Mirrors/Legacy-iOS-Kit
2
0
Fork 0
mirror of https://github.com/LukeZGD/Legacy-iOS-Kit.git synced 2025-01-11 15:59:08 +01:00
Code Issues Packages Projects Releases Wiki Activity

Comment on stuff and some changes

Browse Source
This commit is contained in:
LukeeGD 2020-03-13 12:12:49 +08:00
parent 205b17c765
commit 5461e888bb
2 changed files with 83 additions and 92 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
README.md
View File

@ -1,14 +1,22 @@
# 32bit-OTA-Downgrader # 32bit-OTA-Downgrader
### Downgrade 32-bit iOS devices to iOS 8.4.1 or iOS 6.1.3 (see supported devices below first!) ### Downgrade 32-bit iOS devices to iOS 8.4.1 or iOS 6.1.3 (see supported devices below)
- **Please see "Other notes" below to serve as answers for FAQs** - **Please see "Other notes" below to serve as answers for FAQs**
## Supported devices (iOS 8.4.1 downgrade):
- All A5, A5X, A6, and A6X devices **except iPhone5,3 and 5,4 (iPhone 5C)** are supported
## Supported devices (iOS 6.1.3 downgrade):
- Only iPhone 4S and iPad 2 devices except iPad2,4 (iPad 2 Rev A) are supported
## Prerequisites: ## Prerequisites:
- A supported 32-bit device **jailbroken** on any iOS version - A supported 32-bit iOS device **jailbroken** on any version
- **iOS [8.4.1](https://ipsw.me/8.4.1) or [6.1.3](https://ipsw.me/6.1.3) IPSW** for your device (the script can also download it for you) - **iOS [8.4.1](https://ipsw.me/8.4.1) or [6.1.3](https://ipsw.me/6.1.3) IPSW** for your device (the script can also download it for you)
- A **Linux install/live USB** (see distros tested on below) (a live USB can be easily created with tools like [balenaEtcher](https://www.balena.io/etcher/) or [Rufus](https://rufus.ie/)) - A **Linux install/live USB** (see distros tested on below) (a live USB can be easily created with tools like [balenaEtcher](https://www.balena.io/etcher/) or [Rufus](https://rufus.ie/))
- **macOS** (tested on 10.13 and 10.14 only) should also work, but I won't be able to provide support when the script breaks - **macOS** (tested on 10.13 and 10.14 only) should also work, but I won't be able to provide support when the script breaks
- iOS 7/8 Pangu users: Install the [latest Pangu 7.1.x Untether (deb)](http://apt.saurik.com/debs/io.pangu.axe7_0.3_iphoneos-arm.deb) or [latest Pangu 8.0-8.1.x Untether (deb)](http://apt.saurik.com/debs/io.pangu.xuanyuansword8_0.5_iphoneos-arm.deb) - iOS 7/8 Pangu users: Install the [latest Pangu 7.1.x Untether (deb)](http://apt.saurik.com/debs/io.pangu.axe7_0.3_iphoneos-arm.deb) or [latest Pangu 8.0-8.1.x Untether (deb)](http://apt.saurik.com/debs/io.pangu.xuanyuansword8_0.5_iphoneos-arm.deb)
- iOS 9 and below users: Install [OpenSSH](https://cydia.saurik.com/openssh.html); The computer and device must be on the same network for SSH to work - iOS 9 and below users: Install [OpenSSH](https://cydia.saurik.com/package/openssh/); The computer and iOS device must be on the same network for SSH to work
