Mirrors/Legacy-iOS-Kit
2
0
Fork 0
mirror of https://github.com/LukeZGD/Legacy-iOS-Kit.git synced 2024-11-23 08:29:17 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix powdersn0w apple logo, change ssh port

Browse Source 
change ssh port  to 6414
This commit is contained in:
LukeZGD 2024-02-12 13:33:52 +08:00
parent 4c58f8979d
commit 1c55e9c818
5 changed files with 84 additions and 63 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
bin/linux/arm64/iBoot32Patcher
View File

Binary file not shown.

BIN
bin/linux/armhf/iBoot32Patcher
View File

Binary file not shown.

BIN
bin/linux/x86_64/iBoot32Patcher
View File

Binary file not shown.

BIN
bin/macos/iBoot32Patcher
View File

Binary file not shown.

147
restore.sh
View File

@ -3,6 +3,7 @@
ipsw_openssh=1 # OpenSSH will be added to jailbreak/custom IPSW if set to 1. ipsw_openssh=1 # OpenSSH will be added to jailbreak/custom IPSW if set to 1.
device_rd_build="" # You can change the version of SSH Ramdisk and Pwned iBSS/iBEC here. (default is 10B329 for most devices) device_rd_build="" # You can change the version of SSH Ramdisk and Pwned iBSS/iBEC here. (default is 10B329 for most devices)
jelbrek="../resources/jailbreak" jelbrek="../resources/jailbreak"
ssh_port=6414
print() { print() {
echo "${color_B}${1}${color_N}" echo "${color_B}${1}${color_N}"
@ -942,7 +943,7 @@ device_sshpass() {
device_iproxy() { device_iproxy() {
log "Running iproxy for SSH..." log "Running iproxy for SSH..."
$iproxy 2222 22 >/dev/null & $iproxy $ssh_port 22 >/dev/null &
iproxy_pid=$! iproxy_pid=$!
sleep 1 sleep 1
} }
@ -1148,10 +1149,10 @@ device_enter_mode() {
print "* Follow the steps in the GitHub wiki under \"A6(X) devices, jailbroken on iOS 10\"" print "* Follow the steps in the GitHub wiki under \"A6(X) devices, jailbroken on iOS 10\""
fi fi
log "Sending files to device: ${sendfiles[*]}" log "Sending files to device: ${sendfiles[*]}"
$scp -P 2222 ${sendfiles[@]} root@127.0.0.1:/tmp $scp -P $ssh_port ${sendfiles[@]} root@127.0.0.1:/tmp
if [[ $? == 0 ]]; then if [[ $? == 0 ]]; then
log "Running kloader" log "Running kloader"
$ssh -p 2222 root@127.0.0.1 "bash /tmp/kloaders" & $ssh -p $ssh_port root@127.0.0.1 "bash /tmp/kloaders" &
else else
warn "Failed to connect to device via USB SSH." warn "Failed to connect to device via USB SSH."
