Add iPhone3,3 support for powdersn0w

thanks to dora for releasing the exploit: https://github.com/kok3shidoll/untitled
This commit is contained in:
LukeZGD 2023-06-26 07:31:39 +08:00
parent f80f86e56a
commit 8000ca50c8
4 changed files with 86 additions and 10 deletions

View File

@ -9,7 +9,7 @@
## Features
- Restore to iOS 8.4.1 or 6.1.3 on supported 32-bit devices **(OTA signed)**
- Restore iPhone 4 GSM (iPhone3,1) to lower iOS versions **(powdersn0w)**
- Restore iPhone 4 GSM and CDMA (iPhone3,1 and 3,3) to lower iOS versions **(powdersn0w)**
- Restore iPhone 3GS and iPod touch 2 to lower iOS versions **(24Kpwn/alloc8)**
- Restore 32-bit devices to lower iOS versions **with SHSH blobs**
- Restore 32-bit devices to lower iOS versions **with iOS 7.1.x blobs (powdersn0w)**
@ -18,7 +18,7 @@
- Including latest iOS versions for some devices (4.2.1, 5.1.1, 6.1.6, 7.1.2)
- There are two methods of jailbreaking: Custom IPSW and SSH Ramdisk
- Available on target versions iOS 4.1, 4.2.x, 4.3.x, 5.x, 6.x, 7.x, and 8.4.1
- Jailbreaking A5 4.3.x devices is not supported (only 5.x and newer will work)
- Jailbreaking iPad 2 on 4.3.x is not supported (only 5.x and newer will work)
- Restore to iOS 10.3.3 on supported A7 devices **(OTA signed)**
- Restore A7/A8 devices to lower iOS versions **with SHSH blobs**
- Limited compatibility due to SEP/BB, see below
@ -80,6 +80,7 @@
- iPod touch 6
- Restoring with powdersn0w is supported on the following devices:
- iPhone 4 GSM - targets iOS 4.3 to 6.1.3
- iPhone 4 CDMA - targets iOS 5.0 to 6.1.3
- iPhone 4S, iPhone 5 (not 5C), iPad 2 Rev A, iPod 5th generation - targets iOS 5.0 to 6.1.3, 8.0 to 9.3.5
- Using powdersn0w requires iOS 7.1.x blobs for your device
- Restoring with 24Kpwn/alloc8 is supported on the following devices:

Binary file not shown.

View File

@ -0,0 +1,71 @@
#!/bin/bash
isIOS5=0
if [ -e "/dev/rdisk0s2" ]; then
nvram -d boot-partition
nvram -d boot-ramdisk
sleep 1s
reboot_
fi
mount_hfs /dev/disk0s1s1 /mnt1
if [ ! -e "/dev/rdisk0s1s3" ]; then
mount_hfs /dev/disk0s1s2 /mnt1/private/var
else
isIOS5=1
mount_hfs /dev/disk0s1s3 /mnt1/private/var
fi
sleep 1s
rm -rf /mnt1/System/Library/LaunchDaemons/com.apple.mobile.softwareupdated.plist
rm -rf /mnt1/System/Library/LaunchDaemons/com.apple.softwareupdateservicesd.plist
Data_GUID="$((echo -e "i\n2\nq") | gptfdisk /dev/rdisk0s1 2>/dev/null | sed -n -e 's/^.*Partition unique GUID: //p')"
LogicalSector="$((echo -e "p\nq") | gptfdisk /dev/rdisk0s1 2>/dev/null | sed -n -e 's/^.*Logical sector size: //p' | sed 's/ .*//')"
System_LastSector="$((echo -e "i\n1\nq") | gptfdisk /dev/rdisk0s1 2>/dev/null | sed -n -e 's/^.*Last sector: //p' | sed 's/ .*//')"
Data_LastSector="$((echo -e "i\n2\nq") | gptfdisk /dev/rdisk0s1 2>/dev/null | sed -n -e 's/^.*Last sector: //p' | sed 's/ .*//')"
Data_Attributeflags="$((echo -e "i\n2\nq") | gptfdisk /dev/rdisk0s1 2>/dev/null | sed -n -e 's/^.*flags: //p')"
Exploit_LastSector="$((524288/$LogicalSector))"
New_Data_LastSector="$(($Data_LastSector-$Exploit_LastSector))"
New_Data_SectorSize="$(($New_Data_LastSector-$System_LastSector))"
New_Data_Size="$(($New_Data_SectorSize*$LogicalSector))"
hfs_resize /mnt1/private/var $New_Data_Size
sleep 1s
if [ "$Data_Attributeflags" = "0001000000000000" ]; then
echo -e "d\n2\nn\n\n$New_Data_LastSector\n\nc\n2\nData\nx\na\n2\n48\n\nc\n2\n$Data_GUID\ns\n4\nm\nn\n3\n\n$Data_LastSector\n\nw\nY\n" | gptfdisk /dev/rdisk0s1
else
echo -e "d\n2\nn\n\n$New_Data_LastSector\n\nc\n2\nData\nx\na\n2\n48\n49\n\nc\n2\n$Data_GUID\ns\n4\nm\nn\n3\n\n$Data_LastSector\n\nw\nY\n" | gptfdisk /dev/rdisk0s1
fi
sleep 1s
if [ $isIOS5 == 0 ]; then
newfs_hfs -s -v exploit /dev/rdisk0s1s3
sleep 1s
fsck_hfs -f /dev/rdisk0s1s3
sleep 2s
dd of=/dev/rdisk0s1s3 if=/exploit bs=512k count=1
sleep 1s
fi
if [ $isIOS5 == 1 ]; then
newfs_hfs -s -v exploit /dev/rdisk0s1s4
sleep 1s
fsck_hfs -f /dev/rdisk0s1s4
sleep 2s
dd of=/dev/rdisk0s1s4 if=/exploit bs=512k count=1
sleep 1s
fi
nvram boot-partition=2
nvram boot-ramdisk="/a/b/c/d/e/f/g/h/i/disk.dmg"
sleep 1s
reboot_