- iOS 10 users: Install [MTerminal](http://cydia.saurik.com/package/com.officialscheduler.mterminal/) - iOS 10 users: Install [MTerminal](http://cydia.saurik.com/package/com.officialscheduler.mterminal/)
## How to use: ## How to use:
@ -20,22 +28,14 @@
6. Select option to be used (8.4.1/6.1.3 downgrade) 6. Select option to be used (8.4.1/6.1.3 downgrade)
7. Follow instructions 7. Follow instructions
## Supported devices (iOS 8.4.1 downgrade):
- All A5, A5X, A6, and A6X devices **except iPhone5,3 and 5,4 (iPhone 5C)** are supported
## Supported devices (iOS 6.1.3 downgrade):
- Only iPhone 4S and iPad 2 devices except iPad2,4 (iPad 2 Rev A) are supported
## Other notes: ## Other notes:
- **You do NOT need blobs to use this**, the script will get them for you - **You do NOT need blobs to use this**, the script will get them for you
- This script will also restore your device to the latest baseband (N/A to devices with no baseband) - This script will restore your device with the latest baseband (N/A to devices with no baseband)
- This script has a workaround for the activation error on iOS 10 devices - This script has a workaround for the activation error on iOS 10 devices
- This script uses the futurerestore method for downgrading, NOT the Odysseus method nor modifying SystemVersion.plist - This script uses futurerestore "Odysseus method" for downgrading (different from OdysseusOTA/2, which are deprecated)
- This script will use an unmodified IPSW to restore - This script uses an unmodified IPSW to restore and does NOT create a custom IPSW
- This script only uses iBSS patches from bundles for entering pwnDFU mode, NOT for creating a custom IPSW - This script only uses iBSS patches for entering kDFU mode
- This script can also be used to enter kDFU mode for all supported devices - This script can also be used to just enter kDFU mode for all supported devices
- This script can also be used to futurerestore to other iOS versions when provided with SHSH blobs - This script can also be used to futurerestore to other iOS versions when provided with SHSH blobs
- This script should also work on virtual machines, but I won't provide support on them - This script should also work on virtual machines, but I won't provide support on them
@ -45,18 +45,17 @@
- [Arch Linux](https://www.archlinux.org/) full install - [Arch Linux](https://www.archlinux.org/) full install
- [Manjaro](https://manjaro.org/) live USB and full install - [Manjaro](https://manjaro.org/) live USB and full install
## Tools used by this script: ## Tools and other stuff used by this script:
- cURL - cURL
- bsdiff (bspatch) - bsdiff (bspatch)
- ideviceinfo - ideviceinfo
- ifuse - ifuse
- [tsschecker](https://github.com/tihmstar/tsschecker) - [tsschecker](https://github.com/tihmstar/tsschecker/releases/tag/v212)
- [futurerestore](https://github.com/tihmstar/futurerestore) - [futurerestore](http://api.tihmstar.net/builds/futurerestore/futurerestore-latest.zip)
