-15 04:54:54 +01:00
log " Getting SHA1 hash for $ipsw_dl .ipsw... "
local IPSWSHA1L = $( $sha1sum " ${ ipsw_dl // \\ // } .ipsw " | awk '{print $1}' )
2023-10-05 09:12:31 +02:00
case $build_id in
2024-02-03 10:45:37 +01:00
*[ bcdefgkmpquv] )
2024-01-15 04:54:54 +01:00
# beta ipsw, skip verification
if [ [ $build_id = = " $device_base_build " ] ] ; then
device_base_sha1 = " $IPSWSHA1L "
else
2024-02-03 10:45:37 +01:00
ipsw_isbeta = 1
2024-01-15 04:54:54 +01:00
device_target_sha1 = " $IPSWSHA1L "
fi
return
; ;
2023-10-05 09:12:31 +02:00
esac
2023-11-03 13:50:16 +01:00
case $build_id in
7* ) cutver = 3; ;
8* ) cutver = 4; ;
9* ) cutver = 5; ;
10* ) cutver = 6; ;
11* ) cutver = 7; ;
12* ) cutver = 8; ;
13* ) cutver = 9; ;
14* ) cutver = 10; ;
15* ) cutver = 11; ;
16* ) cutver = 12; ;
17* ) cutver = 13; ;
18* ) cutver = 14; ;
19* ) cutver = 15; ;
2024-04-13 10:37:42 +02:00
20* ) cutver = 16; ;
2023-11-03 13:50:16 +01:00
esac
case $device_type in
iPad4,[ 123] | iPad5,[ 34] ) device = "iPad_Air" ; ;
2023-11-18 02:24:52 +01:00
iPad2,[ 567] | iPad[ 45] ,* ) device = "iPad_mini" ; ;
2024-04-13 10:37:42 +02:00
iPad6,[ 3478] ) device = "iPad_Pro" ; ;
2023-11-03 13:50:16 +01:00
iPad* ) device = "iPad" ; ;
iPho* ) device = "iPhone" ; ;
iPod* ) device = "iPod_touch" ; ;
esac
2024-04-28 08:09:38 +02:00
if [ [ $( echo " $IPSWSHA1E " | grep -c '<' ) != 0 ] ] ; then
2023-09-14 10:10:52 +02:00
rm " $device_fw_dir / $build_id /sha1sum "
fi
2024-04-28 08:09:38 +02:00
log "Getting SHA1 hash from The Apple Wiki..."
IPSWSHA1 = " $( curl " https://theapplewiki.com/index.php?title=Firmware/ ${ device } / ${ cutver } .x " | grep -A10 " ${ device_type } .* ${ build_id } " | sed -ne '/<code>/,/<\/code>/p' | sed '1!d' | sed -e "s/<code>//" | sed "s/<\/code>//" | cut -c 5-) "
mkdir -p $device_fw_dir /$build_id 2>/dev/null
2024-05-08 14:59:02 +02:00
if [ [ -n $IPSWSHA1 && -n $IPSWSHA1E && $IPSWSHA1 = = " $IPSWSHA1E " ] ] ; then
2024-01-15 04:54:54 +01:00
log " Using saved SHA1 hash for this IPSW: $IPSWSHA1 "
2024-04-28 08:09:38 +02:00
elif [ [ -z $IPSWSHA1 && -n $IPSWSHA1E ] ] ; then
warn "No SHA1 hash from The Apple Wiki, using local hash"
IPSWSHA1 = " $IPSWSHA1E "
elif [ [ -z $IPSWSHA1 && -z $IPSWSHA1E ] ] ; then
2024-05-08 14:59:02 +02:00
warn "No SHA1 hash from either The Apple Wiki or local hash, cannot verify IPSW."
pause
return
2024-04-28 08:09:38 +02:00
elif [ [ -n $IPSWSHA1E ] ] ; then
warn "Local SHA1 hash mismatch. Overwriting local hash."
echo " $IPSWSHA1 " > $device_fw_dir /$build_id /sha1sum
elif [ [ -z $IPSWSHA1E ] ] ; then
warn "Local SHA1 hash does not exist. Creating local hash."
echo " $IPSWSHA1 " > $device_fw_dir /$build_id /sha1sum
2023-11-03 13:50:16 +01:00
fi
2024-04-28 08:09:38 +02:00
2023-01-13 05:25:27 +01:00
if [ [ $IPSWSHA1L != " $IPSWSHA1 " ] ] ; then
2024-01-15 04:54:54 +01:00
rm " $device_fw_dir / $build_id /sha1sum "
2023-04-02 12:18:44 +02:00
if [ [ -z $3 ] ] ; then
2023-06-09 09:37:28 +02:00
log " SHA1sum mismatch. Expected $IPSWSHA1 , got $IPSWSHA1L "
2023-04-02 12:18:44 +02:00
warn "Verifying IPSW failed. Your IPSW may be corrupted or incomplete. Make sure to download and select the correct IPSW."
pause
fi
return 1
2023-01-13 05:25:27 +01:00
fi
log "IPSW SHA1sum matches"
2023-11-18 02:48:07 +01:00
if [ [ $build_id = = " $device_base_build " ] ] ; then
device_base_sha1 = " $IPSWSHA1 "
else
2024-02-03 10:45:37 +01:00
ipsw_isbeta =
2023-11-18 02:48:07 +01:00
device_target_sha1 = " $IPSWSHA1 "
2023-11-18 02:24:31 +01:00
fi
2023-01-13 05:25:27 +01:00
}
ipsw_prepare_1033( ) {
2023-01-22 03:45:37 +01:00
# patch iBSS, iBEC, iBSSb, iBECb and set variables
2023-01-13 05:25:27 +01:00
iBSS = "ipad4"
if [ [ $device_type = = "iPhone6" * ] ] ; then
iBSS = "iphone6"
fi
iBEC = " iBEC. ${ iBSS } .RELEASE "
iBSSb = " iBSS. ${ iBSS } b.RELEASE "
iBECb = " iBEC. ${ iBSS } b.RELEASE "
iBSS = " iBSS. $iBSS .RELEASE "
log "Patching iBSS and iBEC..."
unzip -o -j " $ipsw_path .ipsw " Firmware/dfu/$iBSS .im4p
unzip -o -j " $ipsw_path .ipsw " Firmware/dfu/$iBEC .im4p
mv $iBSS .im4p $iBSS .orig
mv $iBEC .im4p $iBEC .orig
$bspatch $iBSS .orig $iBSS .im4p ../resources/patch/$iBSS .patch
$bspatch $iBEC .orig $iBEC .im4p ../resources/patch/$iBEC .patch
if [ [ $device_type = = "iPad4" * ] ] ; then
unzip -o -j " $ipsw_path .ipsw " Firmware/dfu/$iBSSb .im4p
unzip -o -j " $ipsw_path .ipsw " Firmware/dfu/$iBECb .im4p
mv $iBSSb .im4p $iBSSb .orig
mv $iBECb .im4p $iBECb .orig
$bspatch $iBSSb .orig $iBSSb .im4p ../resources/patch/$iBSSb .patch
$bspatch $iBECb .orig $iBECb .im4p ../resources/patch/$iBECb .patch
2023-01-17 03:19:51 +01:00
fi
if [ [ $device_type = = "iPad4,4" || $device_type = = "iPad4,5" ] ] ; then
2023-01-13 16:02:51 +01:00
cp $iBSSb .im4p $iBECb .im4p ../saved/$device_type
else
cp $iBSS .im4p $iBEC .im4p ../saved/$device_type
2023-01-13 05:25:27 +01:00
fi
2023-01-13 16:02:51 +01:00
log " Pwned iBSS and iBEC saved at: saved/ $device_type "
2023-01-13 05:25:27 +01:00
}
2023-10-04 05:22:29 +02:00
ipsw_prepare_rebootsh( ) {
2023-10-03 15:31:18 +02:00
log "Generating reboot.sh"
echo '#!/bin/bash' | tee reboot.sh
echo "mount_hfs /dev/disk0s1s1 /mnt1; mount_hfs /dev/disk0s1s2 /mnt2" | tee -a reboot.sh
echo "nvram -d boot-partition; nvram -d boot-ramdisk" | tee -a reboot.sh
echo " /usr/bin/haxx_overwrite -- ${ device_type } _ ${ device_target_build } " | tee -a reboot.sh
}
2024-05-23 18:20:58 +02:00
ipsw_prepare_logos_convert( ) {
local iv
local key
local name
if [ [ -n $ipsw_customlogo ] ] ; then
2024-06-14 03:12:24 +02:00
iv = $( echo $device_fw_key | $jq -j '.keys[] | select(.image == "AppleLogo") | .iv' )
key = $( echo $device_fw_key | $jq -j '.keys[] | select(.image == "AppleLogo") | .key' )
name = $( echo " $device_fw_key " | $jq -j '.keys[] | select(.image == "AppleLogo") | .filename' )
2024-05-23 18:20:58 +02:00
logoname = " $name "
log "Converting custom logo"
unzip -o -j " $ipsw_path .ipsw " $all_flash /$name
" $dir /xpwntool " $name logo-orig.img3 -iv $iv -k $key -decrypt
" $dir /imagetool " inject " $ipsw_customlogo " logo.img3 logo-orig.img3
if [ [ ! -s logo.img3 ] ] ; then
error "Converting custom logo failed. Check your image"
fi
if [ [ $device_target_powder = = 1 && $device_target_vers = = "4" * ] ] ; then
log "log4"
echo "0000010: 3467" | xxd -r - logo.img3
echo "0000020: 3467" | xxd -r - logo.img3
elif [ [ $device_target_powder = = 1 ] ] ; then
log "logb"
echo "0000010: 6267" | xxd -r - logo.img3
echo "0000020: 6267" | xxd -r - logo.img3
fi
mkdir -p $all_flash 2>/dev/null
mv logo.img3 $all_flash /$name
fi
if [ [ -n $ipsw_customrecovery ] ] ; then
2024-06-14 03:12:24 +02:00
iv = $( echo $device_fw_key | $jq -j '.keys[] | select(.image == "RecoveryMode") | .iv' )
key = $( echo $device_fw_key | $jq -j '.keys[] | select(.image == "RecoveryMode") | .key' )
name = $( echo " $device_fw_key " | $jq -j '.keys[] | select(.image == "RecoveryMode") | .filename' )
2024-05-23 18:20:58 +02:00
recmname = " $name "
log "Converting custom recovery"
unzip -o -j " $ipsw_path .ipsw " $all_flash /$name
" $dir /xpwntool " $name recovery-orig.img3 -iv $iv -k $key -decrypt
" $dir /imagetool " inject " $ipsw_customrecovery " recovery.img3 recovery-orig.img3
if [ [ ! -s recovery.img3 ] ] ; then
error "Converting custom recovery failed. Check your image"
fi
mkdir -p $all_flash 2>/dev/null
mv recovery.img3 $all_flash /$name
fi
}
ipsw_prepare_logos_add( ) {
if [ [ -n $ipsw_customlogo ] ] ; then
log "Adding custom logo to IPSW"
zip -r0 temp.ipsw $all_flash /$logoname
fi
if [ [ -n $ipsw_customrecovery ] ] ; then
log "Adding custom recovery to IPSW"
zip -r0 temp.ipsw $all_flash /$recmname
fi
}
2023-01-13 05:25:27 +01:00
ipsw_prepare_jailbreak( ) {
if [ [ -e " $ipsw_custom .ipsw " ] ] ; then
log "Found existing Custom IPSW. Skipping IPSW creation."
return
fi
local ExtraArgs =
local JBFiles = ( )
local JBFiles2 = ( )
2024-06-18 04:43:00 +02:00
local daibutsu = $1
2023-01-13 05:25:27 +01:00
2023-07-18 05:56:33 +02:00
if [ [ $ipsw_jailbreak = = 1 ] ] ; then
if [ [ $device_target_vers = = "8.4.1" ] ] ; then
2023-10-04 05:22:29 +02:00
ipsw_prepare_rebootsh
2023-11-28 05:36:12 +01:00
JBFiles += ( " $jelbrek /fstab8.tar " )
2023-07-18 05:56:33 +02:00
JBFiles2 = ( "daibutsu/bin.tar" "daibutsu/untether.tar" "freeze.tar" )
for i in { 0..2} ; do
2023-07-21 09:12:01 +02:00
cp $jelbrek /${ JBFiles2 [ $i ] } .
2023-07-18 05:56:33 +02:00
done
ExtraArgs += "-daibutsu" # use daibutsuCFW
2023-11-18 02:24:31 +01:00
daibutsu = "daibutsu"
2023-08-26 15:50:43 +02:00
else
JBFiles += ( "fstab_rw.tar" "freeze.tar" )
case $device_target_vers in
2024-01-02 04:46:15 +01:00
6.1.[ 3456] ) JBFiles += ( "p0sixspwn.tar" ) ; ;
6* ) JBFiles += ( "evasi0n6-untether.tar" ) ; ;
2024-01-08 06:52:14 +01:00
4.2.1 ) JBFiles[ 0] = "fstab_old.tar" ; ;
4.1 | 4.0* | 3.1.3 )
2024-01-02 04:46:15 +01:00
JBFiles[ 0] = "fstab_old.tar"
2024-01-08 06:52:14 +01:00
JBFiles += ( " greenpois0n/ ${ device_type } _ ${ device_target_build } .tar " )
2023-09-27 07:10:57 +02:00
; ;
2024-01-29 05:15:55 +01:00
5* | 4.[ 32] * ) JBFiles += ( " g1lbertJB/ ${ device_type } _ ${ device_target_build } .tar " ) ; ;
2023-08-26 15:50:43 +02:00
esac
2024-01-02 04:46:15 +01:00
for i in { 0..1} ; do
2023-07-21 09:12:01 +02:00
JBFiles[ i] = $jelbrek /${ JBFiles [ $i ] }
2023-07-18 05:56:33 +02:00
done
2024-01-08 06:52:14 +01:00
case $device_target_vers in
4.3* )
JBFiles[ 2] = $jelbrek /${ JBFiles [2] }
if [ [ $device_type = = "iPad2" * ] ] ; then
JBFiles[ 2] =
fi
; ;
4.2.1 )
if [ [ $device_type != "iPhone1,2" ] ] ; then
2024-06-18 04:43:00 +02:00
ExtraArgs += " -punchd"
2024-01-08 06:52:14 +01:00
JBFiles[ 2] = $jelbrek /greenpois0n/${ device_type } _${ device_target_build } .tar
fi
; ;
3.1 | 3.1.[ 12] ) JBFiles[ 0] = " $jelbrek /fstab_old.tar " ; ;
* ) JBFiles[ 2] = $jelbrek /${ JBFiles [2] } ; ;
esac
2024-01-29 05:15:55 +01:00
case $device_target_vers in
[ 543] * ) JBFiles += ( " $jelbrek /cydiasubstrate.tar " ) ; ;
esac
2024-01-02 04:46:15 +01:00
if [ [ $device_target_vers = = "3" * ] ] ; then
JBFiles += ( " $jelbrek /cydiahttpatch.tar " )
fi
2023-09-27 07:10:57 +02:00
if [ [ $device_target_vers = = "5" * ] ] ; then
JBFiles += ( " $jelbrek /g1lbertJB.tar " )
fi
2024-02-10 12:38:16 +01:00
if [ [ $device_target_tethered = = 1 && $device_type != "iPad2" * ] ] ; then
case $device_target_vers in
4.2.1 ) :; ;
5* | 4.[ 32] * ) JBFiles += ( " $jelbrek /g1lbertJB/install.tar " ) ; ;
esac
fi
2023-01-13 05:25:27 +01:00
fi
2023-10-28 11:18:43 +02:00
ExtraArgs += " -S 30" # system partition add
2023-10-03 15:31:18 +02:00
if [ [ $ipsw_openssh = = 1 ] ] ; then
JBFiles += ( " $jelbrek /sshdeb.tar " )
fi
2023-01-13 05:25:27 +01:00
fi
2023-11-18 02:24:31 +01:00
ipsw_prepare_bundle $daibutsu
2024-05-23 18:20:58 +02:00
ipsw_prepare_logos_convert
2024-02-03 10:45:37 +01:00
2023-01-13 10:30:26 +01:00
if [ [ $ipsw_memory = = 1 ] ] ; then
ExtraArgs += " -memory"
fi
2024-04-07 15:11:49 +02:00
ExtraArgs += " -ramdiskgrow 10"
2024-02-07 15:31:52 +01:00
if [ [ $device_use_bb != 0 && $device_type != " $device_disable_bbupdate " ] ] ; then
2023-06-26 11:35:06 +02:00
ExtraArgs += " -bbupdate"
elif [ [ $device_type = = " $device_disable_bbupdate " && $device_type = = "iPhone" * ] ] ; then
2023-07-03 09:22:35 +02:00
device_dump baseband
2024-03-10 15:46:27 +01:00
ExtraArgs += " ../saved/ $device_type /baseband- $device_ecid .tar "
2023-06-26 11:35:06 +02:00
fi
2023-07-03 09:22:35 +02:00
if [ [ $device_actrec = = 1 ] ] ; then
device_dump activation
2024-03-10 15:46:27 +01:00
ExtraArgs += " ../saved/ $device_type /activation- $device_ecid .tar "
2023-07-03 09:22:35 +02:00
fi
2023-11-18 02:24:31 +01:00
if [ [ $1 = = "iboot" ] ] ; then
ExtraArgs += " iBoot.tar"
fi
2024-02-08 06:40:29 +01:00
if [ [ $ipsw_isbeta = = 1 ] ] ; then
ipsw_prepare_systemversion
ExtraArgs += " systemversion.tar"
fi
2023-11-18 02:24:31 +01:00
2024-01-03 08:59:29 +01:00
log " Preparing custom IPSW: $dir /ipsw $ipsw_path .ipsw temp.ipsw $ExtraArgs ${ JBFiles [*] } "
2023-08-26 15:50:43 +02:00
" $dir /ipsw " " $ipsw_path .ipsw " temp.ipsw $ExtraArgs ${ JBFiles [@] }
2023-01-13 05:25:27 +01:00
2023-01-23 07:04:37 +01:00
if [ [ ! -e temp.ipsw ] ] ; then
2023-01-13 05:25:27 +01:00
error "Failed to find custom IPSW. Please run the script again" \
"* You may try selecting N for memory option"
fi
2024-02-03 10:45:37 +01:00
2024-05-23 18:20:58 +02:00
ipsw_prepare_logos_add
2024-06-08 15:38:44 +02:00
ipsw_prepare_fourthree
2024-02-09 18:30:54 +01:00
ipsw_bbreplace
2024-02-03 10:45:37 +01:00
2023-01-23 07:04:37 +01:00
mv temp.ipsw " $ipsw_custom .ipsw "
2023-01-13 05:25:27 +01:00
}
2024-06-08 15:38:44 +02:00
ipsw_prepare_fourthree( ) {
local comps = ( "AppleLogo" "DeviceTree" "iBoot" "RecoveryMode" )
local saved_path = " ../saved/ $device_type /8L1 "
local bpatch = " ../resources/patch/fourthree/ $device_type /6.1.3 "
local name
local iv
local key
if [ [ $ipsw_fourthree != 1 ] ] ; then
return
fi
ipsw_get_url 8L1
url = " $ipsw_url "
device_fw_key_check
device_fw_key_check temp 8L1
mkdir -p $all_flash Downgrade $saved_path 2>/dev/null
log "Extracting files"
unzip -o -j " $ipsw_path .ipsw " $all_flash /manifest -d $all_flash
unzip -o -j temp.ipsw Downgrade/RestoreDeviceTree
log "RestoreDeviceTree"
2024-06-14 03:12:24 +02:00
iv = $( echo $device_fw_key | $jq -j '.keys[] | select(.image == "DeviceTree") | .iv' )
key = $( echo $device_fw_key | $jq -j '.keys[] | select(.image == "DeviceTree") | .key' )
2024-06-08 15:38:44 +02:00
" $dir /xpwntool " RestoreDeviceTree RestoreDeviceTree.dec -iv $iv -k $key -decrypt
$bspatch RestoreDeviceTree.dec Downgrade/RestoreDeviceTree $bpatch /RestoreDeviceTree.patch
for getcomp in " ${ comps [@] } " ; do
2024-06-14 03:12:24 +02:00
name = $( echo $device_fw_key_temp | $jq -j '.keys[] | select(.image == "' $getcomp '") | .filename' )
iv = $( echo $device_fw_key_temp | $jq -j '.keys[] | select(.image == "' $getcomp '") | .iv' )
key = $( echo $device_fw_key_temp | $jq -j '.keys[] | select(.image == "' $getcomp '") | .key' )
2024-06-08 15:38:44 +02:00
path = " $all_flash / "
log " $getcomp "
if [ [ $vers = = " $device_base_vers " ] ] ; then
unzip -o -j " $ipsw_base_path .ipsw " ${ path } $name
elif [ [ -e $saved_path /$name ] ] ; then
cp $saved_path /$name .
else
" $dir /pzb " -g " ${ path } $name " -o " $name " " $url "
cp $name $saved_path /
fi
" $dir /xpwntool " $name $getcomp .dec -iv $iv -k $key -decrypt
case $getcomp in
"AppleLogo" )
getcomp = "applelogo"
mv AppleLogo.dec applelogo.dec
echo "0000010: 6267" | xxd -r - applelogo.dec
echo "0000020: 6267" | xxd -r - applelogo.dec
; ;
"DeviceTree" )
echo "0000010: 6272" | xxd -r - DeviceTree.dec
echo "0000020: 6272" | xxd -r - DeviceTree.dec
; ;
"RecoveryMode" )
getcomp = "recoverymode"
mv RecoveryMode.dec recoverymode.dec
echo "0000010: 6263" | xxd -r - recoverymode.dec
echo "0000020: 6263" | xxd -r - recoverymode.dec
; ;
"iBoot" )
mv iBoot.dec iBoot.dec0
$bspatch iBoot.dec0 iBoot.dec $bpatch /iBoot.${ device_model } ap.RELEASE.patch
#"$dir/xpwntool" iBoot.dec0 iBoot.dec2
#"$dir/iBoot32Patcher" iBoot.dec2 iBoot.patched --rsa -b "rd=disk0s3 -v amfi=0xff cs_enforcement_disable=1 pio-error=0"
#"$dir/xpwntool" iBoot.patched iBoot.dec -t iBoot.dec0
#echo "0000010: 626F" | xxd -r - iBoot.dec
#echo "0000020: 626F" | xxd -r - iBoot.dec
; ;
esac
mv $getcomp .dec $path /${ getcomp } B.img3
echo " ${ getcomp } B.img3 " >> $path /manifest
done
log "Add files to IPSW"
zip -r0 temp.ipsw $all_flash /* Downgrade/*
}
ipsw_prepare_fourthree_part2( ) {
device_fw_key_check base
local saved_path = " ../saved/ $device_type / $device_base_build "
local bpatch = " ../resources/patch/fourthree/ $device_type / $device_base_vers "
local iv
local key
mkdir -p $saved_path 2>/dev/null
if [ [ ! -s $saved_path /Kernelcache ] ] ; then
log "Kernelcache"
iv = $( echo $device_fw_key_base | $jq -j '.keys[] | select(.image == "Kernelcache") | .iv' )
key = $( echo $device_fw_key_base | $jq -j '.keys[] | select(.image == "Kernelcache") | .key' )
unzip -o -j " $ipsw_base_path .ipsw " kernelcache.release.$device_model
" $dir /xpwntool " kernelcache.release.$device_model kernelcache.dec -iv $iv -k $key
$bspatch kernelcache.dec kernelcache.patched $bpatch /kernelcache.release.patch
#$bspatch kernelcache.dec kernelcache.patched ../resources/patch/kernelcache.release.$device_model.$device_base_build.patch
" $dir /xpwntool " kernelcache.patched kernelcachb -t kernelcache.release.$device_model -iv $iv -k $key
" $dir /xpwntool " kernelcachb $saved_path /Kernelcache -iv $iv -k $key -decrypt
fi
if [ [ ! -s $saved_path /LLB ] ] ; then
log "LLB"
iv = $( echo $device_fw_key_base | $jq -j '.keys[] | select(.image == "LLB") | .iv' )
key = $( echo $device_fw_key_base | $jq -j '.keys[] | select(.image == "LLB") | .key' )
unzip -o -j " $ipsw_base_path .ipsw " $all_flash /LLB.${ device_model } ap.RELEASE.img3
" $dir /xpwntool " LLB.${ device_model } ap.RELEASE.img3 llb.dec -iv $iv -k $key
$bspatch llb.dec $saved_path /LLB $bpatch /LLB.${ device_model } ap.RELEASE.patch
fi
if [ [ ! -s $saved_path /RootFS.dmg ] ] ; then
log "RootFS"
name = $( echo $device_fw_key_base | $jq -j '.keys[] | select(.image == "RootFS") | .filename' )
key = $( echo $device_fw_key_base | $jq -j '.keys[] | select(.image == "RootFS") | .key' )
unzip -o -j " $ipsw_base_path .ipsw " $name
" $dir /dmg " extract $name rootfs.dec -k $key
rm $name
" $dir /dmg " build rootfs.dec $saved_path /RootFS.dmg
fi
echo " device_base_vers= $device_base_vers " > ../saved/$device_type /fourthree_$device_ecid
echo " device_base_build= $device_base_build " >> ../saved/$device_type /fourthree_$device_ecid
}
2023-10-04 05:22:29 +02:00
ipsw_prepare_keys( ) {
2023-01-13 05:25:27 +01:00
local comp = " $1 "
local getcomp = " $1 "
case $comp in
2023-02-04 07:43:34 +01:00
"RestoreLogo" ) getcomp = "AppleLogo" ; ;
2023-04-02 12:18:44 +02:00
*"KernelCache" ) getcomp = "Kernelcache" ; ;
2023-02-04 07:43:34 +01:00
"RestoreDeviceTree" ) getcomp = "DeviceTree" ; ;
2023-01-13 05:25:27 +01:00
esac
2023-04-02 12:18:44 +02:00
local fw_key = " $device_fw_key "
if [ [ $2 = = "base" ] ] ; then
fw_key = " $device_fw_key_base "
fi
2024-06-14 03:12:24 +02:00
local name = $( echo $fw_key | $jq -j '.keys[] | select(.image == "' $getcomp '") | .filename' )
local iv = $( echo $fw_key | $jq -j '.keys[] | select(.image == "' $getcomp '") | .iv' )
local key = $( echo $fw_key | $jq -j '.keys[] | select(.image == "' $getcomp '") | .key' )
2023-01-13 05:25:27 +01:00
case $comp in
"iBSS" | "iBEC" )
2024-01-03 11:39:21 +01:00
if [ [ -z $name ] ] ; then
name = " $getcomp . ${ device_model } ap.RELEASE.dfu "
fi
2024-01-08 10:03:47 +01:00
echo " <key> $comp </key><dict><key>File</key><string>Firmware/dfu/ $name </string><key>IV</key><string> $iv </string><key>Key</key><string> $key </string> " >> $NewPlist
2024-01-08 06:52:14 +01:00
if [ [ $ipsw_prepare_usepowder = = 1 ] ] ; then
2024-01-08 10:03:47 +01:00
echo "<key>Patch</key><true/>" >> $NewPlist
2024-01-08 06:52:14 +01:00
elif [ [ -s $FirmwareBundle /$comp .${ device_model } ap.RELEASE.patch ] ] ; then
2024-01-08 10:03:47 +01:00
echo " <key>Patch</key><string> $comp . ${ device_model } ap.RELEASE.patch</string> " >> $NewPlist
2023-11-18 02:24:31 +01:00
elif [ [ -s $FirmwareBundle /$comp .${ device_model } .RELEASE.patch ] ] ; then
2024-01-08 10:03:47 +01:00
echo " <key>Patch</key><string> $comp . ${ device_model } .RELEASE.patch</string> " >> $NewPlist
2023-11-18 02:24:31 +01:00
fi
2023-04-02 12:18:44 +02:00
; ;
2023-01-13 05:25:27 +01:00
2024-01-02 04:46:15 +01:00
"iBoot" )
2024-02-20 11:10:35 +01:00
echo " <key> $comp </key><dict><key>File</key><string> $all_flash / $name </string><key>IV</key><string> $iv </string><key>Key</key><string> $key </string> " >> $NewPlist
2024-01-08 10:03:47 +01:00
echo " <key>Patch</key><string> $comp . ${ device_model } ap.RELEASE.patch</string> " >> $NewPlist
2024-01-02 04:46:15 +01:00
; ;
2023-01-13 05:25:27 +01:00
"RestoreRamdisk" )
2024-01-08 10:03:47 +01:00
echo " <key>Restore Ramdisk</key><dict><key>File</key><string> $name </string><key>IV</key><string> $iv </string><key>Key</key><string> $key </string> " >> $NewPlist
2023-04-02 12:18:44 +02:00
; ;
2023-01-13 05:25:27 +01:00
"RestoreDeviceTree" | "RestoreLogo" )
2024-02-20 11:10:35 +01:00
echo " <key> $comp </key><dict><key>File</key><string> $all_flash / $name </string><key>IV</key><string> $iv </string><key>Key</key><string> $key </string><key>DecryptPath</key><string>Downgrade/ $comp </string> " >> $NewPlist
2023-04-02 12:18:44 +02:00
; ;
2023-01-13 05:25:27 +01:00
"RestoreKernelCache" )
2024-01-08 10:03:47 +01:00
echo " <key> $comp </key><dict><key>File</key><string> $name </string><key>IV</key><string> $iv </string><key>Key</key><string> $key </string><key>DecryptPath</key><string>Downgrade/ $comp </string> " >> $NewPlist
2023-04-02 12:18:44 +02:00
; ;
"KernelCache" )
2024-01-23 02:19:07 +01:00
echo " <key> $comp </key><dict><key>File</key><string> $name </string><key>IV</key><string> $iv </string><key>Key</key><string> $key </string> " >> $NewPlist
2024-01-08 06:52:14 +01:00
if [ [ $ipsw_prepare_usepowder = = 1 ] ] ; then
2024-01-08 10:03:47 +01:00
echo "<key>Patch</key><true/>" >> $NewPlist
2024-01-08 06:52:14 +01:00
elif [ [ -e $FirmwareBundle /kernelcache.release.patch ] ] ; then
2024-01-08 10:03:47 +01:00
echo "<key>Patch</key><string>kernelcache.release.patch</string>" >> $NewPlist
2024-01-02 04:46:15 +01:00
fi
; ;
"WTF2" )
2024-01-08 10:03:47 +01:00
echo "<key>WTF 2</key><dict><key>File</key><string>Firmware/dfu/WTF.s5l8900xall.RELEASE.dfu</string><key>Patch</key><string>WTF.s5l8900xall.RELEASE.patch</string>" >> $NewPlist
2023-04-02 12:18:44 +02:00
; ;
2023-01-13 05:25:27 +01:00
esac
2024-01-02 04:46:15 +01:00
if [ [ $2 != "old" ] ] ; then
2024-01-08 10:03:47 +01:00
echo "<key>Decrypt</key><true/>" >> $NewPlist
2024-01-02 04:46:15 +01:00
fi
2024-01-08 10:03:47 +01:00
echo "</dict>" >> $NewPlist
2023-01-13 05:25:27 +01:00
}
2023-10-04 05:22:29 +02:00
ipsw_prepare_paths( ) {
2023-04-02 12:18:44 +02:00
local comp = " $1 "
local getcomp = " $1 "
case $comp in
"BatteryPlugin" ) getcomp = "GlyphPlugin" ; ;
2023-10-30 18:36:38 +01:00
"NewAppleLogo" | "APTicket" ) getcomp = "AppleLogo" ; ;
2023-04-02 12:18:44 +02:00
"NewRecoveryMode" ) getcomp = "RecoveryMode" ; ;
"NewiBoot" ) getcomp = "iBoot" ; ;
esac
local fw_key = " $device_fw_key "
if [ [ $2 = = "base" ] ] ; then
fw_key = " $device_fw_key_base "
fi
2024-06-14 03:12:24 +02:00
local name = $( echo $fw_key | $jq -j '.keys[] | select(.image == "' $getcomp '") | .filename' )
2024-02-20 11:10:35 +01:00
local str = " <key> $comp </key><dict><key>File</key><string> $all_flash / "
2023-04-02 12:18:44 +02:00
local str2
2024-02-12 10:44:29 +01:00
local logostuff
2023-04-02 12:18:44 +02:00
if [ [ $2 = = "target" ] ] ; then
2024-02-12 10:44:29 +01:00
case $comp in
*"AppleLogo" )
if [ [ $device_latest_vers = = "5" * ] ] ; then
logostuff = 1
else
case $device_target_vers in
[ 789] * ) logostuff = 1; ;
esac
fi
; ;
esac
2023-04-02 12:18:44 +02:00
case $comp in
2023-06-26 01:31:39 +02:00
"AppleLogo" ) str2 = " ${ name /applelogo/applelogo7 } " ; ;
2023-10-30 18:36:38 +01:00
"APTicket" ) str2 = " ${ name /applelogo/applelogoT } " ; ;
2023-06-26 01:31:39 +02:00
"RecoveryMode" ) str2 = " ${ name /recoverymode/recoverymode7 } " ; ;
2024-02-12 06:33:52 +01:00
"NewiBoot" ) str2 = " ${ name /iBoot/iBoot2 } " ; ;
2023-06-19 05:47:18 +02:00
esac
case $comp in
2024-02-12 08:51:37 +01:00
"AppleLogo" )
str += " $str2 "
2024-02-12 10:44:29 +01:00
if [ [ $logostuff = = 1 ] ] ; then
2024-02-12 08:51:37 +01:00
echo " $str2 " >> $FirmwareBundle /manifest
fi
; ;
2024-02-12 06:33:52 +01:00
"APTicket" | "RecoveryMode" )
2023-04-02 12:18:44 +02:00
str += " $str2 "
echo " $str2 " >> $FirmwareBundle /manifest
; ;
2023-10-30 18:36:38 +01:00
"NewiBoot" )
if [ [ $device_type != "iPad1,1" ] ] ; then
str += " $str2 "
echo " $str2 " >> $FirmwareBundle /manifest
fi
; ;
2023-04-02 12:18:44 +02:00
"manifest" ) str += "manifest" ; ;
* ) str += " $name " ; ;
esac
else
str += " $name "
fi
str += "</string>"
if [ [ $comp = = "NewiBoot" ] ] ; then
2024-06-14 03:12:24 +02:00
local iv = $( echo $fw_key | $jq -j '.keys[] | select(.image == "' $getcomp '") | .iv' )
local key = $( echo $fw_key | $jq -j '.keys[] | select(.image == "' $getcomp '") | .key' )
2023-04-02 12:18:44 +02:00
str += " <key>IV</key><string> $iv </string><key>Key</key><string> $key </string> "
elif [ [ $comp = = "manifest" ] ] ; then
str += "<key>manifest</key><string>manifest</string>"
fi
2024-01-08 10:03:47 +01:00
echo " $str </dict> " >> $NewPlist
2023-04-02 12:18:44 +02:00
}
ipsw_prepare_config( ) {
# usage: ipsw_prepare_config [jailbreak (true/false)] [needpref (true/false)]
# creates config file to FirmwareBundles/config.plist
local verbose = "false"
if [ [ $ipsw_verbose = = 1 ] ] ; then
verbose = "true"
fi
log "Preparing config file"
echo " <?xml version=\"1.0\" encoding=\"UTF-8\"?>
<!DOCTYPE plist PUBLIC \" -//Apple//DTD PLIST 1.0//EN\" \" http://www.apple.com/DTDs/PropertyList-1.0.dtd\" >
<plist version = \" 1.0\" >
<dict>
2023-11-21 02:59:54 +01:00
<key>FilesystemJailbreak</key>
<$1 />
<key>needPref</key>
<$2 />
<key>iBootPatches</key>
<dict>
<key>debugEnabled</key>
<false/>
<key>bootArgsInjection</key>
<$verbose />
<key>bootArgsString</key>
<string>-v</string>
</dict>
2023-04-02 12:18:44 +02:00
</dict>
</plist>" | tee FirmwareBundles/config.plist
}
2024-02-03 10:45:37 +01:00
ipsw_prepare_systemversion( ) {
local sysplist = "SystemVersion.plist"
log " Beta iOS detected, preparing modified $sysplist "
echo '<?xml version="1.0" encoding="UTF-8"?><!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"><plist version="1.0"><dict>' > $sysplist
echo " <key>ProductBuildVersion</key><string> $device_target_build </string> " >> $sysplist
local copyright = "<key>ProductCopyright</key><string>1983-201"
case $device_target_vers in
3* ) copyright += "0" ; ;
4* ) copyright += "1" ; ;
5* ) copyright += "2" ; ;
6* ) copyright += "3" ; ;
7* ) copyright += "4" ; ;
8* ) copyright += "5" ; ;
9* ) copyright += "6" ; ;
esac
copyright += " Apple Inc.</string>"
echo " $copyright " >> $sysplist # idk if the copyright key is actually needed but whatever
echo "<key>ProductName</key><string>iPhone OS</string>" >> $sysplist
echo " <key>ProductVersion</key><string> $device_target_vers </string> " >> $sysplist
echo "</dict></plist>" >> $sysplist
cat $sysplist
mkdir -p System/Library/CoreServices
mv SystemVersion.plist System/Library/CoreServices
tar -cvf systemversion.tar System
}
2023-04-02 12:18:44 +02:00
ipsw_prepare_bundle( ) {
device_fw_key_check $1
local ipsw_p = " $ipsw_path "
local key = " $device_fw_key "
local vers = " $device_target_vers "
local build = " $device_target_build "
local hw = " $device_model "
2023-06-29 14:52:43 +02:00
local base_build = "11D257"
2023-06-15 08:21:05 +02:00
local RootSize
2023-10-03 15:31:18 +02:00
local daibutsu
2023-04-02 12:18:44 +02:00
FirmwareBundle = "FirmwareBundles/"
2023-10-03 15:31:18 +02:00
if [ [ $1 = = "daibutsu" ] ] ; then
daibutsu = 1
fi
2023-04-02 12:18:44 +02:00
mkdir FirmwareBundles 2>/dev/null
if [ [ $1 = = "base" ] ] ; then
ipsw_p = " $ipsw_base_path "
key = " $device_fw_key_base "
vers = " $device_base_vers "
build = " $device_base_build "
FirmwareBundle += "BASE_"
elif [ [ $1 = = "target" ] ] ; then
2023-11-28 05:36:12 +01:00
if [ [ $ipsw_jailbreak = = 1 ] ] ; then
case $vers in
2024-03-10 15:39:49 +01:00
[ 689] * ) ipsw_prepare_config true true; ;
2024-03-08 10:25:58 +01:00
* ) ipsw_prepare_config false true; ;
2023-11-28 05:36:12 +01:00
esac
2023-02-25 04:37:50 +01:00
else
2023-04-02 12:18:44 +02:00
ipsw_prepare_config false true
2023-02-25 04:37:50 +01:00
fi
2023-05-31 06:20:24 +02:00
elif [ [ $ipsw_jailbreak = = 1 ] ] ; then
ipsw_prepare_config false true
2023-04-02 12:18:44 +02:00
else
ipsw_prepare_config false false
2023-02-25 04:37:50 +01:00
fi
2023-11-18 02:24:31 +01:00
local FirmwareBundle2 = " ../resources/firmware/FirmwareBundles/Down_ ${ device_type } _ ${ vers } _ ${ build } .bundle "
2024-05-18 11:04:56 +02:00
if [ [ $ipsw_prepare_usepowder = = 1 ] ] ; then
2023-11-18 02:24:52 +01:00
FirmwareBundle2 =
2024-05-18 11:04:56 +02:00
elif [ [ -d $FirmwareBundle2 ] ] ; then
2023-11-18 02:24:31 +01:00
FirmwareBundle += "Down_"
fi
2023-04-02 12:18:44 +02:00
FirmwareBundle += " ${ device_type } _ ${ vers } _ ${ build } .bundle "
local NewPlist = $FirmwareBundle /Info.plist
mkdir -p $FirmwareBundle
2023-01-13 05:25:27 +01:00
2023-10-12 13:17:10 +02:00
log " Generating firmware bundle for $device_type - $vers ( $build ) $1 ... "
2024-02-20 11:10:35 +01:00
unzip -o -j " $ipsw_p .ipsw " $all_flash /manifest
2023-01-13 06:54:02 +01:00
mv manifest $FirmwareBundle /
2024-06-14 03:12:24 +02:00
local ramdisk_name = $( echo " $key " | $jq -j '.keys[] | select(.image == "RestoreRamdisk") | .filename' )
local RamdiskIV = $( echo " $key " | $jq -j '.keys[] | select(.image == "RestoreRamdisk") | .iv' )
local RamdiskKey = $( echo " $key " | $jq -j '.keys[] | select(.image == "RestoreRamdisk") | .key' )
2023-10-30 18:36:38 +01:00
unzip -o -j " $ipsw_p .ipsw " $ramdisk_name
" $dir /xpwntool " $ramdisk_name Ramdisk.raw -iv $RamdiskIV -k $RamdiskKey
2023-01-13 05:25:27 +01:00
" $dir /hfsplus " Ramdisk.raw extract usr/local/share/restore/options.$device_model .plist
2023-10-30 18:36:38 +01:00
if [ [ ! -s options.$device_model .plist ] ] ; then
rm options.$device_model .plist
" $dir /hfsplus " Ramdisk.raw extract usr/local/share/restore/options.plist
mv options.plist options.$device_model .plist
fi
2023-11-18 02:48:07 +01:00
if [ [ $device_target_vers = = "3.2" * ] ] ; then
RootSize = 1000
elif [ [ $device_target_vers = = "3" * ] ] ; then
2024-01-02 04:46:15 +01:00
case $device_type in
2024-03-27 04:48:16 +01:00
iPhone1* | iPod1,1 ) RootSize = 420; ;
iPod2,1 ) RootSize = 450; ;
* ) RootSize = 750; ;
2024-01-02 04:46:15 +01:00
esac
2023-11-18 02:24:31 +01:00
elif [ [ $platform = = "macos" ] ] ; then
2023-06-15 08:21:05 +02:00
plutil -extract 'SystemPartitionSize' xml1 options.$device_model .plist -o size
RootSize = $( cat size | sed -ne '/<integer>/,/<\/integer>/p' | sed -e "s/<integer>//" | sed "s/<\/integer>//" | sed '2d' )
else
RootSize = $( cat options.$device_model .plist | grep -i SystemPartitionSize -A 1 | grep -oPm1 "(?<=<integer>)[^<]+" )
fi
2023-04-02 12:18:44 +02:00
RootSize = $(( RootSize+30))
2024-01-08 10:03:47 +01:00
echo '<?xml version="1.0" encoding="UTF-8"?><!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"><plist version="1.0"><dict>' > $NewPlist
echo " <key>Filename</key><string> $ipsw_p .ipsw</string> " >> $NewPlist
echo " <key>RootFilesystem</key><string> $( echo " $key " | $jq -j '.keys[] | select(.image == "RootFS") | .filename' ) </string> " >> $NewPlist
echo " <key>RootFilesystemKey</key><string> $( echo " $key " | $jq -j '.keys[] | select(.image == "RootFS") | .key' ) </string> " >> $NewPlist
echo " <key>RootFilesystemSize</key><integer> $RootSize </integer> " >> $NewPlist
2023-10-30 18:36:38 +01:00
printf "<key>RamdiskOptionsPath</key><string>/usr/local/share/restore/options" >> $NewPlist
2023-11-07 04:37:52 +01:00
if [ [ $device_target_vers != "3" * && $device_target_vers != "4" * ] ] ||
[ [ $device_type = = "iPad1,1" && $device_target_vers = = "4" * ] ] ; then
2023-11-02 00:07:25 +01:00
printf ".%s" " $device_model " >> $NewPlist
2023-10-30 18:36:38 +01:00
fi
2024-01-08 10:03:47 +01:00
echo ".plist</string>" >> $NewPlist
2023-11-18 02:48:07 +01:00
if [ [ $1 = = "base" ] ] ; then
2024-01-08 10:03:47 +01:00
echo " <key>SHA1</key><string> $device_base_sha1 </string> " >> $NewPlist
2023-11-18 02:48:07 +01:00
else
2024-01-08 10:03:47 +01:00
echo " <key>SHA1</key><string> $device_target_sha1 </string> " >> $NewPlist
2023-11-18 02:48:07 +01:00
fi
2023-01-13 05:25:27 +01:00
2023-04-02 12:18:44 +02:00
if [ [ $1 = = "base" ] ] ; then
case $device_type in
iPhone5,[ 12] ) hw = "iphone5" ; ;
2023-07-24 03:36:28 +02:00
iPhone5,[ 34] ) hw = "iphone5b" ; ;
2023-10-12 13:17:10 +02:00
iPad3,[ 456] ) hw = "ipad3b" ; ;
2023-06-29 14:52:43 +02:00
esac
case $device_base_build in
"11A" * | "11B" * ) base_build = "11B554a" ; ;
2023-10-30 18:36:38 +01:00
"9" * ) base_build = "9B206" ; ;
2023-04-02 12:18:44 +02:00
esac
2024-01-08 10:03:47 +01:00
echo "<key>RamdiskExploit</key><dict>" >> $NewPlist
echo " <key>exploit</key><string>src/target/ $hw / $base_build /exploit</string> " >> $NewPlist
echo " <key>inject</key><string>src/target/ $hw / $base_build /partition</string></dict> " >> $NewPlist
2023-04-02 12:18:44 +02:00
elif [ [ $1 = = "target" ] ] ; then
2024-01-08 10:03:47 +01:00
echo "<key>FilesystemPackage</key><dict><key>bootstrap</key><string>freeze.tar</string>" >> $NewPlist
2023-04-02 12:18:44 +02:00
case $vers in
2024-01-08 10:03:47 +01:00
8* | 9* ) echo "<key>package</key><string>src/ios9.tar</string>" >> $NewPlist ; ;
2023-06-19 05:47:18 +02:00
esac
2023-10-05 09:12:31 +02:00
printf "</dict><key>RamdiskPackage</key><dict><key>package</key><string>src/bin.tar</string><key>ios</key><string>ios" >> $NewPlist
2023-06-19 05:47:18 +02:00
case $vers in
2023-10-30 18:36:38 +01:00
3* ) printf "3" >> $NewPlist ; ;
4* ) printf "4" >> $NewPlist ; ;
2023-10-05 09:12:31 +02:00
5* ) printf "5" >> $NewPlist ; ;
6* ) printf "6" >> $NewPlist ; ;
7* ) printf "7" >> $NewPlist ; ;
8* ) printf "8" >> $NewPlist ; ;
9* ) printf "9" >> $NewPlist ; ;
2023-04-02 12:18:44 +02:00
esac
2024-01-08 10:03:47 +01:00
echo "</string></dict>" >> $NewPlist
2024-01-08 06:52:14 +01:00
elif [ [ $ipsw_prepare_usepowder = = 1 ] ] ; then
2024-01-08 10:03:47 +01:00
echo "<key>FilesystemPackage</key><dict/><key>RamdiskPackage</key><dict/>" >> $NewPlist
2024-06-18 04:43:00 +02:00
elif [ [ $ipsw_isbeta = = 1 && $ipsw_prepare_usepowder != 1 ] ] ; then
warn "iOS 4.1 beta or older detected. Attempting workarounds"
cp $FirmwareBundle2 /* $FirmwareBundle
echo "<key>RamdiskPatches</key><dict/>" >> $NewPlist
echo "<key>FilesystemPatches</key><dict/>" >> $NewPlist
ipsw_isbeta_needspatch = 1
2023-11-18 02:24:31 +01:00
elif [ [ -d $FirmwareBundle2 ] ] ; then
cp $FirmwareBundle2 /* $FirmwareBundle
2024-01-08 10:03:47 +01:00
echo "<key>RamdiskPatches</key><dict>" >> $NewPlist
echo "<key>asr</key><dict>" >> $NewPlist
echo "<key>File</key><string>usr/sbin/asr</string><key>Patch</key><string>asr.patch</string></dict>" >> $NewPlist
2023-11-18 02:24:31 +01:00
if [ [ -s $FirmwareBundle /restoredexternal.patch ] ] ; then
2024-01-08 10:03:47 +01:00
echo "<key>restoredexternal</key><dict>" >> $NewPlist
echo "<key>File</key><string>usr/local/bin/restored_external</string><key>Patch</key><string>restoredexternal.patch</string></dict>" >> $NewPlist
2023-11-18 02:24:31 +01:00
fi
2024-01-08 10:03:47 +01:00
echo "</dict>" >> $NewPlist
2023-11-18 02:24:31 +01:00
if [ [ $ipsw_hacktivate = = 1 ] ] ; then
2024-01-08 10:03:47 +01:00
echo "<key>FilesystemPatches</key><dict>" >> $NewPlist
echo "<key>Hacktivation</key><array><dict>" >> $NewPlist
echo "<key>Action</key><string>Patch</string><key>File</key><string>usr/libexec/lockdownd</string>" >> $NewPlist
echo "<key>Patch</key><string>lockdownd.patch</string></dict></array></dict>" >> $NewPlist
2024-01-02 04:46:15 +01:00
else
2024-01-08 10:03:47 +01:00
echo "<key>FilesystemPatches</key><dict/>" >> $NewPlist # ipsw segfaults if this is missing lol
2023-11-18 02:24:31 +01:00
fi
2023-01-13 10:30:26 +01:00
fi
2023-01-13 05:25:27 +01:00
2023-04-02 12:18:44 +02:00
if [ [ $1 = = "base" ] ] ; then
2024-01-08 10:03:47 +01:00
echo "<key>Firmware</key><dict/>" >> $NewPlist
2023-11-21 02:59:54 +01:00
elif [ [ $1 = = "target" && $vers = = "4" * ] ] ; then
2024-01-08 10:03:47 +01:00
echo "<key>Firmware</key><dict>" >> $NewPlist
2023-10-30 18:36:38 +01:00
ipsw_prepare_keys iBSS $1
ipsw_prepare_keys RestoreRamdisk $1
2024-01-08 10:03:47 +01:00
echo "</dict>" >> $NewPlist
2024-06-18 04:43:00 +02:00
elif [ [ $ipsw_isbeta_needspatch = = 1 ] ] ; then
echo "<key>FirmwarePatches</key><dict>" >> $NewPlist
ipsw_prepare_keys RestoreDeviceTree $1
ipsw_prepare_keys RestoreLogo $1
ipsw_prepare_keys RestoreKernelCache $1
ipsw_prepare_keys RestoreRamdisk $1
echo "</dict>" >> $NewPlist
2023-04-02 12:18:44 +02:00
else
2024-01-08 06:52:14 +01:00
if [ [ $ipsw_prepare_usepowder = = 1 ] ] ; then
2024-01-08 10:03:47 +01:00
echo "<key>Firmware</key><dict>" >> $NewPlist
2024-01-08 06:52:14 +01:00
else
2024-01-08 10:03:47 +01:00
echo "<key>FirmwarePatches</key><dict>" >> $NewPlist
2023-11-18 02:24:31 +01:00
fi
2023-10-04 05:22:29 +02:00
ipsw_prepare_keys iBSS $1
2023-11-18 02:24:31 +01:00
# ios 4 and lower do not need ibec patches. the exception is the ipad lineup
if [ [ $vers != "3" * && $vers != "4" * ] ] || [ [ $device_type = = "iPad1,1" || $device_type = = "iPad2" * ] ] ; then
ipsw_prepare_keys iBEC $1
fi
2024-03-23 08:29:06 +01:00
if [ [ $device_proc != 1 ] ] ; then
ipsw_prepare_keys RestoreDeviceTree $1
ipsw_prepare_keys RestoreLogo $1
fi
2023-11-28 05:36:12 +01:00
if [ [ $1 = = "target" ] ] ; then
case $vers in
[ 457] * ) ipsw_prepare_keys RestoreKernelCache $1 ; ;
* ) ipsw_prepare_keys KernelCache $1 ; ;
esac
2024-03-23 08:29:06 +01:00
elif [ [ $device_proc != 1 ] ] ; then
2024-01-23 14:29:58 +01:00
ipsw_prepare_keys RestoreKernelCache $1
fi
2024-02-05 14:36:51 +01:00
ipsw_prepare_keys RestoreRamdisk $1
2024-01-23 14:29:58 +01:00
if [ [ $1 = = "old" ] ] ; then
2024-01-03 08:59:29 +01:00
if [ [ $device_type = = "iPod2,1" ] ] ; then
case $device_target_vers in
4.2.1 | 4.1 | 3.1.3 ) :; ;
* )
ipsw_prepare_keys iBoot $1
ipsw_prepare_keys KernelCache $1
; ;
esac
2024-01-02 04:46:15 +01:00
elif [ [ $device_proc = = 1 ] ] ; then
ipsw_prepare_keys KernelCache $1
ipsw_prepare_keys WTF2 $1
else
case $device_target_vers in
2024-01-03 08:59:29 +01:00
6.1.6 | 4.1 ) :; ;
2024-01-02 14:13:01 +01:00
3.0* ) ipsw_prepare_keys iBoot $1 ; ;
2024-01-02 04:46:15 +01:00
* )
ipsw_prepare_keys iBoot $1
ipsw_prepare_keys KernelCache $1
; ;
esac
fi
fi
2024-01-08 10:03:47 +01:00
echo "</dict>" >> $NewPlist
2023-04-02 12:18:44 +02:00
fi
if [ [ $1 = = "base" ] ] ; then
2024-01-08 10:03:47 +01:00
echo "<key>FirmwarePath</key><dict>" >> $NewPlist
2023-10-04 05:22:29 +02:00
ipsw_prepare_paths AppleLogo $1
ipsw_prepare_paths BatteryCharging0 $1
ipsw_prepare_paths BatteryCharging1 $1
ipsw_prepare_paths BatteryFull $1
ipsw_prepare_paths BatteryLow0 $1
ipsw_prepare_paths BatteryLow1 $1
ipsw_prepare_paths BatteryPlugin $1
ipsw_prepare_paths RecoveryMode $1
ipsw_prepare_paths LLB $1
ipsw_prepare_paths iBoot $1
2024-01-08 10:03:47 +01:00
echo "</dict>" >> $NewPlist
2023-04-02 12:18:44 +02:00
elif [ [ $1 = = "target" ] ] ; then
2024-01-08 10:03:47 +01:00
echo "<key>FirmwareReplace</key><dict>" >> $NewPlist
2023-10-30 18:36:38 +01:00
if [ [ $vers = = "4" * ] ] ; then
ipsw_prepare_paths APTicket $1
fi
2023-10-04 05:22:29 +02:00
ipsw_prepare_paths AppleLogo $1
ipsw_prepare_paths NewAppleLogo $1
ipsw_prepare_paths BatteryCharging0 $1
ipsw_prepare_paths BatteryCharging1 $1
ipsw_prepare_paths BatteryFull $1
ipsw_prepare_paths BatteryLow0 $1
ipsw_prepare_paths BatteryLow1 $1
ipsw_prepare_paths BatteryPlugin $1
ipsw_prepare_paths RecoveryMode $1
ipsw_prepare_paths NewRecoveryMode $1
ipsw_prepare_paths LLB $1
ipsw_prepare_paths iBoot $1
ipsw_prepare_paths NewiBoot $1
ipsw_prepare_paths manifest $1
2024-01-08 10:03:47 +01:00
echo "</dict>" >> $NewPlist
2023-10-03 15:31:18 +02:00
fi
2023-11-18 02:24:31 +01:00
2023-10-03 15:31:18 +02:00
if [ [ $daibutsu = = 1 ] ] ; then
2024-02-05 14:36:51 +01:00
if [ [ $ipsw_prepare_usepowder = = 1 ] ] ; then
echo "<key>RamdiskPackage2</key>" >> $NewPlist
else
2024-01-08 10:03:47 +01:00
echo "<key>PackagePath</key><string>./freeze.tar</string>" >> $NewPlist
echo "<key>RamdiskPackage</key>" >> $NewPlist
2023-11-18 02:24:31 +01:00
fi
2024-01-08 10:03:47 +01:00
echo "<string>./bin.tar</string><key>RamdiskReboot</key><string>./reboot.sh</string><key>UntetherPath</key><string>./untether.tar</string>" >> $NewPlist
2023-07-18 05:56:33 +02:00
local hwmodel = " $( tr '[:lower:]' '[:upper:]' <<< ${ device_model : 0 : 1 } ) ${ device_model : 1 } "
2024-01-08 10:03:47 +01:00
echo " <key>hwmodel</key><string> $hwmodel </string> " >> $NewPlist
2023-04-02 12:18:44 +02:00
fi
2024-01-08 10:03:47 +01:00
echo "</dict></plist>" >> $NewPlist
2023-04-02 12:18:44 +02:00
cat $NewPlist
}
ipsw_prepare_32bit( ) {
2023-05-27 08:33:27 +02:00
local ExtraArgs
2023-07-18 05:56:33 +02:00
local daibutsu
2023-05-27 08:33:27 +02:00
local JBFiles = ( )
2024-02-07 15:31:52 +01:00
local nskip
case $device_type in
2024-02-09 17:35:04 +01:00
iPad[ 23] ,[ 23] | " $device_disable_bbupdate " ) nskip = 1; ;
2024-02-07 15:31:52 +01:00
esac
2024-05-23 18:20:58 +02:00
if [ [ $device_target_vers = = "4.2" * || $device_target_vers = = "4.3" * ] ] ; then
nskip = 1
fi
if [ [ $device_target_vers = = "3" * || $device_target_vers = = "4" * ] ] && [ [ $nskip != 1 ] ] ; then
2024-01-10 04:44:42 +01:00
ipsw_prepare_jailbreak
2023-05-27 08:33:27 +02:00
return
elif [ [ -e " $ipsw_custom .ipsw " ] ] ; then
2023-04-02 12:18:44 +02:00
log "Found existing Custom IPSW. Skipping IPSW creation."
