Update messages and other stuff

This commit is contained in:
LukeZGD 2023-09-15 10:46:37 +08:00
parent 9c5b832391
commit a962c6ddda
2 changed files with 99 additions and 77 deletions

View File

@ -30,7 +30,6 @@
- Device activation using ideviceactivation (useful for iOS 4 and lower) - Device activation using ideviceactivation (useful for iOS 4 and lower)
- The latest baseband will be flashed for A5(X)/A6(X) devices if applicable - The latest baseband will be flashed for A5(X)/A6(X) devices if applicable
- Dumping and stitching baseband to IPSW (requires `--disable-bbupdate`) - Dumping and stitching baseband to IPSW (requires `--disable-bbupdate`)
- Dumping and stitching activation records to IPSW (requires `--activation-records`)
## Supported devices ## Supported devices
- [Identify your device here](https://ipsw.me/device-finder) - [Identify your device here](https://ipsw.me/device-finder)
@ -70,8 +69,8 @@
</tbody> </tbody>
</table> </table>
- Restoring with SHSH blobs and using SSH Ramdisks are supported on the following devices: - Restoring with SHSH blobs, jailbreaking, and using SSH Ramdisks are supported on the following devices:
- Supports all 32-bit iOS devices (iOS 3 to 10) - Supports all 32-bit iOS devices
- iPhone 2G, 3G, 3GS, 4, 4S, 5, 5C - iPhone 2G, 3G, 3GS, 4, 4S, 5, 5C
- iPad 1, 2, 3, 4, mini 1 - iPad 1, 2, 3, 4, mini 1
- iPod touch 1, 2, 3, 4, 5 - iPod touch 1, 2, 3, 4, 5
@ -84,7 +83,7 @@
- iPhone 4 GSM - targets iOS 4.3 to 6.1.3 - iPhone 4 GSM - targets iOS 4.3 to 6.1.3
- iPhone 4 CDMA - targets iOS 5.0 to 6.1.3 - iPhone 4 CDMA - targets iOS 5.0 to 6.1.3
- iPhone 4S, 5, 5C, iPad 2 Rev A, iPod touch 5 - targets iOS 5.0 to 9.3.5 (not iOS 7) - iPhone 4S, 5, 5C, iPad 2 Rev A, iPod touch 5 - targets iOS 5.0 to 9.3.5 (not iOS 7)
- Using powdersn0w requires iOS 7.1.x blobs for your device (7.0.x can also be used for iPhone 5) - Using powdersn0w requires iOS 7.1.x blobs for your device (7.0.x blobs can also be used for iPhone 5)
- Restoring with 24Kpwn/alloc8 is supported on the following devices: - Restoring with 24Kpwn/alloc8 is supported on the following devices:
- iPhone 3GS - targets iOS 3.1.3 to 5.1.1 - iPhone 3GS - targets iOS 3.1.3 to 5.1.1
- iPod touch 2 - targets iOS 3.1.3 to 4.1 - iPod touch 2 - targets iOS 3.1.3 to 4.1