- [xpwntool](https://www.youtube.com/watch?v=fh0tB6fp0Sc) - [xpwntool](https://www.youtube.com/watch?v=fh0tB6fp0Sc)
- [kloader](https://www.youtube.com/watch?v=fh0tB6fp0Sc) - [kloader](https://www.youtube.com/watch?v=fh0tB6fp0Sc)
- [kloader5 (iOS 5)](http://www.pmbonneau.com/cydia/) - [kloader5 (iOS 5)](https://mtmdev.org/pmbonneau-archive)
- [kloader_hgsp (iOS 10)](https://twitter.com/nyan_satan/status/945203180522045440) - [kloader_hgsp (iOS 10)](https://twitter.com/nyan_satan/status/945203180522045440)
- [partialZipBrowser](https://github.com/tihmstar/partialZipBrowser) - [partialZipBrowser](https://github.com/tihmstar/partialZipBrowser/releases/tag/36)
- python3 (http.server) - python3 (http.server)
- iBSS patches are from [OdysseusOTA](https://www.youtube.com/watch?v=Wo7mGdMcjxw), [OdysseusOTA2](https://www.youtube.com/watch?v=fh0tB6fp0Sc), [alitek12](https://www.mediafire.com/folder/b1z64roy512wd/FirmwareBundles), [gjest](https://files.fm/u/fcbqqdnw) - iBSS patches are from [OdysseusOTA](https://www.youtube.com/watch?v=Wo7mGdMcjxw), [OdysseusOTA2](https://www.youtube.com/watch?v=fh0tB6fp0Sc), [alitek12](https://www.mediafire.com/folder/b1z64roy512wd/FirmwareBundles), [gjest](https://files.fm/u/fcbqqdnw)

132
restore.sh
View File

@ -1,75 +1,57 @@
#!/bin/bash #!/bin/bash
iv_k93=781b9672a86ba1b41f8b7fa0af714c94 # 8.4.1 IV and Keys
iv_k93=781b9672a86ba1b41f8b7fa0af714c94 #iPad2,1
key_k93=bbd7bf676dbcc6ba93c76d496b7af39ae7772eaaad2ec9fb71dc1fd004827784 key_k93=bbd7bf676dbcc6ba93c76d496b7af39ae7772eaaad2ec9fb71dc1fd004827784
iv_k94=883c92ed915e4d2481570a062583495b #iPad2,2
iv_k94=883c92ed915e4d2481570a062583495b
key_k94=ccfadf3732904885d38f963cce035d7e03b387b67212d526503c85773b58e52f key_k94=ccfadf3732904885d38f963cce035d7e03b387b67212d526503c85773b58e52f
iv_k95=460116385cca6d5596221c58ae122669 #iPad2,3
iv_k95=460116385cca6d5596221c58ae122669
key_k95=7852f1fd93d9d49ebea44021081e8f1dffa336d0d3e9517374f8be451dd92eb7 key_k95=7852f1fd93d9d49ebea44021081e8f1dffa336d0d3e9517374f8be451dd92eb7
iv_k93a=976aa656929ac699fff36715de96876d #iPad2,4
iv_k93a=976aa656929ac699fff36715de96876d
key_k93a=5fe5c47b5620c2b40b1ca2bd1764a92d568901a24e1caf8faf0cf0f84ae11b4e key_k93a=5fe5c47b5620c2b40b1ca2bd1764a92d568901a24e1caf8faf0cf0f84ae11b4e
iv_p105=b21abc8689b0dea8f6e613f9f970e241 #iPad2,5
iv_p105=b21abc8689b0dea8f6e613f9f970e241
key_p105=b9ed63e4a31f5d9d4d7dddc527e65fd31d1ea48c70204e6b44551c1e6dfc52b5 key_p105=b9ed63e4a31f5d9d4d7dddc527e65fd31d1ea48c70204e6b44551c1e6dfc52b5
iv_p106=56231fd62c6296ed0c8c411bcef602e0 #iPad2,6
iv_p106=56231fd62c6296ed0c8c411bcef602e0
key_p106=cdb2142489e5e936fa8f3540bd036f62ed0f27ddb6fec96b9fbfec5a65bc5f17 key_p106=cdb2142489e5e936fa8f3540bd036f62ed0f27ddb6fec96b9fbfec5a65bc5f17
iv_p107=fa39c596b6569e572d90f0820e4e4357 #iPad2,7
iv_p107=fa39c596b6569e572d90f0820e4e4357