View File

@ -965,6 +965,7 @@ device_enter_mode() {
device_ipwndfu pwn
elif [[ $device_proc == 4 && $platform != "macos" ]]; then
# A4 linux uses ipwnder
log "Placing device to pwnDFU mode using ipwnder"
$ipwnder -p
tool_pwned=$?
elif [[ $device_proc == 7 && $platform == "macos" && $(uname -m) != "x86_64" ]]; then
@ -1657,9 +1658,9 @@ ipsw_prepare_32bit_paths() {
local str2
if [[ $2 == "target" ]]; then
case $comp in
"AppleLogo" ) str2="${name/applelogo/"applelogo7"}";;
"RecoveryMode" ) str2="${name/recoverymode/"recoverymode7"}";;
"NewiBoot" ) str2="${name/iBoot/"iBoot$(echo $device_target_vers | cut -c 1)"}";;
"AppleLogo" ) str2="${name/applelogo/applelogo7}";;
"RecoveryMode" ) str2="${name/recoverymode/recoverymode7}";;
"NewiBoot" ) str2="${name/iBoot/iBoot$(echo $device_target_vers | cut -c 1)}";;
esac
case $comp in
"AppleLogo" | "RecoveryMode" | "NewiBoot" )
@ -2464,7 +2465,7 @@ restore_prepare() {
else
restore_latest
fi
elif [[ $device_type == "iPhone3,1" ]]; then
elif [[ $device_type == "iPhone3,1" || $device_type == "iPhone3,3" ]]; then
# powdersn0w 4.3.x-6.1.3
shsh_save version 7.1.2
device_enter_mode pwnDFU
@ -2537,6 +2538,8 @@ ipsw_prepare() {
shsh_save version 7.1.2
fi
ipsw_prepare_powder
elif [[ $device_type == "iPhone3,3" ]]; then
ipsw_prepare_powder2
else
ipsw_prepare_custom
fi
@ -3093,7 +3096,7 @@ menu_restore() {
case $device_type in
iPhone4,1 | iPhone5,[12] | iPad2,4 | iPod5,1 )
menu_items+=("Other (powdersn0w 7.1.x blobs)");;
iPhone3,1 )
iPhone3,[13] )
menu_items+=("powdersn0w (any iOS)");;
iPhone2,1 )
menu_items+=("iOS 5.1.1" "iOS 4.3.3" "iOS 4.1" "iOS 4.0" "iPhoneOS 3.1.3");;
@ -3232,6 +3235,7 @@ menu_ipsw() {
print "* Select Target IPSW to continue"
case $device_type in
iPhone3,1 ) print "* Any iOS version from 4.3 to 6.1.3 is supported";;
iPhone3,3 ) print "* Any iOS version from 5.0 to 6.1.3 is supported";;
iPhone5,[12] | iPod5,1 ) print "* Any iOS version from 6.0 to 9.3.5 is supported (not iOS 7)";;
iPad2,4 ) print "* Any iOS version from 5.1 to 9.3.5 is supported (not iOS 7)";;
* ) print "* Any iOS version from 5.0 to 9.3.5 is supported (not iOS 7)";;
@ -3239,19 +3243,19 @@ menu_ipsw() {
fi
echo
local text2="(iOS 7.1.x)"
if [[ $device_type == "iPhone3,1" ]]; then
if [[ $device_type == "iPhone3,1" || $device_type == "iPhone3,3" ]]; then
text2="(iOS 7.1.2)"
fi
if [[ -n $ipsw_base_path ]]; then
print "* Selected Base $text2 IPSW: $ipsw_base_path.ipsw"
print "* Base Version: $device_base_vers-$device_base_build"
if [[ $device_type != "iPhone3,1" ]]; then
if [[ $device_type != "iPhone3,1" && $device_type != "iPhone3,3" ]]; then
menu_items+=("Select Base SHSH")
fi
else
print "* Select Base $text2 IPSW to continue"
fi
if [[ $device_type == "iPhone3,1" ]]; then
if [[ $device_type == "iPhone3,1" || $device_type == "iPhone3,3" ]]; then
shsh_path=1
else
echo