From 5a5d7cacd32a1b310617fee8bd1d2321bc14c8ab Mon Sep 17 00:00:00 2001
From: LukeZGD <26163116+LukeZGD@users.noreply.github.com>
Date: Fri, 10 Nov 2023 23:58:16 +0800
Subject: [PATCH] Switch exploit ramdisk 5/5C

---
 .../src/target/iphone5/11B554a/exploit        | Bin 524288 -> 524288 bytes
 .../src/target/iphone5/11B554a/partition      |  21 +++++++++++-------
 .../src/target/iphone5/11D257/exploit         | Bin 524288 -> 524288 bytes
 .../src/target/iphone5/11D257/partition       |  20 ++++++++++-------
 .../src/target/iphone5b/11B554a/partition     |   1 -
 .../src/target/iphone5b/11D257/exploit        | Bin 524288 -> 524288 bytes
 .../src/target/iphone5b/11D257/partition      |  20 ++++++++++-------
 restore.sh                                    |   4 ++--
 8 files changed, 39 insertions(+), 27 deletions(-)

diff --git a/resources/firmware/src/target/iphone5/11B554a/exploit b/resources/firmware/src/target/iphone5/11B554a/exploit
index b01e0daa7b68f0e4930e1c1ee3daa33c4061ea93..6f885703c8cb5b7359be594def55404b5a004108 100644
GIT binary patch
delta 201
zcmZo@P-tjS*igVaQDDL*HXSAbMh_-W#Q@a@Dk2OF|G$6vH`#_msXpMs+wWFCgndLj
z6x~F;-hAhJE$kr)R3-@~uRUjA5bzKL@^5~3{>7l^n8NSzN0Hy_p)#x6-S0pC@_H~m
za07z|_gmk;{axX%;LgzSe?J2QLkk1Lhy4fKSQuCwSQtdsGBPkINF*>ceA!=9^<{si
x_=o*Fg+J`qVGm+vFlI<goNUM;)5O`v$=Jrp)W*r&#>vvg$=b%rwv3bgI{-DKM<)OP

delta 293
zcmZo@P-tjS*igV4cFp6ur;E~??=#+9^SI`z7|{9f{ttr-AHRS4bLab_Uwgm*`o-zN
zDC_@$#fd4w|4V}qR|1>Yqwh<9F)6TmGAJ=9-~G<}>wp_W!~gvYjK1to%1_E<U|?vO
z$Y`~RO@~Rq4Gm1T;ZUlNxbXJ7)eli0F%LyIF|Rk@xnAcy6ZH@UT7L7p*DnS|#}r|Y
zKZ?R$&y-o+?tcIOSIDEm{nmHJe=FP-+z)^abO!@Bw@npa_B$A{wCM0KFgOCO2RQ>|
zJp;ps{RiAw7(~`GGB7AeBrr65*<VxjWq+plhy8BsP&YL{;b?!t!3e}mK+FupEI`Z(
N#BAH2aInjK2LNl$dD;K~

diff --git a/resources/firmware/src/target/iphone5/11B554a/partition b/resources/firmware/src/target/iphone5/11B554a/partition
index 192e458..e955fc6 100644
--- a/resources/firmware/src/target/iphone5/11B554a/partition
+++ b/resources/firmware/src/target/iphone5/11B554a/partition
@@ -39,7 +39,7 @@ if [ -e "/ios9" ]; then
   mv -v /mnt1/Library/LaunchDaemons/com.apple.jetsamproperties.*.plist /mnt1/System/Library/LaunchDaemons/
   sleep 3s
 