return
2024-02-07 15:31:52 +01:00
elif [ [ $nskip = = 1 ] ] ; then
:
elif [ [ $ipsw_jailbreak != 1 && $device_target_build != "9A406" && # 9a406 needs custom ipsw
2023-11-18 02:48:07 +01:00
$device_proc != 4 && $device_actrec != 1 && $device_target_tethered != 1 ] ] ; then
2023-06-15 08:21:05 +02:00
log " No need to create custom IPSW for non-jailbroken restores on $device_type - $device_target_build "
2023-04-02 12:18:44 +02:00
return
2023-07-18 05:56:33 +02:00
elif [ [ $ipsw_jailbreak = = 1 && $device_target_vers = = "8" * ] ] ; then
daibutsu = "daibutsu"
ExtraArgs += " -daibutsu"
cp $jelbrek /daibutsu/bin.tar $jelbrek /daibutsu/untether.tar .
2023-10-04 05:22:29 +02:00
ipsw_prepare_rebootsh
2023-04-02 12:18:44 +02:00
fi
2024-01-08 06:52:14 +01:00
ipsw_prepare_usepowder = 1
2023-04-02 12:18:44 +02:00
2023-07-18 05:56:33 +02:00
ipsw_prepare_bundle $daibutsu
2023-04-02 12:18:44 +02:00
if [ [ $ipsw_memory = = 1 ] ] ; then
ExtraArgs += " -memory"
fi
2024-05-23 18:20:58 +02:00
ExtraArgs += " -ramdiskgrow 10"
2024-02-07 15:31:52 +01:00
if [ [ $device_use_bb != 0 && $device_type != " $device_disable_bbupdate " ] ] ; then
2023-06-26 11:35:06 +02:00
ExtraArgs += " -bbupdate"
elif [ [ $device_type = = " $device_disable_bbupdate " && $device_type = = "iPhone" * ] ] ; then
2023-07-03 09:22:35 +02:00
device_dump baseband
2024-03-10 15:46:27 +01:00
ExtraArgs += " ../saved/ $device_type /baseband- $device_ecid .tar "
2023-06-26 11:35:06 +02:00
fi
2023-07-03 09:22:35 +02:00
if [ [ $device_actrec = = 1 ] ] ; then
device_dump activation
2024-03-10 15:46:27 +01:00
ExtraArgs += " ../saved/ $device_type /activation- $device_ecid .tar "
2023-07-03 09:22:35 +02:00
fi
2024-02-03 10:45:37 +01:00
2023-05-27 08:33:27 +02:00
if [ [ $ipsw_jailbreak = = 1 ] ] ; then
case $device_target_vers in
2023-09-14 10:10:52 +02:00
9.3.[ 1234] | 9.3 ) JBFiles += ( "untetherhomedepot.tar" ) ; ;
9.2* | 9.1 ) JBFiles += ( "untetherhomedepot921.tar" ) ; ;
2023-05-27 08:33:27 +02:00
7.1* ) JBFiles += ( "panguaxe.tar" ) ; ;
7* ) JBFiles += ( "evasi0n7-untether.tar" ) ; ;
6.1.[ 3456] ) JBFiles += ( "p0sixspwn.tar" ) ; ;
6* ) JBFiles += ( "evasi0n6-untether.tar" ) ; ;
2024-05-23 18:20:58 +02:00
5* | 4.[ 32] * ) JBFiles += ( " g1lbertJB/ ${ device_type } _ ${ device_target_build } .tar " ) ; ;
2023-05-27 08:33:27 +02:00
esac
2023-10-04 05:22:29 +02:00
if [ [ -n ${ JBFiles [0] } ] ] ; then
JBFiles[ 0] = $jelbrek /${ JBFiles [0] }
fi
2023-05-27 08:33:27 +02:00
case $device_target_vers in
2023-10-04 05:22:29 +02:00
9* | 8* ) JBFiles += ( " $jelbrek /fstab8.tar " ) ; ;
7* ) JBFiles += ( " $jelbrek /fstab7.tar " ) ; ;
2024-05-23 18:20:58 +02:00
4* ) JBFiles += ( " $jelbrek /fstab_old.tar " ) ; ;
2023-10-04 05:22:29 +02:00
* ) JBFiles += ( " $jelbrek /fstab_rw.tar " ) ; ;
2023-05-27 08:33:27 +02:00
esac
2024-05-23 18:20:58 +02:00
case $device_target_vers in
4.3* )
if [ [ $device_type = = "iPad2" * ] ] ; then
JBFiles[ 0] =
fi
; ;
4.2.1 )
if [ [ $device_type != "iPhone1,2" ] ] ; then
2024-06-18 04:43:00 +02:00
ExtraArgs += " -punchd"
2024-05-23 18:20:58 +02:00
JBFiles[ 0] = $jelbrek /greenpois0n/${ device_type } _${ device_target_build } .tar
fi
; ;
esac
2023-10-04 05:22:29 +02:00
JBFiles += ( " $jelbrek /freeze.tar " )
2023-08-13 02:29:44 +02:00
if [ [ $device_target_vers = = "5" * ] ] ; then
2023-09-23 13:17:11 +02:00
JBFiles += ( " $jelbrek /cydiasubstrate.tar " " $jelbrek /g1lbertJB.tar " )
2023-08-13 02:29:44 +02:00
fi
2023-05-27 10:57:19 +02:00
if [ [ $ipsw_openssh = = 1 ] ] ; then
2023-07-18 05:56:33 +02:00
JBFiles += ( " $jelbrek /sshdeb.tar " )
2023-05-27 10:57:19 +02:00
fi
2024-01-05 06:09:46 +01:00
if [ [ $device_target_tethered = = 1 ] ] ; then
case $device_target_vers in
4.2.1 ) :; ;
2024-01-29 05:15:55 +01:00
5* | 4.[ 32] * ) JBFiles += ( " $jelbrek /g1lbertJB/install.tar " ) ; ;
2024-01-05 06:09:46 +01:00
esac
fi
2023-05-27 08:33:27 +02:00
fi
2024-02-03 10:45:37 +01:00
if [ [ $ipsw_isbeta = = 1 ] ] ; then
ipsw_prepare_systemversion
ExtraArgs += " systemversion.tar"
fi
2024-06-18 04:43:00 +02:00
if [ [ $1 = = "iboot" ] ] ; then
ExtraArgs += " iBoot.tar"
fi
2024-02-03 10:45:37 +01:00
2023-05-27 08:33:27 +02:00
log " Preparing custom IPSW: $dir /powdersn0w $ipsw_path .ipsw temp.ipsw $ExtraArgs ${ JBFiles [*] } "
" $dir /powdersn0w " " $ipsw_path .ipsw " temp.ipsw $ExtraArgs ${ JBFiles [@] }
2023-04-02 12:18:44 +02:00
if [ [ ! -e temp.ipsw ] ] ; then
error "Failed to find custom IPSW. Please run the script again" \
"* You may try selecting N for memory option"
fi
2024-05-23 18:20:58 +02:00
2024-02-09 18:30:54 +01:00
ipsw_bbreplace
2024-05-23 18:20:58 +02:00
if [ [ $device_target_vers = = "4" * ] ] ; then
ipsw_prepare_ios4patches
log "Add all to custom IPSW"
zip -r0 temp.ipsw Firmware/dfu/*
fi
2023-04-02 12:18:44 +02:00
mv temp.ipsw " $ipsw_custom .ipsw "
2023-01-13 05:25:27 +01:00
}
2024-02-07 14:24:48 +01:00
ipsw_bbdigest( ) {
local loc = "BuildIdentities:0:"
if [ [ $2 != "UniqueBuildID" ] ] ; then
loc += "Manifest:BasebandFirmware:"
fi
loc += " $2 "
local out = " $1 "
if [ [ $platform = = "macos" ] ] ; then
2024-02-08 04:31:27 +01:00
echo $out | base64 --decode > t
log " Replacing $2 "
2024-02-07 14:24:48 +01:00
$PlistBuddy -c " Import $loc t " BuildManifest.plist
rm t
return
fi
2024-02-08 04:31:27 +01:00
in = $( $PlistBuddy -c " Print $loc " BuildManifest.plist | tr -d "<>" | xxd -r -p | base64)
2024-02-07 14:24:48 +01:00
echo " ${ in } < " > replace
#sed -i'' "s,AAAAAAAAAAAAAAAAAAAAAAA<,==," replace
#sed -i'' "s,AAAAAAAAAAAAA<,=," replace
#sed -i'' "s,AAAAAAAAA<,=," replace
cat replace | sed "s,AAAAAAAAAAAAAAAAAAAAAAA<,==," > t
cat t | sed "s,AAAAAAAAAAAAA<,=," > tt
cat tt | sed "s,AAAAAAAAA<,=," > replace
in = " $( cat replace) "
rm replace t tt
case $2 in
*"PartialDigest" )
in = " ${ in %???????????? } "
in = $( cat BuildManifest.plist | grep " $in " -m1)
log " Replacing $2 "
#sed -i'' "s,$in,replace," BuildManifest.plist
#sed -i'' "/replace/{n;d}" BuildManifest.plist
cat BuildManifest.plist | sed " s, $in ,replace, " > t
awk 'f{$0="";f=0}/replace/{f=1}1' t > tt
awk '/replace$/{printf("%s",$0);next}1' tt > tmp.plist
rm t tt
in = "replace"
; ;
* ) log " Replacing $2 " ; mv BuildManifest.plist tmp.plist; ;
esac
#sed -i'' "s,$in,$out," BuildManifest.plist
cat tmp.plist | sed " s, $in , $out , " > BuildManifest.plist
rm tmp.plist
}
ipsw_bbreplace( ) {
local rsb1
local sbl1
local path
local rsb_latest
local sbl_latest
local bbfw = "Print BuildIdentities:0:Manifest:BasebandFirmware"
2024-02-09 18:30:54 +01:00
local ubid
if [ [ $device_use_bb = = 0 ] ] || ( ( device_proc < 5 ) ) ; then
return
fi
2024-02-07 14:24:48 +01:00
2024-05-23 18:20:58 +02:00
log "Extracting BuildManifest from IPSW"
2024-02-07 14:24:48 +01:00
unzip -o -j temp.ipsw BuildManifest.plist
2024-05-23 18:20:58 +02:00
mkdir Firmware 2>/dev/null
2024-02-07 14:24:48 +01:00
restore_download_bbsep
cp $restore_baseband Firmware/$device_use_bb
2024-02-09 18:30:54 +01:00
case $device_type in
iPhone4,1 ) ubid = "d9Xbp0xyiFOxDvUcKMsoNjIvhwQ=" ; ;
2024-02-09 18:40:45 +01:00
iPhone5,1 ) ubid = "IcrFKRzWDvccKDfkfMNPOPYHEV0=" ; ;
iPhone5,2 ) ubid = "lnU0rtBUK6gCyXhEtHuwbEz/IKY=" ; ;
iPhone5,3 ) ubid = "dwrol4czV3ijtNHh3w1lWIdsNdA=" ; ;
iPhone5,4 ) ubid = "Z4ST0TczwAhpfluQFQNBg7Y3BVE=" ; ;
2024-02-09 18:30:54 +01:00
iPad2,6 ) ubid = "L73HfN42pH7qAzlWmsEuIZZg2oE=" ; ;
iPad2,7 ) ubid = "z/vJsvnUovZ+RGyXKSFB6DOjt1k=" ; ;
2024-02-09 18:40:45 +01:00
iPad3,5 ) ubid = "849RPGQ9kNXGMztIQBhVoU/l5lM=" ; ;
2024-02-09 18:30:54 +01:00
iPad3,6 ) ubid = "cO+N+Eo8ynFf+0rnsIWIQHTo6rg=" ; ;
esac
ipsw_bbdigest $ubid UniqueBuildID
2024-02-07 14:24:48 +01:00
case $device_type in
iPhone4,1 )
rsb1 = $( $PlistBuddy -c " $bbfw :eDBL-Version " BuildManifest.plist)
sbl1 = $( $PlistBuddy -c " $bbfw :RestoreDBL-Version " BuildManifest.plist)
path = $( $PlistBuddy -c " $bbfw :Info:Path " BuildManifest.plist | tr -d '"' )
rsb_latest = "-1577031936"
sbl_latest = "-1575983360"
ipsw_bbdigest XAAAAADHAQCqerR8d+PvcfusucizfQ4ECBI0TA= = RestoreDBL-PartialDigest
ipsw_bbdigest Q1TLjk+/PjayCzSJJo68FTtdhyE= AMSS-HashTableDigest
ipsw_bbdigest KkJI7ufv5tfNoqHcrU7gqoycmXA = OSBL-DownloadDigest
ipsw_bbdigest eAAAAADIAQDxcjzF1q5t+nvLBbvewn/arYVkLw= = eDBL-PartialDigest
ipsw_bbdigest 3CHVk7EmtGjL14ApDND81cqFqhM = AMSS-DownloadDigest
; ;
2024-02-09 17:35:04 +01:00
iPhone5,[ 12] | iPad2,[ 67] | iPad3,[ 56] )
2024-02-07 14:24:48 +01:00
rsb1 = $( $PlistBuddy -c " $bbfw :RestoreSBL1-Version " BuildManifest.plist)
sbl1 = $( $PlistBuddy -c " $bbfw :SBL1-Version " BuildManifest.plist)
path = $( $PlistBuddy -c " $bbfw :Info:Path " BuildManifest.plist | tr -d '"' )
rsb_latest = "-1559114512"
sbl_latest = "-1560163088"
ipsw_bbdigest 2bmJ7Vd+WAmogV+hjq1a86UlBvA= APPS-DownloadDigest
ipsw_bbdigest oNmIZf39zd94CPiiKOpKvhGJbyg = APPS-HashTableDigest
ipsw_bbdigest dFi5J+pSSqOfz31fIvmah2GJO+E= DSP1-DownloadDigest
ipsw_bbdigest HXUnmGmwIHbVLxkT1rHLm5V6iDM = DSP1-HashTableDigest
ipsw_bbdigest oA5eQ8OurrWrFpkUOhD/3sGR3y8= DSP2-DownloadDigest
ipsw_bbdigest L7v8ulq1z1Pr7STR47RsNbxmjf0 = DSP2-HashTableDigest
ipsw_bbdigest MZ1ERfoeFcbe79pFAl/hbWUSYKc= DSP3-DownloadDigest
ipsw_bbdigest sKmLhQcjfaOliydm+iwxucr9DGw= DSP3-HashTableDigest
ipsw_bbdigest oiW/8qZhN0r9OaLdUHCT+MMGknY= RPM-DownloadDigest
ipsw_bbdigest fAAAAEAQAgAH58t5X9KETIPrycULi8dg7b2rSw = = RestoreSBL1-PartialDigest
ipsw_bbdigest ZAAAAIC9AQAfgUcPMN/lMt+U8s6bxipdy6td6w= = SBL1-PartialDigest
ipsw_bbdigest kHLoJsT9APu4Xwu/aRjNK10Hx84= SBL2-DownloadDigest
; ;
iPhone5,[ 34] )
rsb1 = $( $PlistBuddy -c " $bbfw :RestoreSBL1-Version " BuildManifest.plist)
sbl1 = $( $PlistBuddy -c " $bbfw :SBL1-Version " BuildManifest.plist)
path = $( $PlistBuddy -c " $bbfw :Info:Path " BuildManifest.plist | tr -d '"' )
rsb_latest = "-1542379296"
sbl_latest = "-1543427872"
ipsw_bbdigest TSVi7eYY4FiAzXynDVik6TY2S1c = APPS-DownloadDigest
ipsw_bbdigest xd/JBOTxYJWmLkTWqLWl8GeINgU= APPS-HashTableDigest
ipsw_bbdigest RigCEz69gUymh2UdyJdwZVx74Ic = DSP1-DownloadDigest
ipsw_bbdigest a3XhREtzynTWtyQGqi/RXorXSVE= DSP1-HashTableDigest
ipsw_bbdigest 3JTgHWvC+XZYWa5U5MPvle+imj4= DSP2-DownloadDigest
ipsw_bbdigest Hvppb92/1o/cWQbl8ftoiW5jOLg= DSP2-HashTableDigest
ipsw_bbdigest R60ZfsOqZX+Pd/UnEaEhWfNvVlY= DSP3-DownloadDigest
ipsw_bbdigest DFQWkktFWNh90G2hOfwO14oEbrI = DSP3-HashTableDigest
ipsw_bbdigest Rsn+u2mOpYEmdrw98yA8EDT5LiE= RPM-DownloadDigest
ipsw_bbdigest cAAAAIC9AQBLeCHzsjHo8Q7+IzELZTV/ri/Vow= = RestoreSBL1-PartialDigest
ipsw_bbdigest eAAAAEBsAQB9b44LqXjR3izAYl5gB4j3Iqegkg = = SBL1-PartialDigest
ipsw_bbdigest iog3IVe+8VqgQzP2QspgFRUNwn8= SBL2-DownloadDigest
; ;
esac
log " Replacing $rsb1 with $rsb_latest "
#sed -i'' "s,$rsb1,$rsb_latest," BuildManifest.plist
cat BuildManifest.plist | sed " s, $rsb1 , $rsb_latest , " > t
log " Replacing $sbl1 with $sbl_latest "
#sed -i'' "s,$sbl1,$sbl_latest," BuildManifest.plist
cat t | sed " s, $sbl1 , $sbl_latest , " > tt
log " Replacing $path with Firmware/ $device_use_bb "
#sed -i'' "s,$path,Firmware/$device_use_bb," BuildManifest.plist
cat tt | sed " s, $path ,Firmware/ $device_use_bb , " > BuildManifest.plist
rm t tt
2024-02-08 06:40:29 +01:00
zip -r0 temp.ipsw Firmware/$device_use_bb BuildManifest.plist
2024-02-07 14:24:48 +01:00
}
2023-10-25 09:46:35 +02:00
patch_iboot( ) {
device_fw_key_check
2024-06-14 03:12:24 +02:00
local iboot_name = $( echo $device_fw_key | $jq -j '.keys[] | select(.image == "iBoot") | .filename' )
local iboot_iv = $( echo $device_fw_key | $jq -j '.keys[] | select(.image == "iBoot") | .iv' )
local iboot_key = $( echo $device_fw_key | $jq -j '.keys[] | select(.image == "iBoot") | .key' )
2024-02-12 06:33:52 +01:00
local rsa = "--rsa"
2023-11-13 03:27:36 +01:00
log " Patch iBoot: $* "
2024-03-06 03:39:52 +01:00
if [ [ $1 = = "--logo" ] ] ; then
2024-02-12 06:33:52 +01:00
iboot_name = " ${ iboot_name /iBoot/iBoot2 } "
rsa =
2024-02-12 06:46:37 +01:00
unzip -o -j temp.ipsw $all_flash /$iboot_name
else
unzip -o -j " $ipsw_path .ipsw " $all_flash /$iboot_name
2024-02-12 06:33:52 +01:00
fi
mv $iboot_name iBoot.orig
" $dir /xpwntool " iBoot.orig iBoot.dec -iv $iboot_iv -k $iboot_key
" $dir /iBoot32Patcher " iBoot.dec iBoot.pwned $rsa " $@ "
" $dir /xpwntool " iBoot.pwned iBoot -t iBoot.orig
2024-03-06 03:39:52 +01:00
if [ [ $device_type = = "iPad1,1" || $device_type = = "iPhone5" * ] ] ; then
2024-02-12 06:33:52 +01:00
echo "0000010: 6365" | xxd -r - iBoot
echo "0000020: 6365" | xxd -r - iBoot
return
fi
echo "0000010: 626F" | xxd -r - iBoot
echo "0000020: 626F" | xxd -r - iBoot
" $dir /xpwntool " iBoot.pwned $iboot_name -t iBoot -iv $iboot_iv -k $iboot_key
2023-10-25 09:46:35 +02:00
}
2024-01-02 04:46:15 +01:00
ipsw_patch_file( ) {
# usage: ipsw_patch_file <ramdisk/fs> <location> <filename> <patchfile>
" $dir /hfsplus " " $1 " extract " $2 " /" $3 "
" $dir /hfsplus " " $1 " rm " $2 " /" $3 "
$bspatch " $3 " " $3 " .patched " $4 "
" $dir /hfsplus " " $1 " add " $3 " .patched " $2 " /" $3 "
" $dir /hfsplus " " $1 " chmod 755 " $2 " /" $3 "
" $dir /hfsplus " " $1 " chown 0:0 " $2 " /" $3 "
}
2023-11-18 02:24:31 +01:00
ipsw_prepare_ios4multipart( ) {
local JBFiles = ( )
2023-11-18 02:24:52 +01:00
ipsw_custom_part2 = " ${ device_type } _ ${ device_target_vers } _ ${ device_target_build } _CustomNP- ${ device_ecid } "
2024-02-20 11:10:35 +01:00
local all_flash2 = " $ipsw_custom_part2 / $all_flash "
2024-06-25 01:45:06 +02:00
local ExtraArgs2 = "--boot-partition --boot-ramdisk --logo4"
2023-11-18 02:24:31 +01:00
local iboot
2024-06-25 01:45:06 +02:00
case $device_target_vers in
4.2.9 | 4.2.10 ) :; ;
* ) ExtraArgs2 += " --433" ; ;
esac
ExtraArgs2 += " -b"
2023-11-18 02:24:31 +01:00
if [ [ -e " ../ $ipsw_custom_part2 .ipsw " && -e " $ipsw_custom .ipsw " ] ] ; then
log "Found existing Custom IPSWs. Skipping IPSW creation."
return
elif [ [ -e " ../ $ipsw_custom_part2 .ipsw " || -e " $ipsw_custom .ipsw " ] ] ; then
rm " ../ $ipsw_custom_part2 .ipsw " " $ipsw_custom .ipsw " 2>/dev/null
fi
log "Preparing NOR flash IPSW..."
2024-02-20 11:10:35 +01:00
mkdir -p $ipsw_custom_part2 /Firmware/dfu $ipsw_custom_part2 /Downgrade $all_flash2
2023-11-18 02:24:31 +01:00
2024-06-18 04:43:00 +02:00
local comps = ( "iBSS" "iBEC" "DeviceTree" "Kernelcache" "RestoreRamdisk" )
2023-11-18 02:24:52 +01:00
local name
local iv
local key
local path
local vers = "5.1.1"
local build = "9B206"
local saved_path = " ../saved/ $device_type / $build "
local url = " $( cat $device_fw_dir /$build /url) "
device_fw_key_check temp $build
mkdir -p $saved_path
log " Getting $vers restore components "
for getcomp in " ${ comps [@] } " ; do
2024-06-14 03:12:24 +02:00
name = $( echo $device_fw_key_temp | $jq -j '.keys[] | select(.image == "' $getcomp '") | .filename' )
iv = $( echo $device_fw_key_temp | $jq -j '.keys[] | select(.image == "' $getcomp '") | .iv' )
key = $( echo $device_fw_key_temp | $jq -j '.keys[] | select(.image == "' $getcomp '") | .key' )
2023-11-18 02:24:52 +01:00
case $getcomp in
"iBSS" | "iBEC" ) path = "Firmware/dfu/" ; ;
2024-02-20 11:10:35 +01:00
"DeviceTree" ) path = " $all_flash / " ; ;
2023-11-18 02:24:52 +01:00
* ) path = "" ; ;
esac
log " $getcomp "
if [ [ $vers = = " $device_base_vers " ] ] ; then
unzip -o -j " $ipsw_base_path .ipsw " ${ path } $name
elif [ [ -e $saved_path /$name ] ] ; then
cp $saved_path /$name .
else
" $dir /pzb " -g " ${ path } $name " -o " $name " " $url "
cp $name $saved_path /
fi
case $getcomp in
"DeviceTree" )
" $dir /xpwntool " $name $ipsw_custom_part2 /Downgrade/RestoreDeviceTree -iv $iv -k $key -decrypt
; ;
"Kernelcache" )
" $dir /xpwntool " $name $ipsw_custom_part2 /Downgrade/RestoreKernelCache -iv $iv -k $key -decrypt
; ;
* )
mv $name $getcomp .orig
" $dir /xpwntool " $getcomp .orig $getcomp .dec -iv $iv -k $key
; ;
esac
done
log "Patch iBSS"
2023-11-18 02:24:31 +01:00
" $dir /iBoot32Patcher " iBSS.dec iBSS.patched --rsa
" $dir /xpwntool " iBSS.patched $ipsw_custom_part2 /Firmware/dfu/iBSS.${ device_model } ap.RELEASE.dfu -t iBSS.orig
2023-11-18 02:24:52 +01:00
log "Patch iBEC"
" $dir /iBoot32Patcher " iBEC.dec iBEC.patched --rsa --ticket -b "rd=md0 -v nand-enable-reformat=1 amfi=0xff cs_enforcement_disable=1"
2023-11-18 02:24:31 +01:00
" $dir /xpwntool " iBEC.patched $ipsw_custom_part2 /Firmware/dfu/iBEC.${ device_model } ap.RELEASE.dfu -t iBEC.orig
2023-11-18 02:24:52 +01:00
log "Manifest plist"
if [ [ $vers = = " $device_base_vers " ] ] ; then
unzip -o -j " $ipsw_base_path .ipsw " BuildManifest.plist
elif [ [ -e $saved_path /BuildManifest.plist ] ] ; then
cp $saved_path /BuildManifest.plist .
else
" $dir /pzb " -g " ${ path } BuildManifest.plist " -o "BuildManifest.plist" " $url "
cp BuildManifest.plist $saved_path /
fi
cp ../resources/patch/old/$device_type /$vers /* .
patch BuildManifest.plist < BuildManifest.patch
cp BuildManifest.plist $ipsw_custom_part2 /
2023-11-18 02:24:31 +01:00
log "Restore Ramdisk"
2023-11-18 02:24:52 +01:00
local ramdisk_name = $( echo $device_fw_key_temp | $jq -j '.keys[] | select(.image == "RestoreRamdisk") | .filename' )
mv RestoreRamdisk.dec ramdisk.dec
2024-06-24 02:17:21 +02:00
" $dir /hfsplus " ramdisk.dec grow 18000000
2023-11-18 02:24:31 +01:00
2023-11-18 02:24:52 +01:00
local rootfs_name = $( echo $device_fw_key_temp | $jq -j '.keys[] | select(.image == "RootFS") | .filename' )
touch $ipsw_custom_part2 /$rootfs_name
2024-06-23 09:43:27 +02:00
log " Dummy RootFS: $rootfs_name "
2023-11-18 02:24:52 +01:00
2023-11-18 02:24:31 +01:00
log "Modify options.plist"
local options_plist = " options. $device_model .plist "
echo ' <?xml version = "1.0" encoding = "UTF-8" ?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd" >
<plist version = "1.0" >
<dict>
2023-11-21 02:59:54 +01:00
<key>CreateFilesystemPartitions</key>
<false/>
<key>UpdateBaseband</key>
<false/>
<key>SystemImage</key>
<false/>
2023-11-18 02:24:31 +01:00
</dict>
</plist>' | tee $options_plist
" $dir /hfsplus " ramdisk.dec rm usr/local/share/restore/$options_plist
" $dir /hfsplus " ramdisk.dec add $options_plist usr/local/share/restore/$options_plist
log "Patch ASR"
2024-01-02 04:46:15 +01:00
ipsw_patch_file ramdisk.dec usr/sbin asr asr.patch
2023-11-18 02:24:31 +01:00
log "Repack Restore Ramdisk"
2023-11-18 02:24:52 +01:00
" $dir /xpwntool " ramdisk.dec $ipsw_custom_part2 /$ramdisk_name -t RestoreRamdisk.orig
2023-11-18 02:24:31 +01:00
2023-11-18 02:24:52 +01:00
log " Extract all_flash from $device_base_vers base "
2024-02-20 11:10:35 +01:00
unzip -o -j " $ipsw_base_path .ipsw " Firmware/all_flash/\* -d $all_flash2
2023-11-18 02:24:31 +01:00
log " Add $device_target_vers DeviceTree to all_flash "
2024-02-20 11:10:35 +01:00
rm $all_flash2 /DeviceTree.${ device_model } ap.img3
2024-02-23 00:00:26 +01:00
unzip -o -j " $ipsw_path .ipsw " $all_flash /DeviceTree.${ device_model } ap.img3 -d $all_flash2
2023-11-18 02:24:31 +01:00
2024-05-13 07:00:47 +02:00
local ExtraArgs3 = "pio-error=0"
2023-11-18 02:24:31 +01:00
if [ [ $ipsw_verbose = = 1 ] ] ; then
2024-05-13 07:00:47 +02:00
ExtraArgs3 += " -v"
2023-11-18 02:24:31 +01:00
fi
2024-05-13 07:00:47 +02:00
patch_iboot $ExtraArgs2 " $ExtraArgs3 "
2023-11-18 02:24:31 +01:00
if [ [ $device_type = = "iPad1,1" ] ] ; then
cp iBoot iBEC
tar -cvf iBoot.tar iBEC
iboot = "iboot"
else
log " Add $device_target_vers iBoot to all_flash "
2024-06-25 01:45:06 +02:00
cp iBoot $all_flash2 /iBoot2.img3
2024-06-24 06:43:34 +02:00
echo "iBoot2.img3" >> $all_flash2 /manifest
2023-11-18 02:24:31 +01:00
fi
log "Add APTicket to all_flash"
2023-11-18 02:24:52 +01:00
cat " $shsh_path " | sed '64,$d' | sed -ne '/<data>/,/<\/data>/p' | sed -e "s/<data>//" | sed "s/<\/data>//" | tr -d '[:space:]' | base64 --decode > apticket.der
2024-02-20 11:10:35 +01:00
" $dir /xpwntool " apticket.der $all_flash2 /applelogoT.img3 -t ../resources/firmware/src/scab_template.img3
echo "applelogoT.img3" >> $all_flash2 /manifest
2023-11-18 02:24:31 +01:00
log "AppleLogo"
local logo_name = " $( echo $device_fw_key | $jq -j '.keys[] | select(.image == "AppleLogo") | .filename' ) "
2024-05-23 18:20:58 +02:00
if [ [ -n $ipsw_customlogo ] ] ; then
ipsw_prepare_logos_convert
mv $all_flash /$logoname $logo_name
else
unzip -o -j " $ipsw_path .ipsw " $all_flash /$logo_name
echo "0000010: 3467" | xxd -r - $logo_name
echo "0000020: 3467" | xxd -r - $logo_name
fi
2023-11-18 02:24:31 +01:00
log "Add AppleLogo to all_flash"
2024-02-12 09:59:08 +01:00
if [ [ $device_latest_vers = = "5" * ] ] ; then
2024-02-20 11:10:35 +01:00
mv $logo_name $all_flash2 /applelogo4.img3
echo "applelogo4.img3" >> $all_flash2 /manifest
2024-02-12 09:59:08 +01:00
else
2024-02-20 11:10:35 +01:00
sed '/applelogo/d' $all_flash2 /manifest > manifest
rm $all_flash2 /manifest
2024-02-12 09:59:08 +01:00
echo " $logo_name " >> manifest
2024-02-20 11:10:35 +01:00
mv $logo_name manifest $all_flash2 /
2024-02-12 09:59:08 +01:00
fi
2023-11-18 02:24:31 +01:00
log " Creating $ipsw_custom_part2 .ipsw... "
pushd $ipsw_custom_part2 >/dev/null
zip -r0 ../../$ipsw_custom_part2 .ipsw *
popd >/dev/null
2023-11-18 02:24:52 +01:00
# ------ part 2 (nor flash) ends here. start creating part 1 ipsw ------
2024-06-24 06:43:34 +02:00
case $device_target_vers in
4.2* ) ipsw_prepare_32bit $iboot ; ;
* ) ipsw_prepare_jailbreak $iboot ; ;
esac
2023-11-18 02:24:31 +01:00
2024-06-24 06:43:34 +02:00
ipsw_prepare_ios4multipart_patch = 1
ipsw_prepare_multipatch
2023-11-18 02:24:31 +01:00
}
2024-06-24 02:21:47 +02:00
ipsw_prepare_multipatch( ) {
local vers
local build
local options_plist
local saved_path
local url
local ramdisk_name
local name
local iv
local key
local comps = ( "iBSS" "iBEC" "DeviceTree" "Kernelcache" "RestoreRamdisk" )
2024-06-27 06:47:49 +02:00
local ticket = "--ticket"
2024-06-24 02:21:47 +02:00
log "Starting multipatch"
mv " $ipsw_custom .ipsw " temp.ipsw
rm asr* iBSS* iBEC* ramdisk* *.dmg 2>/dev/null
options_plist = " options. $device_model .plist "
if [ [ $device_type = = "iPad1,1" && $device_target_vers = = "4" * ] ] ; then
2024-06-27 06:47:49 +02:00
ticket =
2024-06-24 02:21:47 +02:00
elif [ [ $device_target_vers = = "3" * || $device_target_vers = = "4" * ] ] ; then
options_plist = "options.plist"
2024-06-27 06:47:49 +02:00
ticket =
2024-06-24 02:21:47 +02:00
fi
vers = "4.2.1"
build = "8C148"
if [ [ $ipsw_isbeta = = 1 ] ] ; then
:
elif [ [ $device_type = = "iPad1,1" || $device_type = = "iPhone3,3" ] ] ||
[ [ $device_type = = "iPod3,1" && $device_target_vers = = "3" * ] ] ; then
vers = " $device_target_vers "
build = " $device_target_build "
fi
case $device_target_vers in
4.3* ) vers = "4.3.5" ; build = "8L1" ; ;
5* ) vers = "5.1.1" ; build = "9B206" ; ;
6* ) vers = "6.1.3" ; build = "10B329" ; ;
7* ) vers = "7.1.2" ; build = "11D257" ; ;
8* ) vers = "8.4.1" ; build = "12H321" ; ;
9* ) vers = "9.3.5" ; build = "13G36" ; ;
esac
saved_path = " ../saved/ $device_type / $build "
ipsw_get_url $build
url = " $ipsw_url "
device_fw_key_check
ramdisk_name = $( echo $device_fw_key | $jq -j '.keys[] | select(.image == "RestoreRamdisk") | .filename' )
mkdir -p $saved_path Downgrade Firmware/dfu 2>/dev/null
device_fw_key_check temp $build
log " Getting $vers restore components "
for getcomp in " ${ comps [@] } " ; do
name = $( echo $device_fw_key_temp | $jq -j '.keys[] | select(.image == "' $getcomp '") | .filename' )
iv = $( echo $device_fw_key_temp | $jq -j '.keys[] | select(.image == "' $getcomp '") | .iv' )
key = $( echo $device_fw_key_temp | $jq -j '.keys[] | select(.image == "' $getcomp '") | .key' )
case $getcomp in
"iBSS" | "iBEC" ) path = "Firmware/dfu/" ; ;
"DeviceTree" ) path = " $all_flash / " ; ;
* ) path = "" ; ;
esac
log " $getcomp "
if [ [ $vers = = " $device_target_vers " ] ] ; then
unzip -o -j " $ipsw_path .ipsw " ${ path } $name
elif [ [ -e $saved_path /$name ] ] ; then
cp $saved_path /$name .
else
" $dir /pzb " -g " ${ path } $name " -o " $name " " $url "
cp $name $saved_path /
fi
case $getcomp in
"DeviceTree" )
mv $name Downgrade/RestoreDeviceTree
zip -r0 temp.ipsw Downgrade/RestoreDeviceTree
; ;
"Kernelcache" )
mv $name Downgrade/RestoreKernelCache
zip -r0 temp.ipsw Downgrade/RestoreKernelCache
; ;
* )
mv $name $getcomp .orig
" $dir /xpwntool " $getcomp .orig $getcomp .dec -iv $iv -k $key
; ;
esac
if [ [ $getcomp = = "iB" * ] ] ; then
log " Patch $getcomp "
" $dir /iBoot32Patcher " $getcomp .dec $getcomp .patched --rsa --debug -b "rd=md0 -v nand-enable-reformat=1 amfi=0xff amfi_get_out_of_my_way=1 cs_enforcement_disable=1 pio-error=0"
" $dir /xpwntool " $getcomp .patched ${ path } $name -t $getcomp .orig
zip -r0 temp.ipsw ${ path } $name
fi
done
log "Grow ramdisk"
" $dir /hfsplus " RestoreRamdisk.dec grow 30000000
log "Patch ASR"
2024-06-25 01:45:06 +02:00
if [ [ $ipsw_prepare_usepowder = = 1 && $ipsw_isbeta != 1 ] ] ; then
2024-06-24 02:21:47 +02:00
unzip -o -j temp.ipsw $ramdisk_name
2024-06-24 06:43:34 +02:00
mv $ramdisk_name ramdisk2.orig
2024-06-24 02:21:47 +02:00
rm RestoreRamdisk.dec
" $dir /xpwntool " ramdisk2.orig ramdisk2.dec
cp ramdisk2.dec RestoreRamdisk.dec
" $dir /hfsplus " RestoreRamdisk.dec grow 30000000
else
cp ../resources/firmware/FirmwareBundles/Down_${ device_type } _${ vers } _${ build } .bundle/asr.patch .
ipsw_patch_file RestoreRamdisk.dec usr/sbin asr asr.patch
fi
log " Extract options.plist from $device_target_vers IPSW "
if [ [ ! -s ramdisk2.dec ] ] ; then
unzip -o -j temp.ipsw $ramdisk_name
mv $ramdisk_name ramdisk2.orig
" $dir /xpwntool " ramdisk2.orig ramdisk2.dec
fi
" $dir /hfsplus " ramdisk2.dec extract usr/local/share/restore/$options_plist
log "Modify options.plist"
" $dir /hfsplus " RestoreRamdisk.dec rm usr/local/share/restore/$options_plist
if [ [ $ipsw_prepare_ios4multipart_patch = = 1 ] ] ; then
cat $options_plist | sed '$d' | sed '$d' > options2.plist
echo "<key>FlashNOR</key><false/></dict></plist>" >> options2.plist
cat options2.plist
" $dir /hfsplus " RestoreRamdisk.dec add options2.plist usr/local/share/restore/$options_plist
else
" $dir /hfsplus " RestoreRamdisk.dec add $options_plist usr/local/share/restore/$options_plist
fi
if [ [ $device_target_powder = = 1 ] ] && [ [ $device_target_vers = = "3" * || $device_target_vers = = "4" * ] ] ; then
log "Adding exploit and partition stuff"
cp -R ../resources/firmware/src .