key_p107=34b359fcc729a0f0d2853e786a78b245ed36a9212c8296aaab95dc0401cf07de key_p107=34b359fcc729a0f0d2853e786a78b245ed36a9212c8296aaab95dc0401cf07de
iv_j1=c3ea87ed43788dfc3e268abdf1af27dd #iPad3,1
iv_j1=c3ea87ed43788dfc3e268abdf1af27dd
key_j1=cd3dd7eee07b9ce8b180d1526632cf86dc7fef7d52352d06af354598ab9cf2ef key_j1=cd3dd7eee07b9ce8b180d1526632cf86dc7fef7d52352d06af354598ab9cf2ef
iv_j2=32fcd912cb9a472ef2a6db72596ae01c #iPad3,2
iv_j2=32fcd912cb9a472ef2a6db72596ae01c
key_j2=076720d5a07e8011bdda6f6eafaf4845b40a441615cd1d7c1a9cca438ce7db17 key_j2=076720d5a07e8011bdda6f6eafaf4845b40a441615cd1d7c1a9cca438ce7db17
iv_j2a=e6b041970cd611c8a1561a4c210bc476 #iPad3,3
iv_j2a=e6b041970cd611c8a1561a4c210bc476
key_j2a=aec6a888d45bd26106ac620d7d4ec0c160ab80276deedc1b50ce8f5d99dcc9af key_j2a=aec6a888d45bd26106ac620d7d4ec0c160ab80276deedc1b50ce8f5d99dcc9af
iv_p101=a5892a58c90b6d3fb0e0b20db95070d7 #iPad3,4
iv_p101=a5892a58c90b6d3fb0e0b20db95070d7
key_p101=75612774968009e3f85545ac0088d0d0bb9cb4e2c2970e8f88489be0b9dfe103 key_p101=75612774968009e3f85545ac0088d0d0bb9cb4e2c2970e8f88489be0b9dfe103
iv_p102=fba6d9aaec7237891c80390e6ffa88bf #iPad3,5
iv_p102=fba6d9aaec7237891c80390e6ffa88bf
key_p102=92909dca9bfdb9193131f9ad9b628b1a4971b1cbab52c0ddd114a6253fad96c0 key_p102=92909dca9bfdb9193131f9ad9b628b1a4971b1cbab52c0ddd114a6253fad96c0
iv_p103=1d99e780d96c32a25ca7e4b1c7fe14c0 #iPad3,6
iv_p103=1d99e780d96c32a25ca7e4b1c7fe14c0
key_p103=4e2c14927693d61e1da375e340061521c9376007163f6ab55afbe1a03b901fd3 key_p103=4e2c14927693d61e1da375e340061521c9376007163f6ab55afbe1a03b901fd3
iv_n94=147cdef921ed14a5c10631c5e6e02d1e #iPhone4,1
iv_n78=e0175b03bc29817adc312638884e0898 key_n94=6ea1eb62a9f403ee212c1f6b3039df093963b46739c6093407190fe3d750c69c
iv_n41=bd0c8b039a819604a30f0d39adf88572 #iPhone5,1
key_n41=baf05fe0282f78c18c2e3842be4f9021919d586b55594281f5b5abd0f6e61495
iv_n42=fdad2b7a35384fa2ffc7221213ca1082 #iPhone5,2
key_n42=74cd68729b800a20b1f8e8a3cb5517024a09f074eaa05b099db530fb5783275e
iv_n48=dbecd5f265e031835584e6bfbdb4c47f #iPhone5,3
key_n48=248f86d983626b75d26718fa52732eca64466ab73df048f278e034a272041f7e
iv_n49=039241f2b0212bb7c7b62ab4deec263f #iPhone5,4
key_n49=d0b49d366469ae2b1580d7d31b1bcf783d835e4fac13cfe9f9a160fa95010ac4
iv_n78=e0175b03bc29817adc312638884e0898 #iPod5,1
key_n78=0a0e0aedc8171669c9af6a229930a395959df55dcd8a3ee1fe0f4c009007df3c key_n78=0a0e0aedc8171669c9af6a229930a395959df55dcd8a3ee1fe0f4c009007df3c
iv_n94=147cdef921ed14a5c10631c5e6e02d1e # 6.1.3 IV and Keys
key_n94=6ea1eb62a9f403ee212c1f6b3039df093963b46739c6093407190fe3d750c69c iv_k93_613=b69f753dccd09c9b98d345ec73bbf044 #iPad2,1
iv_n41=bd0c8b039a819604a30f0d39adf88572
key_n41=baf05fe0282f78c18c2e3842be4f9021919d586b55594281f5b5abd0f6e61495
iv_n42=fdad2b7a35384fa2ffc7221213ca1082
key_n42=74cd68729b800a20b1f8e8a3cb5517024a09f074eaa05b099db530fb5783275e
iv_n48=dbecd5f265e031835584e6bfbdb4c47f
key_n48=248f86d983626b75d26718fa52732eca64466ab73df048f278e034a272041f7e