if [[ $device_det == 1 ]]; then if [[ $device_det == 1 ]]; then
@ -1196,7 +1197,7 @@ device_enter_mode() {
break break
fi fi
if [[ $opt == "kloader_axi0mX" ]]; then if [[ $opt == "kloader_axi0mX" ]]; then
$ssh -p 2222 root@$IPAddress "bash /tmp/kloaders" & $ssh -p $ssh_port root@$IPAddress "bash /tmp/kloaders" &
else else
print "* Unplug and replug your device now" print "* Unplug and replug your device now"
fi fi
@ -2224,13 +2225,15 @@ ipsw_prepare_paths() {
local str2 local str2
if [[ $2 == "target" ]]; then if [[ $2 == "target" ]]; then
case $comp in case $comp in
"NewAppleLogo" ) str2="${name/AppleLogo/NewAppleLogo}";;
"AppleLogo" ) str2="${name/applelogo/applelogo7}";; "AppleLogo" ) str2="${name/applelogo/applelogo7}";;
"APTicket" ) str2="${name/applelogo/applelogoT}";; "APTicket" ) str2="${name/applelogo/applelogoT}";;
"RecoveryMode" ) str2="${name/recoverymode/recoverymode7}";; "RecoveryMode" ) str2="${name/recoverymode/recoverymode7}";;
"NewiBoot" ) str2="${name/iBoot/iBoot$(echo $device_target_vers | cut -c 1)}";; "NewiBoot" ) str2="${name/iBoot/iBoot2}";;
esac esac
case $comp in case $comp in
"AppleLogo" | "APTicket" | "RecoveryMode" ) *"AppleLogo" ) str+="$str2";;
"APTicket" | "RecoveryMode" )
str+="$str2" str+="$str2"
echo "$str2" >> $FirmwareBundle/manifest echo "$str2" >> $FirmwareBundle/manifest
;; ;;
@ -2806,15 +2809,29 @@ patch_iboot() {
local iboot_name=$(echo $device_fw_key | $jq -j '.keys[] | select(.image | startswith("iBoot")) | .filename') local iboot_name=$(echo $device_fw_key | $jq -j '.keys[] | select(.image | startswith("iBoot")) | .filename')
local iboot_iv=$(echo $device_fw_key | $jq -j '.keys[] | select(.image | startswith("iBoot")) | .iv') local iboot_iv=$(echo $device_fw_key | $jq -j '.keys[] | select(.image | startswith("iBoot")) | .iv')
local iboot_key=$(echo $device_fw_key | $jq -j '.keys[] | select(.image | startswith("iBoot")) | .key') local iboot_key=$(echo $device_fw_key | $jq -j '.keys[] | select(.image | startswith("iBoot")) | .key')
local ibec
local rsa="--rsa"
log "Patch iBoot: $*" log "Patch iBoot: $*"
unzip -o -j "$ipsw_path.ipsw" Firmware/all_flash/all_flash.${device_model}ap.production/$iboot_name if [[ $device_type == "iPad1,1" || $device_type == "iPhone5"* ]]; then
mv $iboot_name ibot ibec=1
"$dir/xpwntool" ibot ibot.dec -iv $iboot_iv -k $iboot_key unzip -o -j "$ipsw_path.ipsw" Firmware/all_flash/all_flash.${device_model}ap.production/$iboot_name
"$dir/iBoot32Patcher" ibot.dec ibot.pwned --rsa "$@" else
"$dir/xpwntool" ibot.pwned iBoot -t ibot iboot_name="${iboot_name/iBoot/iBoot2}"
rm ibot* rsa=
echo "0000010: 6365" | xxd -r - iBoot unzip -o -j temp.ipsw Firmware/all_flash/all_flash.${device_model}ap.production/$iboot_name
echo "0000020: 6365" | xxd -r - iBoot fi
mv $iboot_name iBoot.orig
"$dir/xpwntool" iBoot.orig iBoot.dec -iv $iboot_iv -k $iboot_key
"$dir/iBoot32Patcher" iBoot.dec iBoot.pwned $rsa "$@"
"$dir/xpwntool" iBoot.pwned iBoot -t iBoot.orig
if [[ $ibec == 1 ]]; then
echo "0000010: 6365" | xxd -r - iBoot
echo "0000020: 6365" | xxd -r - iBoot
return
fi
echo "0000010: 626F" | xxd -r - iBoot
echo "0000020: 626F" | xxd -r - iBoot
"$dir/xpwntool" iBoot.pwned $iboot_name -t iBoot -iv $iboot_iv -k $iboot_key
} }
ipsw_patch_file() { ipsw_patch_file() {
@ -2961,8 +2978,6 @@ ipsw_prepare_ios4multipart() {
iboot="iboot" iboot="iboot"
else else
log "Add $device_target_vers iBoot to all_flash" log "Add $device_target_vers iBoot to all_flash"
echo "0000010: 626F" | xxd -r - iBoot