2024-06-24 06:43:34 +02:00
" $dir /hfsplus " RestoreRamdisk.dec untar src/bin4.tar
" $dir /hfsplus " RestoreRamdisk.dec mv sbin/reboot sbin/reboot_
2024-06-24 02:21:47 +02:00
" $dir /hfsplus " RestoreRamdisk.dec add src/target/$device_model /reboot4 sbin/reboot
" $dir /hfsplus " RestoreRamdisk.dec chmod 755 sbin/reboot
2024-06-24 06:43:34 +02:00
if [ [ $device_type != "iPhone3,1" ] ] ; then
" $dir /hfsplus " RestoreRamdisk.dec add iBoot iBoot
# reboot chain: reboot4 as reboot, activate_exploit as reboot_, original reboot as reboot__
# thanks to testingthings (@throwaway167074) this ios 4 powder nvram fix implementation, https://gist.github.com/LukeZGD/da484f6deb02edefd6689c6bf921d5d4
" $dir /hfsplus " RestoreRamdisk.dec mv sbin/reboot_ sbin/reboot__
case $device_target_vers in
4.3* ) " $dir /hfsplus " RestoreRamdisk.dec add src/activate_exploit sbin/reboot_; ; # auto-boot=1
* ) " $dir /hfsplus " RestoreRamdisk.dec add src/activate_exploit2 sbin/reboot_; ; # auto-boot=0
esac
" $dir /hfsplus " RestoreRamdisk.dec chmod 755 sbin/reboot_
fi
2024-06-24 02:21:47 +02:00
elif [ [ $device_target_powder = = 1 ] ] ; then
local hw = " $device_model "
local base_build = "11D257"
case $device_type in
iPhone5,[ 12] ) hw = "iphone5" ; ;
iPhone5,[ 34] ) hw = "iphone5b" ; ;
iPad3,[ 456] ) hw = "ipad3b" ; ;
esac
case $device_base_build in
"11A" * | "11B" * ) base_build = "11B554a" ; ;
"9" * ) base_build = "9B206" ; ;
esac
local exploit = " src/target/ $hw / $base_build /exploit "
local partition = " src/target/ $hw / $base_build /partition "
log "Adding exploit and partition stuff"
" $dir /hfsplus " RestoreRamdisk.dec untar src/bin.tar
" $dir /hfsplus " RestoreRamdisk.dec mv sbin/reboot sbin/reboot_
" $dir /hfsplus " RestoreRamdisk.dec add $partition sbin/reboot
" $dir /hfsplus " RestoreRamdisk.dec chmod 755 sbin/reboot
" $dir /hfsplus " RestoreRamdisk.dec add $exploit exploit
fi
log "Repack Restore Ramdisk"
" $dir /xpwntool " RestoreRamdisk.dec $ramdisk_name -t RestoreRamdisk.orig
log "Add Restore Ramdisk to IPSW"
zip -r0 temp.ipsw $ramdisk_name
mv temp.ipsw " $ipsw_custom .ipsw "
}
2023-11-18 02:48:07 +01:00
ipsw_prepare_tethered( ) {
local name
local iv
local key
2024-05-15 17:16:14 +02:00
local options_plist = " options. $device_model .plist "
if [ [ $device_type = = "iPad1,1" && $device_target_vers = = "4" * ] ] ; then
:
elif [ [ $device_target_vers = = "3" * || $device_target_vers = = "4" * ] ] ; then
options_plist = "options.plist"
2023-11-18 02:48:07 +01:00
fi
if [ [ -e " $ipsw_custom .ipsw " ] ] ; then
log "Found existing Custom IPSW. Skipping IPSW creation."
return
fi
ipsw_prepare_32bit
log "Extract RestoreRamdisk and options.plist"
device_fw_key_check temp $device_target_build
2024-06-14 03:12:24 +02:00
name = $( echo $device_fw_key_temp | $jq -j '.keys[] | select(.image == "RestoreRamdisk") | .filename' )
iv = $( echo $device_fw_key_temp | $jq -j '.keys[] | select(.image == "RestoreRamdisk") | .iv' )
key = $( echo $device_fw_key_temp | $jq -j '.keys[] | select(.image == "RestoreRamdisk") | .key' )
2023-11-18 02:48:07 +01:00
mv " $ipsw_custom .ipsw " temp.ipsw
unzip -o -j temp.ipsw $name
mv $name ramdisk.orig
" $dir /xpwntool " ramdisk.orig ramdisk.dec -iv $iv -k $key
" $dir /hfsplus " ramdisk.dec extract usr/local/share/restore/$options_plist
log "Modify options.plist"
" $dir /hfsplus " ramdisk.dec rm usr/local/share/restore/$options_plist
cat $options_plist | sed '$d' | sed '$d' > options2.plist
echo "<key>FlashNOR</key><false/></dict></plist>" >> options2.plist
cat options2.plist
" $dir /hfsplus " ramdisk.dec add options2.plist usr/local/share/restore/$options_plist
log "Repack Restore Ramdisk"
" $dir /xpwntool " ramdisk.dec $name -t ramdisk.orig
log "Add Restore Ramdisk to IPSW"
zip -r0 temp.ipsw $name
mv temp.ipsw " $ipsw_custom .ipsw "
}
2024-05-23 18:20:58 +02:00
ipsw_prepare_ios4patches( ) {
log "Applying iOS 4 patches"
mkdir -p $all_flash Firmware/dfu
log "Patch iBSS"
unzip -o -j " $ipsw_path .ipsw " Firmware/dfu/iBSS.${ device_model } ap.RELEASE.dfu
2024-06-14 03:12:24 +02:00
local ibss_iv = $( echo $device_fw_key | $jq -j '.keys[] | select(.image == "iBSS") | .iv' )
local ibss_key = $( echo $device_fw_key | $jq -j '.keys[] | select(.image == "iBSS") | .key' )
2024-05-23 18:20:58 +02:00
mv iBSS.${ device_model } ap.RELEASE.dfu iBSS.orig
" $dir /xpwntool " iBSS.orig iBSS.dec -iv $ibss_iv -k $ibss_key
2024-06-27 06:47:49 +02:00
" $dir /iBoot32Patcher " iBSS.dec iBSS.patched --rsa --debug $ticket -b "rd=md0 -v amfi=0xff cs_enforcement_disable=1"
2024-05-23 18:20:58 +02:00
" $dir /xpwntool " iBSS.patched Firmware/dfu/iBSS.${ device_model } ap.RELEASE.dfu -t iBSS.orig
log "Patch iBEC"
unzip -o -j " $ipsw_path .ipsw " Firmware/dfu/iBEC.${ device_model } ap.RELEASE.dfu
2024-06-14 03:12:24 +02:00
local ibec_iv = $( echo $device_fw_key | $jq -j '.keys[] | select(.image == "iBEC") | .iv' )
local ibec_key = $( echo $device_fw_key | $jq -j '.keys[] | select(.image == "iBEC") | .key' )
2024-05-23 18:20:58 +02:00
mv iBEC.${ device_model } ap.RELEASE.dfu iBEC.orig
" $dir /xpwntool " iBEC.orig iBEC.dec -iv $ibec_iv -k $ibec_key
2024-06-27 06:47:49 +02:00
" $dir /iBoot32Patcher " iBEC.dec iBEC.patched --rsa --debug $ticket -b "rd=md0 -v amfi=0xff cs_enforcement_disable=1"
2024-05-23 18:20:58 +02:00
" $dir /xpwntool " iBEC.patched Firmware/dfu/iBEC.${ device_model } ap.RELEASE.dfu -t iBEC.orig
}
2023-10-04 05:22:29 +02:00
ipsw_prepare_ios4powder( ) {
2023-09-14 10:10:52 +02:00
local ExtraArgs = " -apticket $shsh_path "
2023-10-25 09:46:35 +02:00
local ExtraArgs2 = "--boot-partition --boot-ramdisk --logo4 "
2023-01-13 05:25:27 +01:00
local JBFiles = ( )
2024-01-08 06:52:14 +01:00
ipsw_prepare_usepowder = 1
2023-01-13 05:25:27 +01:00
if [ [ -e " $ipsw_custom .ipsw " ] ] ; then
log "Found existing Custom IPSW. Skipping IPSW creation."
return
fi
if [ [ $ipsw_jailbreak = = 1 ] ] ; then
2023-10-30 18:36:38 +01:00
JBFiles = ( " g1lbertJB/ ${ device_type } _ ${ device_target_build } .tar " "fstab_rw.tar" "freeze.tar" "cydiasubstrate.tar" )
2023-09-14 10:10:52 +02:00
for i in { 0..3} ; do
JBFiles[ i] = $jelbrek /${ JBFiles [ $i ] }
done
2023-05-27 10:57:19 +02:00
if [ [ $ipsw_openssh = = 1 ] ] ; then
2023-07-21 09:12:01 +02:00
JBFiles += ( " $jelbrek /sshdeb.tar " )
2023-05-27 10:57:19 +02:00
fi
2023-07-21 09:12:01 +02:00
cp $jelbrek /freeze.tar .
2023-01-13 05:25:27 +01:00
fi
2023-10-30 18:36:38 +01:00
ipsw_prepare_bundle target
ipsw_prepare_bundle base
2024-05-23 18:20:58 +02:00
ipsw_prepare_logos_convert
2023-04-08 13:34:12 +02:00
cp -R ../resources/firmware/src .
2023-10-30 18:36:38 +01:00
rm src/target/$device_model /$device_base_build /partition
mv src/target/$device_model /reboot4 src/target/$device_model /$device_base_build /partition
rm src/bin.tar
mv src/bin4.tar src/bin.tar
2023-09-14 10:10:52 +02:00
ipsw_prepare_config false true
2023-01-13 10:30:26 +01:00
if [ [ $ipsw_memory = = 1 ] ] ; then
2023-01-31 08:28:20 +01:00
ExtraArgs += " -memory"
2023-01-13 10:30:26 +01:00
fi
2023-07-03 09:22:35 +02:00
if [ [ $device_actrec = = 1 ] ] ; then
device_dump activation
2024-03-10 15:46:27 +01:00
ExtraArgs += " ../saved/ $device_type /activation- $device_ecid .tar "
2023-07-03 09:22:35 +02:00
fi
2023-11-06 12:14:26 +01:00
case $device_target_vers in
2023-11-18 02:24:31 +01:00
4.3.[ 45] ) :; ;
2023-11-06 12:14:26 +01:00
* ) ExtraArgs2 += "--433 " ; ;
esac
2023-10-30 18:36:38 +01:00
if [ [ $ipsw_verbose = = 1 ] ] ; then
ExtraArgs2 += "-b -v"
fi
2023-11-13 03:27:36 +01:00
patch_iboot $ExtraArgs2
2023-10-30 18:36:38 +01:00
tar -rvf src/bin.tar iBoot
2024-06-23 14:49:23 +02:00
if [ [ $device_type = = "iPad1,1" ] ] ; then
cp iBoot iBEC
tar -cvf iBoot.tar iBEC
ExtraArgs += " iBoot.tar"
fi
2024-02-08 06:40:29 +01:00
if [ [ $ipsw_isbeta = = 1 ] ] ; then
ipsw_prepare_systemversion
ExtraArgs += " systemversion.tar"
fi
2023-04-02 12:18:44 +02:00
log " Preparing custom IPSW: $dir /powdersn0w $ipsw_path .ipsw temp.ipsw -base $ipsw_base_path .ipsw $ExtraArgs ${ JBFiles [*] } "
" $dir /powdersn0w " " $ipsw_path .ipsw " temp.ipsw -base " $ipsw_base_path .ipsw " $ExtraArgs ${ JBFiles [@] }
2023-01-13 05:25:27 +01:00
2023-01-23 07:04:37 +01:00
if [ [ ! -e temp.ipsw ] ] ; then
2023-01-13 05:25:27 +01:00
error "Failed to find custom IPSW. Please run the script again" \
2023-01-17 03:19:51 +01:00
"* You may try selecting N for memory option"
2023-01-13 05:25:27 +01:00
fi
2024-05-23 18:20:58 +02:00
ipsw_prepare_ios4patches
if [ [ -n $ipsw_customlogo ] ] ; then
ipsw_prepare_logos_add
else
log "Patch AppleLogo"
2024-06-14 03:12:24 +02:00
local applelogo_name = $( echo " $device_fw_key " | $jq -j '.keys[] | select(.image == "AppleLogo") | .filename' )
2024-05-23 18:20:58 +02:00
unzip -o -j temp.ipsw $all_flash /$applelogo_name
echo "0000010: 3467" | xxd -r - $applelogo_name
echo "0000020: 3467" | xxd -r - $applelogo_name
mv $applelogo_name $all_flash /$applelogo_name
fi
2024-06-24 06:43:34 +02:00
if [ [ $device_type != "iPhone3,1" ] ] ; then
local ramdisk_name = $( echo " $device_fw_key " | $jq -j '.keys[] | select(.image == "RestoreRamdisk") | .filename' )
log "Patch RestoreRamdisk"
unzip -o -j temp.ipsw $ramdisk_name
mv $ramdisk_name ramdisk.orig
" $dir /xpwntool " ramdisk.orig ramdisk.dec
# powdersn0w adds reboot4 as sbin/reboot, and orig reboot is moved to sbin/reboot_
# these commands will add activate_exploit to sbin/reboot_, and move orig reboot to sbin/reboot__
# thanks to testingthings (@throwaway167074) this ios 4 powder nvram fix implementation, https://gist.github.com/LukeZGD/da484f6deb02edefd6689c6bf921d5d4
" $dir /hfsplus " ramdisk.dec mv sbin/reboot_ sbin/reboot__
" $dir /hfsplus " ramdisk.dec add src/activate_exploit sbin/reboot_
" $dir /hfsplus " ramdisk.dec chmod 755 sbin/reboot_
" $dir /xpwntool " ramdisk.dec $ramdisk_name -t ramdisk.orig
fi
2023-10-30 18:36:38 +01:00
2023-09-14 10:10:52 +02:00
log "Add all to custom IPSW"
2023-10-30 18:36:38 +01:00
if [ [ $device_type != "iPad1,1" ] ] ; then
2024-02-20 11:10:35 +01:00
cp iBoot $all_flash /iBoot2.${ device_model } ap.RELEASE.img3
2023-10-30 18:36:38 +01:00
fi
2024-06-24 06:43:34 +02:00
zip -r0 temp.ipsw $all_flash /* Firmware/dfu/* $ramdisk_name
2023-01-13 05:25:27 +01:00
2023-01-23 07:04:37 +01:00
mv temp.ipsw " $ipsw_custom .ipsw "
2023-01-13 05:25:27 +01:00
}
2023-09-14 10:10:52 +02:00
ipsw_prepare_powder( ) {
2023-04-02 12:18:44 +02:00
local ExtraArgs
if [ [ -e " $ipsw_custom .ipsw " ] ] ; then
log "Found existing Custom IPSW. Skipping IPSW creation."
return
fi
2024-01-08 06:52:14 +01:00
ipsw_prepare_usepowder = 1
2023-04-02 12:18:44 +02:00
ipsw_prepare_bundle target
ipsw_prepare_bundle base
2024-05-23 18:20:58 +02:00
ipsw_prepare_logos_convert
2023-04-02 12:18:44 +02:00
cp -R ../resources/firmware/src .
if [ [ $ipsw_memory = = 1 ] ] ; then
ExtraArgs += " -memory"
fi
2024-02-07 15:31:52 +01:00
if [ [ $device_use_bb != 0 && $device_type != " $device_disable_bbupdate " ] ] ; then
2023-06-26 11:35:06 +02:00
ExtraArgs += " -bbupdate"
elif [ [ $device_type = = " $device_disable_bbupdate " && $device_type = = "iPhone" * ] ] ; then
2023-07-03 09:22:35 +02:00
device_dump baseband
2024-03-10 15:46:27 +01:00
ExtraArgs += " ../saved/ $device_type /baseband- $device_ecid .tar "
2023-06-26 11:35:06 +02:00
fi
2023-07-03 09:22:35 +02:00
if [ [ $device_actrec = = 1 ] ] ; then
device_dump activation
2024-03-10 15:46:27 +01:00
ExtraArgs += " ../saved/ $device_type /activation- $device_ecid .tar "
2023-07-03 09:22:35 +02:00
fi
2024-02-03 10:45:37 +01:00
2023-07-09 14:47:13 +02:00
if [ [ $ipsw_jailbreak = = 1 ] ] ; then
2023-07-21 09:12:01 +02:00
cp $jelbrek /freeze.tar .
2023-10-05 09:12:31 +02:00
case $device_target_vers in
2024-03-08 10:25:58 +01:00
5* ) ExtraArgs += " $jelbrek /cydiasubstrate.tar $jelbrek /g1lbertJB.tar $jelbrek /g1lbertJB/ ${ device_type } _ ${ device_target_build } .tar " ; ;
7.0* ) ExtraArgs += " $jelbrek /evasi0n7-untether.tar $jelbrek /fstab7.tar " ; ;
7.1* ) ExtraArgs += " $jelbrek /panguaxe.tar $jelbrek /fstab7.tar " ; ;
esac
case $device_target_vers in
2024-03-10 15:39:49 +01:00
[ 689] * ) :; ;
2024-03-08 10:25:58 +01:00
* ) ExtraArgs += " freeze.tar" ; ;
2023-10-05 09:12:31 +02:00
esac
2023-07-09 14:47:13 +02:00
if [ [ $ipsw_openssh = = 1 ] ] ; then
2023-07-21 09:12:01 +02:00
ExtraArgs += " $jelbrek /sshdeb.tar "
2023-07-09 14:47:13 +02:00
fi
fi
2024-02-03 10:45:37 +01:00
2024-02-12 10:44:29 +01:00
local ExtraArr = ( "--boot-partition" "--boot-ramdisk" )
case $device_target_vers in
[ 789] * ) :; ;
* ) ExtraArr += ( "--logo" ) ; ;
esac
2024-03-24 01:53:27 +01:00
if [ [ $device_type = = "iPhone5,3" || $device_type = = "iPhone5,4" ] ] && [ [ $device_base_vers = = "7.0" * ] ] ; then
ipsw_powder_5c70 = 1
fi
if [ [ $device_type = = "iPhone5" * && $ipsw_powder_5c70 != 1 ] ] ; then
2023-10-12 13:17:10 +02:00
# do this stuff because these use ramdiskH (jump to /boot/iBEC) instead of jump ibot to ibob
if [ [ $device_target_vers = = "9" * ] ] ; then
2023-11-13 03:27:36 +01:00
ExtraArr[ 0] += "9"
2023-10-12 13:17:10 +02:00
fi
2024-03-19 03:43:17 +01:00
local bootargs
if [ [ $ipsw_jailbreak = = 1 && $device_target_vers != "7" * ] ] ; then
bootargs += "cs_enforcement_disable=1 amfi_get_out_of_my_way=1 amfi=0xff"
fi
if [ [ $ipsw_verbose = = 1 ] ] ; then
bootargs += " -v"
2023-10-12 13:17:10 +02:00
fi
2024-03-19 03:43:17 +01:00
ExtraArr += ( "-b" " $bootargs " )
2023-11-13 03:27:36 +01:00
patch_iboot " ${ ExtraArr [@] } "
2023-10-12 13:17:10 +02:00
tar -cvf iBoot.tar iBoot
ExtraArgs += " iBoot.tar"
2023-10-30 18:36:38 +01:00
elif [ [ $device_type = = "iPad1,1" ] ] ; then
2024-03-06 03:39:52 +01:00
# ipad 1 ramdiskH jumps to /iBEC instead
2023-10-30 18:36:38 +01:00
if [ [ $ipsw_verbose = = 1 ] ] ; then
2023-11-13 03:27:36 +01:00
ExtraArr += ( "-b" "-v" )
2023-10-30 18:36:38 +01:00
fi
2023-11-13 03:27:36 +01:00
patch_iboot " ${ ExtraArr [@] } "
2023-10-30 18:36:38 +01:00
mv iBoot iBEC
tar -cvf iBoot.tar iBEC
ExtraArgs += " iBoot.tar"
2023-10-12 13:17:10 +02:00
fi
2024-02-03 10:45:37 +01:00
if [ [ $ipsw_isbeta = = 1 ] ] ; then
ipsw_prepare_systemversion
ExtraArgs += " systemversion.tar"
fi
2023-04-02 12:18:44 +02:00
log " Preparing custom IPSW: $dir /powdersn0w $ipsw_path .ipsw temp.ipsw -base $ipsw_base_path .ipsw $ExtraArgs "
" $dir /powdersn0w " " $ipsw_path .ipsw " temp.ipsw -base " $ipsw_base_path .ipsw " $ExtraArgs
if [ [ ! -e temp.ipsw ] ] ; then
error "Failed to find custom IPSW. Please run the script again" \
"* You may try selecting N for memory option"
fi
2024-02-12 06:33:52 +01:00
2024-03-24 01:53:27 +01:00
if [ [ $device_type != "iPhone5" * && $device_type != "iPad1,1" ] ] || [ [ $ipsw_powder_5c70 = = 1 ] ] ; then
2024-02-12 10:44:29 +01:00
case $device_target_vers in
[ 789] * ) :; ;
* )
patch_iboot --logo
mkdir -p $all_flash
mv iBoot*.img3 $all_flash
zip -r0 temp.ipsw $all_flash /iBoot*.img3
; ;
esac
2024-02-12 06:33:52 +01:00
fi
2024-05-23 18:20:58 +02:00
ipsw_prepare_logos_add
2024-02-09 18:30:54 +01:00
ipsw_bbreplace
2024-02-12 06:33:52 +01:00
2023-04-02 12:18:44 +02:00
mv temp.ipsw " $ipsw_custom .ipsw "
}
2024-01-03 08:59:29 +01:00
ipsw_prepare_patchcomp( ) {
2024-02-20 11:10:35 +01:00
local path = " $all_flash "
2024-01-02 04:46:15 +01:00
local name = " LLB. ${ device_model } ap.RELEASE "
2024-01-03 08:59:29 +01:00
local ext = "img3"
2024-03-23 08:29:06 +01:00
local patch
local iv
local key
2024-01-03 08:59:29 +01:00
if [ [ $1 = = "WTF2" ] ] ; then
path = "Firmware/dfu"
name = "WTF.s5l8900xall.RELEASE"
ext = "dfu"
2024-03-24 13:03:21 +01:00
elif [ [ $1 = = "iBEC" ] ] ; then
path = "Firmware/dfu"
name = " iBEC. ${ device_model } ap.RELEASE "
ext = "dfu"
2024-03-23 08:29:06 +01:00
elif [ [ $1 = = "iBoot" ] ] ; then
name = " iBoot. ${ device_model } ap.RELEASE "
elif [ [ $1 = = "Kernelcache" ] ] ; then
path =
name = "kernelcache.release"
ext = "s5l8900x"
if [ [ $device_target_vers = = "4" * ] ] ; then
return
fi
patch = " ../resources/patch/ $name . $ext .p2 "
log " Patch $1 "
unzip -o -j " $ipsw_custom .ipsw " $name .$ext
mv $name .$ext kc.orig
$bspatch kc.orig $name .$ext $patch .patch
zip -r0 " $ipsw_custom .ipsw " $name .$ext
return
elif [ [ $1 = = "RestoreRamdisk" ] ] ; then
path =
name = "018-6494-014"
iv = 25e713dd5663badebe046d0ffa164fee
key = 7029389c2dadaaa1d1e51bf579493824
if [ [ $device_target_vers = = "4.1" ] ] ; then
name = "018-7079-079"
iv = a0fc6ca4ef7ef305d975e7f881ddcc7f
key = 18eab1ba646ae018b013bc959001fbde
elif [ [ $device_target_vers = = "4.2.1" ] ] ; then
name = "038-0029-002"
iv = 673d874f06e87e018adbe8a34425df19
key = 91fd0e11469cafd56cff8ac906e54b93
fi
ext = "dmg"
fi
patch = " ../resources/firmware/FirmwareBundles/Down_ ${ device_type } _ ${ device_target_vers } _ ${ device_target_build } .bundle/ $name .patch "
if [ [ $1 = = "RestoreRamdisk" ] ] ; then
local ivkey
2024-03-26 17:45:03 +01:00
if [ [ $device_target_vers = = "4" * || $device_type = = *"1,1" ] ] ; then
2024-03-23 08:29:06 +01:00
ivkey = " -iv $iv -k $key "
fi
log " Patch $1 "
unzip -o -j " $ipsw_path .ipsw " $name .$ext
mv $name .$ext rd.orig
" $dir /xpwntool " rd.orig rd.dec -iv $iv -k $key
$bspatch rd.dec rd.patched " $patch "
" $dir /xpwntool " rd.patched $name .$ext -t rd.orig $ivkey
zip -r0 " $ipsw_custom .ipsw " $name .$ext
return
2024-01-03 08:59:29 +01:00
fi
log " Patch $1 "
unzip -o -j " $ipsw_path .ipsw " $path /$name .$ext
2024-03-23 08:29:06 +01:00
$bspatch $name .$ext $name .patched $patch
2024-01-02 04:46:15 +01:00
mkdir -p $path
2024-01-03 08:59:29 +01:00
mv $name .patched $path /$name .$ext
zip -r0 " $ipsw_custom .ipsw " $path /$name .$ext
2024-01-02 04:46:15 +01:00
}
2023-06-15 08:21:05 +02:00
2024-04-09 15:29:28 +02:00
ipsw_prepare_s5l8900( ) {
local rname = "018-6494-014.dmg"
local sha1E = "4f6539d2032a1c7e1a068c667e393e62d8912700"
local sha1L
2024-04-19 04:22:48 +02:00
ipsw_url = "https://github.com/LukeZGD/Legacy-iOS-Kit-Keys/releases/download/jailbreak/"
2024-04-09 15:29:28 +02:00
if [ [ $device_target_vers = = "4.1" ] ] ; then
rname = "018-7079-079.dmg"
sha1E = "9a64eea9949b720f1033d41adc85254e6dbf9525"
elif [ [ $device_target_vers = = "4.2.1" ] ] ; then
rname = "038-0029-002.dmg"
sha1E = "a8914d2f7f0dddc41eb17f197d0633d7bcb9f6b4"
elif [ [ $device_type = = "iPhone1,1" && $ipsw_hacktivate = = 1 ] ] ; then
2024-04-19 04:22:48 +02:00
ipsw_url += "iPhone1.1_3.1.3_7E18_Custom_Hacktivate.ipsw"
2024-04-09 15:29:28 +02:00
sha1E = "f642829875ce632cd071e62169a1acbdcffcf0c8"
elif [ [ $device_type = = "iPhone1,1" ] ] ; then
2024-04-19 04:22:48 +02:00
ipsw_url += "iPhone1.1_3.1.3_7E18_Custom.ipsw"
2024-04-09 15:29:28 +02:00
sha1E = "7b3dd17c48c139dc827696284736d3c37d8fb7ac"
elif [ [ $device_type = = "iPod1,1" ] ] ; then
2024-04-19 04:22:48 +02:00
ipsw_url += "iPod1.1_3.1.3_7E18_Custom.ipsw"
2024-04-09 15:29:28 +02:00
sha1E = "f76cd3d4deaf82587dc758c6fbe724c31c9b6de2"
fi
if [ [ $device_type = = "iPhone1,2" && -e " $ipsw_custom .ipsw " ] ] ; then
log "Checking RestoreRamdisk hash of custom IPSW"
unzip -o -j " $ipsw_custom .ipsw " $rname
sha1L = " $( $sha1sum $rname | awk '{print $1}' ) "
2024-05-23 18:20:58 +02:00
elif [ [ -e " $ipsw_custom2 .ipsw " ] ] ; then
log " Getting SHA1 hash for $ipsw_custom2 .ipsw... "
sha1L = $( $sha1sum " $ipsw_custom2 .ipsw " | awk '{print $1}' )
fi
if [ [ $sha1L = = " $sha1E " && $ipsw_customlogo2 = = 1 ] ] ; then
log "Verified existing Custom IPSW. Preparing custom logo images and IPSW"
rm -f " $ipsw_custom .ipsw "
cp " $ipsw_custom2 .ipsw " temp.ipsw
device_fw_key_check
ipsw_prepare_logos_convert
ipsw_prepare_logos_add
mv temp.ipsw " $ipsw_custom .ipsw "
return
elif [ [ $sha1L = = " $sha1E " ] ] ; then
2024-04-09 15:29:28 +02:00
log "Verified existing Custom IPSW. Skipping IPSW creation."
return
else
log " Verifying IPSW failed. Expected $sha1E , got $sha1L "
fi
2024-04-08 03:35:24 +02:00
2024-04-09 15:29:28 +02:00
if [ [ -e " $ipsw_custom .ipsw " ] ] ; then
log "Deleting existing custom IPSW"
rm " $ipsw_custom .ipsw "
fi
2024-04-08 03:35:24 +02:00
2024-04-09 15:29:28 +02:00
if [ [ $device_type != "iPhone1,2" ] ] ; then
log " Downloading IPSW: $ipsw_url "
curl -L " $ipsw_url " -o temp.ipsw
log "Getting SHA1 hash for IPSW..."
sha1L = $( $sha1sum temp.ipsw | awk '{print $1}' )
if [ [ $sha1L != " $sha1E " ] ] ; then
error "Verifying IPSW failed. The IPSW may be corrupted or incomplete. Please run the script again" \
" * SHA1sum mismatch. Expected $sha1E , got $sha1L "
2024-03-26 17:45:03 +01:00
fi
2024-05-23 18:20:58 +02:00
if [ [ $ipsw_customlogo2 = = 1 ] ] ; then
cp temp.ipsw " $ipsw_custom2 .ipsw "
device_fw_key_check
ipsw_prepare_logos_convert
ipsw_prepare_logos_add
fi
2024-04-09 15:29:28 +02:00
mv temp.ipsw " $ipsw_custom .ipsw "
return
fi
2024-04-08 03:35:24 +02:00
2024-04-09 15:29:28 +02:00
ipsw_prepare_jailbreak old
ipsw_prepare_patchcomp LLB
ipsw_prepare_patchcomp iBoot
ipsw_prepare_patchcomp RestoreRamdisk
if [ [ $device_target_vers != "4.1" ] ] ; then
ipsw_prepare_patchcomp Kernelcache
fi
if [ [ $device_target_vers = = "4" * ] ] ; then
ipsw_prepare_patchcomp WTF2
ipsw_prepare_patchcomp iBEC
fi
}
ipsw_prepare_custom( ) {
if [ [ -e " $ipsw_custom .ipsw " ] ] ; then
2023-06-15 08:21:05 +02:00
log "Found existing Custom IPSW. Skipping IPSW creation."
return
2023-06-24 12:22:35 +02:00
elif [ [ $device_target_vers = = "4.1" && $ipsw_jailbreak != 1 ] ] ; then
log " No need to create custom IPSW for non-jailbroken restores on $device_type - $device_target_build "
return
2023-06-15 08:21:05 +02:00
fi
2024-01-02 04:46:15 +01:00
ipsw_prepare_jailbreak old
2024-04-09 15:29:28 +02:00
2024-01-03 08:59:29 +01:00
if [ [ $device_type = = "iPod2,1" ] ] ; then
case $device_target_vers in
4.2.1 | 4.1 | 3.1.3 ) :; ;
* ) ipsw_prepare_patchcomp LLB; ;
esac
2024-03-19 03:43:17 +01:00
else # 3GS
2023-07-03 09:22:35 +02:00
case $device_target_vers in
2024-01-03 08:59:29 +01:00
6.1.6 | 4.1 ) :; ;
* ) ipsw_prepare_patchcomp LLB; ;
2023-12-30 15:10:04 +01:00
esac
2023-06-15 08:21:05 +02:00
fi
}
2023-01-13 05:25:27 +01:00
ipsw_extract( ) {
local ExtraArgs
local ipsw = " $ipsw_path "
if [ [ $1 = = "custom" ] ] ; then
ipsw = " $ipsw_custom "
fi
if [ [ ! -d " $ipsw " ] ] ; then
mkdir " $ipsw "
log " Extracting IPSW: $ipsw .ipsw "
unzip -o " $ipsw .ipsw " -d " $ipsw / " $ExtraArgs
fi
}
restore_download_bbsep( ) {
2023-02-10 07:33:48 +01:00
# download and check manifest, baseband, and sep to be used for restoring
2023-01-13 05:25:27 +01:00
# sets variables: restore_manifest, restore_baseband, restore_sep
local build_id
local baseband_sha1
2023-08-05 17:00:27 +02:00
local restore_baseband_check
2024-05-01 17:30:14 +02:00
if [ [ $device_proc = = 8 || $device_latest_vers = = "15" * || $device_latest_vers = = "16" * ] ] ; then
2023-12-26 10:29:08 +01:00
return
elif [ [ $device_latest_vers = = " $device_use_vers " || $device_target_vers = = "10" * ] ] ; then
2023-01-13 05:25:27 +01:00
build_id = " $device_use_build "
restore_baseband = " $device_use_bb "
baseband_sha1 = " $device_use_bb_sha1 "
else
build_id = " $device_latest_build "
restore_baseband = " $device_latest_bb "
baseband_sha1 = " $device_latest_bb_sha1 "
fi
mkdir tmp
# BuildManifest
if [ [ ! -e ../saved/$device_type /$build_id .plist ] ] ; then
2023-01-13 16:02:51 +01:00
if [ [ $device_proc = = 7 && $device_target_vers = = "10" * ] ] ; then
2023-01-13 05:25:27 +01:00
cp ../resources/manifest/BuildManifest_${ device_type } _10.3.3.plist $build_id .plist
else
log " Downloading $build_id BuildManifest "
2023-08-05 17:00:27 +02:00
" $dir /pzb " -g BuildManifest.plist -o $build_id .plist " $( cat $device_fw_dir /$build_id /url) "
2023-01-13 05:25:27 +01:00
fi
mv $build_id .plist ../saved/$device_type
fi
cp ../saved/$device_type /$build_id .plist tmp/BuildManifest.plist
2023-02-08 04:46:52 +01:00
if [ [ $? != 0 ] ] ; then
rm ../saved/$device_type /$build_id .plist
error "An error occurred copying manifest. Please run the script again"
fi
log " Manifest: ../saved/ $device_type / $build_id .plist "
2023-01-13 05:25:27 +01:00
restore_manifest = "tmp/BuildManifest.plist"
# Baseband
if [ [ $restore_baseband != 0 ] ] ; then
2023-08-05 17:00:27 +02:00
restore_baseband_check = " ../saved/baseband/ $restore_baseband "
if [ [ -e $restore_baseband_check ] ] ; then
if [ [ $baseband_sha1 != " $( $sha1sum $restore_baseband_check | awk '{print $1}' ) " ] ] ; then
rm $restore_baseband_check
2023-02-08 04:46:52 +01:00
fi
fi
2023-08-05 17:00:27 +02:00
if [ [ ! -e $restore_baseband_check ] ] ; then
2023-01-13 05:25:27 +01:00
log " Downloading $build_id Baseband "
2023-08-05 17:00:27 +02:00
" $dir /pzb " -g Firmware/$restore_baseband -o $restore_baseband " $( cat $device_fw_dir /$build_id /url) "
2023-01-13 05:25:27 +01:00
if [ [ $baseband_sha1 != " $( $sha1sum $restore_baseband | awk '{print $1}' ) " ] ] ; then
error "Downloading/verifying baseband failed. Please run the script again"
fi
2023-08-05 17:00:27 +02:00
mv $restore_baseband $restore_baseband_check
2023-01-13 05:25:27 +01:00
fi
2023-08-05 17:00:27 +02:00
cp $restore_baseband_check tmp/bbfw.tmp
2023-02-08 04:46:52 +01:00
if [ [ $? != 0 ] ] ; then
2023-08-05 17:00:27 +02:00
rm $restore_baseband_check
2023-02-08 04:46:52 +01:00
error "An error occurred copying baseband. Please run the script again"
fi
2023-08-05 17:00:27 +02:00
log " Baseband: $restore_baseband_check "
2023-01-13 05:25:27 +01:00
restore_baseband = "tmp/bbfw.tmp"
fi
# SEP
if ( ( device_proc >= 7 ) ) ; then
restore_sep = " sep-firmware. $device_model .RELEASE "
if [ [ ! -e ../saved/$device_type /$restore_sep -$build_id .im4p ] ] ; then
log " Downloading $build_id SEP "
2023-08-05 17:00:27 +02:00
" $dir /pzb " -g Firmware/all_flash/$restore_sep .im4p -o $restore_sep .im4p " $( cat $device_fw_dir /$build_id /url) "
2023-01-13 05:25:27 +01:00
mv $restore_sep .im4p ../saved/$device_type /$restore_sep -$build_id .im4p
fi
restore_sep = " $restore_sep - $build_id .im4p "
cp ../saved/$device_type /$restore_sep .
2023-02-08 04:46:52 +01:00
if [ [ $? != 0 ] ] ; then
rm ../saved/$device_type /$restore_sep
error "An error occurred copying SEP. Please run the script again"
fi
log " SEP: ../saved/ $device_type / $restore_sep "
2023-01-13 05:25:27 +01:00
fi
}
restore_idevicerestore( ) {
2023-07-09 14:47:13 +02:00
local ExtraArgs = "-ew"
2023-04-08 13:34:12 +02:00
local idevicerestore2 = " $idevicerestore "
2023-01-13 05:25:27 +01:00
local re
2023-11-18 02:24:31 +01:00
mkdir shsh 2>/dev/null
2023-01-13 05:25:27 +01:00
cp " $shsh_path " shsh/$device_ecid -$device_type -$device_target_vers .shsh
if [ [ $device_use_bb = = 0 ] ] ; then
log " Device $device_type has no baseband/disabled baseband update "
fi
2023-02-25 04:37:50 +01:00
ipsw_extract custom
2023-11-18 02:24:31 +01:00
if [ [ $1 = = "norflash" ] ] ; then
2023-11-18 02:24:52 +01:00
cp " $shsh_path " shsh/$device_ecid -$device_type -5.1.1.shsh
2024-05-07 06:56:14 +02:00
elif [ [ $device_type = = "iPad" * && $device_pwnrec != 1 ] ] &&
[ [ $device_target_vers = = "3" * || $device_target_vers = = "4" * ] ] ; then
2024-02-26 03:41:17 +01:00
if [ [ $device_type = = "iPad1,1" ] ] ; then
patch_ibss
log "Sending iBSS..."
$irecovery -f pwnediBSS.dfu
sleep 1
fi
2023-02-25 04:37:50 +01:00
log "Sending iBEC..."