View File

@ -73,7 +73,6 @@ List of options:
--no-version-check Disable script version checking --no-version-check Disable script version checking
For 32-bit devices compatible with restores/downgrades (see README): For 32-bit devices compatible with restores/downgrades (see README):
--activation-records Enable dumping/stitching activation records
--disable-bbupdate Disable bbupdate and enable dumping/stitching baseband --disable-bbupdate Disable bbupdate and enable dumping/stitching baseband
--ipsw-hacktivate Enable hacktivation for creating IPSW (iPhone 2G/3G/3GS only) --ipsw-hacktivate Enable hacktivation for creating IPSW (iPhone 2G/3G/3GS only)
--ipsw-verbose Enable verbose boot option (powdersn0w only) --ipsw-verbose Enable verbose boot option (powdersn0w only)
@ -1013,18 +1012,19 @@ device_enter_mode() {
sleep 2 sleep 2
log "Please read the message below:" log "Please read the message below:"
print "1. Make sure to have OpenSSH installed on your iOS device." print "* Follow these instructions to enter kDFU mode."
print "1. Install \"OpenSSH\" and \"Core Utilities\" in Cydia or Zebra."
if [[ $device_det == 1 ]]; then if [[ $device_det == 1 ]]; then
print " - Make sure to jailbreak with kok3shiX, and enable \"use legacy patches\"" print " - Jailbreak with kok3shiX, and enable \"use legacy patches\""
print " - Make sure to also have Dropbear installed from my repo." print " - Also install \"Dropbear\" from my repo: https://lukezgd.github.io/repo"
print " - Repo: https://lukezgd.github.io/repo"
fi fi
print " - Only proceed if you have these requirements installed using Cydia/Zebra." print " - After installing these requirements, lock your device."
print " - You will be prompted to enter the root password of your iOS device." print "2. You will be prompted to enter the root password of your iOS device."
print " - The default root password is: alpine" print " - The default root password is: alpine"
print " - Do not worry that your input is not visible, it is still being entered." print " - Your input will not be visible, but it is still being entered."
print "2. Afterwards, the device will disconnect and its screen will stay black." print "3. On entering kDFU mode, the device will disconnect."
print " - Proceed to either press the TOP/HOME button, or unplug and replug the device." print " - Proceed to unplug and replug the device when prompted."
print " - Alternatively, press the TOP or HOME button."
pause pause
echo "chmod +x /tmp/kloader*" > kloaders echo "chmod +x /tmp/kloader*" > kloaders
@ -1038,6 +1038,7 @@ device_enter_mode() {
else else
opt="kloader_axi0mX" opt="kloader_axi0mX"
fi fi
log "Using $opt for kloader iOS 5"
echo "/tmp/$opt /tmp/pwnediBSS" >> kloaders echo "/tmp/$opt /tmp/pwnediBSS" >> kloaders
sendfiles+=("../resources/kloader/$opt") sendfiles+=("../resources/kloader/$opt")
elif (( device_det < 5 )); then elif (( device_det < 5 )); then
@ -1053,7 +1054,7 @@ device_enter_mode() {
log "Entering kDFU mode..." log "Entering kDFU mode..."
print "* This may take a while, but should not take longer than a minute." print "* This may take a while, but should not take longer than a minute."
if [[ $device_det == 1 ]]; then if [[ $device_det == 1 ]]; then
print "* If the script seems to be stuck here, try to re-install the requirements and restart the device." print "* If the script is stuck here, reboot and re-jailbreak the device, and try again."
print "* Follow the steps in the GitHub wiki under \"A6(X) devices, jailbroken on iOS 10\"" print "* Follow the steps in the GitHub wiki under \"A6(X) devices, jailbroken on iOS 10\""
fi fi
$scp -P 2222 ${sendfiles[@]} root@127.0.0.1:/tmp $scp -P 2222 ${sendfiles[@]} root@127.0.0.1:/tmp
@ -1103,7 +1104,7 @@ device_enter_mode() {
device_mode="DFU" device_mode="DFU"
break break
fi fi
print "* You may also try to unplug and replug your device" print "* Unplug and replug your device now"
((attempt++)) ((attempt++))
done done
if (( attempt >= 6 )); then if (( attempt >= 6 )); then
@ -1240,7 +1241,7 @@ device_enter_mode() {
} }
device_pwnerror() { device_pwnerror() {