echo "0000020: 626F" | xxd -r - iBoot
mv iBoot $all_flash/iBoot4.img3 mv iBoot $all_flash/iBoot4.img3
echo "iBoot4.img3" >> $all_flash/manifest echo "iBoot4.img3" >> $all_flash/manifest
fi fi
@ -3194,9 +3209,6 @@ ipsw_prepare_ios4powder() {
cp iBoot iBEC cp iBoot iBEC
tar -cvf iBoot.tar iBEC tar -cvf iBoot.tar iBEC
ExtraArgs+=" iBoot.tar" ExtraArgs+=" iBoot.tar"
else
echo "0000010: 626F" | xxd -r - iBoot
echo "0000020: 626F" | xxd -r - iBoot
fi fi
if [[ $ipsw_isbeta == 1 ]]; then if [[ $ipsw_isbeta == 1 ]]; then
ipsw_prepare_systemversion ipsw_prepare_systemversion
@ -3282,7 +3294,7 @@ ipsw_prepare_powder() {
fi fi
fi fi
local ExtraArr=("--boot-partition" "--boot-ramdisk") local ExtraArr=("--boot-partition" "--boot-ramdisk" "--logo")
if [[ $device_type == "iPhone5"* ]]; then if [[ $device_type == "iPhone5"* ]]; then
# do this stuff because these use ramdiskH (jump to /boot/iBEC) instead of jump ibot to ibob # do this stuff because these use ramdiskH (jump to /boot/iBEC) instead of jump ibot to ibob
if [[ $device_target_vers == "9"* ]]; then if [[ $device_target_vers == "9"* ]]; then
@ -3319,7 +3331,16 @@ ipsw_prepare_powder() {
error "Failed to find custom IPSW. Please run the script again" \ error "Failed to find custom IPSW. Please run the script again" \
"* You may try selecting N for memory option" "* You may try selecting N for memory option"
fi fi
if [[ $device_type != "iPhone5"* && $device_type != "iPad1,1" ]]; then
patch_iboot --logo
local all_flash="Firmware/all_flash/all_flash.${device_model}ap.production"
mkdir -p $all_flash
mv iBoot*.img3 $all_flash
zip -r0 temp.ipsw $all_flash/iBoot*.img3
fi
ipsw_bbreplace ipsw_bbreplace
mv temp.ipsw "$ipsw_custom.ipsw" mv temp.ipsw "$ipsw_custom.ipsw"
} }
@ -3949,9 +3970,9 @@ device_send_rdtar() {
target+="/private/var" target+="/private/var"
fi fi
log "Sending $1" log "Sending $1"
$scp -P 2222 $jelbrek/$1 root@127.0.0.1:$target $scp -P $ssh_port $jelbrek/$1 root@127.0.0.1:$target
log "Extracting $1" log "Extracting $1"
$ssh -p 2222 root@127.0.0.1 "tar -xvf $target/$1 -C /mnt1; rm $target/$1" $ssh -p $ssh_port root@127.0.0.1 "tar -xvf $target/$1 -C /mnt1; rm $target/$1"
} }
device_ramdisk64() { device_ramdisk64() {
@ -4277,18 +4298,18 @@ device_ramdisk() {
local dump="../saved/$device_type" local dump="../saved/$device_type"
local opt local opt
log "Mounting root filesystem" log "Mounting root filesystem"
$ssh -p 2222 root@127.0.0.1 "mount.sh root" $ssh -p $ssh_port root@127.0.0.1 "mount.sh root"
sleep 1 sleep 1
#log "Let's just dump both activation and baseband tars" #log "Let's just dump both activation and baseband tars"
log "Creating baseband.tar" log "Creating baseband.tar"
$ssh -p 2222 root@127.0.0.1 "cd /mnt1; tar -cvf baseband.tar usr/local/standalone" $ssh -p $ssh_port root@127.0.0.1 "cd /mnt1; tar -cvf baseband.tar usr/local/standalone"
log "Mounting data partition" log "Mounting data partition"
$ssh -p 2222 root@127.0.0.1 "mount.sh pv" $ssh -p $ssh_port root@127.0.0.1 "mount.sh pv"
#log "Creating activation.tar" #log "Creating activation.tar"
#$ssh -p 2222 root@127.0.0.1 "cd /mnt1; tar -cvf activation.tar private/var/root/Library/Lockdown" #$ssh -p $ssh_port root@127.0.0.1 "cd /mnt1; tar -cvf activation.tar private/var/root/Library/Lockdown"
log "Copying tars" log "Copying tars"
#$scp -P 2222 root@127.0.0.1:/mnt1/baseband.tar root@127.0.0.1:/mnt1/activation.tar . #$scp -P $ssh_port root@127.0.0.1:/mnt1/baseband.tar root@127.0.0.1:/mnt1/activation.tar .