2023-11-18 02:24:31 +01:00
$irecovery -f " $ipsw_custom /Firmware/dfu/iBEC. ${ device_model } ap.RELEASE.dfu "
2023-02-25 04:37:50 +01:00
device_find_mode Recovery
fi
2023-01-13 05:25:27 +01:00
if [ [ $debug_mode = = 1 ] ] ; then
2023-07-09 14:47:13 +02:00
ExtraArgs += "d"
2023-01-13 05:25:27 +01:00
fi
2023-04-08 13:34:12 +02:00
log " Running idevicere ${ re } store with command: $idevicerestore2 $ExtraArgs \" $ipsw_custom .ipsw\" "
$idevicerestore2 $ExtraArgs " $ipsw_custom .ipsw "
2023-07-18 05:56:33 +02:00
opt = $?
2023-11-18 02:24:52 +01:00
if [ [ $1 = = "first" ] ] ; then
return $opt
fi
2023-01-13 05:25:27 +01:00
echo
log "Restoring done! Read the message below if any error has occurred:"
2023-08-19 09:36:15 +02:00
case $device_target_vers in
2024-01-10 04:44:42 +01:00
[ 1234] * ) print "* For device activation, go to: Other Utilities -> Attempt Activation" ; ;
2023-08-19 09:36:15 +02:00
esac
2023-07-18 05:56:33 +02:00
if [ [ $opt != 0 ] ] ; then
2023-07-19 12:54:39 +02:00
print "* If the restore failed on updating baseband:"
print " -> Try disabling baseband update: ./restore.sh --disable-bbupdate"
echo
2023-07-06 10:34:00 +02:00
fi
2023-01-13 05:25:27 +01:00
print "* Please read the \"Troubleshooting\" wiki page in GitHub before opening any issue!"
print "* Your problem may have already been addressed within the wiki page."
print "* If opening an issue in GitHub, please provide a FULL log/output. Otherwise, your issue may be dismissed."
2023-08-13 02:29:44 +02:00
if [ [ $ipsw_jailbreak = = 1 ] ] ; then
case $device_target_vers in
2023-09-23 13:17:11 +02:00
4* | 3* ) warn "Do not uninstall Cydia Substrate and Substrate Safe Mode in Cydia!" ; ;
2023-08-13 02:29:44 +02:00
esac
fi
2023-01-13 05:25:27 +01:00
}
restore_futurerestore( ) {
2023-07-02 09:51:07 +02:00
local ExtraArr = ( )
2023-04-08 13:34:12 +02:00
local futurerestore2 = " $futurerestore "
2023-01-13 05:25:27 +01:00
local port = 8888
2023-09-10 18:37:01 +02:00
local opt
2023-01-13 05:25:27 +01:00
2023-08-05 17:00:27 +02:00
if [ [ $1 = = "--use-pwndfu" ] ] ; then
2023-09-10 17:22:08 +02:00
device_fw_key_check
2023-02-12 03:06:44 +01:00
pushd ../resources >/dev/null
2023-09-10 17:22:08 +02:00
if [ [ $platform = = "macos" ] ] ; then
2024-06-22 09:52:08 +02:00
if ( ( mac_majver >= 12 ) ) ; then
2023-09-10 18:37:01 +02:00
opt = " /usr/bin/python3 -m http.server -b 127.0.0.1 $port "
2023-09-10 17:22:08 +02:00
else
2023-09-10 18:37:01 +02:00
opt = " /usr/bin/python -m SimpleHTTPServer $port "
2023-09-10 17:22:08 +02:00
fi
2023-02-12 03:06:44 +01:00
else
2024-06-10 04:41:11 +02:00
if [ [ -z $( command -v python3) ] ] ; then
2023-02-12 03:06:44 +01:00
error "Python 3 is not installed, cannot continue. Make sure to have python3 installed."
fi
2024-06-10 04:41:11 +02:00
opt = " $( command -v python3) -m http.server -b 127.0.0.1 $port "
2023-02-12 03:06:44 +01:00
fi
2023-09-10 18:37:01 +02:00
log " Starting local server for firmware keys: $opt "
$opt &
httpserver_pid = $!
2023-02-12 03:06:44 +01:00
popd >/dev/null
2023-09-10 18:37:01 +02:00
log "Waiting for local server"
until [ [ $( curl http://127.0.0.1:$port 2>/dev/null) ] ] ; do
sleep 1
done
2023-01-13 05:25:27 +01:00
fi
restore_download_bbsep
# baseband args
2023-01-21 04:36:29 +01:00
if [ [ $restore_baseband = = 0 ] ] ; then
2023-07-02 09:51:07 +02:00
ExtraArr += ( "--no-baseband" )
2023-01-13 05:25:27 +01:00
else
2023-07-02 09:51:07 +02:00
ExtraArr += ( "-b" " $restore_baseband " "-p" " $restore_manifest " )
2023-01-13 05:25:27 +01:00
fi
if [ [ -n $restore_sep ] ] ; then
# sep args for 64bit
2023-07-02 09:51:07 +02:00
ExtraArr += ( "-s" " $restore_sep " "-m" " $restore_manifest " )
2023-01-13 05:25:27 +01:00
fi
2023-12-26 10:29:08 +01:00
if ( ( device_proc < 7 ) ) ; then
futurerestore2 += "_old"
2024-06-23 01:11:36 +02:00
elif [ [ $device_proc = = 7 && $device_target_other != 1 &&
$device_target_vers = = "10.3.3" && $restore_usepwndfu64 != 1 ] ] ; then
futurerestore2 += "_new"
else
2023-12-26 10:29:08 +01:00
futurerestore2 = " ../saved/futurerestore_ $platform "
ExtraArr = ( "--latest-sep" )
2024-05-06 03:20:39 +02:00
case $device_type in
iPhone* | iPad5,[ 24] | iPad6,[ 48] | iPad6,12 ) ExtraArr += ( "--latest-baseband" ) ; ;
* ) ExtraArr += ( "--no-baseband" ) ; ;
esac
2024-06-26 12:07:11 +02:00
if [ [ $device_target_vers = = "10" * ] ] ; then
2024-06-26 05:24:17 +02:00
ExtraArr += ( "-k" "-g" "14G60" )
fi
2024-02-06 02:30:36 +01:00
log "futurerestore nightly will be used for this restore: https://github.com/futurerestore/futurerestore"
2023-12-26 10:29:08 +01:00
if [ [ $platform = = "linux" && $platform_arch != "x86_64" ] ] ; then
2024-02-06 02:30:36 +01:00
warn " futurerestore nightly is not supported on $platform_arch , cannot continue. x86_64 only. "
2023-12-26 10:29:08 +01:00
return
fi
2024-02-06 02:30:36 +01:00
log "Checking for futurerestore updates..."
local fr_latest = " $( curl https://api.github.com/repos/futurerestore/futurerestore/commits | $jq -r '.[0].sha' ) "
local fr_current = " $( cat ${ futurerestore2 } _version 2>/dev/null) "
if [ [ $fr_latest != " $fr_current " ] ] ; then
log "futurerestore nightly update detected, downloading."
rm $futurerestore2
fi
2023-12-26 10:29:08 +01:00
if [ [ ! -e $futurerestore2 ] ] ; then
local url = "https://nightly.link/futurerestore/futurerestore/workflows/ci/main/"
local file = "futurerestore-"
case $platform in
"macos" ) file += "macOS-RELEASE.zip" ; ;
"linux" ) file += "Linux-x86_64-RELEASE.zip" ; ;
esac
url += " $file "
2024-05-02 04:53:02 +02:00
download_file $url $file
2023-12-26 10:29:08 +01:00
unzip -q " $file " -d .
tar -xJvf futurerestore*.xz
mv futurerestore $futurerestore2
chmod +x $futurerestore2
2024-02-06 02:30:36 +01:00
echo " $fr_latest " > ${ futurerestore2 } _version
2023-12-26 10:29:08 +01:00
fi
fi
2023-01-13 05:25:27 +01:00
if [ [ -n " $1 " ] ] ; then
# custom arg, either --use-pwndfu or --skip-blob
2023-07-02 09:51:07 +02:00
ExtraArr += ( " $1 " )
2023-01-13 05:25:27 +01:00
fi
if [ [ $debug_mode = = 1 ] ] ; then
2023-07-02 09:51:07 +02:00
ExtraArr += ( "-d" )
2023-01-13 05:25:27 +01:00
fi
2023-07-02 09:51:07 +02:00
ExtraArr += ( "-t" " $shsh_path " " $ipsw_path .ipsw " )
2023-01-22 03:45:37 +01:00
ipsw_extract
2023-01-13 05:25:27 +01:00
2023-07-02 09:51:07 +02:00
log " Running futurerestore with command: $futurerestore2 ${ ExtraArr [*] } "
$futurerestore2 " ${ ExtraArr [@] } "
2023-07-18 05:56:33 +02:00
opt = $?
2023-01-13 05:25:27 +01:00
log "Restoring done! Read the message below if any error has occurred:"
2023-07-18 05:56:33 +02:00
if [ [ $opt != 0 ] ] ; then
2023-07-06 10:34:00 +02:00
print "* If you are getting the error: \"could not retrieve device serial number\","
2023-11-08 08:46:15 +01:00
print " -> Try restoring with the jailbreak option enabled"
2023-07-06 10:34:00 +02:00
fi
2023-01-13 05:25:27 +01:00
print "* Please read the \"Troubleshooting\" wiki page in GitHub before opening any issue!"
print "* Your problem may have already been addressed within the wiki page."
print "* If opening an issue in GitHub, please provide a FULL log/output. Otherwise, your issue may be dismissed."
kill $httpserver_pid
}
restore_latest( ) {
2023-08-05 17:00:27 +02:00
local idevicerestore2 = " $idevicerestore "
2023-06-15 08:21:05 +02:00
local ExtraArgs = "-e"
2024-04-23 13:27:10 +02:00
if [ [ $device_latest_vers = = "12" * || $device_latest_vers = = "15" * || $device_latest_vers = = "16" * ] ] ; then
2024-01-02 04:46:15 +01:00
idevicerestore2 += "2"
ExtraArgs += "y"
fi
2023-06-15 08:21:05 +02:00
if [ [ $1 = = "custom" ] ] ; then
ExtraArgs += "c"
ipsw_path = " $ipsw_custom "
ipsw_extract custom
else
2023-10-30 18:36:38 +01:00
device_enter_mode Recovery
2023-06-15 08:21:05 +02:00
ipsw_extract
fi
2024-03-24 13:05:06 +01:00
if [ [ $device_type = = "iPhone1,2" && $device_target_vers = = "4" * ] ] ; then
if [ [ $1 = = "custom" ] ] ; then
log "Sending s5l8900xall..."
$irecovery -f " $ipsw_custom /Firmware/dfu/WTF.s5l8900xall.RELEASE.dfu "
device_find_mode DFUreal
log "Sending iBSS..."
$irecovery -f " $ipsw_custom /Firmware/dfu/iBSS. ${ device_model } ap.RELEASE.dfu "
device_find_mode Recovery
else
ExtraArgs = "-e"
fi
2024-03-23 08:29:06 +01:00
fi
2023-12-30 15:10:04 +01:00
if [ [ $debug_mode = = 1 ] ] ; then
ExtraArgs += "d"
fi
2023-08-05 17:00:27 +02:00
log " Running idevicerestore with command: $idevicerestore2 $ExtraArgs \" $ipsw_path .ipsw\" "
$idevicerestore2 $ExtraArgs " $ipsw_path .ipsw "
2023-07-18 05:56:33 +02:00
opt = $?
2023-06-15 08:21:05 +02:00
if [ [ $1 = = "custom" ] ] ; then
log "Restoring done! Read the message below if any error has occurred:"
print "* Please read the \"Troubleshooting\" wiki page in GitHub before opening any issue!"
print "* Your problem may have already been addressed within the wiki page."
print "* If opening an issue in GitHub, please provide a FULL log/output. Otherwise, your issue may be dismissed."
fi
2023-08-19 09:36:15 +02:00
case $device_target_vers in
2024-01-10 04:44:42 +01:00
[ 1234] * ) print "* For device activation, go to: Other Utilities -> Attempt Activation" ; ;
2023-08-19 09:36:15 +02:00
esac
2023-08-13 02:29:44 +02:00
if [ [ $ipsw_jailbreak = = 1 ] ] ; then
case $device_target_vers in
2024-01-10 04:44:42 +01:00
[ 34] * ) warn "Do not uninstall Cydia Substrate and Substrate Safe Mode in Cydia!" ; ;
2023-08-13 02:29:44 +02:00
esac
fi
2023-01-13 05:25:27 +01:00
}
restore_prepare_1033( ) {
device_enter_mode pwnDFU
local attempt = 1
2024-05-07 06:56:14 +02:00
if [ [ $device_pwnrec = = 1 ] ] ; then
warn "Pwned recovery flag detected, skipping pwnREC mode procedure. Proceed with caution"
return
fi
2024-02-15 13:29:49 +01:00
if [ [ $device_proc = = 7 ] ] ; then
2024-06-24 06:43:34 +02:00
log "gaster reset"
2024-02-15 13:29:49 +01:00
$gaster reset
fi
2023-11-18 02:48:07 +01:00
sleep 1
2024-02-08 04:31:27 +01:00
while ( ( attempt <= 5 ) ) ; do
log " Entering pwnREC mode... (Attempt $attempt of 5) "
2023-01-13 05:25:27 +01:00
log "Sending iBSS..."
$irecovery -f $iBSS .im4p
2023-11-18 02:48:07 +01:00
sleep 1
2023-01-13 05:25:27 +01:00
log "Sending iBEC..."
$irecovery -f $iBEC .im4p
2024-02-15 13:29:49 +01:00
sleep 3
2023-01-13 05:25:27 +01:00
device_find_mode Recovery 1
if [ [ $? = = 0 ] ] ; then
break
fi
print "* You may also try to unplug and replug your device"
( ( attempt++) )
done
2024-02-15 13:29:49 +01:00
if [ [ $device_proc = = 10 ] ] ; then
2024-06-24 06:43:34 +02:00
log "irecovery -c go"
2024-02-15 13:29:49 +01:00
$irecovery -c "go"
sleep 3
fi
2023-01-13 05:25:27 +01:00
2024-02-08 04:31:27 +01:00
if ( ( attempt > 5 ) ) ; then
2023-08-05 17:00:27 +02:00
error "Failed to enter pwnREC mode. You might have to force restart your device and start over entering pwnDFU mode again"
2023-01-13 05:25:27 +01:00
fi
}
2023-09-01 07:30:40 +02:00
device_buttons( ) {
local opt
2023-09-01 16:47:54 +02:00
if [ [ $device_mode != "Normal" ] ] ; then
device_enter_mode pwnDFU
return
fi
2023-09-01 07:30:40 +02:00
print "* This device needs to be in pwnDFU/kDFU mode before proceeding."
print "* Select Y for pwnDFU mode, N for kDFU mode. Select Y if unsure."
read -p " $( input 'Are both your home and power buttons working properly? (Y/n): ' ) " opt
if [ [ $opt != 'N' && $opt != 'n' ] ] ; then
device_enter_mode pwnDFU
else
device_enter_mode kDFU
fi
}
2023-01-13 05:25:27 +01:00
restore_prepare( ) {
case $device_proc in
2023-09-01 15:26:45 +02:00
1 )
2024-03-23 08:29:06 +01:00
if [ [ $device_target_vers = = "4" * && $ipsw_jailbreak != 1 ] ] ; then
2024-03-20 02:06:30 +01:00
restore_latest
return
2024-03-23 08:29:06 +01:00
elif [ [ $device_target_vers = = "3.1.3" ] ] ; then
device_enter_mode DFU
2024-01-03 08:59:29 +01:00
else
device_enter_mode WTFreal
fi
2023-12-30 15:10:04 +01:00
if [ [ $ipsw_jailbreak != 1 ] ] ; then
ipsw_custom = " $ipsw_path "
2023-09-01 15:26:45 +02:00
fi
2023-12-30 15:10:04 +01:00
restore_latest custom
2023-09-01 15:26:45 +02:00
; ;
2023-01-13 05:25:27 +01:00
4 )
2023-11-18 02:48:07 +01:00
if [ [ $device_target_tethered = = 1 ] ] ; then
shsh_save version $device_latest_vers
device_enter_mode pwnDFU
restore_idevicerestore
2024-01-10 04:44:42 +01:00
elif [ [ $device_target_vers = = "4.1" && $ipsw_jailbreak = = 1 ] ] ; then
2024-03-23 08:29:06 +01:00
case $device_type in
iPhone2,1 | iPod[ 23] ,1 ) shsh_save version 4.1; ;
esac
2024-01-10 04:44:42 +01:00
device_enter_mode pwnDFU
restore_idevicerestore
2023-11-18 02:48:07 +01:00
elif [ [ $device_target_powder = = 1 ] ] ; then
2023-11-18 02:24:31 +01:00
shsh_save version $device_latest_vers
2024-01-10 04:44:42 +01:00
case $device_target_vers in
[ 34] * ) device_enter_mode pwnDFU; ;
* ) device_buttons; ;
esac
2023-11-18 02:24:31 +01:00
case $device_target_vers in
"3" * | "4.0" * | "4.1" | "4.2" * )
2023-11-18 02:24:52 +01:00
restore_idevicerestore first
2023-11-18 02:24:31 +01:00
log "Do not disconnect your device, not done yet"
2023-11-18 02:24:52 +01:00
print "* Please put the device in DFU mode after it reboots!"
sleep 10
2023-11-18 02:24:31 +01:00
device_mode =
log "Finding device in Recovery/DFU mode..."
until [ [ -n $device_mode ] ] ; do
device_mode = " $( $irecovery -q 2>/dev/null | grep -w "MODE" | cut -c 7-) "
done
ipsw_custom = " ../ $ipsw_custom_part2 "
device_enter_mode pwnDFU
restore_idevicerestore norflash
; ;
2023-11-18 02:24:52 +01:00
* ) restore_idevicerestore; ;
2023-11-18 02:24:31 +01:00
esac
2024-06-24 06:43:34 +02:00
if [ [ $device_target_vers = = "3" * || $device_target_vers = = "4" * ] ] && [ [ $device_target_powder = = 1 ] ] ; then
2024-06-24 02:17:21 +02:00
log "The device may enter recovery mode after the restore"
print "* To fix this, go to: Other Utilities -> Disable/Enable Exploit -> Enable Exploit"
2023-11-18 02:24:31 +01:00
fi
2024-06-24 06:43:34 +02:00
if [ [ $device_target_vers = = "4.3" * && $device_target_powder = = 1 ] ] &&
[ [ $device_type = = "iPad1,1" || $device_type = = "iPod3,1" ] ] ; then
log "Do not disconnect your device yet"
device_find_mode Recovery 50
log "Attempting to exit recovery mode"
$irecovery -n
log "Done, your device should boot now"
fi
2024-01-10 04:44:42 +01:00
elif [ [ $device_target_other = = 1 ] ] ; then
case $device_target_vers in
[ 34] * ) device_enter_mode pwnDFU; ;
* ) device_buttons; ;
esac
2023-11-18 02:24:31 +01:00
restore_idevicerestore
2024-01-10 04:44:42 +01:00
elif [ [ $device_target_vers = = "4.1" ] ] ; then
shsh_save version 4.1
device_enter_mode DFU
restore_latest
if [ [ $device_type = = "iPhone2,1" ] ] ; then
log "Ignore the baseband error and do not disconnect your device yet"
device_find_mode Recovery 50
log "Attempting to exit recovery mode"
$irecovery -n
log "Done, your device should boot now"
fi
elif [ [ $device_target_vers = = " $device_latest_vers " ] ] ; then
if [ [ $ipsw_jailbreak = = 1 ] ] ; then
shsh_save version $device_latest_vers
2023-09-15 04:46:37 +02:00
device_buttons
restore_idevicerestore
2023-09-07 04:37:06 +02:00
else
2024-01-10 04:44:42 +01:00
restore_latest
fi
else
device_enter_mode pwnDFU
restore_latest custom
if [ [ $device_type = = "iPhone2,1" && $device_newbr != 0 ] ] ; then
print "* Proceed to install the alloc8 exploit for the device to boot:"
print " -> Go to: Other Utilities -> Install alloc8 Exploit"
2023-06-15 08:21:05 +02:00
fi
2023-01-13 05:25:27 +01:00
fi
2023-04-02 12:18:44 +02:00
; ;
2023-01-13 05:25:27 +01:00
[ 56] )
# 32-bit devices A5/A6
2023-11-18 02:48:07 +01:00
if [ [ $device_target_tethered = = 1 ] ] ; then
shsh_save version $device_latest_vers
device_enter_mode pwnDFU
restore_idevicerestore
return
elif [ [ $device_target_other != 1 && $device_target_powder != 1 ] ] ; then
2023-01-13 05:25:27 +01:00
shsh_save
fi
if [ [ $device_target_vers = = " $device_latest_vers " ] ] ; then
restore_latest
else
2023-08-19 09:36:15 +02:00
if [ [ $device_proc = = 6 && $platform = = "macos" ] ] ; then
2023-09-01 07:30:40 +02:00
device_buttons
2023-08-19 09:36:15 +02:00
else
device_enter_mode kDFU
fi
if [ [ $ipsw_jailbreak = = 1 || -e " $ipsw_custom .ipsw " ] ] ; then
restore_idevicerestore
else
restore_futurerestore --use-pwndfu
fi
2023-01-13 05:25:27 +01:00
fi
2023-04-02 12:18:44 +02:00
; ;
2023-01-13 05:25:27 +01:00
2024-05-02 04:53:02 +02:00
7 )
if [ [ $device_target_other != 1 && $device_target_vers = = "10.3.3" ] ] ; then
2024-01-18 09:18:44 +01:00
shsh_save
2024-06-22 09:52:08 +02:00
fi
if [ [ $restore_usepwndfu64 = = 1 ] ] ; then
restore_pwned64
elif [ [ $device_target_other != 1 && $device_target_vers = = "10.3.3" ] ] ; then
2024-01-18 09:18:44 +01:00
if [ [ $device_type = = "iPad4,4" || $device_type = = "iPad4,5" ] ] ; then
iBSS = $iBSSb
iBEC = $iBECb
fi
2023-08-05 17:00:27 +02:00
restore_prepare_1033
2024-01-18 09:18:44 +01:00
shsh_save apnonce $( $irecovery -q | grep "NONC" | cut -c 7-)
2024-01-15 07:15:55 +01:00
restore_futurerestore --skip-blob
2023-01-13 05:25:27 +01:00
elif [ [ $device_target_vers = = " $device_latest_vers " ] ] ; then
restore_latest
else
2024-06-22 09:52:08 +02:00
restore_notpwned64
2023-01-13 05:25:27 +01:00
fi
2023-04-02 12:18:44 +02:00
; ;
2024-05-02 04:53:02 +02:00
[ 89] | 10 )
2024-06-22 09:52:08 +02:00
if [ [ $restore_usepwndfu64 = = 1 ] ] ; then
restore_pwned64
elif [ [ $device_target_vers = = " $device_latest_vers " ] ] ; then
2024-05-02 04:53:02 +02:00
restore_latest
2024-06-22 09:52:08 +02:00
else
restore_notpwned64
2024-05-02 04:53:02 +02:00
fi
; ;
esac
2023-01-13 05:25:27 +01:00
}
2024-06-22 09:52:08 +02:00
restore_pwned64( ) {
device_enter_mode pwnDFU
if [ [ ! -s ../saved/firmwares.json ] ] ; then
download_file https://api.ipsw.me/v2.1/firmwares.json/condensed firmwares.json
cp firmwares.json ../saved
fi
cp ../saved/firmwares.json /tmp
restore_futurerestore --use-pwndfu
}
restore_notpwned64( ) {
log " The generator for your SHSH blob is: $shsh_generator "
print "* Before continuing, make sure to set the nonce generator of your device!"
print "* For iOS 10 and older: https://github.com/tihmstar/futurerestore#how-to-use"
print "* For iOS 11 and newer: https://github.com/futurerestore/futurerestore/#using-dimentio"
pause
if [ [ $device_mode = = "Normal" ] ] ; then
device_enter_mode Recovery
fi
restore_futurerestore
}
2023-01-13 05:25:27 +01:00
ipsw_prepare( ) {
case $device_proc in
2023-09-01 15:26:45 +02:00
1 )
2024-03-26 17:45:03 +01:00
if [ [ $ipsw_jailbreak = = 1 ] ] ; then
2024-04-09 15:29:28 +02:00
ipsw_prepare_s5l8900
2023-09-01 15:26:45 +02:00
fi
; ;
2023-01-13 05:25:27 +01:00
4 )
2023-10-30 18:36:38 +01:00
if [ [ $device_target_tethered = = 1 ] ] ; then
ipsw_prepare_tethered
2024-01-10 04:44:42 +01:00
elif [ [ $device_target_other = = 1 ] ] || [ [ $device_target_vers = = " $device_latest_vers " && $ipsw_jailbreak = = 1 ] ] ; then
if [ [ $device_type = = "iPhone2,1" ] ] ; then
ipsw_prepare_jailbreak
else
ipsw_prepare_32bit
fi
2023-10-30 18:36:38 +01:00
elif [ [ $device_target_powder = = 1 ] ] && [ [ $device_target_vers = = "3" * || $device_target_vers = = "4" * ] ] ; then
shsh_save version $device_latest_vers
2023-11-18 02:24:31 +01:00
case $device_target_vers in
"4.3" * ) ipsw_prepare_ios4powder; ;
* ) ipsw_prepare_ios4multipart; ;
esac
2023-10-30 18:36:38 +01:00
elif [ [ $device_target_powder = = 1 ] ] ; then
ipsw_prepare_powder
2024-01-17 08:20:52 +01:00
elif [ [ $device_target_vers != " $device_latest_vers " ] ] ; then
2023-06-19 05:47:18 +02:00
ipsw_prepare_custom
2023-01-13 05:25:27 +01:00
fi
2024-06-24 02:21:47 +02:00
if [ [ $ipsw_isbeta = = 1 && $ipsw_prepare_ios4multipart_patch != 1 ] ] ; then
2024-06-27 06:47:49 +02:00
: ipsw_prepare_multipatch
2024-06-24 02:21:47 +02:00
fi
2023-04-02 12:18:44 +02:00
; ;
2023-01-13 05:25:27 +01:00
[ 56] )
# 32-bit devices A5/A6
2023-10-30 18:36:38 +01:00
if [ [ $device_target_tethered = = 1 ] ] ; then
ipsw_prepare_tethered
elif [ [ $device_target_powder = = 1 ] ] ; then
2023-09-14 10:10:52 +02:00
ipsw_prepare_powder
2023-06-17 14:45:18 +02:00
elif [ [ $ipsw_jailbreak = = 1 && $device_target_other != 1 ] ] ; then
2023-01-13 05:25:27 +01:00
ipsw_prepare_jailbreak
2024-02-09 12:35:24 +01:00
elif [ [ $device_target_vers != " $device_latest_vers " ] ] ; then
2023-01-13 05:25:27 +01:00
ipsw_prepare_32bit
fi
2024-06-08 15:38:44 +02:00
if [ [ $ipsw_fourthree = = 1 ] ] ; then
ipsw_prepare_fourthree_part2
2024-06-24 02:21:47 +02:00
elif [ [ $ipsw_isbeta = = 1 ] ] ; then
2024-06-27 06:47:49 +02:00
: ipsw_prepare_multipatch
2024-06-08 15:38:44 +02:00
fi
2023-04-02 12:18:44 +02:00
; ;
2023-01-13 05:25:27 +01:00
7 )
2024-04-09 15:29:28 +02:00
# A7 devices 10.3.3
2023-01-13 05:25:27 +01:00
if [ [ $device_target_other != 1 && $device_target_vers = = "10.3.3" ] ] ; then
2024-06-22 09:52:08 +02:00
if [ [ $mac_lowver = = 1 ] ] ; then
restore_usepwndfu64 = 1
return
fi
restore_usepwndfu64_option
2024-06-24 06:43:34 +02:00
if [ [ $restore_usepwndfu64 != 1 ] ] ; then
2024-06-22 09:52:08 +02:00
ipsw_prepare_1033
fi
2024-06-24 06:43:34 +02:00
else
restore_usepwndfu64_option
2023-01-13 05:25:27 +01:00
fi
2023-04-02 12:18:44 +02:00
; ;
2024-06-22 09:52:08 +02:00
[ 89] | 10 ) restore_usepwndfu64_option; ;
2023-01-13 05:25:27 +01:00
esac
}
2024-06-22 09:52:08 +02:00
restore_usepwndfu64_option( ) {
if [ [ $device_target_vers = = " $device_latest_vers " ] ] ; then
return
fi
local opt
input "Pwned Restore Option"
print "* When this option is enabled, use-pwndfu will be enabled for restoring."
if [ [ $device_target_other = = 1 ] ] ; then
print "* When disabled, user must set the device generator manually before the restore."
fi
if [ [ $device_proc = = 7 ] ] ; then
print "* This option is disabled by default (N). Select this option if unsure."
read -p " $( input 'Enable this option? (y/N): ' ) " opt
2024-06-24 06:43:34 +02:00
if [ [ $opt = = 'Y' || $opt = = 'y' ] ] ; then
log "Pwned restore option enabled by user."
restore_usepwndfu64 = 1
else
log "Pwned restore option disabled."
fi
2024-06-22 09:52:08 +02:00
else
print "* This option is enabled by default (Y). Select this option if unsure."
read -p " $( input 'Enable this option? (Y/n): ' ) " opt
2024-06-24 06:43:34 +02:00
if [ [ $opt = = 'N' || $opt = = 'n' ] ] ; then
log "Pwned restore option disabled by user."
else
log "Pwned restore option enabled."
restore_usepwndfu64 = 1
fi
2024-06-22 09:52:08 +02:00
fi
}
2024-06-16 03:45:32 +02:00
menu_remove4( ) {
local menu_items
2023-04-02 12:18:44 +02:00
local selected
2024-06-16 03:45:32 +02:00
local back
while [ [ -z " $mode " && -z " $back " ] ] ; do
menu_items = ( "Disable Exploit" "Enable Exploit" "Go Back" )
menu_print_info
print " > Main Menu > Other Utilities > Disable/Enable Exploit"
input "Select an option:"
select opt in " ${ menu_items [@] } " ; do
selected = " $opt "
break
done
case $selected in
"Disable Exploit" ) rec = 0; ;
"Enable Exploit" ) rec = 2; ;
esac
case $selected in
"Go Back" ) back = 1; ;
* ) mode = "remove4" ; ;
esac
2023-01-13 05:25:27 +01:00
done
}
2023-10-06 15:22:43 +02:00
device_send_rdtar( ) {
2023-06-29 14:52:43 +02:00
local target = "/mnt1"
if [ [ $2 = = "data" ] ] ; then
target += "/private/var"
fi
2023-06-24 12:22:35 +02:00
log " Sending $1 "
2024-02-12 06:33:52 +01:00
$scp -P $ssh_port $jelbrek /$1 root@127.0.0.1:$target
2023-06-24 12:22:35 +02:00
log " Extracting $1 "
2024-02-12 06:33:52 +01:00
$ssh -p $ssh_port root@127.0.0.1 " tar -xvf $target / $1 -C /mnt1; rm $target / $1 "
2023-06-24 12:22:35 +02:00
}
2024-01-18 09:18:44 +01:00
device_ramdisk64( ) {
2024-03-19 03:43:17 +01:00
local sshtar = "../saved/ssh64.tar"
2024-02-15 06:18:49 +01:00
local comps = ( "iBSS" "iBEC" "DeviceTree" "Kernelcache" "RestoreRamdisk" )
2024-01-18 09:18:44 +01:00
local name
local iv
local key
local path
local url
local decrypt
2024-02-15 06:18:49 +01:00
local ios8
local opt
2024-02-15 13:29:49 +01:00
local build_id = "16A366"
if ( ( device_proc >= 9 ) ) || [ [ $device_type = = "iPad5" * ] ] ; then
build_id = "18C66"
fi
2024-01-18 09:18:44 +01:00
2024-06-03 07:12:38 +02:00
if ( ( device_proc <= 8 ) ) && [ [ $device_type != "iPad5,1" && $device_type != "iPad5,2" ] ] ; then
local ver = "12"
if [ [ $device_type = = "iPad5" * ] ] ; then
ver = "14"
fi
2024-06-19 16:22:57 +02:00
device_ramdiskver = " $ver "
2024-02-15 13:29:49 +01:00
print "* Version Selection"
2024-06-03 07:12:38 +02:00
print " * The version of the SSH Ramdisk is set to iOS $ver by default. This is the recommended option. "
print " * There is also an option to use iOS 8 ramdisk. This can be used to fix devices on iOS 7 not booting after using iOS $ver ramdisk. "
2024-02-15 13:29:49 +01:00
print "* If not sure, just press Enter/Return. This will select the default version."
2024-06-03 07:12:38 +02:00
read -p " $( input " Select Y to use iOS $ver , select N to use iOS 8 (Y/n) " ) " opt
2024-02-15 13:29:49 +01:00
if [ [ $opt = = 'n' || $opt = = 'N' ] ] ; then
ios8 = 1
fi
2024-02-15 06:18:49 +01:00
fi
if [ [ $ios8 = = 1 ] ] ; then
build_id = "12B410"
if [ [ $device_type = = "iPhone" * ] ] ; then
build_id = "12B411"
2024-02-15 13:29:49 +01:00
elif [ [ $device_type = = "iPod7,1" ] ] ; then
build_id = "12H321"
2024-02-15 06:18:49 +01:00
fi
sshtar = "../saved/iram.tar"
if [ [ ! -e $sshtar ] ] ; then
log "Downloading iram.tar from iarchive.app..."
2024-05-02 04:53:02 +02:00
download_file https://github.com/LukeZGD/Legacy-iOS-Kit/files/14952123/iram.zip iram.zip
2024-04-12 16:58:30 +02:00
unzip iram.zip
2024-02-15 06:18:49 +01:00
mv iram.tar $sshtar
fi
else
comps += ( "Trustcache" )
if [ [ ! -e $sshtar ] ] ; then
log "Downloading ssh.tar from SSHRD_Script..."
2024-05-02 04:53:02 +02:00
download_file https://github.com/LukeZGD/sshtars/raw/cbaf9f826ca994452beb9e99a3a4ffb496f918fb/ssh.tar.gz ssh.tar.gz
2024-02-15 06:18:49 +01:00
mv ssh.tar.gz $sshtar .gz
gzip -d $sshtar .gz
fi
2024-01-18 09:18:44 +01:00
fi
2024-02-15 06:18:49 +01:00
local ramdisk_path = " ../saved/ $device_type /ramdisk_ $build_id "
device_target_build = " $build_id "
2024-01-18 09:18:44 +01:00
device_fw_key_check
2024-01-23 14:29:58 +01:00
ipsw_get_url $build_id
2024-01-18 09:18:44 +01:00
mkdir $ramdisk_path 2>/dev/null
for getcomp in " ${ comps [@] } " ; do
2024-06-14 03:12:24 +02:00
name = $( echo $device_fw_key | $jq -j '.keys[] | select(.image == "' $getcomp '") | .filename' )
iv = $( echo $device_fw_key | $jq -j '.keys[] | select(.image == "' $getcomp '") | .iv' )
key = $( echo $device_fw_key | $jq -j '.keys[] | select(.image == "' $getcomp '") | .key' )
2024-02-15 13:29:49 +01:00
if [ [ $device_type = = "iPhone8" * && $getcomp = = "iB" * ] ] ; then
2024-06-26 04:42:32 +02:00
name = $( echo $device_fw_key | $jq -j '.keys[] | select(.image | startswith("' $getcomp '")) | select(.filename | startswith("' $getcomp '.' $device_model '.")) | .filename' )
iv = $( echo $device_fw_key | $jq -j '.keys[] | select(.image | startswith("' $getcomp '")) | select(.filename | startswith("' $getcomp '.' $device_model '.")) | .iv' )
key = $( echo $device_fw_key | $jq -j '.keys[] | select(.image | startswith ("' $getcomp '")) | select(.filename | startswith("' $getcomp '.' $device_model '.")) | .key' )
2024-02-15 13:29:49 +01:00
fi
2024-01-18 09:18:44 +01:00
case $getcomp in
"iBSS" | "iBEC" ) path = "Firmware/dfu/" ; ;
"DeviceTree" ) path = "Firmware/all_flash/" ; ;
"Trustcache" ) path = "Firmware/" ; ;
* ) path = "" ; ;
esac
2024-02-15 06:18:49 +01:00
if [ [ $ios8 = = 1 && $getcomp = = "DeviceTree" ] ] ; then
2024-02-20 11:10:35 +01:00
path = " $all_flash / "
2024-02-15 06:18:49 +01:00
fi
2024-01-18 09:18:44 +01:00
if [ [ -z $name ] ] ; then
local hwmodel
case $device_type in
iPhone6* ) hwmodel = "iphone6" ; ;
2024-02-15 13:29:49 +01:00
iPhone7* ) hwmodel = "iphone7" ; ;
iPhone8,4 ) hwmodel = "iphone8b" ; ;
iPhone8* ) hwmodel = "iphone8" ; ;
iPhone9* ) hwmodel = "iphone9" ; ;
2024-01-18 09:18:44 +01:00
iPad4,[ 123] ) hwmodel = "ipad4" ; ;
iPad4,[ 456] ) hwmodel = "ipad4b" ; ;
iPad4,[ 789] ) hwmodel = "ipad4bm" ; ;
2024-02-15 13:29:49 +01:00
iPad5,[ 12] ) hwmodel = "ipad5" ; ;
iPad5,[ 34] ) hwmodel = "ipad5b" ; ;
* ) hwmodel = " $device_model " ; ;
2024-01-18 09:18:44 +01:00
esac
case $getcomp in
"iBSS" | "iBEC" ) name = " $getcomp . $hwmodel .RELEASE.im4p " ; ;
"DeviceTree" ) name = " $getcomp . ${ device_model } ap.im4p " ; ;
"Kernelcache" ) name = " kernelcache.release. $hwmodel " ; ;
"Trustcache" ) name = "048-08497-242.dmg.trustcache" ; ;
"RestoreRamdisk" ) name = "048-08497-242.dmg" ; ;
esac
2024-02-15 13:29:49 +01:00
if [ [ $device_type = = "iPhone8,1" || $device_type = = "iPhone8,2" ] ] && [ [ $getcomp = = "Kernelcache" ] ] ; then
2024-06-26 04:42:32 +02:00
name = " kernelcache.release. ${ device_model : 0 : 3 } "
2024-02-15 13:29:49 +01:00
fi
2024-02-16 00:51:50 +01:00
if [ [ $build_id = = "18C66" ] ] ; then
2024-02-15 13:29:49 +01:00
case $getcomp in
"Trustcache" ) name = "038-83284-083.dmg.trustcache" ; ;
"RestoreRamdisk" ) name = "038-83284-083.dmg" ; ;
esac
fi
2024-01-18 09:18:44 +01:00
fi
log " $getcomp "
if [ [ -e $ramdisk_path /$name ] ] ; then
cp $ramdisk_path /$name .
else
2024-01-23 14:29:58 +01:00
" $dir /pzb " -g " ${ path } $name " -o " $name " " $ipsw_url "
2024-01-18 09:18:44 +01:00
cp $name $ramdisk_path /
fi
mv $name $getcomp .orig
2024-02-15 13:29:49 +01:00
local reco = " -i $getcomp .orig -o $getcomp .img4 -M ../resources/sshrd/IM4M $device_proc -T "
2024-01-18 09:18:44 +01:00
case $getcomp in
"iBSS" | "iBEC" )
2024-02-15 06:18:49 +01:00
reco += " $( echo $getcomp | tr '[:upper:]' '[:lower:]' ) -A "
2024-01-18 09:18:44 +01:00
" $dir /img4 " -i $getcomp .orig -o $getcomp .dec -k ${ iv } ${ key }
mv $getcomp .orig $getcomp .orig0
2024-02-15 06:18:49 +01:00
if [ [ $ios8 = = 1 ] ] ; then
$bspatch $getcomp .dec $getcomp .orig ../resources/sshrd/ios8/$name .patch
else
$bspatch $getcomp .dec $getcomp .orig ../resources/sshrd/$name .patch
fi
; ;
"Kernelcache" )
reco += "rkrn"
if [ [ $ios8 = = 1 ] ] ; then
mv $getcomp .orig $getcomp .orig0
" $dir /img4 " -i $getcomp .orig0 -o $getcomp .orig -k ${ iv } ${ key } -D
else
reco += " -P ../resources/sshrd/ $name .bpatch "
2024-02-15 13:29:49 +01:00
if [ [ $platform = = "linux" && $build_id = = "18" * ] ] ; then
reco += " -J"
fi
2024-02-15 06:18:49 +01:00
fi
; ;
"DeviceTree" )
reco += "rdtr"
if [ [ $ios8 = = 1 ] ] ; then
reco += " -A"
mv $getcomp .orig $getcomp .orig0
" $dir /img4 " -i $getcomp .orig0 -o $getcomp .orig -k ${ iv } ${ key }
fi
2024-01-18 09:18:44 +01:00
; ;
"Trustcache" ) reco += "rtsc" ; ;
"RestoreRamdisk" )
2024-02-15 06:18:49 +01:00
reco += "rdsk -A"
2024-01-18 09:18:44 +01:00
mv $getcomp .orig $getcomp .orig0
2024-02-15 06:18:49 +01:00
if [ [ $ios8 = = 1 ] ] ; then
" $dir /img4 " -i $getcomp .orig0 -o $getcomp .orig -k ${ iv } ${ key }
" $dir /hfsplus " $getcomp .orig grow 50000000
else
" $dir /img4 " -i $getcomp .orig0 -o $getcomp .orig
" $dir /hfsplus " $getcomp .orig grow 210000000
fi
2024-01-18 09:18:44 +01:00
" $dir /hfsplus " $getcomp .orig untar $sshtar
2024-02-27 00:09:49 +01:00
" $dir /hfsplus " $getcomp .orig untar ../resources/sshrd/sbplist.tar
2024-01-18 09:18:44 +01:00
; ;
esac
" $dir /img4 " $reco
cp $getcomp .img4 $ramdisk_path
done
mv $ramdisk_path /iBSS.img4 $ramdisk_path /iBSS.im4p
mv $ramdisk_path /iBEC.img4 $ramdisk_path /iBEC.im4p
iBSS = " $ramdisk_path /iBSS "
iBEC = " $ramdisk_path /iBEC "
restore_prepare_1033
log "Booting, please wait..."