iv_n49=039241f2b0212bb7c7b62ab4deec263f
key_n49=d0b49d366469ae2b1580d7d31b1bcf783d835e4fac13cfe9f9a160fa95010ac4
iv_k93_613=b69f753dccd09c9b98d345ec73bbf044
key_k93_613=6e4cce9ea6f2ec346cba0b279beab1b43e44a0680f1fde789a00f66a1e68ffab key_k93_613=6e4cce9ea6f2ec346cba0b279beab1b43e44a0680f1fde789a00f66a1e68ffab
iv_k94_613=bc3c9f168d7fb86aa219b7ad8039584b #iPad2,2
iv_k94_613=bc3c9f168d7fb86aa219b7ad8039584b
key_k94_613=b1bd1dc5e6076054392be054d50711ae70e8fcf31a47899fb90ab0ff3111b687 key_k94_613=b1bd1dc5e6076054392be054d50711ae70e8fcf31a47899fb90ab0ff3111b687
iv_k95_613=56f964ee19bfd31f06e43e9d8fe93902 #iPad2,3
iv_k95_613=56f964ee19bfd31f06e43e9d8fe93902
key_k95_613=0bb841b8f1922ae73d85ed9ed0d7a3583a10af909787857c15af2691b39bba30 key_k95_613=0bb841b8f1922ae73d85ed9ed0d7a3583a10af909787857c15af2691b39bba30
iv_n94_613=d3fe01e99bd0967e80dccfc0739f93d5 #iPhone4,1
iv_n94_613=d3fe01e99bd0967e80dccfc0739f93d5
key_n94_613=35343d5139e0313c81ee59dbae292da26e739ed75b3da5db9da7d4d26046498c key_n94_613=35343d5139e0313c81ee59dbae292da26e739ed75b3da5db9da7d4d26046498c
function BasebandDetect { function BasebandDetect {
# For Wi-Fi only devices
if [ $ProductType == iPad2,1 ] || [ $ProductType == iPad2,4 ] || [ $ProductType == iPad2,5 ] || if [ $ProductType == iPad2,1 ] || [ $ProductType == iPad2,4 ] || [ $ProductType == iPad2,5 ] ||
[ $ProductType == iPad3,1 ] || [ $ProductType == iPad3,4 ] || [ $ProductType == iPod5,1 ]; then [ $ProductType == iPad3,1 ] || [ $ProductType == iPad3,4 ] || [ $ProductType == iPod5,1 ]; then
NoBaseband=1 NoBaseband=1
@ -77,6 +59,7 @@ function BasebandDetect {
} }
function Clean { function Clean {
# Clean up files (called on MainMenu and trap dependency)
rm -r iP*/ tmp/ $(ls ${UniqueChipID}_${ProductType}_${DowngradeVersion}-*.shsh2 2>/dev/null) 2>/dev/null rm -r iP*/ tmp/ $(ls ${UniqueChipID}_${ProductType}_${DowngradeVersion}-*.shsh2 2>/dev/null) 2>/dev/null
} }
@ -84,11 +67,16 @@ function MainMenu {
Clean Clean
mkdir tmp mkdir tmp
if [ $(lsusb | grep -c "1227") == 1 ]; then if [ $(lsusb | grep -c '1227') == 1 ]; then
read -p "[Input] Device in DFU mode detected. Is your device in kDFU mode? (y/N) " kDFUManual read -p "[Input] Device in DFU mode detected. Is the device in kDFU mode? (y/N) " kDFUManual
if [[ $kDFUManual == y ]] || [[ $kDFUManual == Y ]]; then if [[ $kDFUManual == y ]] || [[ $kDFUManual == Y ]]; then
read -p "[Input] Enter ProductType (eg. iPad2,1): " ProductType read -p "[Input] Enter ProductType (eg. iPad2,1): " ProductType
read -p "[Input] Enter UniqueChipID (ECID): " UniqueChipID if [ $(which irecovery) ]; then
# Get ECID with irecovery (optional)
UniqueChipID=$(sudo irecovery -q | grep 'ECID:' | cut -c 7-)
else
read -p "[Input] Enter UniqueChipID (ECID): " UniqueChipID
fi
BasebandDetect BasebandDetect
echo "[Log] Will now downgrade device $ProductType in kDFU mode..." echo "[Log] Will now downgrade device $ProductType in kDFU mode..."