-   # step3
+  # step3
   mv -v /mnt1/usr/libexec/CrashHousekeeping /mnt1/usr/libexec/CrashHousekeeping_
   mv -v /mnt1/reloader /mnt1/usr/libexec/CrashHousekeeping
   sleep 1s
@@ -53,33 +53,38 @@ System_LastSector="$((echo -e "i\n1\nq") | gptfdisk /dev/rdisk0s1 2>/dev/null |
 Data_LastSector="$((echo -e "i\n2\nq") | gptfdisk /dev/rdisk0s1 2>/dev/null | sed -n -e 's/^.*Last sector: //p' | sed 's/ .*//')"
 Data_Attributeflags="$((echo -e "i\n2\nq") | gptfdisk /dev/rdisk0s1 2>/dev/null | sed -n -e 's/^.*flags: //p')"
 Exploit_LastSector="$((524288/$LogicalSector))"
-New_Data_LastSector="$(($Data_LastSector-$Exploit_LastSector))"
+BOOTLOADER="$((8388608/$LogicalSector))"
+NOTSD="$(($Exploit_LastSector+$BOOTLOADER))"
+Data_LastSectorSD="$(($Data_LastSector-$BOOTLOADER))"
+New_Data_LastSector="$(($Data_LastSector-$NOTSD))"
 New_Data_SectorSize="$(($New_Data_LastSector-$System_LastSector))"
 New_Data_Size="$(($New_Data_SectorSize*$LogicalSector))"
 
 hfs_resize /mnt1/private/var $New_Data_Size
 sleep 1s
 
-if [ "$Data_Attributeflags" = "0001000000000000" ]; then
-echo -e "d\n2\nn\n\n$New_Data_LastSector\n\nc\n2\nData\nx\na\n2\n48\n\nc\n2\n$Data_GUID\ns\n4\nm\nn\n3\n\n$Data_LastSector\n\nw\nY\n" | gptfdisk /dev/rdisk0s1
-else
-echo -e "d\n2\nn\n\n$New_Data_LastSector\n\nc\n2\nData\nx\na\n2\n48\n49\n\nc\n2\n$Data_GUID\ns\n4\nm\nn\n3\n\n$Data_LastSector\n\nw\nY\n" | gptfdisk /dev/rdisk0s1
-fi
-
+echo -e "d\n2\nn\n\n$New_Data_LastSector\n\nc\n2\nData\nx\na\n2\n48\n49\n\nc\n2\n$Data_GUID\ns\n4\nm\nn\n3\n\n$Data_LastSectorSD\n\nn\n4\n\n$Data_LastSector\n\nw\nY\n" | gptfdisk /dev/rdisk0s1
 sleep 1s
 
+sleep 1s
 newfs_hfs -s -v exploit /dev/rdisk0s1s3
+newfs_hfs -s -v bootloader /dev/rdisk0s1s4
 sleep 1s
 fsck_hfs -f /dev/rdisk0s1s3
+fsck_hfs -f /dev/rdisk0s1s4
 sleep 2s
 
 dd of=/dev/rdisk0s1s3 if=/exploit bs=512k count=1
 sleep 1s
+mount_hfs /dev/disk0s1s4 /mnt2
 
 nvram -c
 nvram boot-partition=2
 nvram boot-ramdisk="/a/b/c/d/e/f/g/h/i/j/k/l/m/disk.dmg"
+sleep 1s
 
+dd of=/mnt2/iBEC if=/mnt1/iBoot bs=512k
+rm /mnt1/iBoot
 sleep 1s
 
 reboot_
diff --git a/resources/firmware/src/target/iphone5/11D257/exploit b/resources/firmware/src/target/iphone5/11D257/exploit
index aa222ddd362d399331e51962c44fce892593d5c3..5b56c9530850cd6bead730b85e3d17e029f799e8 100644
GIT binary patch
delta 234
zcmZo@P-tjS*igV~!{)*6sTjZxB{_g>4i6C7@sMG^jtB$8|L<S^tqEafFlI<gWN~0&
zI4JyKzX2};gL%QRZxb0qHnGJqr374f`@Q6+u#bp`qML}<o9`}fa-K2l2SGs({|^j~
ziU9&1f<QBGe)s*wpy-&w@9{^G-|L|=tJ~f04F7mNm>#%+L4*4(Ab*9sf;&UQ|NRUM
z3@r={ANC(`V_~pRoP3PKYO(_dOB3fZPDcIq3HFRY%ml>DK+Ljzf<0?M&-MlOj1$<~
RADm_dVz%uMPO~eR000rIRBHeL