$irecovery -f $ramdisk_path /RestoreRamdisk.img4
$irecovery -c ramdisk
$irecovery -f $ramdisk_path /DeviceTree.img4
$irecovery -c devicetree
2024-02-15 06:18:49 +01:00
if [ [ $ios8 != 1 ] ] ; then
$irecovery -f $ramdisk_path /Trustcache.img4
$irecovery -c firmware
fi
2024-01-18 09:18:44 +01:00
$irecovery -f $ramdisk_path /Kernelcache.img4
$irecovery -c bootx
2024-02-15 06:49:51 +01:00
if [ [ $ios8 = = 1 ] ] ; then
2024-02-15 06:18:49 +01:00
device_iproxy 44
print "* Booted SSH ramdisk is based on: https://ios7.iarchive.app/downgrade/making-ramdisk.html"
else
device_iproxy
print "* Booted SSH ramdisk is based on: https://github.com/verygenericname/SSHRD_Script"
fi
2024-01-18 09:18:44 +01:00
device_sshpass alpine
2024-03-03 13:53:07 +01:00
print "* Mount filesystems with this command (for iOS 11 and newer):"
2024-04-24 04:31:31 +02:00
print " /usr/bin/mount_filesystems"
2024-03-03 13:53:07 +01:00
print "* Mount filesystems with this command (for iOS 10.3.x):"
2024-04-24 04:31:31 +02:00
print " /sbin/mount_apfs /dev/disk0s1s1 /mnt1; /sbin/mount_apfs /dev/disk0s1s2 /mnt2"
2024-03-03 13:53:07 +01:00
print "* Mount filesystems with this command (for iOS 10.2.1 and older):"
2024-04-24 04:31:31 +02:00
print " /sbin/mount_hfs /dev/disk0s1s1 /mnt1; /sbin/mount_hfs /dev/disk0s1s2 /mnt2"
2024-04-25 03:06:20 +02:00
print "* Mounting and/or modifying data (/mnt2) might not work depending on iOS"
2024-01-18 09:18:44 +01:00
2024-02-15 13:29:49 +01:00
menu_ramdisk $build_id
2024-01-18 09:18:44 +01:00
}
2023-05-19 04:29:20 +02:00
device_ramdisk( ) {
2023-09-21 13:22:06 +02:00
local comps = ( "iBSS" "iBEC" "DeviceTree" "Kernelcache" )
2023-04-02 12:18:44 +02:00
local name
local iv
local key
local path
2023-04-07 06:50:58 +02:00
local url
2023-06-16 06:43:04 +02:00
local decrypt
2023-07-19 12:54:39 +02:00
local ramdisk_path
2023-09-14 10:10:52 +02:00
local build_id
2023-10-30 18:36:38 +01:00
local mode = " $1 "
local rec = 2
2023-04-02 12:18:44 +02:00
2023-10-30 18:36:38 +01:00
if [ [ $1 = = "setnvram" ] ] ; then
rec = $2
fi
2023-09-21 13:22:06 +02:00
if [ [ $1 != "justboot" ] ] ; then
comps += ( "RestoreRamdisk" )
fi
2023-04-02 12:18:44 +02:00
case $device_type in
2023-09-01 15:26:45 +02:00
iPhone1,[ 12] | iPod1,1 ) device_target_build = "7E18" ; ;
2023-06-15 08:21:05 +02:00
iPod2,1 ) device_target_build = "8C148" ; ;
2023-06-09 02:42:30 +02:00
iPod3,1 | iPad1,1 ) device_target_build = "9B206" ; ;
2023-10-09 03:58:57 +02:00
iPhone2,1 | iPod4,1 ) device_target_build = "10B500" ; ;
2023-09-15 01:02:29 +02:00
iPhone5,[ 34] ) device_target_build = "11D257" ; ;
2023-04-02 12:18:44 +02:00
* ) device_target_build = "10B329" ; ;
esac
2023-10-06 15:22:43 +02:00
if [ [ -n $device_rd_build ] ] ; then
device_target_build = $device_rd_build
2024-05-13 07:00:47 +02:00
device_rd_build =
2023-01-13 05:25:27 +01:00
fi
2023-09-14 10:10:52 +02:00
build_id = $device_target_build
ramdisk_path = " ../saved/ $device_type /ramdisk_ $build_id "
2023-04-02 12:18:44 +02:00
device_fw_key_check
2024-01-23 14:29:58 +01:00
ipsw_get_url $build_id
2023-07-19 12:54:39 +02:00
mkdir $ramdisk_path 2>/dev/null
2023-04-02 12:18:44 +02:00
for getcomp in " ${ comps [@] } " ; do
2024-06-14 03:12:24 +02:00
name = $( echo $device_fw_key | $jq -j '.keys[] | select(.image == "' $getcomp '") | .filename' )
iv = $( echo $device_fw_key | $jq -j '.keys[] | select(.image == "' $getcomp '") | .iv' )
key = $( echo $device_fw_key | $jq -j '.keys[] | select(.image == "' $getcomp '") | .key' )
2023-04-02 12:18:44 +02:00
case $getcomp in
"iBSS" | "iBEC" ) path = "Firmware/dfu/" ; ;
2023-10-01 04:05:43 +02:00
"DeviceTree" )
path = "Firmware/all_flash/"
case $build_id in
14[ EFG] * ) :; ;
2024-02-20 11:10:35 +01:00
* ) path = " $all_flash / " ; ;
2023-10-01 04:05:43 +02:00
esac
; ;
2023-04-02 12:18:44 +02:00
* ) path = "" ; ;
esac
2023-09-01 15:26:45 +02:00
if [ [ -z $name ] ] ; then
2023-10-01 04:05:43 +02:00
local hwmodel = " $device_model "
case $build_id in
14[ EFG] * )
case $device_type in
iPhone5,[ 12] ) hwmodel = "iphone5" ; ;
iPhone5,[ 34] ) hwmodel = "iphone5b" ; ;
iPad3,[ 456] ) hwmodel = "ipad3b" ; ;
esac
; ;
2024-02-04 12:49:03 +01:00
[ 789] * | 10* | 11* ) hwmodel += "ap" ; ;
2023-10-01 04:05:43 +02:00
esac
2023-09-01 15:26:45 +02:00
case $getcomp in
2023-10-01 04:05:43 +02:00
"iBSS" | "iBEC" ) name = " $getcomp . $hwmodel .RELEASE.dfu " ; ;
"DeviceTree" ) name = " $getcomp . ${ device_model } ap.img3 " ; ;
"Kernelcache" ) name = " kernelcache.release. $hwmodel " ; ;
2023-09-01 15:26:45 +02:00
esac
fi
2023-01-13 05:25:27 +01:00
2023-04-02 12:18:44 +02:00
log " $getcomp "
2023-07-19 12:54:39 +02:00
if [ [ -e $ramdisk_path /$name ] ] ; then
cp $ramdisk_path /$name .
2023-04-02 12:18:44 +02:00
else
2024-01-23 14:29:58 +01:00
" $dir /pzb " -g " ${ path } $name " -o " $name " " $ipsw_url "
2023-07-19 12:54:39 +02:00
cp $name $ramdisk_path /
2023-04-02 12:18:44 +02:00
fi
mv $name $getcomp .orig
2024-03-23 08:29:06 +01:00
if [ [ $getcomp = = "Kernelcache" || $getcomp = = "iBSS" ] ] && [ [ $device_type = = "iPod2,1" ] ] ; then
2023-06-16 06:43:04 +02:00
decrypt = " -iv $iv -k $key "
" $dir /xpwntool " $getcomp .orig $getcomp .dec $decrypt
2023-10-01 04:05:43 +02:00
elif [ [ $build_id = = "14" * ] ] ; then
cp $getcomp .orig $getcomp .dec
2023-06-16 06:43:04 +02:00
else
" $dir /xpwntool " $getcomp .orig $getcomp .dec -iv $iv -k $key -decrypt
fi
2023-04-02 12:18:44 +02:00
done
2023-09-21 13:22:06 +02:00
if [ [ $1 != "justboot" ] ] ; then
log "Patch RestoreRamdisk"
" $dir /xpwntool " RestoreRamdisk.dec Ramdisk.raw
" $dir /hfsplus " Ramdisk.raw grow 30000000
2024-05-13 07:00:47 +02:00
" $dir /hfsplus " Ramdisk.raw untar ../resources/sshrd/sbplist.tar
2023-09-21 13:22:06 +02:00
fi
2023-04-02 12:18:44 +02:00
2024-03-23 08:29:06 +01:00
if [ [ $device_type = = "iPod2,1" ] ] ; then
2024-01-18 09:18:44 +01:00
" $dir /hfsplus " Ramdisk.raw untar ../resources/sshrd/ssh_old.tar
2023-06-16 06:43:04 +02:00
" $dir /xpwntool " Ramdisk.raw Ramdisk.dmg -t RestoreRamdisk.dec
log "Patch iBSS"
2023-09-01 15:26:45 +02:00
$bspatch iBSS.dec iBSS.patched ../resources/patch/iBSS.${ device_model } ap.RELEASE.patch
" $dir /xpwntool " iBSS.patched iBSS -t iBSS.orig
2023-06-16 06:43:04 +02:00
log "Patch Kernelcache"
mv Kernelcache.dec Kernelcache0.dec
2023-09-01 15:26:45 +02:00
if [ [ $device_proc = = 1 ] ] ; then
$bspatch Kernelcache0.dec Kernelcache.patched ../resources/patch/kernelcache.release.s5l8900x.patch
else
$bspatch Kernelcache0.dec Kernelcache.patched ../resources/patch/kernelcache.release.${ device_model } .patch
fi
2023-06-16 06:43:04 +02:00
" $dir /xpwntool " Kernelcache.patched Kernelcache.dec -t Kernelcache.orig $decrypt
rm DeviceTree.dec
mv DeviceTree.orig DeviceTree.dec
else
2023-09-21 13:22:06 +02:00
if [ [ $1 != "justboot" ] ] ; then
2024-01-18 09:18:44 +01:00
" $dir /hfsplus " Ramdisk.raw untar ../resources/sshrd/ssh.tar
2023-10-04 08:00:02 +02:00
if [ [ $1 = = "jailbreak" && $device_vers = = "8" * ] ] ; then
" $dir /hfsplus " Ramdisk.raw untar ../resources/jailbreak/daibutsu/bin.tar
fi
2023-10-06 15:22:43 +02:00
" $dir /hfsplus " Ramdisk.raw mv sbin/reboot sbin/reboot_bak
" $dir /hfsplus " Ramdisk.raw mv sbin/halt sbin/halt_bak
case $build_id in
"12" * | "13" * | "14" * )
echo '#!/bin/bash' > restored_external
echo "/sbin/sshd; exec /usr/local/bin/restored_external_o" >> restored_external
" $dir /hfsplus " Ramdisk.raw mv usr/local/bin/restored_external usr/local/bin/restored_external_o
" $dir /hfsplus " Ramdisk.raw add restored_external usr/local/bin/restored_external
2023-11-18 02:24:31 +01:00
" $dir /hfsplus " Ramdisk.raw chmod 755 usr/local/bin/restored_external
2023-10-06 15:22:43 +02:00
; ;
esac
2023-09-21 13:22:06 +02:00
" $dir /xpwntool " Ramdisk.raw Ramdisk.dmg -t RestoreRamdisk.dec
fi
2023-06-16 06:43:04 +02:00
log "Patch iBSS"
" $dir /xpwntool " iBSS.dec iBSS.raw
2024-01-12 11:54:05 +01:00
if [ [ $build_id = = "8" * && $device_type = = "iPad2" * ] ] ; then
2024-05-13 07:00:47 +02:00
" $dir /iBoot32Patcher " iBSS.raw iBSS.patched --rsa -b "-v amfi=0xff cs_enforcement_disable=1"
2024-02-26 03:41:17 +01:00
device_boot4 = 1
2024-01-10 03:42:17 +01:00
else
" $dir /iBoot32Patcher " iBSS.raw iBSS.patched --rsa -b "-v"
fi
2023-10-01 04:05:43 +02:00
" $dir /xpwntool " iBSS.patched iBSS -t iBSS.dec
2024-05-13 07:00:47 +02:00
if [ [ $build_id = = "7" * || $build_id = = "8" * ] ] && [ [ $device_type != "iPad" * ] ] ; then
2023-10-01 04:05:43 +02:00
:
2023-09-22 09:42:30 +02:00
else
log "Patch iBEC"
" $dir /xpwntool " iBEC.dec iBEC.raw
2024-05-14 14:28:37 +02:00
if [ [ $1 = = "justboot" ] ] ; then
2024-05-13 07:00:47 +02:00
" $dir /iBoot32Patcher " iBEC.raw iBEC.patched --rsa -b "-v pio-error=0"
2023-09-22 09:42:30 +02:00
else
2024-06-18 04:43:00 +02:00
" $dir /iBoot32Patcher " iBEC.raw iBEC.patched --rsa --debug -b "rd=md0 -v amfi=0xff amfi_get_out_of_my_way=1 cs_enforcement_disable=1"
2023-09-22 09:42:30 +02:00
fi
" $dir /xpwntool " iBEC.patched iBEC -t iBEC.dec
fi
2023-06-16 06:43:04 +02:00
fi
2023-04-02 12:18:44 +02:00
2024-05-13 07:00:47 +02:00
if [ [ $device_type = = "iPad2" * && $build_id = = "8" * ] ] ; then
2024-01-06 10:32:10 +01:00
log "Patch Kernelcache"
mv Kernelcache.dec Kernelcache0.dec
" $dir /xpwntool " Kernelcache0.dec Kernelcache.raw
2024-01-10 03:42:17 +01:00
$bspatch Kernelcache.raw Kernelcache.patched ../resources/patch/kernelcache.release.${ device_model } .${ build_id } .patch
2024-01-06 10:32:10 +01:00
" $dir /xpwntool " Kernelcache.patched Kernelcache.dec -t Kernelcache0.dec
fi
2023-10-01 04:05:43 +02:00
mv iBSS iBEC DeviceTree.dec Kernelcache.dec Ramdisk.dmg $ramdisk_path 2>/dev/null
2023-04-02 12:18:44 +02:00
2024-01-06 10:32:10 +01:00
if [ [ $1 = = "jailbreak" || $1 = = "justboot" ] ] ; then
2023-06-19 05:47:18 +02:00
device_enter_mode pwnDFU
2023-09-01 16:42:55 +02:00
elif [ [ $device_proc = = 4 ] ] || [ [ $device_proc = = 6 && $platform = = "macos" ] ] ; then
device_buttons
elif [ [ $device_proc = = 1 ] ] ; then
device_enter_mode DFU
2023-06-19 05:47:18 +02:00
else
device_enter_mode kDFU
fi
2024-03-23 08:29:06 +01:00
2024-05-13 07:00:47 +02:00
if [ [ $device_type = = "iPad1,1" && $build_id != "9" * ] ] ; then
patch_ibss
log "Sending iBSS..."
$irecovery -f pwnediBSS.dfu
log "Sending iBEC..."
$irecovery -f $ramdisk_path /iBEC
elif ( ( device_proc < 5 ) ) && [ [ $device_pwnrec != 1 ] ] ; then
2024-01-12 11:54:05 +01:00
log "Sending iBSS..."
2023-12-11 03:16:55 +01:00
$irecovery -f $ramdisk_path /iBSS
fi
2024-06-19 16:22:57 +02:00
sleep 2
2024-03-23 08:29:06 +01:00
if [ [ $build_id != "7" * && $build_id != "8" * ] ] ; then
2023-06-09 02:42:30 +02:00
log "Sending iBEC..."
2023-07-19 12:54:39 +02:00
$irecovery -f $ramdisk_path /iBEC
2024-05-07 06:56:14 +02:00
if [ [ $device_pwnrec = = 1 ] ] ; then
$irecovery -c "go"
fi
2023-06-09 02:42:30 +02:00
fi
2024-06-19 16:22:57 +02:00
sleep 3
2023-01-13 05:25:27 +01:00
device_find_mode Recovery
2023-09-22 09:42:30 +02:00
if [ [ $1 != "justboot" ] ] ; then
2024-03-23 08:29:06 +01:00
log "Sending ramdisk..."
2023-07-19 12:54:39 +02:00
$irecovery -f $ramdisk_path /Ramdisk.dmg
2024-03-23 08:29:06 +01:00
log "Running ramdisk"
$irecovery -c "getenv ramdisk-delay"
2023-07-18 05:56:33 +02:00
$irecovery -c ramdisk
2024-03-23 08:29:06 +01:00
sleep 2
2023-07-18 05:56:33 +02:00
fi
2024-03-23 08:29:06 +01:00
log "Sending DeviceTree..."
$irecovery -f $ramdisk_path /DeviceTree.dec
log "Running devicetree"
$irecovery -c devicetree
log "Sending KernelCache..."
2023-07-19 12:54:39 +02:00
$irecovery -f $ramdisk_path /Kernelcache.dec
2023-01-13 05:25:27 +01:00
$irecovery -c bootx
2023-09-04 17:06:58 +02:00
if [ [ $1 = = "justboot" ] ] ; then
log "Device should now boot."
return
elif [ [ -n $1 ] ] ; then
2024-03-23 08:29:06 +01:00
log "Booting, please wait..."
2023-10-22 03:30:02 +02:00
device_find_mode Restore 25
2023-09-01 15:26:45 +02:00
fi
2023-04-02 12:18:44 +02:00
2024-01-19 18:11:26 +01:00
device_iproxy
2024-01-18 09:18:44 +01:00
device_sshpass alpine
2023-09-04 17:06:58 +02:00
2023-10-30 18:36:38 +01:00
case $mode in
2023-07-03 09:22:35 +02:00
"activation" | "baseband" )
2023-06-26 11:35:06 +02:00
return
; ;
2024-06-08 15:38:44 +02:00
"TwistedMind2" )
log "Sending dd command for TwistedMind2"
$scp -P $ssh_port TwistedMind2 root@127.0.0.1:/
$ssh -p $ssh_port root@127.0.0.1 "dd if=/TwistedMind2 of=/dev/rdisk0 bs=8192; reboot_bak"
return
; ;
2023-08-30 04:09:16 +02:00
"jailbreak" | "getversion" )
2023-06-24 12:22:35 +02:00
local vers
local build
local untether
2024-02-17 03:11:10 +01:00
device_ramdisk_iosvers
vers = $device_vers
build = $device_build
2023-08-30 04:09:16 +02:00
if [ [ $1 = = "getversion" && -n $vers ] ] ; then
2024-01-18 09:18:44 +01:00
log "Retrieved the current iOS version, rebooting device"
print " * iOS Version: $vers ( $build ) "
2024-02-12 06:33:52 +01:00
$ssh -p $ssh_port root@127.0.0.1 "reboot_bak"
2023-08-30 04:09:16 +02:00
return
2023-06-24 19:24:30 +02:00
fi
2023-06-24 12:22:35 +02:00
case $vers in
2023-09-14 10:10:52 +02:00
9.3.[ 1234] | 9.3 ) untether = "untetherhomedepot.tar" ; ;
9.2* | 9.1 ) untether = "untetherhomedepot921.tar" ; ;
2023-07-18 05:56:33 +02:00
8* ) untether = "daibutsu/untether.tar" ; ;
2023-06-26 05:01:16 +02:00
7.1* ) untether = "panguaxe.tar" ; ;
7* ) untether = "evasi0n7-untether.tar" ; ;
6.1.[ 3456] ) untether = "p0sixspwn.tar" ; ;
6* ) untether = "evasi0n6-untether.tar" ; ;
2023-11-18 02:24:31 +01:00
4.2.1 | 4.1 | 4.0* | 3.2* | 3.1.3 ) untether = " greenpois0n/ ${ device_type } _ ${ build } .tar " ; ;
2024-01-29 05:15:55 +01:00
5* | 4.[ 32] * ) untether = " g1lbertJB/ ${ device_type } _ ${ build } .tar " ; ;
2023-06-24 12:22:35 +02:00
'' )
warn "Something wrong happened. Failed to get iOS version."
2023-08-15 13:09:04 +02:00
print "* Please reboot the device into normal operating mode, then perform a clean \"slide to power off\", then try again."
2024-02-12 06:33:52 +01:00
$ssh -p $ssh_port root@127.0.0.1 "reboot_bak"
2023-06-24 12:22:35 +02:00
return
; ;
* )
2023-06-24 19:24:30 +02:00
warn " iOS $vers is not supported for jailbreaking with SSHRD. "
2024-02-12 06:33:52 +01:00
$ssh -p $ssh_port root@127.0.0.1 "reboot_bak"
2023-06-24 12:22:35 +02:00
return
; ;
esac
log " Nice, iOS $vers is compatible. "
log " Sending $untether "
2024-02-12 06:33:52 +01:00
$scp -P $ssh_port $jelbrek /$untether root@127.0.0.1:/mnt1
2023-07-21 09:12:01 +02:00
# 3.1.3-4.1 untether needs to be extracted early (before data partition is mounted)
2023-06-26 05:01:16 +02:00
case $vers in
2024-03-02 02:48:34 +01:00
4.1 | 4.0* )
2023-06-26 05:01:16 +02:00
untether = " ${ device_type } _ ${ build } .tar "
log " Extracting $untether "
2024-02-12 06:33:52 +01:00
$ssh -p $ssh_port root@127.0.0.1 " tar -xvf /mnt1/ $untether -C /mnt1; rm /mnt1/ $untether "
2023-06-26 05:01:16 +02:00
; ;
esac
2024-03-02 02:48:34 +01:00
# Do not extract untether for 3GS 3.1.x
if [ [ $vers = = "3.1" * && $device_type != "iPhone2,1" ] ] ; then
untether = " ${ device_type } _ ${ build } .tar "
log " Extracting $untether "
$ssh -p $ssh_port root@127.0.0.1 " tar -xvf /mnt1/ $untether -C /mnt1; rm /mnt1/ $untether "
fi
2023-06-29 14:52:43 +02:00
log "Mounting data partition"
2024-02-12 06:33:52 +01:00
$ssh -p $ssh_port root@127.0.0.1 "mount.sh pv"
2023-06-24 12:22:35 +02:00
case $vers in
2023-10-06 15:22:43 +02:00
9* | 8* ) device_send_rdtar fstab8.tar; ;
7* ) device_send_rdtar fstab7.tar; ;
6* ) device_send_rdtar fstab_rw.tar; ;
2024-03-23 08:29:06 +01:00
4.2.1 ) $ssh -p $ssh_port root@127.0.0.1 "[[ ! -e /mnt1/sbin/punchd ]] && mv /mnt1/sbin/launchd /mnt1/sbin/punchd" ; ;
2024-01-29 05:15:55 +01:00
5* | 4.[ 32] * ) untether = " ${ device_type } _ ${ build } .tar " ; ;
2023-06-24 12:22:35 +02:00
esac
case $vers in
2023-10-06 15:22:43 +02:00
5* ) device_send_rdtar g1lbertJB.tar; ;
2023-07-09 14:47:13 +02:00
4.2.1 | 4.1 | 4.0* | 3* )
2023-06-24 12:22:35 +02:00
untether = " ${ device_type } _ ${ build } .tar "
2024-03-23 08:29:06 +01:00
if [ [ $device_type = = "iPod2,1" ] ] ; then
2024-02-12 06:33:52 +01:00
$scp -P $ssh_port $jelbrek /fstab_old root@127.0.0.1:/mnt1/private/etc/fstab
2023-06-24 12:22:35 +02:00
else
2024-02-12 06:33:52 +01:00
$scp -P $ssh_port $jelbrek /fstab_new root@127.0.0.1:/mnt1/private/etc/fstab
2023-06-24 12:22:35 +02:00
fi
2024-02-12 06:33:52 +01:00
$ssh -p $ssh_port root@127.0.0.1 "rm /mnt1/private/var/mobile/Library/Caches/com.apple.mobile.installation.plist"
2023-06-24 12:22:35 +02:00
; ;
esac
2023-06-26 05:01:16 +02:00
case $vers in
2023-07-09 14:47:13 +02:00
8* | 4.1 | 4.0* | 3* ) :; ;
2023-06-26 05:01:16 +02:00
* )
log " Extracting $untether "
2024-02-12 06:33:52 +01:00
$ssh -p $ssh_port root@127.0.0.1 " tar -xvf /mnt1/ $untether -C /mnt1; rm /mnt1/ $untether "
2023-06-26 05:01:16 +02:00
; ;
esac
2023-08-13 02:29:44 +02:00
case $vers in
2024-01-29 05:15:55 +01:00
[ 543] * ) device_send_rdtar cydiasubstrate.tar; ;
2023-08-13 02:29:44 +02:00
esac
case $vers in
2023-10-06 15:22:43 +02:00
3* ) device_send_rdtar cydiahttpatch.tar; ;
2023-08-13 02:29:44 +02:00
esac
2023-11-08 08:46:15 +01:00
if [ [ $device_type = = "iPhone2,1" && $vers = = "4.3" * ] ] ; then
# 4.3.x 3gs'es have little free space in rootfs. workaround: extract an older strap that takes less space
device_send_rdtar freeze5.tar data
else
device_send_rdtar freeze.tar data
fi
2023-07-09 14:47:13 +02:00
if [ [ $ipsw_openssh = = 1 ] ] ; then
2023-10-06 15:22:43 +02:00
device_send_rdtar sshdeb.tar
2023-07-09 14:47:13 +02:00
fi
if [ [ $vers = = "8" * ] ] ; then
2023-06-30 10:36:12 +02:00
log "Sending daibutsu/move.sh"
2024-02-12 06:33:52 +01:00
$scp -P $ssh_port $jelbrek /daibutsu/move.sh root@127.0.0.1:/mnt1
2023-06-30 10:36:12 +02:00
log "Moving files"
2024-02-12 06:33:52 +01:00
$ssh -p $ssh_port root@127.0.0.1 "bash /mnt1/move.sh; rm /mnt1/move.sh"
2023-06-30 10:36:12 +02:00
untether = "untether.tar"
log " Extracting $untether "
2024-02-12 06:33:52 +01:00
$ssh -p $ssh_port root@127.0.0.1 " tar -xvf /mnt1/ $untether -C /mnt1; rm /mnt1/ $untether "
2023-10-04 08:00:02 +02:00
log " Running haxx_overwrite -- ${ device_type } _ ${ build } "
2024-02-12 06:33:52 +01:00
$ssh -p $ssh_port root@127.0.0.1 " /usr/bin/haxx_overwrite -- ${ device_type } _ ${ build } "
2023-06-30 08:02:18 +02:00
else
log "Rebooting"
2024-02-12 06:33:52 +01:00
$ssh -p $ssh_port root@127.0.0.1 "reboot_bak"
2023-06-30 08:02:18 +02:00
fi
2023-06-24 12:22:35 +02:00
log "Cool, done and jailbroken (hopefully)"
2023-08-13 02:29:44 +02:00
case $vers in
2023-09-23 13:17:11 +02:00
4* | 3* ) warn "Do not uninstall Cydia Substrate and Substrate Safe Mode in Cydia!" ; ;
2023-08-13 02:29:44 +02:00
esac
2023-06-24 12:22:35 +02:00
return
; ;
2023-07-02 09:51:07 +02:00
2023-10-30 18:36:38 +01:00
"clearnvram" )
2023-06-09 02:42:30 +02:00
log "Sending commands for clearing NVRAM..."
2024-02-12 06:33:52 +01:00
$ssh -p $ssh_port root@127.0.0.1 "nvram -c; reboot_bak"
2024-01-18 09:18:44 +01:00
log "Done, your device should reboot now"
return
2023-06-09 02:42:30 +02:00
; ;
2023-06-26 11:35:06 +02:00
2023-10-30 18:36:38 +01:00
"setnvram" )
log "Sending commands for NVRAM..."
2024-02-12 06:33:52 +01:00
$ssh -p $ssh_port root@127.0.0.1 " nvram -c; nvram boot-partition= $rec "
2024-06-15 01:24:31 +02:00
if [ [ $rec = = 2 ] ] ; then
case $device_type in
iPhone3,3 ) $ssh -p $ssh_port root@127.0.0.1 "nvram boot-ramdisk=/a/b/c/d/e/f/g/h/i/disk.dmg" ; ;
iPad2,4 ) $ssh -p $ssh_port root@127.0.0.1 "nvram boot-ramdisk=/a/b/c/d/e/f/g/h/i/j/k/l/m/n/o/p/q/r/s/t/disk.dmg" ; ;
iPhone4,1 ) $ssh -p $ssh_port root@127.0.0.1 "nvram boot-ramdisk=/a/b/c/d/e/f/g/h/i/j/k/l/m/n/o/p/q/r/disk.dmg" ; ;
iPod5,1 ) $ssh -p $ssh_port root@127.0.0.1 "nvram boot-ramdisk=/a/b/c/d/e/f/g/h/i/j/k/l/m/disk.dmg" ; ;
iPhone5* )
read -p " $( input "Select Y for iOS 7.1.x, N for iOS 7.0.x (Y/n) " ) " opt
if [ [ $opt != 'N' && $opt != 'n' ] ] ; then
$ssh -p $ssh_port root@127.0.0.1 "nvram boot-ramdisk=/a/b/c/d/e/f/g/h/i/j/k/l/m/disk.dmg"
else
$ssh -p $ssh_port root@127.0.0.1 "nvram boot-ramdisk=/a/b/c/d/e/f/g/h/i/j/k/l/m/n/o/p/q/r/s/t/u/v/w/disk.dmg"
fi
; ;
esac
2023-11-06 11:25:13 +01:00
fi
2024-02-12 06:33:52 +01:00
$ssh -p $ssh_port root@127.0.0.1 "reboot_bak"
2024-01-18 09:18:44 +01:00
log "Done, your device should reboot now"
2023-10-30 18:36:38 +01:00
return
; ;
2024-01-18 09:18:44 +01:00
* ) log "Device should now boot to SSH ramdisk mode." ; ;
2023-06-09 02:42:30 +02:00
esac
2023-01-13 05:25:27 +01:00
echo
2023-04-02 12:18:44 +02:00
print "* Mount filesystems with this command:"
print " mount.sh"
2024-01-18 09:18:44 +01:00
menu_ramdisk
}
2024-02-17 03:11:10 +01:00
device_ramdisk_iosvers( ) {
device_vers =
device_build =
log "Mounting root filesystem"
$ssh -p $ssh_port root@127.0.0.1 "mount.sh root"
sleep 1
log "Getting iOS version"
$scp -P $ssh_port root@127.0.0.1:/mnt1/System/Library/CoreServices/SystemVersion.plist .
if [ [ $platform = = "macos" ] ] ; then
rm -f BuildVer Version
plutil -extract 'ProductVersion' xml1 SystemVersion.plist -o Version
device_vers = $( cat Version | sed -ne '/<string>/,/<\/string>/p' | sed -e "s/<string>//" | sed "s/<\/string>//" | sed '2d' )
plutil -extract 'ProductBuildVersion' xml1 SystemVersion.plist -o BuildVer
device_build = $( cat BuildVer | sed -ne '/<string>/,/<\/string>/p' | sed -e "s/<string>//" | sed "s/<\/string>//" | sed '2d' )
else
device_vers = $( cat SystemVersion.plist | grep -i ProductVersion -A 1 | grep -oPm1 "(?<=<string>)[^<]+" )
device_build = $( cat SystemVersion.plist | grep -i ProductBuildVersion -A 1 | grep -oPm1 "(?<=<string>)[^<]+" )
fi
}
2024-01-18 09:18:44 +01:00
menu_ramdisk( ) {
local loop
local mode
local menu_items = ( "Connect to SSH" )
local reboot = "reboot_bak"
2024-02-15 13:29:49 +01:00
if ( ( device_proc >= 7 ) ) ; then
2024-01-18 09:18:44 +01:00
menu_items += ( "Dump Blobs" )
reboot = "/sbin/reboot"
2024-02-17 03:11:10 +01:00
else
menu_items += ( "Get iOS Version" "Dump Baseband/Activation" )
2024-01-18 09:18:44 +01:00
fi
2024-02-16 00:51:50 +01:00
if [ [ $1 = = "18C66" ] ] ; then
2024-02-15 13:29:49 +01:00
menu_items += ( "Install TrollStore" )
2024-06-03 07:12:38 +02:00
elif [ [ $device_proc = = 7 && $1 = = "12" * ] ] ; then
2024-05-14 14:28:37 +02:00
log "Ramdisk should now boot and fix iOS 7 not booting."
2024-02-26 10:22:31 +01:00
elif ( ( device_proc <= 8 ) ) ; then
menu_items += ( "Erase All (iOS 7 and 8)" )
2024-02-15 13:29:49 +01:00
fi
2024-01-18 09:18:44 +01:00
menu_items += ( "Reboot Device" "Exit" )
2024-02-17 03:11:10 +01:00
print "* For accessing data, note the following:"
print " * Host: sftp://127.0.0.1 | User: root | Password: alpine | Port: $ssh_port "
echo
print "* Other Useful SSH Ramdisk commands:"
2023-04-02 12:18:44 +02:00
print "* Clear NVRAM with this command:"
print " nvram -c"
2023-07-19 12:54:39 +02:00
print "* Erase All Content and Settings with this command (iOS 9+ only):"
print " nvram oblit-inprogress=5"
2023-01-13 05:25:27 +01:00
print "* To reboot, use this command:"
2024-01-18 09:18:44 +01:00
print " $reboot "
2024-02-17 03:11:10 +01:00
echo
2024-01-18 09:18:44 +01:00
while [ [ $loop != 1 ] ] ; do
2024-06-22 09:52:08 +02:00
mode =
2024-01-18 09:18:44 +01:00
print "* SSH Ramdisk Menu"
while [ [ -z $mode ] ] ; do
input "Select an option:"
select opt in " ${ menu_items [@] } " ; do
selected = " $opt "
break
done
case $selected in
"Connect to SSH" ) mode = "ssh" ; ;
"Reboot Device" ) mode = "reboot" ; ;
"Dump Blobs" ) mode = "dump-blobs" ; ;
2024-02-17 03:11:10 +01:00
"Get iOS Version" ) mode = "iosvers" ; ;
"Dump Baseband/Activation" ) mode = "dump-bbactrec" ; ;
2024-02-15 13:29:49 +01:00
"Install TrollStore" ) mode = "trollstore" ; ;
2024-02-26 10:22:31 +01:00
"Erase All (iOS 7 and 8)" ) mode = "erase78" ; ;
2024-01-18 09:18:44 +01:00
"Exit" ) mode = "exit" ; ;
esac
done
case $mode in
2024-02-15 13:29:49 +01:00
"ssh" )
log "Use the \"exit\" command to go back to SSH Ramdisk Menu"
2024-06-03 07:12:38 +02:00
if ( ( device_proc >= 7 ) ) && [ [ $1 = = "12" * ] ] ; then
$ssh -p $ssh_port root@127.0.0.1 &
ssh_pid = $!
sleep 1
kill $ssh_pid
killall ssh
fi
2024-02-15 13:29:49 +01:00
$ssh -p $ssh_port root@127.0.0.1
; ;
2024-02-12 06:33:52 +01:00
"reboot" ) $ssh -p $ssh_port root@127.0.0.1 " $reboot " ; loop = 1; ;
2024-01-18 09:18:44 +01:00
"exit" ) loop = 1; ;
"dump-blobs" )
2024-03-15 01:43:42 +01:00
local shsh = " ../saved/shsh/ $device_ecid - $device_type - $( date +%Y-%m-%d-%H%M) .shsh "
2024-06-19 16:22:57 +02:00
if [ [ $1 = = "12" * ] ] ; then
warn "Dumping blobs may fail on iOS 8 ramdisk."
print " * It is recommended to do this on iOS $device_ramdiskver ramdisk instead. "
read -p " $( input "Select Y to continue, N to go back (y/N) " ) " opt
if [ [ $opt != 'Y' && $opt != 'y' ] ] ; then
continue
fi
fi
log "Attempting to dump blobs"
2024-02-12 06:33:52 +01:00
$ssh -p $ssh_port root@127.0.0.1 "cat /dev/rdisk1" | dd of = dump.raw bs = 256 count = $(( 0 x4000))
2024-06-19 16:22:57 +02:00
if [ [ ! -s dump.raw ] ] ; then
log "Failed with rdisk1, trying again with rdisk2..."
$ssh -p $ssh_port root@127.0.0.1 "cat /dev/rdisk2" | dd of = dump.raw bs = 256 count = $(( 0 x4000))
if [ [ ! -s dump.raw ] ] ; then
warn "Failed with rdisk2, cannot continue."
continue
fi
fi
2024-01-18 09:18:44 +01:00
" $dir /img4tool " --convert -s $shsh dump.raw
2024-06-22 09:52:08 +02:00
if [ [ -s $shsh ] ] ; then
log " Onboard blobs should be dumped to $shsh "
continue
fi
warn "Failed to convert raw dump to SHSH."
local raw = " ../saved/shsh/rawdump_ ${ device_ecid } - ${ device_type } _ $( date +%Y-%m-%d-%H%M) .raw "
mv dump.raw $raw
log " Raw dump saved at: $raw "
warn "This raw dump is not usable for restoring, you need to convert it first."
print "* If unable to be converted, this dump is likely not usable for restoring."
2024-01-18 09:18:44 +01:00
; ;
2024-02-17 03:11:10 +01:00
"iosvers" )
device_ramdisk_iosvers
if [ [ -n $device_vers ] ] ; then
log "Retrieved the current iOS version"
print " * iOS Version: $device_vers ( $device_build ) "
else
warn "Something wrong happened. Failed to get iOS version."
fi
; ;
"dump-bbactrec" ) device_dumprd; ;
2024-02-15 13:29:49 +01:00
"trollstore" )
print "* Make sure that your device is on iOS 14 or 15 before continuing."
print "* If your device is on iOS 13 or below, TrollStore will NOT work."
2024-06-19 16:22:57 +02:00
read -p " $( input "Select Y to continue, N to go back (y/N) " ) " opt
if [ [ $opt != 'Y' && $opt != 'y' ] ] ; then
continue
fi
2024-02-15 13:29:49 +01:00
log "Checking for latest TrollStore"
2024-05-02 05:02:55 +02:00
local latest = " $( curl https://api.github.com/repos/opa334/TrollStore/releases/latest | $jq -r ".tag_name" ) "
2024-02-15 13:29:49 +01:00
local current = " $( cat ../saved/TrollStore_version) "
if [ [ $current != " $latest " ] ] ; then
rm ../saved/TrollStore.tar ../saved/PersistenceHelper_Embedded
fi
if [ [ -s ../saved/TrollStore.tar && -s ../saved/PersistenceHelper_Embedded ] ] ; then
cp ../saved/TrollStore.tar ../saved/PersistenceHelper_Embedded .
else
rm ../saved/TrollStore.tar ../saved/PersistenceHelper_Embedded 2>/dev/null
2024-05-02 04:53:02 +02:00
log "Downloading files for latest TrollStore"
2024-05-02 05:02:55 +02:00
download_file https://github.com/opa334/TrollStore/releases/download/$latest /PersistenceHelper_Embedded PersistenceHelper_Embedded
download_file https://github.com/opa334/TrollStore/releases/download/$latest /TrollStore.tar TrollStore.tar
2024-02-15 13:29:49 +01:00
cp TrollStore.tar PersistenceHelper_Embedded ../saved
echo " $latest " > ../saved/TrollStore_version
fi
tar -xf TrollStore.tar
log "Installing TrollStore to Tips"
$ssh -p $ssh_port root@127.0.0.1 "mount_filesystems"
local tips = " $( $ssh -p $ssh_port root@127.0.0.1 "find /mnt2/containers/Bundle/Application/ -name \"Tips.app\"" ) "
$scp -P $ssh_port PersistenceHelper_Embedded TrollStore.app/trollstorehelper ../resources/sshrd/trollstore.sh root@127.0.0.1:$tips
rm -r PersistenceHelper_Embedded TrollStore*
$ssh -p $ssh_port root@127.0.0.1 " bash $tips /trollstore.sh; rm $tips /trollstore.sh "
log "Done!"
; ;
2024-02-26 10:22:31 +01:00
"erase78" )
warn "This will do a \"Erase All Content and Settings\" procedure for iOS 7 and 8 devices."
print "* This procedure will do step 6 of this tutorial: https://reddit.com/r/LegacyJailbreak/comments/13of20g/tutorial_new_restoringerasingwipingrescuing_a/"
2024-03-09 16:00:11 +01:00
if ( ( device_proc >= 7 ) ) ; then
print "* If your device is on iOS 7, make sure to boot an iOS 8 ramdisk afterwards to fix booting."
fi
2024-02-26 10:22:31 +01:00
print "* When the device boots back up, trigger a restore by entering wrong passwords 10 times."
2024-06-19 16:22:57 +02:00
read -p " $( input "Select Y to continue, N to go back (y/N) " ) " opt
if [ [ $opt != 'Y' && $opt != 'y' ] ] ; then
continue
fi
2024-04-24 04:31:31 +02:00
$ssh -p $ssh_port root@127.0.0.1 "/sbin/mount_hfs /dev/disk0s1s1 /mnt1; /sbin/mount_hfs /dev/disk0s1s2 /mnt2; cp /com.apple.springboard.plist /mnt1/"
2024-02-26 10:22:31 +01:00
$ssh -p $ssh_port root@127.0.0.1 "cd /mnt2/mobile/Library/Preferences; mv com.apple.springboard.plist com.apple.springboard.plist.bak; ln -s /com.apple.springboard.plist ./com.apple.springboard.plist"
2024-04-25 03:06:20 +02:00
$ssh -p $ssh_port root@127.0.0.1 "rm /mnt2/mobile/Library/SpringBoard/LockoutStateJournal.plist"
2024-04-24 04:31:31 +02:00
$ssh -p $ssh_port root@127.0.0.1 "sync; cd /; /sbin/umount /mnt2; /sbin/umount /mnt1; sync; /sbin/reboot"
2024-02-26 10:22:31 +01:00
log "Done, your device should reboot now"
print "* Proceed to trigger a restore by entering wrong passwords 10 times."
loop = 1
; ;
2024-01-18 09:18:44 +01:00
esac
done
2023-01-13 05:25:27 +01:00
}
2024-01-19 18:11:26 +01:00
shsh_save_onboard64( ) {
log "Proceeding to dump onboard blobs on normal mode"
print "* There are other ways for dumping onboard blobs for 64-bit devices as listed below:"
2024-02-15 13:50:43 +01:00
print "* You can use SSH Ramdisk option to dump onboard blobs: Other Utilities -> SSH Ramdisk"
print "* For A8 and newer, you can also use SSHRD_Script: https://github.com/verygenericname/SSHRD_Script"
2024-01-19 18:11:26 +01:00
if [ [ $device_mode != "Normal" ] ] ; then
warn "Device must be in normal mode and jailbroken, cannot continue."
2024-02-15 13:50:43 +01:00
print "* Use the SSH Ramdisk option instead."
2024-01-19 18:11:26 +01:00
return
fi
2024-06-08 07:09:43 +02:00
device_ssh_message
2024-01-19 18:11:26 +01:00
device_iproxy
device_sshpass
2024-03-15 01:43:42 +01:00
local shsh = " ../saved/shsh/ $device_ecid - $device_type - $device_vers - $device_build .shsh "
2024-02-12 06:33:52 +01:00
$ssh -p $ssh_port root@127.0.0.1 "cat /dev/disk1" | dd of = dump.raw bs = 256 count = $(( 0 x4000))
2024-01-19 18:11:26 +01:00
" $dir /img4tool " --convert -s $shsh dump.raw
if [ [ ! -s $shsh ] ] ; then
2024-03-15 01:43:42 +01:00
warn "Failed to convert raw dump to SHSH."
if [ [ -s dump.raw ] ] ; then
2024-06-22 09:52:08 +02:00
local raw = " ../saved/shsh/rawdump_ ${ device_ecid } - ${ device_type } - ${ device_vers } - ${ device_build } _ $( date +%Y-%m-%d-%H%M) .raw "
2024-03-15 03:51:05 +01:00
mv dump.raw $raw
log " Raw dump saved at: $raw "
2024-03-15 01:43:42 +01:00
warn "This raw dump is not usable for restoring, you need to convert it first."
print "* If unable to be converted, this dump is likely not usable for restoring."
fi
2024-06-22 09:52:08 +02:00
error "Saving onboard SHSH blobs failed." "It is recommended to dump onboard SHSH blobs on SSH Ramdisk instead."
2024-01-19 18:11:26 +01:00
fi
log " Successfully saved $device_vers blobs: $shsh "
}
2023-01-15 15:31:49 +01:00
shsh_save_onboard( ) {
2024-01-19 18:11:26 +01:00
if ( ( device_proc >= 7 ) ) ; then
shsh_save_onboard64
return
elif [ [ $device_proc = = 4 ] ] || [ [ $device_proc = = 6 && $platform = = "macos" ] ] ; then
2023-09-14 10:10:52 +02:00
device_buttons
2023-09-15 01:02:29 +02:00
else
device_enter_mode kDFU
2023-09-14 10:10:52 +02:00
fi
2024-05-07 06:56:14 +02:00
if [ [ $device_proc = = 4 && $device_pwnrec != 1 ] ] ; then
2023-06-07 07:24:24 +02:00
patch_ibss
log "Sending iBSS..."
2023-09-14 10:10:52 +02:00
$irecovery -f pwnediBSS.dfu
2023-06-07 07:24:24 +02:00
fi
2023-11-18 02:48:07 +01:00
sleep 1
2023-01-15 15:31:49 +01:00
patch_ibec
2023-01-16 02:58:09 +01:00
log "Sending iBEC..."