Mode='Downgrade' Mode='Downgrade'
@ -207,11 +195,13 @@ function Action {
function SaveOTABlobs { function SaveOTABlobs {
BuildManifest="resources/manifests/BuildManifest_${ProductType}_${DowngradeVersion}.plist" BuildManifest="resources/manifests/BuildManifest_${ProductType}_${DowngradeVersion}.plist"
# ota.json is being downloaded now so tsschecker doesn't have to
# this is because tsschecker has an unforgiving timeout when DL'ing ota.json
if [ ! -e resources/ota.json ]; then if [ ! -e resources/ota.json ]; then
echo "[Log] Downloading ota.json..." echo "[Log] Downloading ota.json..."
curl -L "https://api.ipsw.me/v2.1/ota.json/condensed" -o "resources/ota.json" curl -L https://api.ipsw.me/v2.1/ota.json/condensed -o tmp/ota.json
mv tmp/ota.json resources/
fi fi
echo "[Log] Copying ota.json to tmp..." echo "[Log] Copying ota.json to tmp..."
if [ $platform == macos ]; then if [ $platform == macos ]; then
cp resources/ota.json $TMPDIR cp resources/ota.json $TMPDIR
@ -219,16 +209,15 @@ function SaveOTABlobs {
cp resources/ota.json /tmp cp resources/ota.json /tmp
fi fi
echo echo
if [ ! -e /tmp/ota.json ] && [ ! -e $TMPDIR/ota.json ]; then if [ ! -e /tmp/ota.json ] && [ ! -e $TMPDIR/ota.json ]; then
echo "[Error] Download ota.json failed. Please run the script again" echo "[Error] Downloading/copying ota.json failed. Please run the script again"
exit exit
fi fi
echo "[Log] Saving $DowngradeVersion blobs with tsschecker..." echo "[Log] Saving $DowngradeVersion blobs with tsschecker..."
env "LD_PRELOAD=libcurl.so.3" resources/tools/tsschecker_$platform -d $ProductType -i $DowngradeVersion -o -s -e $UniqueChipID -m $BuildManifest env "LD_PRELOAD=libcurl.so.3" resources/tools/tsschecker_$platform -d $ProductType -i $DowngradeVersion -o -s -e $UniqueChipID -m $BuildManifest
echo echo
SHSH=$(ls *.shsh2) SHSH=$(ls ${UniqueChipID}_${ProductType}_${DowngradeVersion}-*.shsh2)
if [ ! -e "$SHSH" ]; then if [ ! -e "$SHSH" ]; then
echo "[Error] Saving $DowngradeVersion blobs failed. Please run the script again" echo "[Error] Saving $DowngradeVersion blobs failed. Please run the script again"
exit exit
@ -239,6 +228,8 @@ function SaveOTABlobs {
function kDFU { function kDFU {
if [ ! -e tmp/$iBSS.dfu ]; then if [ ! -e tmp/$iBSS.dfu ]; then
# Downloading 8.4.1 iBSS for "other" downgrades
# This is because this script only provides 8.4.1 iBSS IV and Keys
echo "[Log] Downloading iBSS..." echo "[Log] Downloading iBSS..."
dllink=$(curl -I -Ls -o /dev/null -w %{url_effective} https://api.ipsw.me/v4/ipsw/download/${ProductType}/12H321) dllink=$(curl -I -Ls -o /dev/null -w %{url_effective} https://api.ipsw.me/v4/ipsw/download/${ProductType}/12H321)
resources/tools/pzb_$platform -g Firmware/dfu/${iBSS}.dfu -o $iBSS.dfu $dllink resources/tools/pzb_$platform -g Firmware/dfu/${iBSS}.dfu -o $iBSS.dfu $dllink
@ -249,12 +240,11 @@ function kDFU {
echo "Key = ${!key}" echo "Key = ${!key}"
resources/tools/xpwntool_$platform "tmp/${iBSS}.dfu" tmp/iBSS.dec -k ${!key} -iv ${!iv} -decrypt resources/tools/xpwntool_$platform "tmp/${iBSS}.dfu" tmp/iBSS.dec -k ${!key} -iv ${!iv} -decrypt
dd bs=64 skip=1 if=tmp/iBSS.dec of=tmp/iBSS.dec2 dd bs=64 skip=1 if=tmp/iBSS.dec of=tmp/iBSS.dec2
echo
echo "[Log] Patching iBSS..." echo "[Log] Patching iBSS..."