delta 2216
zcmc&!L2nyH6yAg+C5BV0G+dBgngg|DOyd+3`9zw;u|t$bYE<=vGTt4>1M8V(W*pZD
zX)RO*A#p+c0Zxbml~50GLe9OHibGHl6)gu&t&~cU7AzEaGiz@*BoPvqMv1ca&b;q?
z-}}DT=|HCg-v*=C_sTz27B4)Getfc5-m6TlfBNXxKQ7&S8s!duiN5Lm5cPWF<)K%v
z?vGp<-n@FyIh)xWTlp=z-5Z9{igUr4eh^Lec1up@@9vj{gKkw+nd3OOJ|8OH8GCm)
zym9YIr2m{)Jzt(GonLtzEk5>tpD0ft&i!bk=S<Ce=gNOgom+V{Jz9DYojE*P?kxWt
zy>$5XGA!?w(m!`@9(3O>jNHn->^Sp?WDpIK<Lq~LOCt{49&#LbWz*>#bU*s=p!>n(
zez)|+{THV{9{*~5=#6l-vaqyvZRvUa3!f`|u^1MMYgewl1FOuXT+z&RDisqPX7V#R
zSZVrgD9q-daH%kpSr9>6vaPy?i*D9_1)h+kz=X<YG8=WKK#7`e5lI1`J*Ko|)uyH%
zG`UA5=sJa(@O{x@d<!&{4Fw_L9=L*gOe3r*G?RyQe8rUEfnQvl$wEb&ie#HGpHzKQ
zMM5CiHqjKCibAywgtrB!c)yUxW*STrThLyg_kE<+lrB{{5Y_jntMQ>F<ohbj0o86k
z#Za3@{8$cPNX#`Tx=yrhz?GC}gva0HkOD3=NU8#4%mxIRR)!pQP{_iXfB@@o{H{UT
zP^CbWqEd&b4zfp3>EQ{f8O27o2;(ZoOVKf^1yXED(!ip#S=c~9`-AgfJ$_@$8#)M)
z9s%RfsteQ(iQ}_@f)>+ZT{L5$xR8*qDF_n%5$E!M<1~cFY79Fu!%TtZ4AQ?*QFx{k
z)bJG8%xoSO5?k0QT8Fub39&~Ul7+MyJtJ+VVO}+ws38dgN^o2p2)Y2T8-Y;+#kM$-
z4qd`E1OkP}*@39pArE|vcFO1TP^tB0#(VT;fP+>T3=3%HX}d?4nB3rrL;(DpGv)Zv
zBWSPqs!2w8QZ!O|fU;=OZ7QFscA{W8Xp3etddsMNgo|<T31+E<NEoAo<|RsS?AMsp
zDm~C(;Mb(BBY95QGma$}{B>6}8dSQB_%@w_`|a4UD5T+OGlZi9kA^nIY@6CR;&Eg0
z1lpz!Go&p0G*-W1GhxQ-RI+1fF~LLc_94xdI9fJNd1$s?dO@W@K#Kuaf%2hg`uoj{
z75Bm5W9&2xT%XG61qtp&B)g3#;>)2lJm1X1JPyIWLLZ?TN$FTCWN4K!9>$5;^!B})
zCX6ejzXep?96i1Ri0caJ5svXNF@(_AB3%O6yp@GTL-I5x$udvh`=2(MJm!;PvADFh
kxHC7jGdH|5_rlKH$aiz2H$MC1;oVXE8~gs@-7|3cAJ8fp9RL6T

diff --git a/resources/firmware/src/target/iphone5/11D257/partition b/resources/firmware/src/target/iphone5/11D257/partition
index 3249e2f..59d593a 100644
--- a/resources/firmware/src/target/iphone5/11D257/partition
+++ b/resources/firmware/src/target/iphone5/11D257/partition
@@ -27,7 +27,6 @@ if [ -e "/ios8" ]; then
   sleep 1s
 fi
 