2023-09-14 10:10:52 +02:00
$irecovery -f pwnediBEC.dfu
2024-05-07 06:56:14 +02:00
if [ [ $device_pwnrec = = 1 ] ] ; then
$irecovery -c "go"
fi
2024-06-19 16:22:57 +02:00
sleep 3
2023-01-15 15:31:49 +01:00
device_find_mode Recovery
2024-06-08 07:09:43 +02:00
log "Dumping raw dump now"
2023-08-05 17:00:27 +02:00
( echo -e "/send ../resources/payload\ngo blobs\n/exit" ) | $irecovery2 -s
2024-03-15 01:43:42 +01:00
$irecovery2 -g dump.raw
2024-06-08 07:09:43 +02:00
log "Rebooting device"
2023-08-05 17:00:27 +02:00
$irecovery -n
2024-06-08 07:09:43 +02:00
local raw
local err
shsh_convert_onboard $1
err = $?
if [ [ $1 = = "dump" ] ] ; then
raw = " ../saved/shsh/rawdump_ ${ device_ecid } - ${ device_type } _ $( date +%Y-%m-%d-%H%M) _ ${ shsh_onboard_iboot } .raw "
else
raw = " ../saved/shsh/rawdump_ ${ device_ecid } - ${ device_type } - ${ device_target_vers } - ${ device_target_build } _ $( date +%Y-%m-%d-%H%M) _ ${ shsh_onboard_iboot } .raw "
2023-01-16 15:46:04 +01:00
fi
2024-06-08 07:09:43 +02:00
if [ [ $1 = = "dump" ] ] || [ [ $err != 0 && -s dump.raw ] ] ; then
mv dump.raw $raw
log " Raw dump saved at: $raw "
warn "This raw dump is not usable for restoring, you need to convert it first."
print "* If unable to be converted, this dump is likely not usable for restoring."
print "* For the IPSW to download and use, see the raw dump iBoot version above"
2024-06-08 07:45:42 +02:00
print "* Then go here to find the matching iOS version: https://theapplewiki.com/wiki/IBoot_(Bootloader)"
2023-01-15 15:31:49 +01:00
fi
2024-03-15 01:43:42 +01:00
}
shsh_convert_onboard( ) {
2024-06-08 07:09:43 +02:00
local shsh = " ../saved/shsh/ ${ device_ecid } - ${ device_type } _ $( date +%Y-%m-%d-%H%M) .shsh "
2024-03-15 01:43:42 +01:00
if ( ( device_proc < 7 ) ) ; then
2024-06-08 07:09:43 +02:00
shsh = " ../saved/shsh/ ${ device_ecid } - ${ device_type } - ${ device_target_vers } - ${ device_target_build } .shsh "
# remove ibob for powdersn0w/dra downgraded devices. fixes unknown magic 69626f62
local blob = $( xxd -p dump.raw | tr -d '\n' )
local bobi = "626f6269"
local blli = "626c6c69"
if [ [ $blob = = *" $bobi " * ] ] ; then
log "Detected \"ibob\". Fixing... (This happens on DRA/powdersn0w downgraded devices)"
rm -f dump.raw
2024-06-10 04:41:11 +02:00
printf "%s" " ${ blob % " $bobi " * } ${ blli } ${ blob ##* " $blli " } " | xxd -r -p > dump.raw
2024-06-08 07:09:43 +02:00
fi
shsh_onboard_iboot = " $( cat dump.raw | strings | grep iBoot | head -1) "
log " Raw dump iBoot version: $shsh_onboard_iboot "
if [ [ $1 = = "dump" ] ] ; then
return
fi
log "Converting raw dump to SHSH blob"
2024-03-15 01:43:42 +01:00
" $dir /ticket " dump.raw dump.shsh " $ipsw_path .ipsw " -z
2024-06-08 07:09:43 +02:00
log "Attempting to validate SHSH blob"
2024-03-15 01:43:42 +01:00
" $dir /validate " dump.shsh " $ipsw_path .ipsw " -z
if [ [ $? != 0 ] ] ; then
warn "Saved SHSH blobs might be invalid. Did you select the correct IPSW?"
fi
else
" $dir /img4tool " --convert -s dump.shsh dump.raw
fi
if [ [ ! -s dump.shsh ] ] ; then
2024-06-08 07:09:43 +02:00
warn "Converting onboard SHSH blobs failed."
return 1
2024-03-15 01:43:42 +01:00
fi
mv dump.shsh $shsh
2024-01-19 18:11:26 +01:00
log " Successfully saved $device_target_vers blobs: $shsh "
2023-01-15 15:31:49 +01:00
}
2023-02-16 09:34:34 +01:00
shsh_save_cydia( ) {
2023-08-05 17:00:27 +02:00
local json = $( curl " https://api.ipsw.me/v4/device/ ${ device_type } ?type=ipsw " )
local len = $( echo " $json " | $jq -r ".firmwares | length" )
2023-02-16 09:34:34 +01:00
local builds = ( )
local i = 0
while ( ( i < len ) ) ; do
2023-08-05 17:00:27 +02:00
builds += ( $( echo " $json " | $jq -r " .firmwares[ $i ].buildid " ) )
2023-02-16 09:34:34 +01:00
( ( i++) )
done
for build in ${ builds [@] } ; do
2023-06-15 08:21:05 +02:00
if [ [ $build = = "10" * && $build != "10B329" && $build != "10B350" ] ] ; then
2023-04-02 12:18:44 +02:00
continue
fi
2023-07-02 09:51:07 +02:00
printf "\n%s " " $build "
2023-03-03 17:10:28 +01:00
" $dir /tsschecker " -d $device_type -e $device_ecid --server-url "http://cydia.saurik.com/TSS/controller?action=2/" -s -g 0x1111111111111111 --buildid $build >/dev/null
2023-02-16 09:34:34 +01:00
if [ [ $( ls *$build * 2>/dev/null) ] ] ; then
printf "saved"
mv $( ls *$build *) ../saved/shsh/$device_ecid -$device_type -$build .shsh
else
printf "failed"
fi
done
echo
}
2023-04-02 12:18:44 +02:00
menu_print_info( ) {
if [ [ $debug_mode != 1 ] ] ; then
clear
fi
print " *** Legacy iOS Kit ***"
print " - Script by LukeZGD -"
echo
2023-06-15 08:21:05 +02:00
if [ [ -n $version_current ] ] ; then
print " * Version: $version_current ( $git_hash ) "
fi
if [ [ $no_version_check = = 1 ] ] ; then
warn "No version check flag detected, update check is disabled and no support will be provided."
fi
2023-06-21 10:46:53 +02:00
if [ [ $git_hash_latest != " $git_hash " ] ] ; then
2023-06-15 08:21:05 +02:00
warn " Current version is newer/different than remote: $version_latest ( $git_hash_latest ) "
fi
2023-07-02 09:51:07 +02:00
print " * Platform: $platform ( $platform_ver ) $live_cdusb_str "
2023-04-02 12:18:44 +02:00
echo
2024-06-27 06:36:00 +02:00
print " * Device: $device_name ( ${ device_type } , ${ device_model } ap) in $device_mode mode "
2023-08-30 04:09:16 +02:00
device_manufacturing
2024-02-07 14:24:48 +01:00
if [ [ -n $device_disable_bbupdate && $device_type = = "iPhone" * ] ] ; then
2023-06-26 11:35:06 +02:00
warn "Disable bbupdate flag detected, baseband update is disabled. Proceed with caution"
print "* For iPhones, current baseband will be dumped and stitched to custom IPSW"
2023-12-17 09:37:50 +01:00
print "* Stitching is supported in these restores/downgrades: 8.4.1/6.1.3, Other with SHSH, powdersn0w"
2023-07-03 09:22:35 +02:00
fi
if [ [ $device_actrec = = 1 ] ] ; then
2023-07-18 05:56:33 +02:00
warn "Activation records flag detected. Proceed with caution"
2023-11-10 16:58:16 +01:00
print "* Stitching is supported in these restores/downgrades: 8.4.1/6.1.3, Other with SHSH, powdersn0w"
2023-06-26 05:01:16 +02:00
fi
2024-05-07 06:56:14 +02:00
if [ [ $device_pwnrec = = 1 ] ] ; then
warn "Pwned recovery flag detected. Assuming device is in pwned recovery mode."
elif [ [ $device_skipibss = = 1 ] ] ; then
warn "Skip iBSS flag detected. Assuming device is in pwned iBSS mode."
fi
2023-09-23 13:17:11 +02:00
if [ [ -n $device_build ] ] ; then
print " * iOS Version: $device_vers ( $device_build ) "
else
print " * iOS Version: $device_vers "
fi
2024-03-17 02:42:24 +01:00
if [ [ $device_proc != 1 && $device_mode = = "DFU" ] ] && ( ( device_proc < 7 ) ) ; then
2023-08-30 04:09:16 +02:00
print "* To get iOS version, go to: Other Utilities -> Get iOS Version"
fi
2023-04-02 12:18:44 +02:00
print " * ECID: $device_ecid "
2024-01-18 09:18:44 +01:00
if [ [ -n $device_pwnd ] ] ; then
print " * Pwned: $device_pwnd "
fi
2023-04-02 12:18:44 +02:00
echo
}
menu_main( ) {
local menu_items
local selected
local back
while [ [ -z " $mode " ] ] ; do
menu_items = ( )
menu_print_info
print " > Main Menu"
input "Select an option:"
if [ [ $device_mode != "none" ] ] ; then
2023-06-15 08:21:05 +02:00
menu_items += ( "Restore/Downgrade" )
2024-03-23 08:29:06 +01:00
if ( ( device_proc < 7 ) ) && [ [ $device_proc != 1 ] ] ; then
2023-08-30 04:13:11 +02:00
menu_items += ( "Jailbreak Device" )
fi
2023-06-24 12:22:35 +02:00
fi
2024-02-04 12:49:03 +01:00
if [ [ $device_proc != 1 && $device_type != "iPod2,1" ] ] ; then
2023-08-05 17:00:27 +02:00
menu_items += ( "Save SHSH Blobs" )
fi
2023-12-26 10:29:08 +01:00
if [ [ $device_mode = = "Normal" ] ] ; then
2024-05-16 13:53:26 +02:00
# remove linux check here on later sideloader update
2023-12-26 10:29:08 +01:00
if [ [ $platform = = "linux" ] ] ; then
case $device_vers in
2024-05-23 18:20:58 +02:00
[ 12] .* ) :; ;
[ 1289] * ) menu_items += ( "Sideload IPA" ) ; ;
2023-12-26 10:29:08 +01:00
esac
fi
2024-06-15 12:39:27 +02:00
menu_items += ( "App Management" "Data Management" )
2023-12-26 10:29:08 +01:00
fi
2024-06-08 15:38:44 +02:00
case $device_type in
iPad2,[ 123] ) menu_items += ( "FourThree Utility" ) ; ;
esac
2023-08-05 17:00:27 +02:00
menu_items += ( "Other Utilities" "Exit" )
2023-04-02 12:18:44 +02:00
select opt in " ${ menu_items [@] } " ; do
selected = " $opt "
break
done
case $selected in
2023-06-15 08:21:05 +02:00
"Restore/Downgrade" ) menu_restore; ;
2024-06-16 03:45:32 +02:00
"Jailbreak Device" ) mode = "device_jailbreak" ; ;
2023-04-02 12:18:44 +02:00
"Save SHSH Blobs" ) menu_shsh; ;
2024-06-15 12:39:27 +02:00
"Sideload IPA" ) menu_ipa " $selected " ; ;
"App Management" ) menu_appmanage; ;
"Data Management" ) menu_datamanage; ;
2023-04-02 12:18:44 +02:00
"Other Utilities" ) menu_other; ;
2024-06-08 15:38:44 +02:00
"FourThree Utility" ) menu_fourthree; ;
2023-04-02 12:18:44 +02:00
"Exit" ) mode = "exit" ; ;
esac
done
}
2024-06-15 12:39:27 +02:00
menu_appmanage( ) {
local menu_items
local selected
local back
menu_print_info
while [ [ -z " $mode " && -z " $back " ] ] ; do
menu_items = ( "Install IPA (AppSync)" "List User Apps" "List System Apps" "List All Apps" "Go Back" )
echo
print " > Main Menu > App Management"
input "Select an option:"
select opt in " ${ menu_items [@] } " ; do
selected = " $opt "
break
done
case $selected in
"Install IPA (AppSync)" ) menu_ipa " $selected " ; ;
"List User Apps" ) " $dir /ideviceinstaller " list --user; ;
"List System Apps" ) " $dir /ideviceinstaller " list --system; ;
"List All Apps" ) " $dir /ideviceinstaller " list --all; ;
"Go Back" ) back = 1; ;
esac
done
}
menu_datamanage( ) {
local menu_items
local selected
local back
menu_print_info
2024-06-19 04:10:45 +02:00
print "* Note: For \"Raw File System\" your device must be jailbroken and have AFC2"
print "* For most jailbreaks, install \"Apple File Conduit 2\" in Cydia/Zebra/Sileo"
print "* Note 2: The \"Erase All Content and Settings\" option works on iOS 9+ only"
print "* Note 3: Limited support for backups. Better use iCloud Backups instead"
print "* Note 4: Backups do not include apps. Only some app data and settings"
print "* For dumping apps, go to: https://www.reddit.com/r/LegacyJailbreak/wiki/guides/crackingapps"
2024-06-15 12:39:27 +02:00
while [ [ -z " $mode " && -z " $back " ] ] ; do
menu_items = ( "Backup" "Restore" "Mount Device" "Mount Device (Raw File System)" "Unmount Device" "Erase All Content and Settings" "Go Back" )
echo
print " > Main Menu > Data Management"
input "Select an option:"
select opt in " ${ menu_items [@] } " ; do
selected = " $opt "
break
done
case $selected in
"Go Back" ) back = 1; ;
*"ount" * ) :; ;
* ) device_pair; ;
esac
case $selected in
"Backup" ) mode = "device_backup_create" ; ;
"Restore" ) menu_backup_restore; ;
"Erase All Content and Settings" ) mode = "device_erase" ; ;
"Mount Device" ) mkdir ../mount 2>/dev/null; $ifuse ../mount; log "Device (Media) should now be mounted on mount folder" ; ;
"Mount Device (Raw File System)" ) mkdir ../mount 2>/dev/null; $ifuse --root ../mount; log "Device (root) should now be mounted on mount folder" ; ;
"Unmount Device" ) log "Attempting to umount device from mount folder" ; umount ../mount; ;
esac
done
}
menu_backup_restore( ) {
local menu_items
local selected
local back
while [ [ -z " $mode " && -z " $back " ] ] ; do
menu_print_info
local backupdir = " ../saved/backups/ ${ device_ecid } _ ${ device_type } "
if [ [ ! -d $backupdir ] ] ; then
mkdir -p $backupdir
fi
local backups = ( $( ls $backupdir ) )
if [ [ -z " ${ backups [*] } " ] ] ; then
print "* No backups (saved/backups)"
else
print "* Backups list (saved/backups):"
for b in " ${ backups [@] } " ; do
menu_items += ( " $( basename $b ) " )
done
fi
menu_items += ( "Go Back" )
echo
print " > Main Menu > Data Management > Restore"
input "Select option to restore:"
select opt in " ${ menu_items [@] } " ; do
selected = " $opt "
break
done
case $selected in
"Go Back" ) back = 1; ;
* ) device_backup = " $selected " ; mode = "device_backup_restore" ; ;
esac
done
}
2024-06-08 15:38:44 +02:00
menu_fourthree( ) {
local menu_items
local selected
local back
ipa_path =
ipsw_fourthree =
while [ [ -z " $mode " && -z " $back " ] ] ; do
menu_items = ( "Step 1: Restore" "Step 2: Partition" "Step 3: OS Install" "Reinstall App" "Go Back" )
menu_print_info
print "* FourThree Utility: Dualboot iPad 2 to iOS 4.3.x"
print "* This is a 3 step process for the device. Follow through the steps to successfully set up a dualboot."
2024-06-19 04:10:45 +02:00
if [ [ $device_type != "iPad2,1" ] ] ; then
warn "There may be issues for cellular devices (including activation), proceed with caution"
print "* Related discussion: https://github.com/LukeZGD/Legacy-iOS-Kit/discussions/509"
fi
2024-06-08 15:38:44 +02:00
echo
print " > Main Menu > FourThree Utility"
input "Select an option:"
select opt in " ${ menu_items [@] } " ; do
selected = " $opt "
break
done
case $selected in
"Step 1: Restore" ) ipsw_fourthree = 1; menu_ipsw "iOS 6.1.3" "fourthree" ; ;
"Step 2: Partition" ) mode = "device_fourthree_step2" ; ;
"Step 3: OS Install" ) mode = "device_fourthree_step3" ; ;
"Reinstall App" ) mode = "device_fourthree_app" ; ;
"Go Back" ) back = 1; ;
esac
done
}
2023-12-26 10:29:08 +01:00
menu_ipa( ) {
local menu_items
local selected
local back
ipa_path =
while [ [ -z " $mode " && -z " $back " ] ] ; do
menu_items = ( "Select IPA" )
menu_print_info
if [ [ $1 = = "Install" * ] ] ; then
2024-02-04 12:49:03 +01:00
print "* Make sure that AppSync Unified (iOS 5+) is installed on your device."
2023-12-26 10:29:08 +01:00
else
2024-01-07 05:22:56 +01:00
print "* Sideload IPA is for iOS 9 and newer."
2023-12-26 10:29:08 +01:00
print "* Sideloading will require an Apple ID."
print "* Your Apple ID and password will only be sent to Apple servers."
2024-06-10 18:07:32 +02:00
print "* Make sure that the device is activated and connected to the Internet."
2024-05-02 04:53:02 +02:00
print "* There is also the option to use Dadoum Sideloader: https://github.com/Dadoum/Sideloader"
2024-05-16 13:53:26 +02:00
if [ [ $platform = = "macos" ] ] ; then
menu_items = ( )
fi
2023-12-26 10:29:08 +01:00
fi
echo
if [ [ -n $ipa_path ] ] ; then
print " * Selected IPA: $ipa_path "
menu_items += ( "Install IPA" )
2024-05-02 04:53:02 +02:00
elif [ [ $1 = = "Install" * ] ] ; then
2024-01-29 08:16:30 +01:00
print "* Select IPA files to install (multiple selection)"
2024-05-02 04:53:02 +02:00
else
print "* Select IPA file to install (or select Use Dadoum Sideloader)"
menu_items += ( "Use Dadoum Sideloader" )
2023-12-26 10:29:08 +01:00
fi
menu_items += ( "Go Back" )
echo
print " > Main Menu > $1 "
input "Select an option:"
select opt in " ${ menu_items [@] } " ; do
selected = " $opt "
break
done
case $selected in
"Select IPA" ) menu_ipa_browse; ;
"Install IPA" )
if [ [ $1 = = "Install" * ] ] ; then
2024-06-16 03:45:32 +02:00
mode = "device_ideviceinstaller"
2023-12-26 10:29:08 +01:00
else
2024-06-16 03:45:32 +02:00
mode = "device_altserver_linux"
2023-12-26 10:29:08 +01:00
fi
; ;
2024-05-02 04:53:02 +02:00
"Use Dadoum Sideloader" )
2024-05-16 13:53:26 +02:00
local arch = " $platform_arch "
2024-05-23 18:20:58 +02:00
local sideloader = "sideloader-"
if [ [ $platform = = "macos" ] ] ; then
sideloader += " qt-macOS- $arch "
2024-05-16 13:53:26 +02:00
else
case $arch in
"armhf" )
warn "Dadoum Sideloader does not support armhf/armv7. arm64 or x86_64 only."
pause
continue
; ;
"arm64" ) arch = "aarch64" ; ;
esac
2024-05-23 18:20:58 +02:00
sideloader += " gtk-linux- $arch "
2024-05-16 13:53:26 +02:00
fi
2024-05-02 04:53:02 +02:00
log "Checking for latest Sideloader"
2024-05-02 05:02:55 +02:00
local latest = " $( curl https://api.github.com/repos/Dadoum/Sideloader/releases/latest | $jq -r ".tag_name" ) "
2024-05-02 04:53:02 +02:00
local current = " $( cat ../saved/Sideloader_version) "
if [ [ $current != " $latest " ] ] ; then
rm ../saved/$sideloader
fi
if [ [ ! -e ../saved/$sideloader ] ] ; then
2024-05-02 05:02:55 +02:00
download_file https://github.com/Dadoum/Sideloader/releases/download/$latest /$sideloader .zip $sideloader .zip
2024-05-02 04:53:02 +02:00
unzip -o -j $sideloader .zip $sideloader -d ../saved
fi
echo " $latest " > ../saved/Sideloader_version
2024-06-11 11:18:59 +02:00
device_pair
2024-05-02 04:53:02 +02:00
log "Launching Dadoum Sideloader"
chmod +x ../saved/$sideloader
../saved/$sideloader
; ;
2023-12-26 10:29:08 +01:00
"Go Back" ) back = 1; ;
esac
done
}
menu_ipa_browse( ) {
local newpath
2024-01-02 04:46:15 +01:00
input "Select your IPA file(s) in the file selection window."
2024-06-22 09:52:08 +02:00
if [ [ $mac_cocoa = = 1 ] ] ; then
newpath = " $( $cocoadialog fileselect --with-extensions ipa) "
else
newpath = " $( $zenity --file-selection --multiple --file-filter= 'IPA | *.ipa' --title= "Select IPA file(s)" ) "
fi
2024-01-02 04:46:15 +01:00
[ [ -z " $newpath " ] ] && read -p " $( input "Enter path to IPA file (or press Ctrl+C to cancel): " ) " newpath
2023-12-26 10:29:08 +01:00
ipa_path = " $newpath "
}
2023-04-02 12:18:44 +02:00
menu_shsh( ) {
local menu_items
local selected
local back
device_target_vers =
device_target_build =
while [ [ -z " $mode " && -z " $back " ] ] ; do
menu_items = ( )
case $device_type in
iPad4,[ 12345] | iPhone6,[ 12] )
menu_items += ( "iOS 10.3.3" ) ; ;
2024-05-16 13:53:26 +02:00
iPad[ 23] * | iPhone4,1 | iPhone5,[ 12] | iPod5,1 )
2023-06-19 05:47:18 +02:00
menu_items += ( "iOS 8.4.1" ) ; ;
esac
case $device_type in
2023-04-02 12:18:44 +02:00
iPad2,[ 123] | iPhone4,1 )
menu_items += ( "iOS 6.1.3" ) ; ;
esac
if ( ( device_proc < 7 ) ) ; then
menu_items += ( "Cydia Blobs" )
fi
2024-06-08 07:09:43 +02:00
if [ [ $device_mode != "none" ] ] ; then
menu_items += ( "Onboard Blobs" )
if ( ( device_proc < 7 ) ) ; then
menu_items += ( "Onboard Blobs (Raw Dump)" )
fi
fi
2024-03-15 01:43:42 +01:00
menu_items += ( "Convert Raw Dump" "Go Back" )
2023-04-02 12:18:44 +02:00
menu_print_info
2023-10-25 09:46:35 +02:00
if [ [ $device_mode != "none" && $device_proc = = 4 ] ] ; then
2024-05-16 13:53:26 +02:00
warn "Dumping onboard blobs might not work for this device, proceed with caution"
2024-05-06 03:20:39 +02:00
print "* Legacy iOS Kit only fully supports dumping onboard blobs for A5(X) and A6(X) devices and newer"
2023-10-26 07:13:59 +02:00
echo
2023-10-25 09:46:35 +02:00
fi
2023-04-02 12:18:44 +02:00
print " > Main Menu > Save SHSH Blobs"
input "Select an option:"
select opt in " ${ menu_items [@] } " ; do
selected = " $opt "
break
done
case $selected in
"iOS 10.3.3" )
device_target_vers = "10.3.3"
device_target_build = "14G60"
2023-06-19 05:47:18 +02:00
; ;
2023-04-02 12:18:44 +02:00
"iOS 8.4.1" )
device_target_vers = "8.4.1"
device_target_build = "12H321"
2023-06-19 05:47:18 +02:00
; ;
2023-04-02 12:18:44 +02:00
"iOS 6.1.3" )
device_target_vers = "6.1.3"
device_target_build = "10B329"
2023-06-19 05:47:18 +02:00
; ;
esac
case $selected in
2023-04-02 12:18:44 +02:00
"iOS" * ) mode = "save-ota-blobs" ; ;
"Onboard Blobs" ) menu_shsh_onboard; ;
2024-06-08 07:09:43 +02:00
"Onboard Blobs (Raw Dump)" ) mode = "save-onboard-dump" ; ;
2023-04-02 12:18:44 +02:00
"Cydia Blobs" ) mode = "save-cydia-blobs" ; ;
2024-03-15 01:43:42 +01:00
"Convert Raw Dump" ) menu_shsh_convert; ;
2023-04-02 12:18:44 +02:00
"Go Back" ) back = 1; ;
esac
done
}
menu_shsh_onboard( ) {
local menu_items
local selected
local back
ipsw_path =
2024-01-19 18:11:26 +01:00
if ( ( device_proc >= 7 ) ) ; then
mode = "save-onboard-blobs"
fi
2023-04-02 12:18:44 +02:00
while [ [ -z " $mode " && -z " $back " ] ] ; do
menu_items = ( "Select IPSW" )
menu_print_info
2023-11-14 10:26:19 +01:00
if [ [ $device_mode != "none" && $device_proc = = 4 ] ] ; then
2024-05-16 13:53:26 +02:00
warn "Dumping onboard blobs might not work for this device, proceed with caution"
2024-05-06 03:20:39 +02:00
print "* Legacy iOS Kit only fully supports dumping onboard blobs for A5(X) and A6(X) devices and newer"
2023-11-14 10:26:19 +01:00
echo
fi
2023-04-02 12:18:44 +02:00
if [ [ -n $ipsw_path ] ] ; then
print " * Selected IPSW: $ipsw_path .ipsw "
print " * IPSW Version: $device_target_vers - $device_target_build "
if [ [ $device_mode = = "Normal" && $device_target_vers != " $device_vers " ] ] ; then
warn "Selected IPSW does not seem to match the current version."
2024-06-08 07:09:43 +02:00
if ( ( device_proc < 7 ) ) ; then
print "* Ignore this warning if this is a DRA/powdersn0w downgraded device."
fi
2023-04-02 12:18:44 +02:00
fi
menu_items += ( "Save Onboard Blobs" )
else
print "* Select IPSW of your current iOS version to continue"
fi
menu_items += ( "Go Back" )
echo
print " > Main Menu > Save SHSH Blobs > Onboard Blobs"
input "Select an option:"
select opt in " ${ menu_items [@] } " ; do
selected = " $opt "
break
done
case $selected in
"Select IPSW" ) menu_ipsw_browse; ;
"Save Onboard Blobs" ) mode = "save-onboard-blobs" ; ;
"Go Back" ) back = 1; ;
esac
done
}
2024-03-15 01:43:42 +01:00
menu_shsh_convert( ) {
local menu_items
local selected
local back
ipsw_path =
2024-06-08 07:45:42 +02:00
shsh_path =
2024-03-15 01:43:42 +01:00
while [ [ -z " $mode " && -z " $back " ] ] ; do
2024-06-08 07:45:42 +02:00
menu_items = ( "Select Raw Dump" )
menu_print_info
if [ [ -n $shsh_path ] ] ; then
print " * Selected dump: $shsh_path "
if ( ( device_proc < 7 ) ) ; then
shsh_onboard_iboot = " $( cat " $shsh_path " | strings | grep iBoot | head -1) "
print " * Raw dump iBoot version: $shsh_onboard_iboot "
print "* Go here to find the matching iOS version: https://theapplewiki.com/wiki/IBoot_(Bootloader)"
menu_items += ( "Select IPSW" )
else
menu_items += ( "Convert Raw Dump" )
fi
2024-03-15 01:43:42 +01:00
else
2024-06-08 07:45:42 +02:00
print "* Select raw dump file to continue"
2024-03-15 01:43:42 +01:00
fi
if [ [ -n $ipsw_path ] ] ; then
2024-06-08 07:45:42 +02:00
echo
2024-03-15 01:43:42 +01:00
print " * Selected IPSW: $ipsw_path .ipsw "
print " * IPSW Version: $device_target_vers - $device_target_build "
menu_items += ( "Convert Raw Dump" )
2024-06-08 07:45:42 +02:00
elif ( ( device_proc < 7 ) ) ; then
echo
print "* Select IPSW of the raw dump's iOS version to continue"
2024-03-15 01:43:42 +01:00
fi
menu_items += ( "Go Back" )
echo
print " > Main Menu > Save SHSH Blobs > Convert Raw Dump"
input "Select an option:"
select opt in " ${ menu_items [@] } " ; do
selected = " $opt "
break
done
case $selected in
"Select IPSW" ) menu_ipsw_browse; ;
"Select Raw Dump" ) menu_shshdump_browse; ;
"Convert Raw Dump" ) mode = "convert-onboard-blobs" ; ;
"Go Back" ) back = 1; ;
esac
done
}
2023-04-02 12:18:44 +02:00
menu_restore( ) {
local menu_items
local selected
local back
while [ [ -z " $mode " && -z " $back " ] ] ; do
menu_items = ( )
case $device_type in
iPad4,[ 12345] | iPhone6,[ 12] )
menu_items += ( "iOS 10.3.3" ) ; ;
iPad2,[ 1234567] | iPad3,[ 123456] | iPhone4,1 | iPhone5,[ 12] | iPod5,1 )
2023-06-19 05:47:18 +02:00
menu_items += ( "iOS 8.4.1" ) ; ;
esac
case $device_type in
2023-04-02 12:18:44 +02:00
iPad2,[ 123] | iPhone4,1 )
2023-06-19 05:47:18 +02:00
menu_items += ( "iOS 6.1.3" ) ; ;
2023-06-15 08:21:05 +02:00
iPhone2,1 )
2024-01-02 04:46:15 +01:00
menu_items += ( "5.1.1" "4.3.3" "4.1" "3.1.3" "More versions" ) ; ;
2023-06-19 05:47:18 +02:00
iPod3,1 )
2023-08-09 19:52:12 +02:00
menu_items += ( "4.1" ) ; ;
2024-01-02 04:46:15 +01:00
iPhone1,2 )
2023-09-01 15:26:45 +02:00
menu_items += ( "4.1" "3.1.3" ) ; ;
2024-01-02 04:46:15 +01:00
iPod2,1 )
2024-03-17 02:42:24 +01:00
menu_items += ( "4.1" "3.1.3" "More versions" ) ; ;
2023-04-02 12:18:44 +02:00
esac
2023-12-30 15:10:04 +01:00
case $device_type in
iPhone3,[ 13] | iPad1,1 | iPod3,1 )
menu_items += ( "powdersn0w (any iOS)" ) ; ;
esac
2024-01-29 08:16:30 +01:00
if ( ( device_proc > 10 ) ) ; then
menu_items += ( "Latest iOS" )
else
menu_items += ( " Latest iOS ( $device_latest_vers ) " )
fi
2023-07-01 16:14:19 +02:00
case $device_type in
2024-03-01 16:32:15 +01:00
iPhone4,1 | iPhone5,[ 1234] | iPad2,4 | iPod5,1 )
2023-07-18 05:56:33 +02:00
menu_items += ( "Other (powdersn0w 7.x blobs)" ) ; ;
2024-01-10 02:59:34 +01:00
iPhone1,[ 12] | iPhone2,1 | iPhone3,[ 23] | iPad1,1 | iPod[ 1234] ,1 )
2023-08-29 16:14:03 +02:00
if [ [ -z $1 ] ] ; then
2023-11-21 02:59:54 +01:00
menu_items += ( "Other (Custom IPSW)" )
2023-08-29 16:14:03 +02:00
fi
; ;
2023-07-01 16:14:19 +02:00
esac
2023-09-01 15:26:45 +02:00
if [ [ $device_proc != 1 ] ] ; then
2024-01-29 08:16:30 +01:00
if [ [ $device_type != "iPod2,1" ] ] && ( ( device_proc <= 10 ) ) ; then
2023-11-18 02:48:07 +01:00
menu_items += ( "Other (Use SHSH Blobs)" )
fi
if [ [ $device_proc = = 5 || $device_proc = = 6 ] ] ; then
menu_items += ( "Other (Tethered)" )
fi
case $device_type in
2024-01-05 04:42:05 +01:00
iPhone3,[ 23] | iPad1,1 | iPod[ 34] ,1 )
2023-12-30 15:10:04 +01:00
menu_items += ( "Other (Tethered)" ) ; ;
2023-11-18 02:48:07 +01:00
esac
2023-09-01 15:26:45 +02:00
if ( ( device_proc < 7 ) ) ; then
menu_items += ( "DFU IPSW" )
fi
2023-08-29 16:14:03 +02:00
fi
2024-03-17 02:42:24 +01:00
menu_items += ( "IPSW Downloader" "Go Back" )
2023-04-02 12:18:44 +02:00
menu_print_info
if [ [ $1 = = "ipsw" ] ] ; then
print " > Main Menu > Other Utilities > Create Custom IPSW"
else
2023-06-15 08:21:05 +02:00
print " > Main Menu > Restore/Downgrade"
2023-04-02 12:18:44 +02:00
fi
2023-12-30 15:10:04 +01:00
if [ [ -z $1 ] ] ; then
if [ [ $device_proc = = 1 ] ] ; then
2024-03-24 13:03:21 +01:00
print "* Select \"Other (Custom IPSW)\" to restore to any other iOS version (2.0 to 3.1.2)"
2023-12-30 15:10:04 +01:00
echo
fi
2024-01-16 03:32:23 +01:00
if [ [ $device_type = = "iPod2,1" ] ] ; then
2024-03-24 13:03:21 +01:00
print "* Select \"Other (Custom IPSW)\" to restore to any other iOS version (2.1.1 to 3.0)"
2023-12-30 15:10:04 +01:00
echo
fi
2024-01-16 03:32:23 +01:00
if [ [ $device_type = = "iPod2,1" || $device_type = = "iPhone2,1" ] ] && [ [ $device_newbr != 0 ] ] ; then
print "* New bootrom devices might be incompatible with older iOS versions"
echo
fi
2023-12-30 15:10:04 +01:00
fi
2023-04-02 12:18:44 +02:00
input "Select an option:"
select opt in " ${ menu_items [@] } " ; do
selected = " $opt "
break
done
case $selected in
"" ) :; ;
"Go Back" ) back = 1; ;
2023-07-01 16:14:19 +02:00
"Other (Custom IPSW)" ) mode = "customipsw" ; ;
2023-08-29 16:14:03 +02:00
"DFU IPSW" ) mode = " dfuipsw ${ 1 } " ; ;
2024-01-02 04:46:15 +01:00
"More versions" ) menu_restore_more " $1 " ; ;
2024-01-29 08:16:30 +01:00
"Latest iOS" ) mode = "restore-latest" ; ;
2024-03-17 02:42:24 +01:00
"IPSW Downloader" ) menu_ipsw_downloader " $1 " ; ;
2024-01-02 04:46:15 +01:00
* ) menu_ipsw " $selected " " $1 " ; ;
esac
done
}
2024-03-17 02:42:24 +01:00
menu_ipsw_downloader( ) {
local menu_items
local selected
local back
local vers
while [ [ -z " $back " ] ] ; do
menu_items = ( "Enter Build Version" )
if [ [ -n $vers ] ] ; then
menu_items += ( "Start Download" )
fi
menu_items += ( "Go Back" )
menu_print_info
if [ [ $1 = = "ipsw" ] ] ; then
print " > Main Menu > Other Utilities > Create Custom IPSW > IPSW Downloader"
else
print " > Main Menu > Restore/Downgrade > IPSW Downloader"
fi
print "* To know more about build version, go here: https://theapplewiki.com/wiki/Firmware"
if [ [ -n $vers ] ] ; then
print " * Build Version entered: $vers "
else
print "* Enter build version to continue"
fi
echo
input "Select an option:"
select opt in " ${ menu_items [@] } " ; do
selected = " $opt "
break
done
case $selected in
"Enter Build Version" )
2024-03-31 14:00:37 +02:00
vers =
2024-03-17 02:42:24 +01:00
print "* Enter the build version of the IPSW you want to download."
until [ [ -n $vers ] ] ; do
read -p " $( input 'Enter build version (eg. 10B329): ' ) " vers
done
; ;
"Start Download" )
device_target_build = " $vers "
ipsw_download
log "IPSW downloading is done"
pause
; ;
"Go Back" ) back = 1; ;
esac
done
}
2024-01-02 04:46:15 +01:00
menu_restore_more( ) {
local menu_items
local selected
local back
while [ [ -z " $mode " && -z " $back " ] ] ; do
menu_items = ( )
case $device_type in
iPhone2,1 )
2024-01-02 14:13:01 +01:00
menu_items += ( "6.1.3" "6.1.2" "6.1" "6.0.1" "6.0" "5.1" "5.0.1" "5.0" )
2024-01-23 14:29:58 +01:00
menu_items += ( "4.3.5" "4.3.4" "4.3.2" "4.3.1" "4.3" )
2024-01-02 14:13:01 +01:00
menu_items += ( "4.2.1" "4.0.2" "4.0.1" "4.0" "3.1.2" "3.1" "3.0" )
2024-01-02 04:46:15 +01:00
; ;
2024-03-14 05:00:52 +01:00
iPod2,1 ) menu_items += ( "4.0.2" "4.0" "3.1.2" "3.1.1" ) ; ;
2024-01-02 04:46:15 +01:00
esac
menu_items += ( "Go Back" )
menu_print_info
if [ [ $1 = = "ipsw" ] ] ; then
print " > Main Menu > Other Utilities > Create Custom IPSW"
else
print " > Main Menu > Restore/Downgrade"
fi
if [ [ -z $1 && $device_type = = "iPod2,1" && $device_newbr != 0 ] ] ; then
2024-01-16 03:32:23 +01:00
warn "These versions are for old bootrom devices only. They may not work on your device"
2024-01-02 04:46:15 +01:00
echo
2024-03-31 14:00:37 +02:00
elif [ [ $device_type = = "iPod2,1" ] ] ; then
warn "These versions might not restore/boot properly"
2024-03-14 05:00:52 +01:00
echo
2024-01-02 04:46:15 +01:00
fi
input "Select an option:"
select opt in " ${ menu_items [@] } " ; do
selected = " $opt "
break
done
case $selected in
"" ) :; ;
"Go Back" ) back = 1; ;
2023-04-02 12:18:44 +02:00
* ) menu_ipsw " $selected " " $1 " ; ;
esac
done
}
menu_ipsw( ) {
local menu_items
local selected
local back
local newpath
local nav
local start
if [ [ $2 = = "ipsw" ] ] ; then
nav = " > Main Menu > Other Utilities > Create Custom IPSW > $1 "
start = "Create IPSW"
2024-06-08 15:38:44 +02:00
elif [ [ $2 = = "fourthree" ] ] ; then
nav = " > Main Menu > FourThree Utility > Step 1: Restore"
start = "Start Restore"
2023-04-02 12:18:44 +02:00
else
2023-06-15 08:21:05 +02:00
nav = " > Main Menu > Restore/Downgrade > $1 "
2023-04-02 12:18:44 +02:00
start = "Start Restore"
fi
2024-02-03 10:45:37 +01:00
ipsw_cancustomlogo =
2024-05-23 18:20:58 +02:00
ipsw_cancustomlogo2 =
2024-02-03 10:45:37 +01:00
ipsw_customlogo =
ipsw_customrecovery =
2023-04-02 12:18:44 +02:00
ipsw_path =
ipsw_base_path =
shsh_path =
device_target_vers =
device_target_build =
device_base_vers =
device_base_build =
2023-07-18 05:56:33 +02:00
device_target_other =
device_target_powder =
2023-10-30 18:36:38 +01:00
device_target_tethered =
2023-04-02 12:18:44 +02:00
2023-04-08 13:34:12 +02:00
while [ [ -z " $mode " && -z " $back " ] ] ; do
case $1 in
"iOS 10.3.3" )
device_target_vers = "10.3.3"
device_target_build = "14G60"
; ;
"iOS 8.4.1" )
device_target_vers = "8.4.1"
device_target_build = "12H321"
; ;
"iOS 6.1.3" )
device_target_vers = "6.1.3"
device_target_build = "10B329"
; ;
2023-06-15 08:21:05 +02:00
"Latest iOS" * )
2023-04-08 13:34:12 +02:00
device_target_vers = " $device_latest_vers "
device_target_build = " $device_latest_build "
2023-09-01 15:26:45 +02:00
case $device_latest_vers in
2024-01-30 04:03:35 +01:00
"6.1.6" | "4.2.1" | "3.1.3" ) ipsw_canhacktivate = 1; ;
2023-09-01 15:26:45 +02:00
esac
2023-04-08 13:34:12 +02:00
; ;
2024-01-29 05:15:55 +01:00
[ 6543] * )
2024-01-02 04:46:15 +01:00
device_target_vers = " $1 "
2024-01-30 04:03:35 +01:00
ipsw_canhacktivate = 1
2024-02-03 10:45:37 +01:00
if [ [ $device_type = = "iPhone2,1" && $1 != "4.1" ] ] ; then
ipsw_cancustomlogo = 1
fi
2024-01-02 04:46:15 +01:00
; ;
esac
2024-01-03 11:39:21 +01:00
if [ [ $device_type != "iPhone" * ] ] ; then
2024-01-30 04:03:35 +01:00
ipsw_canhacktivate =
2024-01-03 11:39:21 +01:00
fi
2024-05-23 18:20:58 +02:00
if [ [ $device_proc = = 1 ] ] ; then
2024-03-23 08:29:06 +01:00
ipsw_cancustomlogo = 1
fi
2024-01-02 04:46:15 +01:00
case $1 in
2024-01-02 14:13:01 +01:00
"6.1.3" ) device_target_build = "10B329" ; ;
"6.1.2" ) device_target_build = "10B146" ; ;
"6.1" ) device_target_build = "10B141" ; ;
"6.0.1" ) device_target_build = "10A523" ; ;
"6.0" ) device_target_build = "10A403" ; ;
2024-01-02 04:46:15 +01:00
"5.1.1" ) device_target_build = "9B206" ; ;
"5.1" ) device_target_build = "9B176" ; ;
"5.0.1" ) device_target_build = "9A405" ; ;
"5.0" ) device_target_build = "9A334" ; ;
"4.3.5" ) device_target_build = "8L1" ; ;
"4.3.4" ) device_target_build = "8K2" ; ;
"4.3.3" ) device_target_build = "8J2" ; ;
"4.3.2" ) device_target_build = "8H7" ; ;
"4.3.1" ) device_target_build = "8G4" ; ;
"4.3" ) device_target_build = "8F190" ; ;
"4.2.1" )
device_target_build = "8C148"
if [ [ $device_type = = "iPhone2,1" ] ] ; then
device_target_build += "a"
fi
; ;
"4.1" ) device_target_build = "8B117" ; ;
"4.0.2" ) device_target_build = "8A400" ; ;
"4.0.1" ) device_target_build = "8A306" ; ;
"4.0" ) device_target_build = "8A293" ; ;
"3.1.3" ) device_target_build = "7E18" ; ;
"3.1.2" ) device_target_build = "7D11" ; ;
"3.1.1" ) device_target_build = "7C145" ; ;
"3.1" ) device_target_build = "7C144" ; ;
"3.0.1" ) device_target_build = "7A400" ; ;
"3.0" ) device_target_build = "7A341" ; ;
2023-04-02 12:18:44 +02:00
esac
2023-04-08 13:34:12 +02:00
if [ [ $device_target_vers = = " $device_latest_vers " ] ] ; then
case $device_type in
2023-05-27 08:33:27 +02:00
iPad3,[ 456] ) newpath = "iPad_32bit" ; ;
2023-04-08 13:34:12 +02:00
iPad4,[ 123456] ) newpath = "iPad_64bit" ; ;
iPhone5,[ 1234] ) newpath = "iPhone_4.0_32bit" ; ;
2024-01-02 04:46:15 +01:00
iPod[ 79] ,1 ) newpath = "iPodtouch" ; ;
iPhone9,[ 13] ) newpath = "iPhone_4.7_P3" ; ;
iPhone9,[ 24] ) newpath = "iPhone_5.5_P3" ; ;
iPad4,[ 789] | iPad5* ) newpath = "iPad_64bit_TouchID" ; ;
iPhone6,[ 12] | iPhone8,4 ) newpath = "iPhone_4.0_64bit" ; ;
iPhone7,1 | iPhone8,2 ) newpath = "iPhone_5.5" ; ;
iPhone7,2 | iPhone8,1 ) newpath = "iPhone_4.7" ; ;
2023-04-08 13:34:12 +02:00
* ) newpath = " ${ device_type } " ; ;
esac
2024-03-23 08:29:06 +01:00
newpath += " _ ${ device_target_vers } _ ${ device_target_build } "
ipsw_custom_set $newpath
newpath += "_Restore"
2023-04-08 13:34:12 +02:00
else
case $device_type in
iPad4,[ 12345] ) newpath = "iPad_64bit" ; ;
2023-05-27 08:33:27 +02:00
iPhone6,[ 12] ) newpath = "iPhone_4.0_64bit" ; ;
2023-04-08 13:34:12 +02:00
* ) newpath = " ${ device_type } " ; ;
esac
newpath += " _ ${ device_target_vers } _ ${ device_target_build } "
ipsw_custom_set $newpath
newpath += "_Restore"
fi
2023-08-29 16:14:03 +02:00
if [ [ $1 = = "Other (Use SHSH Blobs)" ] ] ; then
2023-07-18 05:56:33 +02:00
device_target_other = 1
2024-01-02 14:13:01 +01:00
if [ [ $device_type = = "iPhone2,1" ] ] ; then
2024-01-30 04:03:35 +01:00
ipsw_canhacktivate = 1
2024-01-02 14:13:01 +01:00
fi
2023-07-18 05:56:33 +02:00
elif [ [ $1 = = *"powdersn0w" * ] ] ; then
device_target_powder = 1
2023-10-30 18:36:38 +01:00
elif [ [ $1 = = *"Tethered" * ] ] ; then
device_target_tethered = 1
2023-07-18 05:56:33 +02:00
elif [ [ -n $device_target_vers && -e " ../ $newpath .ipsw " ] ] ; then
2023-04-08 13:34:12 +02:00
ipsw_verify " ../ $newpath " " $device_target_build " nopause
if [ [ $? = = 0 ] ] ; then
ipsw_path = " ../ $newpath "
fi
2023-04-02 12:18:44 +02:00
fi
menu_items = ( "Select Target IPSW" )
menu_print_info
2024-03-17 02:42:24 +01:00
print "* Only select unmodified IPSW for the selection. Do not select custom IPSWs"
echo
2023-04-02 12:18:44 +02:00
if [ [ $1 = = *"powdersn0w" * ] ] ; then
menu_items += ( "Select Base IPSW" )
if [ [ -n $ipsw_path ] ] ; then
print " * Selected Target IPSW: $ipsw_path .ipsw "
print " * Target Version: $device_target_vers - $device_target_build "
2024-05-13 07:00:47 +02:00
if [ [ $device_type = = "iPhone3" * ] ] ; then
case $device_target_build in
8[ CE] * ) warn "Selected target version is not supported. It will not restore/boot properly" ; ;
esac
elif [ [ $device_target_build = = "7" * ] ] ; then
warn "Selected target version is not supported. It will not restore/boot properly"
fi
2024-05-23 18:20:58 +02:00
ipsw_cancustomlogo2 =
case $device_target_vers in
[ 456] * ) ipsw_cancustomlogo2 = 1; ;
esac
2023-04-02 12:18:44 +02:00
else
print "* Select Target IPSW to continue"
2023-11-18 02:24:52 +01:00
local lo
local hi
2023-06-15 08:21:05 +02:00
case $device_type in
2023-11-18 02:24:52 +01:00
iPhone3,1 ) lo = 4.0; hi = 7.1.1; ;
iPhone3,3 ) lo = 5.0; hi = 7.1.1; ;
iPhone4,1 | iPad2,[ 123] ) lo = 5.0; hi = 9.3.5; ;
iPad2,4 | iPad3,[ 123] ) lo = 5.1; hi = 9.3.5; ;
iPhone5,[ 12] | iPad3,[ 456] ) lo = 6.0; hi = 9.3.5; ;
iPhone5,[ 34] ) lo = 7.0; hi = 9.3.5; ;
2024-05-27 07:59:58 +02:00
iPad1,1 ) lo = 4.2.1; hi = 5.1; ;
2023-11-18 02:24:52 +01:00
iPod3,1 ) lo = 4.0; hi = 5.1; ;
2023-06-15 08:21:05 +02:00
esac
2023-11-18 02:24:52 +01:00
print " * Any iOS version from $lo to $hi is supported "
2023-04-02 12:18:44 +02:00
fi
echo
2023-06-15 08:21:05 +02:00
local text2 = "(iOS 7.1.x)"
2023-06-29 14:52:43 +02:00
case $device_type in
iPhone3,[ 13] ) text2 = "(iOS 7.1.2)" ; ;
2024-03-24 01:53:27 +01:00
iPhone5,[ 1234] ) text2 = "(iOS 7.x)" ; ;
2023-10-12 13:17:10 +02:00
iPad3,[ 456] ) text2 = "(iOS 7.0.x)" ; ;
2023-10-30 18:36:38 +01:00
iPad1,1 | iPod3,1 ) text2 = "(iOS 5.1.1)" ; ;
2023-06-29 14:52:43 +02:00
esac
2023-04-02 12:18:44 +02:00
if [ [ -n $ipsw_base_path ] ] ; then
print " * Selected Base $text2 IPSW: $ipsw_base_path .ipsw "
print " * Base Version: $device_base_vers - $device_base_build "
2023-10-30 18:36:38 +01:00
if [ [ $device_proc != 4 ] ] ; then
2023-04-02 12:18:44 +02:00
menu_items += ( "Select Base SHSH" )
fi
2024-02-03 10:45:37 +01:00
echo
2023-04-02 12:18:44 +02:00
else
print " * Select Base $text2 IPSW to continue "
2024-02-03 10:45:37 +01:00
echo
2023-04-02 12:18:44 +02:00
fi
2023-10-30 18:36:38 +01:00
if [ [ $device_proc = = 4 ] ] ; then
2023-04-02 12:18:44 +02:00
shsh_path = 1
else
if [ [ -n $shsh_path ] ] ; then
print " * Selected Base $text2 SHSH: $shsh_path "
2023-10-24 03:39:57 +02:00
if [ [ $shsh_validate = = 0 ] ] ; then
print "* Selected SHSH file is validated"
else
2024-03-24 13:03:21 +01:00
warn "Selected SHSH file failed validation, proceed with caution"
if ( ( device_proc >= 7 ) ) ; then
2024-06-19 16:22:57 +02:00
print "* If this is an OTA/onboard/factory blob, it may be fine to use for restoring"
2024-04-23 13:27:10 +02:00
print "* If the restore does not work here, use futurerestore manually"
2024-06-13 07:54:56 +02:00
elif ( ( device_proc < 5 ) ) ; then
warn "Validation might be a false negative for A4 and older devices."