$scp -P 2222 root@127.0.0.1:/mnt1/baseband.tar . $scp -P $ssh_port root@127.0.0.1:/mnt1/baseband.tar .
print "* Reminder to backup dump tars if needed" print "* Reminder to backup dump tars if needed"
if [[ -s $dump/baseband.tar ]]; then if [[ -s $dump/baseband.tar ]]; then
read -p "Baseband dump exists in $dump/baseband.tar. Overwrite? (Y/n)" opt read -p "Baseband dump exists in $dump/baseband.tar. Overwrite? (Y/n)" opt
@ -4309,7 +4330,7 @@ device_ramdisk() {
cp activation.tar $dump cp activation.tar $dump
fi fi
' '
$ssh -p 2222 root@127.0.0.1 "rm -f /mnt1/baseband.tar /mnt1/activation.tar; nvram auto-boot=0; reboot_bak" $ssh -p $ssh_port root@127.0.0.1 "rm -f /mnt1/baseband.tar /mnt1/activation.tar; nvram auto-boot=0; reboot_bak"
log "Done, device should reboot to recovery mode now" log "Done, device should reboot to recovery mode now"
return return
;; ;;
@ -4319,10 +4340,10 @@ device_ramdisk() {
local build local build
local untether local untether
log "Mounting root filesystem" log "Mounting root filesystem"
$ssh -p 2222 root@127.0.0.1 "mount.sh root" $ssh -p $ssh_port root@127.0.0.1 "mount.sh root"
sleep 1 sleep 1
log "Getting iOS version" log "Getting iOS version"
$scp -P 2222 root@127.0.0.1:/mnt1/System/Library/CoreServices/SystemVersion.plist . $scp -P $ssh_port root@127.0.0.1:/mnt1/System/Library/CoreServices/SystemVersion.plist .
if [[ $platform == "macos" ]]; then if [[ $platform == "macos" ]]; then
rm -f BuildVer Version rm -f BuildVer Version
plutil -extract 'ProductVersion' xml1 SystemVersion.plist -o Version plutil -extract 'ProductVersion' xml1 SystemVersion.plist -o Version
@ -4336,7 +4357,7 @@ device_ramdisk() {
if [[ $1 == "getversion" && -n $vers ]]; then if [[ $1 == "getversion" && -n $vers ]]; then
log "Retrieved the current iOS version, rebooting device" log "Retrieved the current iOS version, rebooting device"
print "* iOS Version: $vers ($build)" print "* iOS Version: $vers ($build)"
$ssh -p 2222 root@127.0.0.1 "reboot_bak" $ssh -p $ssh_port root@127.0.0.1 "reboot_bak"
return return
fi fi
case $vers in case $vers in
@ -4352,35 +4373,35 @@ device_ramdisk() {
'' ) '' )
warn "Something wrong happened. Failed to get iOS version." warn "Something wrong happened. Failed to get iOS version."
print "* Please reboot the device into normal operating mode, then perform a clean \"slide to power off\", then try again." print "* Please reboot the device into normal operating mode, then perform a clean \"slide to power off\", then try again."
$ssh -p 2222 root@127.0.0.1 "reboot_bak" $ssh -p $ssh_port root@127.0.0.1 "reboot_bak"
return return
;; ;;
* ) * )
warn "iOS $vers is not supported for jailbreaking with SSHRD." warn "iOS $vers is not supported for jailbreaking with SSHRD."