bspatch tmp/iBSS.dec2 tmp/pwnediBSS resources/patches/$iBSS.patch bspatch tmp/iBSS.dec2 tmp/pwnediBSS resources/patches/$iBSS.patch
echo echo
# Regular kloader only works on iOS 6 to 9, so other versions are provided for iOS 5 and 10
if [[ $VersionDetect == 1 ]]; then if [[ $VersionDetect == 1 ]]; then
kloader='kloader_hgsp' kloader='kloader_hgsp'
elif [[ $VersionDetect == 5 ]]; then elif [[ $VersionDetect == 5 ]]; then
@ -264,6 +254,8 @@ function kDFU {
fi fi
if [[ $VersionDetect == 1 ]]; then if [[ $VersionDetect == 1 ]]; then
# SSH is unreliable/not working on iOS 10 devices, so ifuse+MTerminal is used instead
# It's less convenient, but it should work every time
if [ ! $(which ifuse) ]; then if [ ! $(which ifuse) ]; then
echo "[Error] ifuse not found. Please re-install dependencies and try again" echo "[Error] ifuse not found. Please re-install dependencies and try again"
echo "For macOS systems, install osxfuse and ifuse using brew" echo "For macOS systems, install osxfuse and ifuse using brew"
@ -275,14 +267,13 @@ function kDFU {
echo "nvram wifiaddr=$WifiAddrDecr echo "nvram wifiaddr=$WifiAddrDecr
chmod 755 kloader_hgsp chmod 755 kloader_hgsp
./kloader_hgsp pwnediBSS" >> tmp/pwn.sh ./kloader_hgsp pwnediBSS" >> tmp/pwn.sh
mkdir mount
echo "[Log] Mounting device using ifuse..." echo "[Log] Mounting device using ifuse..."
mkdir mount
ifuse mount ifuse mount
echo "[Log] Copying stuff to device..." echo "[Log] Copying stuff to device..."
cp "tmp/pwn.sh" "resources/tools/$kloader" "tmp/pwnediBSS" "mount/" cp "tmp/pwn.sh" "resources/tools/$kloader" "tmp/pwnediBSS" "mount/"
echo "[Log] Unmounting device..." echo "[Log] Unmounting device..."
sudo umount mount sudo umount mount
#rm -r mount
echo echo
echo "[Log] Open MTerminal and run these commands:" echo "[Log] Open MTerminal and run these commands:"
echo echo
@ -292,6 +283,7 @@ function kDFU {
echo "# chmod +x pwn.sh" echo "# chmod +x pwn.sh"
echo "# ./pwn.sh" echo "# ./pwn.sh"
else else
# SSH: Send kloader and pwnediBSS to device root and run kloader as root
echo "Make sure SSH is installed and working on the device!" echo "Make sure SSH is installed and working on the device!"
echo "Please enter Wi-Fi IP address of device for SSH connection" echo "Please enter Wi-Fi IP address of device for SSH connection"
read -p "[Input] IP Address: " IPAddress read -p "[Input] IP Address: " IPAddress
@ -323,13 +315,14 @@ function FindDFU {
} }
function Downgrade { function Downgrade {
# These firmware keys are essential for iPad2,4, 2,5, 2,6, 2,7, and iPod5,1
# 8.4.1 KBAG keys for those devices are missing in firmware-keys.ipsw.me
if [ ! -e resources/firmware ]; then if [ ! -e resources/firmware ]; then
echo "[Log] Firmware keys missing, downloading firmware keys..." echo "[Log] Firmware keys missing, downloading firmware keys..."