2024-03-24 13:03:21 +01:00
fi
2024-05-23 18:20:58 +02:00
echo
2023-10-24 03:39:57 +02:00
fi
2023-04-07 06:50:58 +02:00
elif [ [ $2 != "ipsw" ] ] ; then
2023-04-02 12:18:44 +02:00
print " * Select Base $text2 SHSH to continue "
2024-05-23 18:20:58 +02:00
echo
2023-04-02 12:18:44 +02:00
fi
fi
2023-04-08 13:34:12 +02:00
if [ [ -n $ipsw_path && -n $ipsw_base_path ] ] && [ [ -n $shsh_path || $2 = = "ipsw" ] ] ; then
2023-04-02 12:18:44 +02:00
menu_items += ( " $start " )
fi
2024-06-08 15:38:44 +02:00
elif [ [ $2 = = "fourthree" ] ] ; then
menu_items += ( "Download Target IPSW" "Select Base IPSW" )
if [ [ -n $ipsw_path ] ] ; then
print " * Selected Target (iOS 6.1.3) IPSW: $ipsw_path .ipsw "
else
print "* Select Target (iOS 6.1.3) IPSW to continue"
fi
echo
if [ [ -n $ipsw_base_path ] ] ; then
print " * Selected Base (iOS 4.3.x) IPSW: $ipsw_base_path .ipsw "
print " * Base Version: $device_base_vers - $device_base_build "
echo
else
print "* Select Base (iOS 4.3.x) IPSW to continue"
echo
fi
if [ [ -n $ipsw_path && -n $ipsw_base_path ] ] ; then
menu_items += ( " $start " )
fi
2023-10-30 18:36:38 +01:00
elif [ [ $1 = = *"Tethered" * ] ] ; then
if [ [ -n $ipsw_path ] ] ; then
print " * Selected Target IPSW: $ipsw_path .ipsw "
print " * Target Version: $device_target_vers - $device_target_build "
2024-06-10 18:07:32 +02:00
ipsw_print_warnings
2023-10-30 18:36:38 +01:00
else
print "* Select Target IPSW to continue"
fi
2023-11-18 02:48:07 +01:00
warn "This is a tethered downgrade. Not recommended unless you know what you are doing."
print "* Tethered downgrade: you need to use Legacy iOS Kit every time to boot the device."
print "* Booting can be done by going to: Other Utilities -> Just Boot"
if [ [ -n $ipsw_path ] ] ; then
2023-10-30 18:36:38 +01:00
menu_items += ( " $start " )
fi
2024-02-03 10:45:37 +01:00
echo
2023-10-30 18:36:38 +01:00
2023-04-02 12:18:44 +02:00
elif [ [ $1 = = "Other" * ] ] ; then
# menu for other (shsh) restores
if [ [ -n $ipsw_path ] ] ; then
print " * Selected Target IPSW: $ipsw_path .ipsw "
print " * Target Version: $device_target_vers - $device_target_build "
2024-06-10 18:07:32 +02:00
ipsw_print_warnings
2023-04-02 12:18:44 +02:00
menu_items += ( "Select Target SHSH" )
else
print "* Select Target IPSW to continue"
fi
2023-08-05 17:00:27 +02:00
if ( ( device_proc > 6 ) ) ; then
2023-08-07 03:02:50 +02:00
print "* Check the SEP/BB compatibility chart: https://docs.google.com/spreadsheets/d/1Mb1UNm6g3yvdQD67M413GYSaJ4uoNhLgpkc7YKi3LBs"
2023-08-05 17:00:27 +02:00
fi
2024-02-03 10:45:37 +01:00
echo
2023-04-02 12:18:44 +02:00
if [ [ -n $shsh_path ] ] ; then
print " * Selected Target SHSH: $shsh_path "
2023-08-05 17:00:27 +02:00
if ( ( device_proc > 6 ) ) ; then
shsh_generator = $( cat " $shsh_path " | grep "<string>0x" | cut -c10-27)
print " * Generator: $shsh_generator "
2024-01-18 11:27:25 +01:00
fi
if [ [ $shsh_validate = = 0 ] ] ; then
2023-10-24 03:39:57 +02:00
print "* Selected SHSH file is validated"
else
warn "Selected SHSH file failed validation"
2023-08-05 17:00:27 +02:00
fi
2024-02-03 10:45:37 +01:00
echo
2023-08-05 17:00:27 +02:00
2023-04-07 06:50:58 +02:00
elif [ [ $2 != "ipsw" ] ] ; then
2023-04-02 12:18:44 +02:00
print "* Select Target SHSH to continue"
2024-02-03 10:45:37 +01:00
echo
2023-04-02 12:18:44 +02:00
fi
2023-04-08 13:34:12 +02:00
if [ [ -n $ipsw_path ] ] && [ [ -n $shsh_path || $2 = = "ipsw" ] ] ; then
2023-04-02 12:18:44 +02:00
menu_items += ( " $start " )
fi
else
2023-04-13 05:37:15 +02:00
# menu for ota/latest versions
2023-04-02 12:18:44 +02:00
menu_items += ( "Download Target IPSW" )
if [ [ -n $ipsw_path ] ] ; then
print " * Selected IPSW: $ipsw_path .ipsw "
menu_items += ( " $start " )
else
print " * Select $1 IPSW to continue "
fi
2024-06-10 18:07:32 +02:00
ipsw_print_warnings
2024-01-30 04:03:35 +01:00
if [ [ $ipsw_canhacktivate = = 1 ] ] && [ [ $device_type = = "iPhone2,1" || $device_proc = = 1 ] ] ; then
2023-08-15 13:09:04 +02:00
print "* Hacktivation is supported for this restore"
fi
2024-02-03 10:45:37 +01:00
echo
fi
2024-05-23 18:20:58 +02:00
if [ [ $ipsw_cancustomlogo2 = = 1 ] ] ; then
print "* You can select your own custom Apple logo image. This is optional and an experimental option"
print "* Note that the images must be in PNG format, and up to 320x480 resolution only"
if [ [ -n $ipsw_customlogo ] ] ; then
print " * Custom Apple logo: $ipsw_customlogo "
else
print "* No custom Apple logo selected"
fi
menu_items += ( "Select Apple Logo" )
echo
elif [ [ $ipsw_cancustomlogo = = 1 ] ] ; then
2024-03-17 02:42:24 +01:00
print "* You can select your own custom logo and recovery image. This is optional"
print "* Note that the images must be in PNG format, and up to 320x480 resolution only"
2024-02-03 10:45:37 +01:00
if [ [ -n $ipsw_customlogo ] ] ; then
2024-05-23 18:20:58 +02:00
print " * Custom Apple logo: $ipsw_customlogo "
2024-02-03 10:45:37 +01:00
else
2024-05-23 18:20:58 +02:00
print "* No custom Apple logo selected"
2024-02-03 10:45:37 +01:00
fi
if [ [ -n $ipsw_customrecovery ] ] ; then
print " * Custom recovery logo: $ipsw_customrecovery "
else
print "* No custom recovery logo selected"
fi
2024-05-23 18:20:58 +02:00
menu_items += ( "Select Apple Logo" "Select Recovery Logo" )
2024-02-03 10:45:37 +01:00
echo
2023-04-02 12:18:44 +02:00
fi
menu_items += ( "Go Back" )
2024-02-05 14:36:51 +01:00
if ( ( device_proc > 6 ) ) ; then
:
2024-02-07 15:31:52 +01:00
elif ( ( device_proc > 4 ) ) && [ [ $device_use_bb != 0 && $device_type != " $device_disable_bbupdate " ] ] ; then
2024-02-03 10:45:37 +01:00
print " * This restore will use $device_use_vers baseband "
echo
2024-03-17 02:42:24 +01:00
elif [ [ $device_target_vers = = " $device_latest_vers " && $device_use_bb != 0 ] ] ; then
2024-02-03 10:45:37 +01:00
print " * This restore will use $device_use_vers baseband if the jailbreak option is disabled "
echo
fi
2023-04-02 12:18:44 +02:00
print " $nav "
input "Select an option:"
select opt in " ${ menu_items [@] } " ; do
selected = " $opt "
break
done
2023-06-19 05:47:18 +02:00
case $selected in
2023-06-15 08:21:05 +02:00
"Start Restore" ) mode = "downgrade" ; ;
2023-04-02 12:18:44 +02:00
"Create IPSW" ) mode = "custom-ipsw" ; ;
"Select Target IPSW" ) menu_ipsw_browse " $1 " ; ;
"Select Base IPSW" ) menu_ipsw_browse "base" ; ;
"Select Target SHSH" ) menu_shsh_browse " $1 " ; ;
"Select Base SHSH" ) menu_shsh_browse "base" ; ;
"Download Target IPSW" ) ipsw_download " ../ $newpath " ; ;
2024-05-23 18:20:58 +02:00
"Select Apple Logo" ) menu_logo_browse "boot" ; ;
2024-02-03 10:45:37 +01:00
"Select Recovery Logo" ) menu_logo_browse "recovery" ; ;
2023-04-02 12:18:44 +02:00
"Go Back" ) back = 1; ;
esac
done
}
2024-06-10 18:07:32 +02:00
ipsw_print_warnings( ) {
case $device_type in
"iPhone3,1" )
if [ [ $device_target_vers = = "4.2.1" ] ] ; then
warn "iOS 4.2.1 for iPhone3,1 will fail to boot after the restore."
print "* It is recommended to select another version instead."
fi
; ;
"iPod4,1" )
if [ [ $device_target_vers = = "4.2.1" ] ] ; then
warn "iOS 4.2.1 for iPod4,1 may fail to boot after the restore/jailbreak."
print "* It is recommended to select another version instead."
elif [ [ $device_target_build = = "8B118" ] ] ; then
warn "iOS 4.1 (8B118) for iPod4,1 may fail to boot after the restore/jailbreak."
print "* It is recommended to select 8B117 or another version instead."
fi
; ;
"iPhone2,1" )
if [ [ $device_target_vers = = "3.0" * && $device_newbr != 0 ] ] ; then
warn "3.0.x versions are for old bootrom devices only. It will fail to restore/boot if your device is not compatible."
print "* It is recommended to select 3.1 or newer instead."
fi
; ;
"iPhone1,2" )
if [ [ $device_type = = "iPhone1,2" && $device_target_vers = = "4.2.1" ] ] ; then
warn "iOS 4.2.1 for iPhone1,2 will fail to restore with the jailbreak/hacktivate option."
print "* It is recommended to select 4.1 or 3.1.3 instead."
fi
; ;
esac
}
2023-04-02 12:18:44 +02:00
ipsw_version_set( ) {
local newpath = " $1 "
local vers
local build
log "Getting version from IPSW"
unzip -o -j " $newpath .ipsw " Restore.plist -d .
if [ [ $platform = = "macos" ] ] ; then
rm -f BuildVer Version
plutil -extract 'ProductVersion' xml1 Restore.plist -o Version
vers = $( cat Version | sed -ne '/<string>/,/<\/string>/p' | sed -e "s/<string>//" | sed "s/<\/string>//" | sed '2d' )
plutil -extract 'ProductBuildVersion' xml1 Restore.plist -o BuildVer
build = $( cat BuildVer | sed -ne '/<string>/,/<\/string>/p' | sed -e "s/<string>//" | sed "s/<\/string>//" | sed '2d' )
else
vers = $( cat Restore.plist | grep -i ProductVersion -A 1 | grep -oPm1 "(?<=<string>)[^<]+" )
build = $( cat Restore.plist | grep -i ProductBuildVersion -A 1 | grep -oPm1 "(?<=<string>)[^<]+" )
fi
if [ [ $2 = = "base" ] ] ; then
device_base_vers = " $vers "
device_base_build = " $build "
else
device_target_vers = " $vers "
device_target_build = " $build "
fi
}
ipsw_custom_set( ) {
2024-06-08 15:38:44 +02:00
if [ [ $ipsw_fourthree = = 1 ] ] ; then
ipsw_custom = " ../ ${ device_type } _ ${ device_target_vers } _ ${ device_target_build } _FourThree "
return
fi
2023-04-02 12:18:44 +02:00
ipsw_custom = " ../ ${ device_type } _ ${ device_target_vers } _ ${ device_target_build } _Custom "
if [ [ -n $1 ] ] ; then
ipsw_custom = " ../ $1 _Custom "
fi
2024-06-08 15:38:44 +02:00
2024-02-03 10:45:37 +01:00
if [ [ $device_actrec = = 1 ] ] ; then
ipsw_custom += "A"
fi
2023-04-02 12:18:44 +02:00
if [ [ $device_type = = " $device_disable_bbupdate " ] ] ; then
device_use_bb = 0
2024-02-09 17:35:04 +01:00
if [ [ $device_type = = "iPhone" * || $device_type = = "iPad" * ] ] && ( ( device_proc > 4 ) ) ; then
2024-02-07 15:31:52 +01:00
ipsw_custom += "B"
fi
2023-04-02 12:18:44 +02:00
fi
2023-08-15 13:09:04 +02:00
if [ [ $ipsw_hacktivate = = 1 ] ] ; then
ipsw_custom += "H"
fi
2023-07-18 05:56:33 +02:00
if [ [ $ipsw_jailbreak = = 1 ] ] ; then
ipsw_custom += "J"
fi
2024-05-23 18:20:58 +02:00
if [ [ $device_proc = = 1 && $device_type != "iPhone1,2" ] ] ; then
ipsw_custom2 = " $ipsw_custom "
fi
2024-02-03 10:45:37 +01:00
if [ [ -n $ipsw_customlogo || -n $ipsw_customrecovery ] ] ; then
ipsw_custom += "L"
2024-05-23 18:20:58 +02:00
if [ [ $device_proc = = 1 && $device_type != "iPhone1,2" ] ] ; then
ipsw_customlogo2 = 1
fi
2024-02-03 10:45:37 +01:00
fi
2023-07-18 05:56:33 +02:00
if [ [ $device_target_powder = = 1 ] ] ; then
ipsw_custom += "P"
2023-10-14 12:53:26 +02:00
if [ [ $device_base_vers = = "7.0" * ] ] ; then
ipsw_custom += "0"
fi
2023-07-18 05:56:33 +02:00
fi
2023-10-30 18:36:38 +01:00
if [ [ $device_target_tethered = = 1 ] ] ; then
ipsw_custom += "T"
fi
2023-04-02 12:18:44 +02:00
if [ [ $ipsw_verbose = = 1 ] ] ; then
ipsw_custom += "V"
fi
2024-02-26 03:41:17 +01:00
if [ [ $device_target_powder = = 1 && $device_target_vers = = "4.3" * ] ] ; then
2023-10-30 18:36:38 +01:00
ipsw_custom += " - $device_ecid "
2023-04-02 12:18:44 +02:00
fi
}
2024-02-03 10:45:37 +01:00
menu_logo_browse( ) {
local newpath
input " Select your $1 image file in the file selection window. "
2024-06-22 09:52:08 +02:00
if [ [ $mac_cocoa = = 1 ] ] ; then
newpath = " $( $cocoadialog fileselect --with-extensions png) "
else
newpath = " $( $zenity --file-selection --file-filter= 'PNG | *.png' --title= " Select $1 image file " ) "
fi
2024-02-03 10:45:37 +01:00
[ [ ! -s " $newpath " ] ] && read -p " $( input " Enter path to $1 image file (or press Ctrl+C to cancel): " ) " newpath
[ [ ! -s " $newpath " ] ] && return
log " Selected $1 image file: $newpath "
case $1 in
"boot" ) ipsw_customlogo = " $newpath " ; ;
"recovery" ) ipsw_customrecovery = " $newpath " ; ;
esac
}
2023-04-02 12:18:44 +02:00
menu_ipsw_browse( ) {
local versionc
local newpath
local text = "target"
[ [ $1 = = "base" ] ] && text = "base"
input " Select your $text IPSW file in the file selection window. "
2024-06-22 09:52:08 +02:00
if [ [ $mac_cocoa = = 1 ] ] ; then
newpath = " $( $cocoadialog fileselect --with-extensions ipsw) "
else
newpath = " $( $zenity --file-selection --file-filter= 'IPSW | *.ipsw' --title= " Select $text IPSW file " ) "
fi
2023-04-02 12:18:44 +02:00
[ [ ! -s " $newpath " ] ] && read -p " $( input " Enter path to $text IPSW file (or press Ctrl+C to cancel): " ) " newpath
[ [ ! -s " $newpath " ] ] && return
newpath = " ${ newpath %????? } "
log " Selected IPSW file: $newpath .ipsw "
ipsw_version_set " $newpath " " $1 "
if [ [ $( cat Restore.plist | grep -c $device_type ) = = 0 ] ] ; then
log " Selected IPSW is not for your device $device_type . "
pause
return
2023-08-05 17:00:27 +02:00
elif [ [ $device_proc = = 8 && $device_latest_vers = = "12" * ] ] || [ [ $device_type = = "iPad4,6" ] ] ; then
# SEP/BB check for iPhone 6/6+, iPad mini 2 China, iPod touch 6
case $device_target_build in
2024-02-04 12:49:03 +01:00
1[ 1234] * | 15[ ABCD] * )
2023-08-05 17:00:27 +02:00
log " Selected IPSW ( $device_target_vers ) is not supported as target version. "
print "* Latest SEP/BB is not compatible."
pause
return
; ;
esac
elif [ [ $device_proc = = 7 ] ] ; then
# SEP/BB check for iPhone 5S, iPad Air 1/mini 2
case $device_target_build in
2024-02-05 14:36:51 +01:00
1[ 123] * | 14A* | 15[ ABCD] * )
2023-08-05 17:00:27 +02:00
log " Selected IPSW ( $device_target_vers ) is not supported as target version. "
print "* Latest SEP/BB is not compatible."
pause
return
; ;
esac
elif [ [ $device_latest_vers = = "15" * ] ] ; then
# SEP/BB check for iPhone 6S/6S+/SE 2016/7/7+, iPad Air 2/mini 4, iPod touch 7
case $device_target_build in
2024-02-04 12:49:03 +01:00
1[ 234567] * )
2023-08-05 17:00:27 +02:00
log " Selected IPSW ( $device_target_vers ) is not supported as target version. "
print "* Latest SEP/BB is not compatible."
pause
return
; ;
esac
2024-04-09 15:29:28 +02:00
elif [ [ $device_latest_vers = = "16" * ] ] ; then
2024-04-09 14:18:14 +02:00
case $device_target_build in
20[ GH] * ) :; ; # 16.6 and newer only
* )
log " Selected IPSW ( $device_target_vers ) is not supported as target version. "
print "* Latest SEP/BB is not compatible."
pause
return
; ;
esac
2023-04-02 12:18:44 +02:00
fi
case $1 in
"iOS 10.3.3" ) versionc = "10.3.3" ; ;
"iOS 8.4.1" ) versionc = "8.4.1" ; ;
"iOS 6.1.3" ) versionc = "6.1.3" ; ;
2023-08-13 12:55:30 +02:00
"5.1.1" ) versionc = "5.1.1" ; ;
"5.0.1" ) versionc = "5.0.1" ; ;
"4.3.3" ) versionc = "4.3.3" ; ;
"4.1" ) versionc = "4.1" ; ;
"3.1.3" ) versionc = "3.1.3" ; ;
2023-06-15 08:21:05 +02:00
"Latest iOS" * ) versionc = " $device_latest_vers " ; ;
2023-04-02 12:18:44 +02:00
"base" )
2023-10-30 18:36:38 +01:00
local check_vers = "7.1"
local base_vers = "7.1.x"
case $device_type in
2024-03-24 01:53:27 +01:00
iPhone5,[ 1234] )
2023-10-30 18:36:38 +01:00
check_vers = "7"
base_vers = "7.x"
; ;
iPad3* )
check_vers = "7.0"
base_vers = "7.0.x"
; ;
iPhone3* )
check_vers = "7.1.2"
base_vers = " $check_vers "
; ;
iPad1,1 | iPod3,1 )
check_vers = "5.1.1"
base_vers = " $check_vers "
; ;
2024-06-08 15:38:44 +02:00
iPad2,[ 123] )
# fourthree
check_vers = "4.3"
base_vers = "4.3.x"
; ;
2023-10-30 18:36:38 +01:00
esac
if [ [ $device_base_vers != " $check_vers " * ] ] ; then
log " Selected IPSW is not for iOS $base_vers . "
2024-06-08 15:38:44 +02:00
if [ [ $ipsw_fourthree != 1 ] ] ; then
print " * You need iOS $base_vers IPSW and SHSH blobs for this device to use powdersn0w. "
fi
2023-10-30 18:36:38 +01:00
pause
return
fi
ipsw_verify " $newpath " " $device_base_build "
ipsw_base_path = " $newpath "
return
; ;
2023-06-15 08:21:05 +02:00
*"powdersn0w" * )
2023-11-06 11:25:13 +01:00
if [ [ $device_target_build = = "14" * ] ] ; then
2023-10-30 18:36:38 +01:00
log " Selected IPSW ( $device_target_vers ) is not supported as target version. "
pause
return
2023-11-06 11:25:13 +01:00
elif [ [ $device_target_build = = " $device_base_build " ] ] ; then
log "The base version and the target version must not be the same."
pause
return
2023-10-30 18:36:38 +01:00
fi
2023-06-15 08:21:05 +02:00
; ;
2023-04-02 12:18:44 +02:00
esac
2023-06-09 09:37:28 +02:00
if [ [ -n $versionc && $device_target_vers != " $versionc " ] ] ; then
2023-04-02 12:18:44 +02:00
log " Selected IPSW ( $device_target_vers ) does not match target version ( $versionc ). "
pause
return
fi
2023-07-01 16:14:19 +02:00
if [ [ $1 != "custom" ] ] ; then
ipsw_verify " $newpath " " $device_target_build "
if [ [ -n $versionc && $? != 0 ] ] ; then
return
fi
2023-04-02 12:18:44 +02:00
fi
ipsw_path = " $newpath "
}
menu_shsh_browse( ) {
local newpath
local text = "target"
2023-06-29 14:52:43 +02:00
local val = " $ipsw_path .ipsw "
2023-04-02 12:18:44 +02:00
[ [ $1 = = "base" ] ] && text = "base"
input " Select your $text SHSH file in the file selection window. "
2024-06-22 09:52:08 +02:00
if [ [ $mac_cocoa = = 1 ] ] ; then
newpath = " $( $cocoadialog fileselect) "
else
newpath = " $( $zenity --file-selection --file-filter= 'SHSH | *.shsh *.shsh2' --title= " Select $text SHSH file " ) "
fi
2023-04-02 12:18:44 +02:00
[ [ ! -s " $newpath " ] ] && read -p " $( input " Enter path to $text IPSW file (or press Ctrl+C to cancel): " ) " newpath
[ [ ! -s " $newpath " ] ] && return
log " Selected SHSH file: $newpath "
2024-01-18 11:27:25 +01:00
log "Validating..."
if ( ( device_proc >= 7 ) ) ; then
unzip -o -j " $val " BuildManifest.plist
shsh_validate = $( " $dir /img4tool " -s " $newpath " --verify BuildManifest.plist | tee /dev/tty | grep -c "APTicket is BAD!" )
else
2023-07-18 11:45:45 +02:00
if [ [ $1 = = "base" ] ] ; then
val = " $ipsw_base_path .ipsw "
fi
" $dir /validate " " $newpath " " $val " -z
2023-10-24 03:39:57 +02:00
shsh_validate = $?
2024-01-18 11:27:25 +01:00
fi
if [ [ $shsh_validate != 0 ] ] ; then
warn "Validation failed. Did you select the correct IPSW/SHSH?"
2024-06-13 07:54:56 +02:00
if ( ( device_proc < 5 ) ) ; then
warn "Validation might be a false negative for A4 and older devices."
fi
2024-01-18 11:27:25 +01:00
pause
2023-06-15 08:21:05 +02:00
fi
2023-04-02 12:18:44 +02:00
shsh_path = " $newpath "
}
2024-03-15 01:43:42 +01:00
menu_shshdump_browse( ) {
local newpath
input "Select your raw dump file in the file selection window."
2024-06-22 09:52:08 +02:00
if [ [ $mac_cocoa = = 1 ] ] ; then
newpath = " $( $cocoadialog fileselect --with-extensions raw) "
else
newpath = " $( $zenity --file-selection --file-filter= 'Raw Dump | *.raw' --title= "Select Raw Dump" ) "
fi
2024-03-15 01:43:42 +01:00
[ [ ! -s " $newpath " ] ] && read -p " $( input "Enter path to raw dump file (or press Ctrl+C to cancel): " ) " newpath
[ [ ! -s " $newpath " ] ] && return
log " Selected raw dump file: $newpath "
shsh_path = " $newpath "
}
2023-04-02 12:18:44 +02:00
menu_other( ) {
local menu_items
local selected
local back
ipsw_path =
while [ [ -z " $mode " && -z " $back " ] ] ; do
menu_items = ( )
2023-09-01 15:26:45 +02:00
if [ [ $device_mode != "none" && $device_proc != 1 ] ] ; then
2023-04-02 12:18:44 +02:00
if ( ( device_proc < 7 ) ) ; then
if [ [ $device_mode = = "Normal" ] ] ; then
2024-02-26 03:41:17 +01:00
menu_items += ( "Enter kDFU Mode" )
2024-03-23 08:29:06 +01:00
case $device_proc in
6 ) menu_items += ( "Send Pwned iBSS" ) ; ;
4 ) menu_items += ( "Enter pwnDFU Mode" ) ; ;
esac
2023-08-09 19:52:12 +02:00
else
2024-03-17 12:00:41 +01:00
case $device_proc in
[ 56] ) menu_items += ( "Send Pwned iBSS" ) ; ;
2024-03-23 08:29:06 +01:00
* ) menu_items += ( "Enter pwnDFU Mode" ) ; ;
2024-03-17 12:00:41 +01:00
esac
2023-08-30 04:09:16 +02:00
menu_items += ( "Get iOS Version" )
2023-04-02 12:18:44 +02:00
fi
2024-01-23 02:23:49 +01:00
menu_items += ( "Clear NVRAM" )
2024-02-16 00:51:50 +01:00
case $device_type in
iPhone* | iPad2,[ 67] | iPad3,[ 56] ) menu_items += ( "Dump Baseband" ) ; ;
esac
if [ [ $device_mode != "Normal" ] ] ; then
menu_items += ( "Activation Records" )
2023-06-26 11:35:06 +02:00
fi
2023-08-29 16:14:03 +02:00
if [ [ $device_type != "iPod2,1" ] ] ; then
menu_items += ( "Just Boot" )
fi
2024-06-13 07:54:56 +02:00
elif ( ( device_proc <= 10 ) ) ; then
2023-08-05 17:00:27 +02:00
menu_items += ( "Enter pwnDFU Mode" )
2023-06-15 08:21:05 +02:00
fi
2024-01-19 18:11:26 +01:00
if [ [ $device_mode = = "Normal" ] ] ; then
menu_items += ( "Activation Records" )
fi
2023-07-03 09:22:35 +02:00
case $device_type in
2024-06-15 01:28:41 +02:00
iPhone3,[ 13] | iPhone[ 45] * | iPad1,1 | iPad2,4 | iPod[ 35] ,1 ) menu_items += ( "Disable/Enable Exploit" ) ; ;
2023-07-03 09:22:35 +02:00
iPhone2,1 ) menu_items += ( "Install alloc8 Exploit" ) ; ;
esac
2024-04-09 15:29:28 +02:00
if ( ( device_proc < 11 ) ) && [ [ $device_latest_vers != "16" * ] ] ; then
2023-09-03 14:12:16 +02:00
menu_items += ( "SSH Ramdisk" )
fi
2024-03-23 08:29:06 +01:00
fi
if [ [ $device_mode != "none" ] ] ; then
2023-08-17 15:07:52 +02:00
case $device_mode in
2024-01-17 08:20:52 +01:00
"Normal" )
menu_items += ( "Attempt Activation" )
case $device_vers in
2024-03-14 05:00:52 +01:00
3.1* | [ 456] * )
2024-01-17 08:20:52 +01:00
case $device_type in
2024-03-14 05:00:52 +01:00
iPhone1* )
2024-03-20 02:14:06 +01:00
case $device_vers in
2024-06-19 04:10:45 +02:00
3.1.3 | 4.[ 12] * ) menu_items += ( "Hacktivate Device" "Revert Hacktivation" ) ; ;
2024-03-20 02:14:06 +01:00
esac
2024-03-14 05:00:52 +01:00
; ;
2024-06-19 04:10:45 +02:00
iPhone[ 23] ,1 ) menu_items += ( "Hacktivate Device" "Revert Hacktivation" ) ; ;
2024-05-15 17:16:14 +02:00
esac
2024-01-17 08:20:52 +01:00
; ;
esac
2024-06-11 11:18:59 +02:00
menu_items += ( "Pair Device" "Shutdown Device" "Restart Device" "Enter Recovery Mode" "Connect to SSH" )
2024-01-17 08:20:52 +01:00
; ;
2023-08-17 15:07:52 +02:00
"Recovery" ) menu_items += ( "Exit Recovery Mode" ) ; ;
esac
if [ [ $device_mode != "DFU" ] ] ; then
2024-06-13 07:54:56 +02:00
menu_items += ( "DFU Mode Helper" )
2023-08-17 15:07:52 +02:00
fi
2023-04-02 12:18:44 +02:00
fi
2024-01-18 09:18:44 +01:00
if ( ( device_proc < 7 ) ) ; then
2023-04-02 12:18:44 +02:00
menu_items += ( "Create Custom IPSW" )
2024-02-25 15:17:21 +01:00
case $device_type in
iPhone[ 45] * | iPad2,[ 67] | iPad3,[ 56] ) menu_items += ( "Enable disable-bbupdate flag" ) ; ;
esac
if [ [ $device_proc != 1 ] ] ; then
menu_items += ( "Enable activation-records flag" )
fi
2024-03-03 11:54:49 +01:00
if ( ( device_proc >= 5 ) ) ; then
2024-02-26 10:22:31 +01:00
menu_items += ( "Enable skip-ibss flag" )
fi
2024-06-13 07:54:56 +02:00
menu_items += ( "Enable jailbreak flag" )
2023-04-02 12:18:44 +02:00
fi
menu_items += ( "(Re-)Install Dependencies" "Go Back" )
menu_print_info
print " > Main Menu > Other Utilities"
input "Select an option:"
select opt in " ${ menu_items [@] } " ; do
selected = " $opt "
break
done
case $selected in
2024-06-16 03:45:32 +02:00
"Hacktivate Device" ) mode = "device_hacktivate" ; ;
"Revert Hacktivation" ) mode = "device_reverthacktivate" ; ;
2023-04-02 12:18:44 +02:00
"Create Custom IPSW" ) menu_restore ipsw; ;
2023-07-03 09:22:35 +02:00
"Enter kDFU Mode" ) mode = "kdfu" ; ;
2024-06-16 03:45:32 +02:00
"Disable/Enable Exploit" ) menu_remove4; ;
"SSH Ramdisk" ) mode = "device_enter_ramdisk" ; ;
2023-04-02 12:18:44 +02:00
"Clear NVRAM" ) mode = "ramdisknvram" ; ;
2023-07-03 09:22:35 +02:00
"Send Pwned iBSS" | "Enter pwnDFU Mode" ) mode = "pwned-ibss" ; ;
2023-04-02 12:18:44 +02:00
"(Re-)Install Dependencies" ) install_depends; ;
2024-06-16 03:45:32 +02:00
"Attempt Activation" ) mode = "device_activate" ; ;
"Install alloc8 Exploit" ) mode = "device_alloc8" ; ;
2023-06-26 11:35:06 +02:00
"Dump Baseband" ) mode = "baseband" ; ;
2023-07-03 09:22:35 +02:00
"Activation Records" ) mode = "actrec" ; ;
2023-08-30 04:09:16 +02:00
"Enter Recovery Mode" ) mode = "enterrecovery" ; ;
2023-08-17 15:07:52 +02:00
"Exit Recovery Mode" ) mode = "exitrecovery" ; ;
2024-06-13 07:54:56 +02:00
"DFU Mode Helper" ) mode = "enterdfu" ; ;
2024-06-16 03:45:32 +02:00
"Just Boot" ) mode = "device_justboot" ; ;
2023-08-30 04:09:16 +02:00
"Get iOS Version" ) mode = "getversion" ; ;
2023-09-02 06:56:49 +02:00
"Shutdown Device" ) mode = "shutdown" ; ;
"Restart Device" ) mode = "restart" ; ;
2024-06-16 03:45:32 +02:00
"Connect to SSH" ) mode = "device_ssh" ; ;
2024-06-11 11:18:59 +02:00
"Pair Device" ) device_pair; ;
2024-02-25 15:17:21 +01:00
"Enable disable-bbupdate flag" )
warn "This will enable the --disable-bbupdate flag."
print "* This will disable baseband update for custom IPSWs."
print "* This will enable usage of dumped baseband and stitch to IPSW."
2024-06-13 07:54:56 +02:00
print "* This applies to the following: iPhone 4S, 5, 5C, iPad 4, mini 1"
2024-02-26 10:22:31 +01:00
print "* Do not enable this if you do not know what you are doing."
2024-02-25 15:17:21 +01:00
local opt
read -p " $( input 'Do you want to enable the disable-bbupdate flag? (y/N): ' ) " opt
if [ [ $opt = = 'y' || $opt = = 'Y' ] ] ; then
device_disable_bbupdate = " $device_type "
back = 1
fi
; ;
"Enable activation-records flag" )
warn "This will enable the --activation-records flag."
print "* This will enable usage of dumped activation records and stitch to IPSW."
2024-02-26 10:22:31 +01:00
print "* Do not enable this if you do not know what you are doing."
2024-02-25 15:17:21 +01:00
local opt
read -p " $( input 'Do you want to enable the activation-records flag? (y/N): ' ) " opt
if [ [ $opt = = 'y' || $opt = = 'Y' ] ] ; then
device_actrec = 1
back = 1
fi
2024-02-26 10:22:31 +01:00
; ;
"Enable skip-ibss flag" )
warn "This will enable the --skip-ibss flag."
print "* This will assume that a pwned iBSS has already been sent to the device."
print "* Do not enable this if you do not know what you are doing."
local opt
read -p " $( input 'Do you want to enable the skip-ibss flag? (y/N): ' ) " opt
if [ [ $opt = = 'y' || $opt = = 'Y' ] ] ; then
device_skipibss = 1
back = 1
fi
2024-02-25 15:17:21 +01:00
; ;
2024-06-13 07:54:56 +02:00
"Enable jailbreak flag" )
warn "This will enable the --jailbreak flag."
print "* This will enable the jailbreak option for the custom IPSW."
print "* This is mostly only useful for 3.1.3-4.1, where jailbreak option is disabled in most cases."
2024-06-19 04:10:45 +02:00
print "* It is disabled for those versions because of some issues with the custom IPSW jailbreak."
2024-06-13 07:54:56 +02:00
print "* The recommended method is to instead jailbreak after the restore."
print "* Do not enable this if you do not know what you are doing."
local opt
read -p " $( input 'Do you want to enable the jailbreak flag? (y/N): ' ) " opt
if [ [ $opt = = 'y' || $opt = = 'Y' ] ] ; then
ipsw_jailbreak = 1
back = 1
fi
; ;
2023-04-02 12:18:44 +02:00
"Go Back" ) back = 1; ;
esac
done
}
2024-06-11 11:18:59 +02:00
device_pair( ) {
log "Attempting idevicepair"
" $dir /idevicepair " pair
if [ [ $? != 0 ] ] ; then
log "Press \"Trust\" on the device before pressing Enter/Return."
pause
fi
" $dir /idevicepair " pair
}
2024-06-08 07:09:43 +02:00
device_ssh( ) {
2024-06-11 11:18:59 +02:00
print "* Note: This is for connecting via SSH to devices that are already jailbroken and have OpenSSH installed."
print "* If this is not what you want, you might be looking for the \"SSH Ramdisk\" option instead."
2024-06-08 07:09:43 +02:00
device_ssh_message
device_iproxy
device_sshpass
log "Connecting to device SSH..."
print "* For accessing data, note the following:"
print " * Host: sftp://127.0.0.1 | User: root | Password: alpine | Port: $ssh_port "
$ssh -p $ssh_port root@127.0.0.1
}
2023-06-15 08:21:05 +02:00
device_alloc8( ) {
device_enter_mode pwnDFU
device_ipwndfu alloc8
log "Done!"
print "* This may take several tries. If it fails, unplug and replug your device, then run the script again"
print "* For more troubleshooting, go to: https://github.com/axi0mX/ipwndfu/blob/master/JAILBREAK-GUIDE.md"
}
2024-06-16 03:45:32 +02:00
device_jailbreak( ) {
2023-08-30 04:09:16 +02:00
if [ [ $device_vers = = *"iBoot" * || $device_vers = = "Unknown" * ] ] ; then
2023-06-24 12:22:35 +02:00
read -p " $( input 'Enter current iOS version (eg. 6.1.3): ' ) " device_vers
2023-09-14 10:10:52 +02:00
else
case $device_vers in
5* | 6.0* | 6.1 | 6.1.[ 12] )
print " * Your device on iOS $device_vers will be jailbroken using g1lbertJB. "
print "* No data will be lost, but please back up your data just in case."
2023-10-18 15:27:58 +02:00
print "* Ignore the \"Error Code 1\" and \"Error Code 102\" errors, this is normal and part of the jailbreaking process."
2023-09-14 10:10:52 +02:00
pause
pushd ../resources/jailbreak/g1lbertJB >/dev/null
2024-06-11 08:22:50 +02:00
log "Copying freeze.tar to Cydia.tar"
2023-11-07 22:29:29 +01:00
cp ../freeze.tar payload/common/Cydia.tar
2024-06-11 08:22:50 +02:00
log "Running g1lbertJB..."
2024-06-19 04:10:45 +02:00
" ../../ $dir /gilbertjb "
2023-11-07 22:29:29 +01:00
rm payload/common/Cydia.tar
2023-09-14 10:10:52 +02:00
popd >/dev/null
return
; ;
esac
2023-06-24 12:22:35 +02:00
fi
2023-11-18 02:24:31 +01:00
if [ [ $device_type = = "iPad2" * && $device_vers = = "4" * ] ] ; then
2024-01-06 10:32:10 +01:00
warn "This will be a semi-tethered jailbreak. Arduino is required to boot to a jailbroken state."
print "* To boot jailbroken later, go to: Other Utilities -> Just Boot"
pause
2023-11-18 02:24:31 +01:00
fi
case $device_vers in
2024-01-29 05:15:55 +01:00
9.3.[ 1234] | 9.3 | 9.2* | 9.1 | [ 87654] * | 3.2* | 3.1.3 ) :; ;
2024-03-14 13:53:41 +01:00
3.1* )
if [ [ $device_type != "iPhone2,1" ] ] ; then
warn " This version ( $device_vers ) is not supported for jailbreaking with SSHRD. "
print "* Supported versions are: 3.1.3 to 9.3.4 (excluding 9.0.x)"
return
fi
; ;
2023-11-18 02:24:31 +01:00
* )
warn " This version ( $device_vers ) is not supported for jailbreaking with SSHRD. "
print "* Supported versions are: 3.1.3 to 9.3.4 (excluding 9.0.x)"
2024-03-14 13:53:41 +01:00
return
2023-12-26 10:29:08 +01:00
; ;
esac
2023-12-30 15:10:04 +01:00
case $device_vers in
2024-01-29 05:15:55 +01:00
8.2 | 8.[ 10] * )
2023-12-30 15:10:04 +01:00
if [ [ $device_proc = = 5 ] ] ; then
2023-12-27 11:40:25 +01:00
warn " This version ( $device_vers ) is broken for daibutsu A5(X). "
print "* Supported iOS 8 versions for A5(X) are 8.3 to 8.4.1 only for now."