-
 if [ -e "/ios9" ]; then
   # step1
   mv -v /mnt1/System/Library/LaunchDaemons/* /mnt1/Library/LaunchDaemons/
@@ -54,33 +53,38 @@ System_LastSector="$((echo -e "i\n1\nq") | gptfdisk /dev/rdisk0s1 2>/dev/null |
 Data_LastSector="$((echo -e "i\n2\nq") | gptfdisk /dev/rdisk0s1 2>/dev/null | sed -n -e 's/^.*Last sector: //p' | sed 's/ .*//')"
 Data_Attributeflags="$((echo -e "i\n2\nq") | gptfdisk /dev/rdisk0s1 2>/dev/null | sed -n -e 's/^.*flags: //p')"
 Exploit_LastSector="$((524288/$LogicalSector))"
-New_Data_LastSector="$(($Data_LastSector-$Exploit_LastSector))"
+BOOTLOADER="$((8388608/$LogicalSector))"
+NOTSD="$(($Exploit_LastSector+$BOOTLOADER))"
+Data_LastSectorSD="$(($Data_LastSector-$BOOTLOADER))"
+New_Data_LastSector="$(($Data_LastSector-$NOTSD))"
 New_Data_SectorSize="$(($New_Data_LastSector-$System_LastSector))"
 New_Data_Size="$(($New_Data_SectorSize*$LogicalSector))"
 
 hfs_resize /mnt1/private/var $New_Data_Size
 sleep 1s
 
-if [ "$Data_Attributeflags" = "0001000000000000" ]; then
-echo -e "d\n2\nn\n\n$New_Data_LastSector\n\nc\n2\nData\nx\na\n2\n48\n\nc\n2\n$Data_GUID\ns\n4\nm\nn\n3\n\n$Data_LastSector\n\nw\nY\n" | gptfdisk /dev/rdisk0s1
-else
-echo -e "d\n2\nn\n\n$New_Data_LastSector\n\nc\n2\nData\nx\na\n2\n48\n49\n\nc\n2\n$Data_GUID\ns\n4\nm\nn\n3\n\n$Data_LastSector\n\nw\nY\n" | gptfdisk /dev/rdisk0s1
-fi
-
+echo -e "d\n2\nn\n\n$New_Data_LastSector\n\nc\n2\nData\nx\na\n2\n48\n49\n\nc\n2\n$Data_GUID\ns\n4\nm\nn\n3\n\n$Data_LastSectorSD\n\nn\n4\n\n$Data_LastSector\n\nw\nY\n" | gptfdisk /dev/rdisk0s1
 sleep 1s
 
+sleep 1s
 newfs_hfs -s -v exploit /dev/rdisk0s1s3
+newfs_hfs -s -v bootloader /dev/rdisk0s1s4
 sleep 1s
 fsck_hfs -f /dev/rdisk0s1s3
+fsck_hfs -f /dev/rdisk0s1s4
 sleep 2s
 
 dd of=/dev/rdisk0s1s3 if=/exploit bs=512k count=1
 sleep 1s
+mount_hfs /dev/disk0s1s4 /mnt2
 
 nvram -c
 nvram boot-partition=2
 nvram boot-ramdisk="/a/b/c/d/e/f/g/h/i/j/k/l/m/n/o/p/q/r/s/t/u/v/w/disk.dmg"
+sleep 1s
 