curl -L https://github.com/LukeZGD/32bit-OTA-Downgrader/archive/firmware.zip -o tmp/firmware.zip curl -L https://github.com/LukeZGD/32bit-OTA-Downgrader/archive/firmware.zip -o tmp/firmware.zip
unzip -q tmp/firmware.zip -d tmp
mkdir resources/firmware mkdir resources/firmware
unzip -q tmp/firmware.zip -d resources mv tmp/32bit-OTA-Downgrader-firmware/firmware/* resources/firmware
mv resources/32bit-OTA-Downgrader-firmware/firmware/* resources/firmware
rm -r resources/32bit-OTA-Downgrader-firmware/
fi fi
if [ ! $NotOTA ]; then if [ ! $NotOTA ]; then
@ -337,7 +330,8 @@ function Downgrade {
IPSW="${ProductType}_${DowngradeVersion}_${DowngradeBuildVer}_Restore" IPSW="${ProductType}_${DowngradeVersion}_${DowngradeBuildVer}_Restore"
if [ ! -e "$IPSW.ipsw" ]; then if [ ! -e "$IPSW.ipsw" ]; then
echo "[Log] iOS $DowngradeVersion IPSW is missing, downloading IPSW..." echo "[Log] iOS $DowngradeVersion IPSW is missing, downloading IPSW..."
curl -L https://api.ipsw.me/v4/ipsw/download/$ProductType/$DowngradeBuildVer -o "$IPSW.ipsw" curl -L https://api.ipsw.me/v4/ipsw/download/$ProductType/$DowngradeBuildVer -o tmp/$IPSW.ipsw
mv tmp/$IPSW.ipsw .
fi fi
unzip -j "$IPSW.ipsw" Firmware/dfu/$iBSS.dfu -d tmp/ unzip -j "$IPSW.ipsw" Firmware/dfu/$iBSS.dfu -d tmp/
fi fi
@ -356,8 +350,6 @@ function Downgrade {
cd .. cd ..
echo "[Log] Will now proceed to futurerestore..." echo "[Log] Will now proceed to futurerestore..."
echo
while [[ $ScriptDone != 1 ]]; do while [[ $ScriptDone != 1 ]]; do
if [ ! $NoBaseband ]; then if [ ! $NoBaseband ]; then
sudo env "LD_PRELOAD=libcurl.so.3" resources/tools/futurerestore_$platform -t "$SHSH" --latest-baseband --use-pwndfu "$IPSW.ipsw" sudo env "LD_PRELOAD=libcurl.so.3" resources/tools/futurerestore_$platform -t "$SHSH" --latest-baseband --use-pwndfu "$IPSW.ipsw"
@ -368,6 +360,7 @@ function Downgrade {
echo echo
echo "futurerestore done!" echo "futurerestore done!"
# Downloading stuff sometimes fails causing futurerestore to halt, so I added the option to retry here
echo "If futurerestore failed to download baseband or for some reason, you can choose to retry" echo "If futurerestore failed to download baseband or for some reason, you can choose to retry"
read -p "[Input] Retry? (y/N) " Retry read -p "[Input] Retry? (y/N) " Retry
if [[ $Retry != y ]] && [[ $Retry != Y ]]; then if [[ $Retry != y ]] && [[ $Retry != Y ]]; then
@ -458,7 +451,7 @@ function Ubuntu1804 {
cd .. cd ..
} }
# ---------------- # --- MAIN SCRIPT STARTS HERE ---
trap Clean INT TERM EXIT trap Clean INT TERM EXIT
clear clear
@ -475,7 +468,6 @@ else
echo "Supports Linux and macOS only" echo "Supports Linux and macOS only"
exit exit
fi fi
if [[ ! $(ping -c1 google.com 2>/dev/null) ]]; then if [[ ! $(ping -c1 google.com 2>/dev/null) ]]; then
echo "[Error] Please check your Internet connection before proceeding" echo "[Error] Please check your Internet connection before proceeding"
exit exit