$ssh -p 2222 root@127.0.0.1 "reboot_bak" $ssh -p $ssh_port root@127.0.0.1 "reboot_bak"
return return
;; ;;
esac esac
log "Nice, iOS $vers is compatible." log "Nice, iOS $vers is compatible."
log "Sending $untether" log "Sending $untether"
$scp -P 2222 $jelbrek/$untether root@127.0.0.1:/mnt1 $scp -P $ssh_port $jelbrek/$untether root@127.0.0.1:/mnt1
# 3.1.3-4.1 untether needs to be extracted early (before data partition is mounted) # 3.1.3-4.1 untether needs to be extracted early (before data partition is mounted)
case $vers in case $vers in
4.1 | 4.0* | 3.1* ) 4.1 | 4.0* | 3.1* )
untether="${device_type}_${build}.tar" untether="${device_type}_${build}.tar"
log "Extracting $untether" log "Extracting $untether"
$ssh -p 2222 root@127.0.0.1 "tar -xvf /mnt1/$untether -C /mnt1; rm /mnt1/$untether" $ssh -p $ssh_port root@127.0.0.1 "tar -xvf /mnt1/$untether -C /mnt1; rm /mnt1/$untether"
;; ;;
esac esac
log "Mounting data partition" log "Mounting data partition"
$ssh -p 2222 root@127.0.0.1 "mount.sh pv" $ssh -p $ssh_port root@127.0.0.1 "mount.sh pv"
case $vers in case $vers in
9* | 8* ) device_send_rdtar fstab8.tar;; 9* | 8* ) device_send_rdtar fstab8.tar;;
7* ) device_send_rdtar fstab7.tar;; 7* ) device_send_rdtar fstab7.tar;;
6* ) device_send_rdtar fstab_rw.tar;; 6* ) device_send_rdtar fstab_rw.tar;;
4.2.1 ) 4.2.1 )
if [[ $device_type != "iPhone1,2" ]]; then if [[ $device_type != "iPhone1,2" ]]; then
$ssh -p 2222 root@127.0.0.1 "[[ ! -e /mnt1/sbin/punchd ]] && mv /mnt1/sbin/launchd /mnt1/sbin/punchd" $ssh -p $ssh_port root@127.0.0.1 "[[ ! -e /mnt1/sbin/punchd ]] && mv /mnt1/sbin/launchd /mnt1/sbin/punchd"
fi fi
;; ;;
5* | 4.[32]* ) untether="${device_type}_${build}.tar";; 5* | 4.[32]* ) untether="${device_type}_${build}.tar";;
@ -4390,18 +4411,18 @@ device_ramdisk() {
4.2.1 | 4.1 | 4.0* | 3* ) 4.2.1 | 4.1 | 4.0* | 3* )
untether="${device_type}_${build}.tar" untether="${device_type}_${build}.tar"
if [[ $device_proc == 1 || $device_type == "iPod2,1" ]]; then if [[ $device_proc == 1 || $device_type == "iPod2,1" ]]; then
$scp -P 2222 $jelbrek/fstab_old root@127.0.0.1:/mnt1/private/etc/fstab $scp -P $ssh_port $jelbrek/fstab_old root@127.0.0.1:/mnt1/private/etc/fstab
else else
$scp -P 2222 $jelbrek/fstab_new root@127.0.0.1:/mnt1/private/etc/fstab $scp -P $ssh_port $jelbrek/fstab_new root@127.0.0.1:/mnt1/private/etc/fstab
fi fi
$ssh -p 2222 root@127.0.0.1 "rm /mnt1/private/var/mobile/Library/Caches/com.apple.mobile.installation.plist" $ssh -p $ssh_port root@127.0.0.1 "rm /mnt1/private/var/mobile/Library/Caches/com.apple.mobile.installation.plist"
;; ;;
esac esac
case $vers in case $vers in
8* | 4.1 | 4.0* | 3* ) :;; 8* | 4.1 | 4.0* | 3* ) :;;
* ) * )
log "Extracting $untether" log "Extracting $untether"
$ssh -p 2222 root@127.0.0.1 "tar -xvf /mnt1/$untether -C /mnt1; rm /mnt1/$untether" $ssh -p $ssh_port root@127.0.0.1 "tar -xvf /mnt1/$untether -C /mnt1; rm /mnt1/$untether"
;; ;;
esac esac
case $vers in case $vers in
@ -4421,17 +4442,17 @@ device_ramdisk() {
fi fi
if [[ $vers == "8"* ]]; then if [[ $vers == "8"* ]]; then
log "Sending daibutsu/move.sh" log "Sending daibutsu/move.sh"
$scp -P 2222 $jelbrek/daibutsu/move.sh root@127.0.0.1:/mnt1 $scp -P $ssh_port $jelbrek/daibutsu/move.sh root@127.0.0.1:/mnt1
log "Moving files" log "Moving files"
$ssh -p 2222 root@127.0.0.1 "bash /mnt1/move.sh; rm /mnt1/move.sh" $ssh -p $ssh_port root@127.0.0.1 "bash /mnt1/move.sh; rm /mnt1/move.sh"