+dd of=/mnt2/iBEC if=/mnt1/iBoot bs=512k
+rm /mnt1/iBoot
 sleep 1s
 
 reboot_
diff --git a/resources/firmware/src/target/iphone5b/11B554a/partition b/resources/firmware/src/target/iphone5b/11B554a/partition
index b6e20a7..e955fc6 100644
--- a/resources/firmware/src/target/iphone5b/11B554a/partition
+++ b/resources/firmware/src/target/iphone5b/11B554a/partition
@@ -27,7 +27,6 @@ if [ -e "/ios8" ]; then
   sleep 1s
 fi
 
-
 if [ -e "/ios9" ]; then
   # step1
   mv -v /mnt1/System/Library/LaunchDaemons/* /mnt1/Library/LaunchDaemons/
diff --git a/resources/firmware/src/target/iphone5b/11D257/exploit b/resources/firmware/src/target/iphone5b/11D257/exploit
index d4b3d7e5c0d9b9e696d6db9acf731a2c6495620e..d7c79ac138e27edd4ab37d2e42aa6a031662c446 100644
GIT binary patch
delta 204
zcmZo@P-tjS*igV~!sfy5sTjZxB{_g>hW#Me^N?XbO8^VQLE#Vkbwn5#{(t}SFDIIr
z!I&W}aUx^PCbl@Hw15k5zMuFb>?7i#=qBRz`umjkInNmOyCDGq4?&=bH@=(yVNi5T
z;rIBX$nW(~nbqy?_kf?g9!w7)N*mm7efRpg!d=0gq2d321_p)}28Iv&4}`HWfaE8i
j;INqNz`@eQ*~ZD(#>v#i$=t@t(#FZ!#>uvfll?mY`l3f)

delta 259
zcmZo@P-tjS*igV4cFp6ur;E~??@BMPd0g{U4Cs7#|A)bakKY-7-~K-3_nz-ne>goD
zW&J;}I58#oe`yfnN?`MP_`UW&lLD(JgA#-Co$rl*54bTj{NKO8{>%QP{G?0<28Nc2
zj8>c2;+X0qF1-1E;*Y40n1`a9nAhv?Q{Lx16ZH@U+H>Q(-5&-;#}r|YKZ?R$50zQn
z?tTydDdf@Me(QVa&lT<p?g!jJz#R<S+%|Q5+3#S_(xSt|z~Bh931lP4CI*HN`wxV%
zFx=R{$iSc=k-#wF%l?|KFZ&C{KkRp#e3L`DiL;H9v5k|djgz^JlckN5wT+W)87KR9
E0R1R!Jpcdz

diff --git a/resources/firmware/src/target/iphone5b/11D257/partition b/resources/firmware/src/target/iphone5b/11D257/partition
index 3249e2f..59d593a 100644
--- a/resources/firmware/src/target/iphone5b/11D257/partition
+++ b/resources/firmware/src/target/iphone5b/11D257/partition
@@ -27,7 +27,6 @@ if [ -e "/ios8" ]; then
   sleep 1s
 fi
 
-
 if [ -e "/ios9" ]; then
   # step1
   mv -v /mnt1/System/Library/LaunchDaemons/* /mnt1/Library/LaunchDaemons/
@@ -54,33 +53,38 @@ System_LastSector="$((echo -e "i\n1\nq") | gptfdisk /dev/rdisk0s1 2>/dev/null |
 Data_LastSector="$((echo -e "i\n2\nq") | gptfdisk /dev/rdisk0s1 2>/dev/null | sed -n -e 's/^.*Last sector: //p' | sed 's/ .*//')"
 Data_Attributeflags="$((echo -e "i\n2\nq") | gptfdisk /dev/rdisk0s1 2>/dev/null | sed -n -e 's/^.*flags: //p')"
 Exploit_LastSector="$((524288/$LogicalSector))"
-New_Data_LastSector="$(($Data_LastSector-$Exploit_LastSector))"
+BOOTLOADER="$((8388608/$LogicalSector))"
+NOTSD="$(($Exploit_LastSector+$BOOTLOADER))"
+Data_LastSectorSD="$(($Data_LastSector-$BOOTLOADER))"
+New_Data_LastSector="$(($Data_LastSector-$NOTSD))"
 New_Data_SectorSize="$(($New_Data_LastSector-$System_LastSector))"
 New_Data_Size="$(($New_Data_SectorSize*$LogicalSector))"
 