2024-06-19 04:10:45 +02:00
print "* For this version, use Home Depot patched with ohd and sideload it to your device."
print "* https://github.com/LukeZGD/ohd"
2023-12-27 11:40:25 +01:00
return
2023-12-30 15:10:04 +01:00
fi
; ;
2023-12-26 10:29:08 +01:00
9.0* )
print "* For this version, use Pangu9, or download openpwnage and sideload it to your device."
print "* https://ios.cfw.guide/installing-pangu9/"
print "* https://github.com/0xilis/openpwnage"
return
; ;
9.3.[ 56] )
print "* For this version, download kok3shi9 and sideload it to your device."
print "* https://kok3shidoll.web.app/kok3shi9.html"
return
; ;
10* )
print "* For this version, download kok3shiX or socket and sideload it to your device."
print "* https://kok3shidoll.github.io/download/kokeshi/kokeshiX_v1.0_alpha_2.ipa"
print "* https://github.com/staturnzz/socket"
2023-11-18 02:24:31 +01:00
return
; ;
esac
2023-06-24 12:22:35 +02:00
print "* By selecting Jailbreak Device, your device will be jailbroken using SSH Ramdisk."
print "* Before continuing, make sure that your device does not have a jailbreak yet."
print "* No data will be lost, but please back up your data just in case."
pause
device_ramdisk jailbreak
}
2024-06-08 07:09:43 +02:00
device_ssh_message( ) {
print "* Make sure to have OpenSSH and Core Utilities installed on your iOS device."
if [ [ $device_det = = 1 ] ] && ( ( device_proc < 7 ) ) ; then
print "* Install all updates in Cydia/Zebra."
print "* Make sure to also have Dropbear installed from my repo."
print "* Repo: https://lukezgd.github.io/repo"
fi
print "* Only proceed if you have these requirements installed using Cydia/Zebra/Sileo."
print "* You will be prompted to enter the root password of your iOS device."
print "* The default root password is: alpine"
}
2023-07-03 09:22:35 +02:00
device_dump( ) {
local arg = " $1 "
2024-03-10 15:39:49 +01:00
local dump = " ../saved/ $device_type / $arg - $device_ecid .tar "
2023-07-03 09:22:35 +02:00
local dmps
2023-11-18 02:48:07 +01:00
local dmp2
2023-08-13 12:55:30 +02:00
case $arg in
2023-10-05 07:43:17 +02:00
"baseband" ) dmps = "/usr/local/standalone" ; ;
2023-11-18 02:48:07 +01:00
"activation" )
2024-02-16 12:58:42 +01:00
dmp2 = "private/var/root/Library/Lockdown"
2023-11-18 02:48:07 +01:00
case $device_vers in
2024-02-16 12:58:42 +01:00
[ 34567] * ) dmps = " / $dmp2 " ; ;
8* ) dmps = "/private/var/mobile/Library/mad" ; ;
2024-01-07 05:22:56 +01:00
* )
2024-02-16 12:58:42 +01:00
dmps = "/private/var/containers/Data/System/*/Library/activation_records"
dmp2 += "/activation_records"
2024-01-07 05:22:56 +01:00
; ;
2023-11-18 02:48:07 +01:00
esac
; ;
2023-08-13 12:55:30 +02:00
esac
2023-11-18 02:48:07 +01:00
2023-08-13 12:55:30 +02:00
log " Dumping files for $arg : $dmps "
2023-07-03 09:22:35 +02:00
if [ [ -s $dump ] ] ; then
log " Found existing dumped $arg : $dump "
2023-07-19 12:54:39 +02:00
print "* Select Y to overwrite, or N to use existing dump"
2023-07-03 09:22:35 +02:00
print "* Make sure to keep a backup of the dump if needed"
2023-10-03 15:31:18 +02:00
read -p " $( input 'Overwrite this existing dump? (y/N) ' ) " opt
if [ [ $opt != 'Y' && $opt != 'y' ] ] ; then
2023-07-03 09:22:35 +02:00
return
fi
log " Deleting existing dumped $arg "
rm $dump
2023-06-26 11:35:06 +02:00
fi
if [ [ $device_mode = = "Recovery" ] ] ; then
device_enter_mode pwnDFU
fi
if [ [ $device_mode = = "Normal" ] ] ; then
2024-06-08 07:09:43 +02:00
device_ssh_message
2024-01-19 18:11:26 +01:00
device_iproxy
2023-06-26 11:35:06 +02:00
device_sshpass
2023-11-18 02:48:07 +01:00
if [ [ $arg = = "activation" ] ] ; then
2024-03-10 15:39:49 +01:00
log " Creating $arg .tar "
2024-02-12 06:33:52 +01:00
$ssh -p $ssh_port root@127.0.0.1 " mkdir -p /tmp/ $dmp2 ; cp -R $dmps /* /tmp/ $dmp2 "
$ssh -p $ssh_port root@127.0.0.1 " cd /tmp; tar -cvf $arg .tar $dmp2 "
2024-03-06 15:24:44 +01:00
log " Copying $arg .tar "
$scp -P $ssh_port root@127.0.0.1:/tmp/$arg .tar .
2024-03-10 15:39:49 +01:00
mv $arg .tar $arg -$device_ecid .tar
2023-11-18 02:48:07 +01:00
else
2024-03-10 15:39:49 +01:00
device_dumpbb
2023-11-18 02:48:07 +01:00
fi
2024-03-10 15:39:49 +01:00
cp $arg -$device_ecid .tar $dump
2023-06-26 11:35:06 +02:00
elif [ [ $device_mode = = "DFU" ] ] ; then
2024-02-16 09:41:25 +01:00
log "This operation requires an SSH ramdisk, proceeding"
print "* I recommend dumping baseband/activation on Normal mode instead of Recovery/DFU mode if possible"
device_enter_ramdisk $arg
2024-02-17 03:11:10 +01:00
device_dumprd
$ssh -p $ssh_port root@127.0.0.1 "nvram auto-boot=0; reboot_bak"
2024-02-16 00:51:50 +01:00
log "Done, device should reboot to recovery mode now"
if [ [ $mode != "baseband" && $mode != "actrec" ] ] ; then
log "Put your device back in kDFU/pwnDFU mode to proceed"
2023-10-05 09:12:31 +02:00
device_find_mode Recovery
device_enter_mode DFU
device_enter_mode pwnDFU
2024-02-16 00:51:50 +01:00
else
log "Just exit recovery mode if needed: Other Utilities -> Exit Recovery Mode"
2023-10-05 09:12:31 +02:00
fi
2023-06-26 11:35:06 +02:00
fi
kill $iproxy_pid
2023-07-03 09:22:35 +02:00
if [ [ ! -e $dump ] ] ; then
error " Failed to dump $arg from device. Please run the script again "
2023-06-26 11:35:06 +02:00
fi
2023-07-03 09:22:35 +02:00
log " Dumping $arg done: $dump "
2023-06-26 11:35:06 +02:00
}
2024-03-10 15:39:49 +01:00
device_dumpbb( ) {
local bb2 = "Mav5"
local root = "/"
2024-04-10 15:40:40 +02:00
local root2 = "/"
2024-03-10 15:39:49 +01:00
local tmp = "/tmp"
2024-06-15 01:24:31 +02:00
case $device_type in
iPhone4,1 ) bb2 = "Trek" ; ;
iPhone5,[ 34] ) bb2 = "Mav7Mav8" ; ;
esac
2024-03-10 15:39:49 +01:00
if [ [ $1 = = "rd" ] ] ; then
root = "/mnt1/"
2024-04-10 15:40:40 +02:00
root2 =
2024-03-10 15:39:49 +01:00
tmp = "/mnt2/tmp"
fi
log "Creating baseband.tar"
case $device_vers in
5* ) $scp -P $ssh_port root@127.0.0.1:${ root } usr/standalone/firmware/$bb2 -personalized.zip .; ;
6* ) $scp -P $ssh_port root@127.0.0.1:${ root } usr/local/standalone/firmware/Baseband/$bb2 /$bb2 -personalized.zip .; ;
esac
case $device_vers in
[ 56] * )
mkdir -p usr/local/standalone/firmware/Baseband/$bb2
unzip $bb2 -personalized.zip -d usr/local/standalone/firmware/Baseband/$bb2
cp $bb2 -personalized.zip usr/local/standalone/firmware/Baseband/$bb2
; ;
* )
2024-04-10 15:40:40 +02:00
$ssh -p $ssh_port root@127.0.0.1 " cd $root ; tar -cvf $tmp /baseband.tar ${ root2 } usr/local/standalone/firmware "
2024-03-10 15:39:49 +01:00
$scp -P $ssh_port root@127.0.0.1:$tmp /baseband.tar .
2024-05-23 18:20:58 +02:00
if [ [ ! -s baseband.tar ] ] ; then
error "Dumping baseband tar failed. Please run the script again" \
"If your device is on iOS 9 or newer, make sure to set the version of the SSH ramdisk correctly."
fi
2024-03-10 15:39:49 +01:00
tar -xvf baseband.tar -C .
rm baseband.tar
pushd usr/local/standalone/firmware/Baseband/$bb2 >/dev/null
zip -r0 $bb2 -personalized.zip *
unzip -o $bb2 -personalized.zip -d .
popd >/dev/null
; ;
esac
if [ [ $device_type = = "iPhone4,1" ] ] ; then
mkdir -p usr/standalone/firmware
cp usr/local/standalone/firmware/Baseband/$bb2 /$bb2 -personalized.zip usr/standalone/firmware
fi
tar -cvf baseband-$device_ecid .tar usr
}
2024-02-17 03:11:10 +01:00
device_dumprd( ) {
local dump = " ../saved/ $device_type "
2024-03-06 15:24:44 +01:00
local dmps
local dmp2
2024-02-17 03:11:10 +01:00
local vers
2024-03-10 15:39:49 +01:00
local tmp = "/mnt2/tmp"
2024-03-06 15:24:44 +01:00
2024-02-17 03:11:10 +01:00
device_ramdisk_iosvers
vers = $device_vers
if [ [ -z $vers ] ] ; then
warn "Something wrong happened. Failed to get iOS version."
print "* Please reboot the device into normal operating mode, then perform a clean \"slide to power off\", then try again."
$ssh -p $ssh_port root@127.0.0.1 "reboot_bak"
return
fi
log "Mounting filesystems"
2024-03-10 15:39:49 +01:00
$ssh -p $ssh_port root@127.0.0.1 "mount.sh"
2024-02-17 03:11:10 +01:00
sleep 1
2024-03-06 15:24:44 +01:00
case $device_type in
iPhone[ 45] * | iPad2,[ 67] | iPad3,[ 56] )
log "Dumping both baseband and activation tars"
2024-03-10 15:39:49 +01:00
device_dumpbb rd
2024-03-06 15:24:44 +01:00
print "* Reminder to backup dump tars if needed"
2024-03-10 15:39:49 +01:00
if [ [ -s $dump /baseband-$device_ecid .tar ] ] ; then
read -p " $( input " Baseband dump exists in $dump /baseband- $device_ecid .tar. Overwrite? (y/N) " ) " opt
2024-03-07 02:44:26 +01:00
if [ [ $opt = = 'Y' || $opt = = 'y' ] ] ; then
2024-03-06 15:24:44 +01:00
log "Deleting existing dumped baseband"
2024-03-10 15:39:49 +01:00
rm $dump /baseband-$device_ecid .tar
2024-03-06 15:24:44 +01:00
fi
fi
2024-03-10 15:39:49 +01:00
cp baseband-$device_ecid .tar $dump
2024-03-06 15:24:44 +01:00
; ;
esac
2024-03-10 15:39:49 +01:00
dmp2 = "root/Library/Lockdown"
2024-02-17 03:11:10 +01:00
case $vers in
[ 34567] * ) dmps = " $dmp2 " ; ;
2024-03-10 15:39:49 +01:00
8* ) dmps = "mobile/Library/mad" ; ;
2024-02-17 03:11:10 +01:00
* )
2024-03-10 15:39:49 +01:00
dmps = "containers/Data/System/*/Library/activation_records"
2024-02-17 03:11:10 +01:00
dmp2 += "/activation_records"
; ;
esac
log "Creating activation.tar"
2024-03-10 15:39:49 +01:00
$ssh -p $ssh_port root@127.0.0.1 " mkdir -p $tmp /private/var/ $dmp2 ; cp -R /mnt2/ $dmps /* $tmp /private/var/ $dmp2 "
$ssh -p $ssh_port root@127.0.0.1 " cd $tmp ; tar -cvf $tmp /activation.tar private/var/ $dmp2 "
2024-02-17 03:11:10 +01:00
log "Copying activation.tar"
2024-03-06 15:24:44 +01:00
print "* Reminder to backup dump tars if needed"
2024-02-17 03:11:10 +01:00
$scp -P $ssh_port root@127.0.0.1:$tmp /activation.tar .
2024-05-23 18:20:58 +02:00
if [ [ ! -s activation.tar ] ] ; then
error "Dumping activation record tar failed. Please run the script again" \
"If your device is on iOS 9 or newer, make sure to set the version of the SSH ramdisk correctly."
fi
2024-03-10 15:39:49 +01:00
mv activation.tar activation-$device_ecid .tar
if [ [ -s $dump /activation-$device_ecid .tar ] ] ; then
read -p " $( input " Activation records dump exists in $dump /activation- $device_ecid .tar. Overwrite? (y/N) " ) " opt
2024-03-07 02:44:26 +01:00
if [ [ $opt = = 'Y' || $opt = = 'y' ] ] ; then
2024-02-17 03:11:10 +01:00
log "Deleting existing dumped activation"
2024-03-10 15:39:49 +01:00
rm $dump /activation-$device_ecid .tar
2024-02-17 03:11:10 +01:00
fi
fi
2024-03-10 15:39:49 +01:00
cp activation-$device_ecid .tar $dump
2024-02-17 03:11:10 +01:00
$ssh -p $ssh_port root@127.0.0.1 " rm -f $tmp /*.tar "
}
2023-07-19 12:54:39 +02:00
device_activate( ) {
log "Attempting to activate device with ideviceactivation"
2023-09-02 06:56:49 +02:00
if ( ( device_proc <= 4 ) ) && [ [ $device_type = = "iPhone" * ] ] ; then
print "* For iPhone 4 and older devices, make sure to have a valid SIM card."
2024-01-06 10:32:10 +01:00
if [ [ $device_type = = "iPhone1" * || $device_type = = "iPhone2,1" ] ] ; then
2024-01-23 14:29:58 +01:00
print "* For hacktivation, go to \"Restore/Downgrade\" or \"Hacktivate Device\" instead."
2023-09-02 06:56:49 +02:00
fi
fi
2024-06-12 06:43:26 +02:00
$ideviceactivation activate
2024-06-11 11:28:16 +02:00
case $device_type in
iPod[ 123] ,1 )
if ( ( device_det <= 3 ) ) ; then
2024-06-12 06:43:26 +02:00
$ideviceactivation itunes
2024-06-11 11:28:16 +02:00
fi
; ;
esac
2023-09-02 06:56:49 +02:00
print "* If it returns an error, just try again."
2023-07-19 12:54:39 +02:00
}
2024-01-17 08:20:52 +01:00
device_hacktivate( ) {
local type = " $device_type "
local build = " $device_build "
if [ [ $device_type = = "iPhone3,1" ] ] ; then
type = "iPhone2,1"
case $device_vers in
4.2.1 ) build = "8C148a" ; ;
5.1.1 ) build = "9B206" ; ;
6.1 ) build = "10B141" ; ;
esac
2024-03-23 08:29:06 +01:00
log "Checking ideviceactivation status..."
local check = $( $ideviceactivation activate 2>& 1 | grep -c "SIM Required" )
if [ [ $check != 1 ] ] ; then
warn "The SIM Required message did not show up at ideviceactivation, cannot continue."
return
fi
2024-01-17 08:20:52 +01:00
fi
local patch = " ../resources/firmware/FirmwareBundles/Down_ ${ type } _ ${ device_vers } _ ${ build } .bundle/lockdownd.patch "
print "* Make sure that your device is restored with the jailbreak option enabled."
2024-03-20 02:06:30 +01:00
print "* Or jailbroken using Legacy iOS Kit's \"Jailbreak Device\" option."
2024-01-17 08:20:52 +01:00
print "* This will use SSH to patch lockdownd on your device for hacktivation."
print "* Hacktivation is for iOS versions 3.1 to 6.1.6."
pause
2024-01-19 18:11:26 +01:00
device_iproxy
2024-01-17 08:20:52 +01:00
device_sshpass
log "Getting lockdownd"
2024-02-12 06:33:52 +01:00
$scp -P $ssh_port root@127.0.0.1:/usr/libexec/lockdownd .
2024-01-17 08:20:52 +01:00
log "Patching lockdownd"
$bspatch lockdownd lockdownd.patched " $patch "
log "Renaming original lockdownd"
2024-05-14 14:28:37 +02:00
$ssh -p $ssh_port root@127.0.0.1 "[[ ! -e /usr/libexec/lockdownd.orig ]] && mv /usr/libexec/lockdownd /usr/libexec/lockdownd.orig"
2024-01-17 08:20:52 +01:00
log "Copying patched lockdownd to device"
2024-02-12 06:33:52 +01:00
$scp -P $ssh_port lockdownd.patched root@127.0.0.1:/usr/libexec/lockdownd
$ssh -p $ssh_port root@127.0.0.1 "chmod +x /usr/libexec/lockdownd; reboot"
2024-05-14 14:28:37 +02:00
log "Done. Your device should reboot now"
}
device_reverthacktivate( ) {
print "* This will use revert hacktivation for this device."
print "* This option can only be used if the hacktivation is done using Legacy iOS Kit's \"Hacktivate Device\" option."
pause
device_iproxy
2024-06-09 11:19:52 +02:00
print "* The default root password is: alpine"
2024-05-14 14:28:37 +02:00
device_sshpass
log "Reverting lockdownd"
$ssh -p $ssh_port root@127.0.0.1 "[[ -e /usr/libexec/lockdownd.orig ]] && rm /usr/libexec/lockdownd && mv /usr/libexec/lockdownd.orig /usr/libexec/lockdownd"
$ssh -p $ssh_port root@127.0.0.1 "chmod +x /usr/libexec/lockdownd; reboot"
log "Done. Your device should reboot now"
2024-01-17 08:20:52 +01:00
}
2023-07-01 16:14:19 +02:00
restore_customipsw( ) {
print "* You are about to restore with a custom IPSW."
2024-03-26 17:45:03 +01:00
if [ [ $device_proc = = 1 ] ] ; then
2024-05-14 14:28:37 +02:00
print "* This option is for restoring with other IPSWs for downgrading and/or jailbreaking the device."
2024-03-14 05:00:52 +01:00
else
2024-03-26 17:45:03 +01:00
print "* This option is only for restoring with IPSWs NOT made with Legacy iOS Kit, like whited00r or GeekGrade."
if [ [ $device_newbr = = 1 ] ] ; then
2024-05-14 14:28:37 +02:00
warn "Your device is a new bootrom model and some custom IPSWs might not be compatible."
2024-03-26 17:45:03 +01:00
print "* For iPhone 3GS, after restoring you will need to go to Other Utilities -> Install alloc8 Exploit"
elif [ [ $device_type = = "iPod2,1" ] ] ; then
print "* You may also use this option for downgrading the device to 3.0 and lower for old bootrom models."
else
2024-06-24 06:43:34 +02:00
warn "Do NOT use this option for powdersn0w or jailbreak IPSWs made with Legacy iOS Kit!"
2024-03-26 17:45:03 +01:00
fi
2024-05-14 14:28:37 +02:00
fi
if [ [ $platform = = "macos" ] ] && [ [ $device_type = = "iPod2,1" || $device_proc = = 1 ] ] ; then
2024-06-24 06:43:34 +02:00
warn "Restoring to 2.x might not work on newer macOS versions."
2023-07-01 16:14:19 +02:00
fi
2024-01-12 01:11:52 +01:00
if [ [ $device_proc = = 1 ] ] ; then
2024-04-19 04:22:48 +02:00
echo
2024-01-12 01:11:52 +01:00
print "* Note that you might need to restore twice, due to NOR flash."
print "* For iPhone 2G/3G, the second restore may fail due to baseband."
print "* You can exit recovery mode after by going to: Other Utilities -> Exit Recovery Mode"
2024-04-19 04:22:48 +02:00
fi
pause
menu_ipsw_browse custom
if [ [ -z $ipsw_path ] ] ; then
error "No IPSW selected, cannot continue."
2024-01-12 01:11:52 +01:00
fi
2024-01-02 04:46:15 +01:00
if [ [ $device_proc = = 1 ] ] ; then
2023-12-30 15:10:04 +01:00
device_enter_mode WTFreal
else
device_enter_mode pwnDFU
fi
ipsw_custom = " $ipsw_path "
restore_latest custom
2023-07-01 16:14:19 +02:00
}
2023-08-29 16:14:03 +02:00
restore_dfuipsw( ) {
# the only change done to the "dfu ipsw" is just applelogo copied and renamed to llb
2024-06-19 04:10:45 +02:00
# replacing llb with an invalid img3 to make the restore fail, the device will then fallback to true dfu mode
# https://theapplewiki.com/wiki/DFU_Mode#Enter_True_Hardware_DFU_Mode_Automatically
2023-08-29 16:14:03 +02:00
print "* You are about to restore with a DFU IPSW."
print "* This will force the device to enter DFU mode, which is useful for devices with broken buttons."
print "* All device data will be wiped! Only proceed if you have backed up your data."
print "* Expect the restore to fail and the device to be stuck in DFU mode."
pause
device_target_vers = " $device_latest_vers "
device_target_build = " $device_latest_build "
2023-10-12 13:17:10 +02:00
local ipsw_p = "../"
case $device_type in
iPhone5,[ 1234] ) ipsw_p += "iPhone_4.0_32bit" ; ;
iPad3,[ 456] ) ipsw_p += "iPad_32bit" ; ;
* ) ipsw_p += " ${ device_type } " ; ;
esac
ipsw_p += " _ ${ device_target_vers } _ ${ device_target_build } "
2023-08-29 16:14:03 +02:00
local ipsw_dfuipsw = " ${ ipsw_p } _DFUIPSW "
ipsw_path = " ${ ipsw_p } _Restore "
if [ [ -s " $ipsw_path .ipsw " && ! -e " $ipsw_dfuipsw .ipsw " ] ] ; then
ipsw_verify " $ipsw_path " " $device_target_build "
elif [ [ ! -e " $ipsw_path .ipsw " ] ] ; then
ipsw_download " $ipsw_path "
fi
if [ [ -s " $ipsw_dfuipsw .ipsw " ] ] ; then
log "Found existing DFU IPSW. Skipping IPSW creation."
else
cp $ipsw_path .ipsw temp.ipsw
device_fw_key_check
2024-06-14 03:12:24 +02:00
local applelogo = $( echo $device_fw_key | $jq -j '.keys[] | select(.image == "AppleLogo") | .filename' )
2023-10-12 13:17:10 +02:00
local llb = " LLB. ${ device_model } ap.RELEASE.img3 "
local all = "Firmware/all_flash"
if [ [ $device_latest_vers = = "10" * ] ] ; then
case $device_type in
iPhone5,[ 1234] ) applelogo = "applelogo@2x~iphone.s5l8950x.img3" ; ;
iPad3,[ 456] ) applelogo = "applelogo@2x~ipad.s5l8955x.img3" ; ;
esac
case $device_type in
iPhone5,[ 12] ) llb = "LLB.iphone5.RELEASE.img3" ; ;
iPhone5,[ 34] ) llb = "LLB.iphone5b.RELEASE.img3" ; ;
iPad3,[ 456] ) llb = "LLB.ipad3b.RELEASE.img3" ; ;
esac
else
2024-02-20 11:10:35 +01:00
all = " $all_flash "
2023-10-12 13:17:10 +02:00
fi
2023-08-29 16:14:03 +02:00
mkdir -p $all
unzip -o -j temp.ipsw $all /$applelogo -d .
mv $applelogo $all /$llb
zip -r0 temp.ipsw $all /*
mv temp.ipsw $ipsw_dfuipsw .ipsw
fi
if [ [ $1 = = "ipsw" ] ] ; then
return
fi
ipsw_path = " $ipsw_dfuipsw "
2023-10-30 18:36:38 +01:00
device_enter_mode Recovery
2023-08-29 16:14:03 +02:00
ipsw_extract
log " Running idevicerestore with command: $idevicerestore -e \" $ipsw_path .ipsw\" "
$idevicerestore -e " $ipsw_path .ipsw "
log "Restoring done! Device should now be in DFU mode"
}
device_justboot( ) {
2023-10-01 04:05:43 +02:00
print "* You are about to do a tethered boot."
2023-10-26 07:13:59 +02:00
read -p " $( input 'Enter build version (eg. 10B329): ' ) " device_rd_build
2023-08-29 16:14:03 +02:00
device_ramdisk justboot
}
2023-10-06 15:22:43 +02:00
device_enter_ramdisk( ) {
2024-02-15 13:29:49 +01:00
if ( ( device_proc >= 7 ) ) ; then
2024-01-18 09:18:44 +01:00
device_ramdisk64
return
2024-05-23 18:20:58 +02:00
elif ( ( device_proc >= 5 ) ) && [ [ $device_vers = = "9" * || $device_vers = = "10" * ] ] ; then
device_rd_build = "13A452"
2024-06-01 19:41:47 +02:00
elif ( ( device_proc >= 5 ) ) && ( ( device_det <= 8 ) ) && [ [ $device_mode = = "Normal" ] ] ; then
2024-05-23 18:20:58 +02:00
:
2024-01-18 09:18:44 +01:00
elif ( ( device_proc >= 5 ) ) ; then
2023-10-06 15:22:43 +02:00
print "* To mount /var (/mnt2) for iOS 9-10, I recommend using 9.0.2 (13A452)."
2024-02-15 06:18:49 +01:00
print "* If not sure, just press Enter/Return. This will select the default version."
2023-10-26 07:13:59 +02:00
read -p " $( input 'Enter build version (eg. 10B329): ' ) " device_rd_build
2023-10-06 15:22:43 +02:00
fi
2024-02-16 09:41:25 +01:00
device_ramdisk $1
2023-10-06 15:22:43 +02:00
}
2023-12-26 10:29:08 +01:00
device_ideviceinstaller( ) {
2024-01-02 04:46:15 +01:00
log "Installing selected IPA(s) to device using ideviceinstaller..."
IFS = '|' read -r -a ipa_files <<< " $ipa_path "
for i in " ${ ipa_files [@] } " ; do
log " Installing: $i "
" $dir /ideviceinstaller " install " $i "
done
2023-12-26 10:29:08 +01:00
}
device_altserver_linux( ) {
local altserver = " ../saved/anisette-server- $platform "
local anisette = " ../saved/AltServer- $platform "
local arch = " $platform_arch "
case $arch in
"armhf" ) arch = "armv7" ; ;
"arm64" ) arch = "aarch64" ; ;
esac
if [ [ $platform = = "linux" ] ] ; then
altserver += " _ $arch "
anisette += " _ $arch "
fi
if [ [ ! -e $altserver ] ] ; then
2024-05-02 04:53:02 +02:00
download_file https://github.com/NyaMisty/AltServer-Linux/releases/download/v0.0.5/AltServer-$arch AltServer-$arch
2023-12-26 10:29:08 +01:00
mv AltServer-$arch $altserver
fi
if [ [ ! -e $anisette ] ] ; then
2024-05-02 04:53:02 +02:00
download_file https://github.com/Dadoum/Provision/releases/download/2.2.0/anisette-server-$arch anisette-server-$arch
2023-12-26 10:29:08 +01:00
mv anisette-server-$arch $anisette
fi
chmod +x $altserver $anisette
log "Running Anisette"
$anisette &
anisette_pid = $!
local ready = 0
log "Waiting for Anisette"
while [ [ $ready != 1 ] ] ; do
[ [ $( curl 127.0.0.1:6969 2>/dev/null) ] ] && ready = 1
sleep 1
done
export ALTSERVER_ANISETTE_SERVER = http://127.0.0.1:6969
altserver_linux = " env ALTSERVER_ANISETTE_SERVER= $ALTSERVER_ANISETTE_SERVER $altserver "
2024-06-11 11:18:59 +02:00
device_pair
2023-12-26 10:29:08 +01:00
log "Enter Apple ID details to continue."
print "* Your Apple ID and password will only be sent to Apple servers."
local apple_id
local apple_pass
while [ [ -z $apple_id ] ] ; do
read -p " $( input 'Apple ID: ' ) " apple_id
done
while [ [ -z $apple_pass ] ] ; do
read -s -p " $( input 'Password: ' ) " apple_pass
done
2023-12-26 13:56:40 +01:00
echo
2023-12-26 10:29:08 +01:00
log "Running AltServer-Linux with given Apple ID details..."
pushd ../saved >/dev/null
$altserver_linux -u $device_udid -a " $apple_id " -p " $apple_pass " " $ipa_path "
popd >/dev/null
}
2024-01-29 08:16:30 +01:00
restore_latest64( ) {
local idevicerestore2 = " ${ idevicerestore } 2 "
local opt = "-l"
local opt2
print "* Restore/Update Selection"
print "* Restore will do factory reset and update the device, all data will be cleared"
print "* Update will only update the device to the latest version"
read -p " $( input "Select Y to Restore, select N to Update (Y/n) " ) " opt2
if [ [ $opt2 != 'n' && $opt2 != 'N' ] ] ; then
opt += "e"
fi
$idevicerestore2 $opt
mv *.ipsw ..
}
2024-06-08 15:38:44 +02:00
device_fourthree_step2( ) {
if [ [ $device_mode != "Normal" ] ] ; then
error "Device is not in normal mode. Place the device in normal mode to proceed." \
"The device must also be restored already with Step 1: Restore."
fi
print "* Make sure that the device is already restored with Step 1: Restore before proceeding."
pause
2024-06-10 04:41:11 +02:00
print "* How much GB do you want to allocate/leave to the 6.1.3 data partition?"
print "* The rest of the space will be allocated to the 4.3.x system."
print "* If unsure, set it to 3 (this means 3 GB for 6.1.3, the rest for 4.3.x)."
local size
until [ [ -n $size ] ] && [ " $size " -eq " $size " ] ; do
read -p " $( input 'iOS 6.1.3 Data Partition Size (in GB): ' ) " size
done
log " iOS 6.1.3 Data Partition Size: $size GB "
size = $(( size*1024*1024*1024))
2024-06-08 15:38:44 +02:00
device_iproxy
device_sshpass alpine
2024-06-10 18:07:32 +02:00
log "Sending package files"
2024-06-08 15:38:44 +02:00
$scp -P $ssh_port $jelbrek /dualbootstuff.tar root@127.0.0.1:/tmp
log "Installing packages"
$ssh -p $ssh_port root@127.0.0.1 "tar -xvf /tmp/dualbootstuff.tar -C /; dpkg -i /tmp/dualbootstuff/*.deb"
log "Running TwistedMind2"
2024-06-10 04:41:11 +02:00
$ssh -p $ssh_port root@127.0.0.1 " rm /TwistedMind2*; TwistedMind2 -d1 $size -s2 879124480 -d2 max "
2024-06-08 15:38:44 +02:00
local tm2 = " $( $ssh -p $ssh_port root@127.0.0.1 "ls /TwistedMind2*" ) "
$scp -P $ssh_port root@127.0.0.1:$tm2 TwistedMind2
kill $iproxy_pid
2024-06-11 11:18:59 +02:00
log "Rebooting to SSH ramdisk for the next procedure"
2024-06-08 15:38:44 +02:00
device_ramdisk TwistedMind2
log "Done, proceed to Step 3 after the device boots"
}
device_fourthree_step3( ) {
if [ [ $device_mode != "Normal" ] ] ; then
error "Device is not in normal mode. Place the device in normal mode to proceed." \
2024-06-09 11:19:52 +02:00
"The device must also be set up already with Step 2: Partition."
2024-06-08 15:38:44 +02:00
fi
print "* Make sure that the device is set up with Step 2: Partition before proceeding."
pause
2024-06-09 11:19:52 +02:00
source ../saved/$device_type /fourthree_$device_ecid
2024-06-08 15:38:44 +02:00
log " 4.3.x version: $device_base_vers - $device_base_build "
local saved_path = " ../saved/ $device_type / $device_base_build "
device_iproxy
device_sshpass alpine
log "Creating filesystems"
$ssh -p $ssh_port root@127.0.0.1 "mkdir /mnt1 /mnt2"
$ssh -p $ssh_port root@127.0.0.1 "/sbin/newfs_hfs -s -v System -J -b 8192 -n a=8192,c=8192,e=8192 /dev/disk0s3"
$ssh -p $ssh_port root@127.0.0.1 "/sbin/newfs_hfs -s -v Data -J -b 8192 -n a=8192,c=8192,e=8192 /dev/disk0s4"
$ssh -p $ssh_port root@127.0.0.1 "mount_hfs /dev/disk0s4 /mnt2"
log "Sending root filesystem, this will take a while."
$scp -P $ssh_port $saved_path /RootFS.dmg root@127.0.0.1:/var
log "Restoring root filesystem"
$ssh -p $ssh_port root@127.0.0.1 "echo 'y' | asr restore --source /var/RootFS.dmg --target /dev/disk0s3 --erase"
log "Checking root filesystem"
$ssh -p $ssh_port root@127.0.0.1 "rm /var/RootFS.dmg; fsck_hfs -f /dev/disk0s3"
log "Restoring data partition"
$ssh -p $ssh_port root@127.0.0.1 "umount /mnt2; mount_hfs /dev/disk0s3 /mnt1; mount_hfs /dev/disk0s4 /mnt2; mv /mnt1/private/var/* /mnt2"
log "Fixing fstab"
$ssh -p $ssh_port root@127.0.0.1 "echo '/dev/disk0s3 / hfs rw 0 1' | tee /mnt1/private/etc/fstab; echo '/dev/disk0s4 /private/var hfs rw 0 2' | tee -a /mnt1/private/etc/fstab"
log "Fixing system keybag"
$ssh -p $ssh_port root@127.0.0.1 "mkdir /mnt2/keybags; ttbthingy; fixkeybag -v2; cp /tmp/systembag.kb /mnt2/keybags"
2024-06-10 18:07:32 +02:00
log "Remounting data partition"
$ssh -p $ssh_port root@127.0.0.1 "umount /mnt2; mount_hfs /dev/disk0s4 /mnt1/private/var"
2024-06-16 06:03:55 +02:00
# idk if copying activation records actually works, probably not
log "Copying activation records"
local dmp = "private/var/root/Library/Lockdown"
$ssh -p $ssh_port root@127.0.0.1 " mkdir -p /mnt1/ $dmp ; cp -Rv / $dmp /* /mnt1/ $dmp "
2024-06-10 18:07:32 +02:00
log "Installing jailbreak"
2024-06-08 15:38:44 +02:00
$scp -P $ssh_port $jelbrek /freeze.tar root@127.0.0.1:/tmp
2024-06-10 18:07:32 +02:00
$ssh -p $ssh_port root@127.0.0.1 "tar -xvf /tmp/freeze.tar -C /mnt1"
if [ [ $ipsw_openssh = = 1 ] ] ; then
log "Installing OpenSSH"
$scp -P $ssh_port $jelbrek /sshdeb.tar root@127.0.0.1:/tmp
$ssh -p $ssh_port root@127.0.0.1 "tar -xvf /tmp/sshdeb.tar -C /mnt1"
fi
2024-06-08 15:38:44 +02:00
log "Unmounting filesystems"
$ssh -p $ssh_port root@127.0.0.1 "umount /mnt1/private/var; umount /mnt1"
log "Sending Kernelcache and LLB"
$scp -P $ssh_port $saved_path /Kernelcache root@127.0.0.1:/System/Library/Caches/com.apple.kernelcaches/kernelcachb
$scp -P $ssh_port $saved_path /LLB root@127.0.0.1:/LLB
device_fourthree_app install
log "Done!"
}
device_fourthree_app( ) {
if [ [ $1 != "install" ] ] ; then
device_iproxy
2024-06-11 11:18:59 +02:00
print "* The default root password is: alpine"
device_sshpass
2024-06-08 15:38:44 +02:00
fi
2024-06-10 18:07:32 +02:00
log "Installing FourThree app"
2024-06-08 15:38:44 +02:00
$scp -P $ssh_port $jelbrek /fourthree.tar root@127.0.0.1:/tmp
2024-06-10 18:07:32 +02:00
$ssh -p $ssh_port root@127.0.0.1 "tar -xvf /tmp/fourthree.tar -C /; cd /Applications/FourThree.app; chmod 6755 FourThree boot.sh /usr/bin/runasroot"
2024-06-08 15:38:44 +02:00
log "Running uicache"
$ssh -p $ssh_port mobile@127.0.0.1 "uicache"
}
2024-06-15 12:39:27 +02:00
device_backup_create( ) {
device_backup = " ../saved/backups/ ${ device_ecid } _ ${ device_type } / $( date +%Y-%m-%d-%H%M) "
mkdir -p $device_backup
print "* A backup of your device will be created using idevicebackup2. Please see the notes above."
pause
pushd " $( dirname $device_backup ) "
" ../../ $dir /idevicebackup2 " backup --full " $( basename $device_backup ) "
popd
}
device_backup_restore( ) {
print " * The selected backup $device_backup will be restored to the device. "
pause
device_backup = " ../saved/backups/ ${ device_ecid } _ ${ device_type } / $device_backup "
pushd " $( dirname $device_backup ) "
" ../../ $dir /idevicebackup2 " restore --system --settings " $( basename $device_backup ) "
popd
}
device_erase( ) {
print "* You have selected the option to Erase All Content and Settings."
print "* As the option says, it will erase all data on the device and reset it to factory settings."
print "* By the end of the operation, the device will be back on the setup or activation screen."
print "* If you want to proceed, please type the following: Yes, do as I say"
read -p " $( input 'Do you want to proceed? ' ) " opt
if [ [ $opt != "Yes, do as I say" ] ] ; then
error "Not proceeding."
fi
log "Proceeding."
" $dir /idevicebackup2 " erase
}
2023-01-13 05:25:27 +01:00
main( ) {
clear
2023-04-02 12:18:44 +02:00
print " *** Legacy iOS Kit ***"
print " - Script by LukeZGD -"
2023-01-13 05:25:27 +01:00
echo
2023-10-04 05:54:59 +02:00
version_get
2023-01-13 05:25:27 +01:00
if [ [ $EUID = = 0 ] ] ; then
error "Running the script as root is not allowed."
fi
if [ [ ! -d "../resources" ] ] ; then
error "The resources folder cannot be found. Replace resources folder and try again." \
"* If resources folder is present try removing spaces from path/folder name"
fi
set_tool_paths
log "Checking Internet connection..."
2024-02-03 10:45:37 +01:00
local try = ( "google.com" "www.apple.com" "208.67.222.222" )
2023-10-30 18:36:38 +01:00
local check
for i in " ${ try [@] } " ; do
2023-11-02 00:07:25 +01:00
ping -c1 $i >/dev/null
2023-10-30 18:36:38 +01:00
check = $?
if [ [ $check = = 0 ] ] ; then
break
2023-01-23 16:46:37 +01:00
fi
2023-10-30 18:36:38 +01:00
done
if [ [ $check != 0 ] ] ; then
error "Please check your Internet connection before proceeding."
2023-01-13 05:25:27 +01:00
fi
version_check
2023-10-01 04:05:43 +02:00
if [ [ ! -e "../resources/firstrun" || $( cat "../resources/firstrun" ) != " $platform_ver " ||
2024-06-15 01:24:31 +02:00
-z $zenity || ! $( command -v curl) || ! $( command -v xxd) ] ] ; then
2023-01-13 05:25:27 +01:00
install_depends
fi
2023-07-19 12:54:39 +02:00
device_get_info
mkdir -p ../saved/baseband ../saved/$device_type ../saved/shsh
2023-04-07 06:50:58 +02:00
2023-07-19 12:54:39 +02:00
mode =
if [ [ -z $mode ] ] ; then
menu_main
fi
2023-01-13 05:25:27 +01:00
2023-07-19 12:54:39 +02:00
case $mode in
"custom-ipsw" )
ipsw_preference_set
ipsw_prepare
log "Done creating custom IPSW"
; ;
"downgrade" )
ipsw_preference_set
ipsw_prepare
restore_prepare
; ;
"baseband" )
device_dump baseband
log "Baseband dumping is done"
print "* To stitch baseband to IPSW, run Legacy iOS Kit with --disable-bbupdate argument:"
print " > ./restore.sh --disable-bbupdate"
; ;
"actrec" )
device_dump activation
log "Activation records dumping is done"
2024-01-19 18:11:26 +01:00
if ( ( device_proc < 7 ) ) ; then
print "* To stitch records to IPSW, run Legacy iOS Kit with --activation-records argument:"
print " > ./restore.sh --activation-records"
fi
2023-07-19 12:54:39 +02:00
; ;
"save-ota-blobs" ) shsh_save; ;
"kdfu" ) device_enter_mode kDFU; ;
2023-10-30 18:36:38 +01:00
"ramdisknvram" ) device_ramdisk clearnvram; ;
2023-07-19 12:54:39 +02:00
"pwned-ibss" ) device_enter_mode pwnDFU; ;
"save-onboard-blobs" ) shsh_save_onboard; ;
2024-06-08 07:09:43 +02:00
"save-onboard-dump" ) shsh_save_onboard dump; ;
2023-07-19 12:54:39 +02:00
"save-cydia-blobs" ) shsh_save_cydia; ;
2023-08-17 15:07:52 +02:00
"enterrecovery" ) device_enter_mode Recovery; ;
"exitrecovery" ) $irecovery -n; ;
"enterdfu" ) device_enter_mode DFU; ;
2023-08-29 16:14:03 +02:00
"dfuipsw" ) restore_dfuipsw; ;
"dfuipswipsw" ) restore_dfuipsw ipsw; ;
2024-06-16 03:45:32 +02:00
"customipsw" ) restore_customipsw; ;
2023-08-30 04:09:16 +02:00
"getversion" ) device_ramdisk getversion; ;
2023-09-02 06:56:49 +02:00
"shutdown" ) " $dir /idevicediagnostics " shutdown; ;
"restart" ) " $dir /idevicediagnostics " restart; ;
2024-01-29 08:16:30 +01:00
"restore-latest" ) restore_latest64; ;
2024-06-08 07:09:43 +02:00
"convert-onboard-blobs" ) cp " $shsh_path " dump.raw; shsh_convert_onboard; ;
2024-06-16 03:45:32 +02:00
"remove4" ) device_ramdisk setnvram $rec ; ;
2024-06-15 12:39:27 +02:00
"device" * ) $mode ; ;
2023-07-19 12:54:39 +02:00
* ) :; ;
esac
2023-02-16 09:34:34 +01:00
2023-07-19 12:54:39 +02:00
echo
print "* Save the terminal output now if needed."
2023-10-02 18:46:29 +02:00
print " * Legacy iOS Kit $version_current ( $git_hash ) "
2024-01-30 04:03:35 +01:00
print " * Platform: $platform ( $platform_ver ) $live_cdusb_str "
2023-04-02 12:18:44 +02:00
echo
2023-01-13 05:25:27 +01:00
}
for i in " $@ " ; do
case $i in
"--no-color" ) no_color = 1; ;
"--no-device" ) device_argmode = "none" ; ;
"--entry-device" ) device_argmode = "entry" ; ;
"--no-version-check" ) no_version_check = 1; ;
"--debug" ) set -x; debug_mode = 1; ;
2023-03-18 03:44:15 +01:00
"--help" ) display_help; exit; ;
2023-01-13 10:30:26 +01:00
"--ipsw-verbose" ) ipsw_verbose = 1; ;
"--jailbreak" ) ipsw_jailbreak = 1; ;
"--memory" ) ipsw_memory = 1; ;
2023-07-24 03:36:28 +02:00
"--disable-bbupdate" ) device_disable_bbupdate = 1; ;
2023-07-01 16:14:19 +02:00
"--disable-sudoloop" ) device_disable_sudoloop = 1; ;
"--disable-usbmuxd" ) device_disable_usbmuxd = 1; ;
2023-11-18 02:48:07 +01:00
"--activation-records" ) device_actrec = 1; ;
2023-08-15 13:09:04 +02:00
"--ipsw-hacktivate" ) ipsw_hacktivate = 1; ;
2024-02-26 10:30:50 +01:00
"--skip-ibss" ) device_skipibss = 1; ;
2024-05-07 06:56:14 +02:00
"--pwned-recovery" ) device_pwnrec = 1; ;
2023-01-13 05:25:27 +01:00
esac
done
2023-08-19 09:36:15 +02:00
trap "clean" EXIT
2023-03-18 03:44:15 +01:00
trap "exit 1" INT TERM
2023-01-13 05:25:27 +01:00
2023-01-22 03:45:37 +01:00
clean
2023-01-13 05:25:27 +01:00
mkdir " $( dirname " $0 " ) /tmp "
pushd " $( dirname " $0 " ) /tmp " >/dev/null
if [ [ $no_color != 1 ] ] ; then
TERM = xterm-256color # fix colors for msys2 terminal
color_R = $( tput setaf 9)
color_G = $( tput setaf 10)
color_B = $( tput setaf 12)
2023-07-02 09:51:07 +02:00
color_Y = $( tput setaf 208)
2023-01-13 05:25:27 +01:00
color_N = $( tput sgr0)
fi
main
popd >/dev/null