untether="untether.tar" untether="untether.tar"
log "Extracting $untether" log "Extracting $untether"
$ssh -p 2222 root@127.0.0.1 "tar -xvf /mnt1/$untether -C /mnt1; rm /mnt1/$untether" $ssh -p $ssh_port root@127.0.0.1 "tar -xvf /mnt1/$untether -C /mnt1; rm /mnt1/$untether"
log "Running haxx_overwrite --${device_type}_${build}" log "Running haxx_overwrite --${device_type}_${build}"
$ssh -p 2222 root@127.0.0.1 "/usr/bin/haxx_overwrite --${device_type}_${build}" $ssh -p $ssh_port root@127.0.0.1 "/usr/bin/haxx_overwrite --${device_type}_${build}"
else else
log "Rebooting" log "Rebooting"
$ssh -p 2222 root@127.0.0.1 "reboot_bak" $ssh -p $ssh_port root@127.0.0.1 "reboot_bak"
fi fi
log "Cool, done and jailbroken (hopefully)" log "Cool, done and jailbroken (hopefully)"
case $vers in case $vers in
@ -4442,18 +4463,18 @@ device_ramdisk() {
"clearnvram" ) "clearnvram" )
log "Sending commands for clearing NVRAM..." log "Sending commands for clearing NVRAM..."
$ssh -p 2222 root@127.0.0.1 "nvram -c; reboot_bak" $ssh -p $ssh_port root@127.0.0.1 "nvram -c; reboot_bak"
log "Done, your device should reboot now" log "Done, your device should reboot now"
return return
;; ;;
"setnvram" ) "setnvram" )
log "Sending commands for NVRAM..." log "Sending commands for NVRAM..."
$ssh -p 2222 root@127.0.0.1 "nvram -c; nvram boot-partition=$rec" $ssh -p $ssh_port root@127.0.0.1 "nvram -c; nvram boot-partition=$rec"
if [[ $device_type == "iPhone3,3" && $rec == 2 ]]; then if [[ $device_type == "iPhone3,3" && $rec == 2 ]]; then
$ssh -p 2222 root@127.0.0.1 "nvram boot-ramdisk=/a/b/c/d/e/f/g/h/i/disk.dmg" $ssh -p $ssh_port root@127.0.0.1 "nvram boot-ramdisk=/a/b/c/d/e/f/g/h/i/disk.dmg"
fi fi
$ssh -p 2222 root@127.0.0.1 "reboot_bak" $ssh -p $ssh_port root@127.0.0.1 "reboot_bak"
log "Done, your device should reboot now" log "Done, your device should reboot now"
return return
;; ;;
@ -4500,12 +4521,12 @@ menu_ramdisk() {
esac esac
done done
case $mode in case $mode in
"ssh" ) $ssh -p 2222 root@127.0.0.1;; "ssh" ) $ssh -p $ssh_port root@127.0.0.1;;
"reboot" ) $ssh -p 2222 root@127.0.0.1 "$reboot"; loop=1;; "reboot" ) $ssh -p $ssh_port root@127.0.0.1 "$reboot"; loop=1;;
"exit" ) loop=1;; "exit" ) loop=1;;
"dump-blobs" ) "dump-blobs" )
local shsh="../saved/shsh/$device_ecid-$device_type-$(date +%Y-%m-%d-%H%M).shsh2" local shsh="../saved/shsh/$device_ecid-$device_type-$(date +%Y-%m-%d-%H%M).shsh2"
$ssh -p 2222 root@127.0.0.1 "cat /dev/rdisk1" | dd of=dump.raw bs=256 count=$((0x4000)) $ssh -p $ssh_port root@127.0.0.1 "cat /dev/rdisk1" | dd of=dump.raw bs=256 count=$((0x4000))
"$dir/img4tool" --convert -s $shsh dump.raw "$dir/img4tool" --convert -s $shsh dump.raw
log "Onboard blobs should be dumped to $shsh" log "Onboard blobs should be dumped to $shsh"
pause pause
@ -4531,7 +4552,7 @@ shsh_save_onboard64() {
device_iproxy device_iproxy
device_sshpass device_sshpass
local shsh="../saved/shsh/$device_ecid-$device_type-$device_vers-$device_build.shsh2" local shsh="../saved/shsh/$device_ecid-$device_type-$device_vers-$device_build.shsh2"
$ssh -p 2222 root@127.0.0.1 "cat /dev/disk1" | dd of=dump.raw bs=256 count=$((0x4000)) $ssh -p $ssh_port root@127.0.0.1 "cat /dev/disk1" | dd of=dump.raw bs=256 count=$((0x4000))
"$dir/img4tool" --convert -s $shsh dump.raw "$dir/img4tool" --convert -s $shsh dump.raw
if [[ ! -s $shsh ]]; then if [[ ! -s $shsh ]]; then
error "Saving onboard SHSH blobs failed." error "Saving onboard SHSH blobs failed."