 hfs_resize /mnt1/private/var $New_Data_Size
 sleep 1s
 
-if [ "$Data_Attributeflags" = "0001000000000000" ]; then
-echo -e "d\n2\nn\n\n$New_Data_LastSector\n\nc\n2\nData\nx\na\n2\n48\n\nc\n2\n$Data_GUID\ns\n4\nm\nn\n3\n\n$Data_LastSector\n\nw\nY\n" | gptfdisk /dev/rdisk0s1
-else
-echo -e "d\n2\nn\n\n$New_Data_LastSector\n\nc\n2\nData\nx\na\n2\n48\n49\n\nc\n2\n$Data_GUID\ns\n4\nm\nn\n3\n\n$Data_LastSector\n\nw\nY\n" | gptfdisk /dev/rdisk0s1
-fi
-
+echo -e "d\n2\nn\n\n$New_Data_LastSector\n\nc\n2\nData\nx\na\n2\n48\n49\n\nc\n2\n$Data_GUID\ns\n4\nm\nn\n3\n\n$Data_LastSectorSD\n\nn\n4\n\n$Data_LastSector\n\nw\nY\n" | gptfdisk /dev/rdisk0s1
 sleep 1s
 
+sleep 1s
 newfs_hfs -s -v exploit /dev/rdisk0s1s3
+newfs_hfs -s -v bootloader /dev/rdisk0s1s4
 sleep 1s
 fsck_hfs -f /dev/rdisk0s1s3
+fsck_hfs -f /dev/rdisk0s1s4
 sleep 2s
 
 dd of=/dev/rdisk0s1s3 if=/exploit bs=512k count=1
 sleep 1s
+mount_hfs /dev/disk0s1s4 /mnt2
 
 nvram -c
 nvram boot-partition=2
 nvram boot-ramdisk="/a/b/c/d/e/f/g/h/i/j/k/l/m/n/o/p/q/r/s/t/u/v/w/disk.dmg"
+sleep 1s
 
+dd of=/mnt2/iBEC if=/mnt1/iBoot bs=512k
+rm /mnt1/iBoot
 sleep 1s
 
 reboot_
diff --git a/restore.sh b/restore.sh
index 26e181a..68dcce4 100755
--- a/restore.sh
+++ b/restore.sh
@@ -2449,7 +2449,7 @@ ipsw_prepare_powder() {
         fi
     fi
     local ExtraArgs2="--boot-partition"
-    if [[ $device_type == "iPhone5,3" || $device_type == "iPhone5,4" ]] && [[ $device_base_vers == "7.0"* ]]; then
+    if [[ $device_type == "iPhone5"* ]]; then
         # do this stuff because these use ramdiskH (jump to /boot/iBEC) instead of jump ibot to ibob
         if [[ $device_target_vers == "9"* ]]; then
             ExtraArgs2+="9"
@@ -3735,7 +3735,7 @@ menu_print_info() {
         warn "Activation records flag detected. Proceed with caution"
     fi
     if [[ -n $device_disable_bbupdate || $device_actrec == 1 ]]; then
-        print "* Stitching is supported in these restores/downgrades: 8.4.1/6.1.3, Other with SHSH (iOS 5+), powdersn0w"
+        print "* Stitching is supported in these restores/downgrades: 8.4.1/6.1.3, Other with SHSH, powdersn0w"
     fi
     if [[ -n $device_build ]]; then
         print "* iOS Version: $device_vers ($device_build)"