@ -5752,13 +5773,13 @@ device_dump() {
device_sshpass device_sshpass
log "Creating $arg.tar" log "Creating $arg.tar"
if [[ $arg == "activation" ]]; then if [[ $arg == "activation" ]]; then
$ssh -p 2222 root@127.0.0.1 "mkdir -p /tmp/$dmp2; cp -R $dmps/* /tmp/$dmp2" $ssh -p $ssh_port root@127.0.0.1 "mkdir -p /tmp/$dmp2; cp -R $dmps/* /tmp/$dmp2"
$ssh -p 2222 root@127.0.0.1 "cd /tmp; tar -cvf $arg.tar $dmp2" $ssh -p $ssh_port root@127.0.0.1 "cd /tmp; tar -cvf $arg.tar $dmp2"
else else
$ssh -p 2222 root@127.0.0.1 "tar -cvf /tmp/$arg.tar $dmps" $ssh -p $ssh_port root@127.0.0.1 "tar -cvf /tmp/$arg.tar $dmps"
fi fi
log "Copying $arg.tar" log "Copying $arg.tar"
$scp -P 2222 root@127.0.0.1:/tmp/$arg.tar . $scp -P $ssh_port root@127.0.0.1:/tmp/$arg.tar .
cp $arg.tar $dump cp $arg.tar $dump
elif [[ $device_mode == "DFU" ]]; then elif [[ $device_mode == "DFU" ]]; then
device_ramdisk $arg device_ramdisk $arg
@ -5812,14 +5833,14 @@ device_hacktivate() {
device_iproxy device_iproxy
device_sshpass device_sshpass
log "Getting lockdownd" log "Getting lockdownd"
$scp -P 2222 root@127.0.0.1:/usr/libexec/lockdownd . $scp -P $ssh_port root@127.0.0.1:/usr/libexec/lockdownd .
log "Patching lockdownd" log "Patching lockdownd"
$bspatch lockdownd lockdownd.patched "$patch" $bspatch lockdownd lockdownd.patched "$patch"
log "Renaming original lockdownd" log "Renaming original lockdownd"
$ssh -p 2222 root@127.0.0.1 "mv /usr/libexec/lockdownd /usr/libexec/lockdownd.orig" $ssh -p $ssh_port root@127.0.0.1 "mv /usr/libexec/lockdownd /usr/libexec/lockdownd.orig"
log "Copying patched lockdownd to device" log "Copying patched lockdownd to device"
$scp -P 2222 lockdownd.patched root@127.0.0.1:/usr/libexec/lockdownd $scp -P $ssh_port lockdownd.patched root@127.0.0.1:/usr/libexec/lockdownd
$ssh -p 2222 root@127.0.0.1 "chmod +x /usr/libexec/lockdownd; reboot" $ssh -p $ssh_port root@127.0.0.1 "chmod +x /usr/libexec/lockdownd; reboot"
log "Done. Your device will reboot now" log "Done. Your device will reboot now"
} }