local error_msg=$'\n* Exit DFU mode first by holding the TOP and HOME buttons for 15 seconds.' local error_msg=$'\n* Exit DFU mode by holding the TOP and HOME buttons for about 15 seconds.'
error_msg+=$'\n* If you have an AMD CPU, you may have to try again on a machine with an Intel CPU.' error_msg+=$'\n* If you have an AMD CPU, you may have to try again on a machine with an Intel CPU.'
if [[ $platform == "linux" && $device_proc != 4 ]]; then if [[ $platform == "linux" && $device_proc != 4 ]]; then
error_msg+=$'\n* Unfortunately, success rates for checkm8 are low on Linux.' error_msg+=$'\n* Unfortunately, success rates for checkm8 are low on Linux.'
@ -2816,57 +2817,74 @@ restore_prepare() {
;; ;;
4 ) 4 )
if [[ $device_target_other == 1 ]] && [[ $device_target_vers == "3"* || $device_target_vers == "4"* ]]; then if [[ $device_type == "iPhone3"* ]]; then
if [[ $device_type == "iPhone3,1" ]]; then if [[ $device_target_other == 1 && $device_target_vers == "4"* ]]; then
device_enter_mode pwnDFU
else
ipsw_custom="../${device_type}_${device_target_vers}_${device_target_build}_Restore"
device_enter_mode DFU
fi
restore_idevicerestore
if [[ $device_type == "iPhone2,1" ]]; then
log "Ignore the baseband error and do not disconnect your device yet"
device_find_mode Recovery
log "Attempting to exit recovery mode"
$irecovery -n
log "Done, your device should boot now"
fi
elif [[ $device_target_other == 1 ]]; then
device_buttons
restore_idevicerestore
elif [[ $device_target_vers == "4.1" && $ipsw_jailbreak != 1 ]]; then
device_enter_mode DFU
restore_latest
if [[ $device_type == "iPhone2,1" ]]; then
log "Ignore the baseband error and do not disconnect your device yet"
device_find_mode Recovery
log "Attempting to exit recovery mode"
$irecovery -n
log "Done, your device should boot now"
fi
elif [[ $device_target_vers == "4.1" || $device_target_vers == "$device_latest_vers" ]]; then
if [[ $ipsw_jailbreak == 1 ]]; then
shsh_save version $device_target_vers
device_enter_mode pwnDFU device_enter_mode pwnDFU
restore_idevicerestore restore_idevicerestore
else elif [[ $device_target_other == 1 ]]; then
restore_latest
fi
elif [[ $device_type == "iPhone3,1" || $device_type == "iPhone3,3" ]]; then
# powdersn0w 4.3.x-6.1.3
shsh_save version 7.1.2
if [[ $device_target_powder == 1 && $device_target_vers == "4"* ]]; then
device_enter_mode pwnDFU
else
device_buttons device_buttons
restore_idevicerestore
elif [[ $device_target_vers == "$device_latest_vers" ]]; then
shsh_save version 7.1.2
if [[ $ipsw_jailbreak == 1 ]]; then
device_buttons
restore_idevicerestore
else
restore_latest
fi
else
shsh_save version 7.1.2
if [[ $device_target_vers == "4"* ]]; then
device_enter_mode pwnDFU
else
device_buttons
fi
restore_idevicerestore
fi fi
restore_idevicerestore
else else
device_enter_mode pwnDFU if [[ $device_target_other == 1 ]] && [[ $device_target_vers == "3"* || $device_target_vers == "4"* ]]; then
restore_latest custom ipsw_custom="../${device_type}_${device_target_vers}_${device_target_build}_Restore"
if [[ $device_type == "iPhone2,1" ]]; then device_enter_mode DFU
print "* If the restore succeeded but the device does not boot:" restore_idevicerestore
print " -> Go to: Other Utilities -> Install alloc8 Exploit" if [[ $device_type == "iPhone2,1" ]]; then
log "Ignore the baseband error and do not disconnect your device yet"
device_find_mode Recovery
log "Attempting to exit recovery mode"
$irecovery -n
log "Done, your device should boot now"
fi
elif [[ $device_target_other == 1 ]]; then
device_buttons
restore_idevicerestore
elif [[ $device_target_vers == "4.1" && $ipsw_jailbreak != 1 ]]; then
device_enter_mode DFU
restore_latest
if [[ $device_type == "iPhone2,1" ]]; then
log "Ignore the baseband error and do not disconnect your device yet"
device_find_mode Recovery
log "Attempting to exit recovery mode"
$irecovery -n
log "Done, your device should boot now"
fi
elif [[ $device_target_vers == "4.1" || $device_target_vers == "$device_latest_vers" ]]; then
if [[ $ipsw_jailbreak == 1 ]]; then
shsh_save version $device_target_vers
if [[ $device_target_vers == "4.1" ]]; then
device_target_mode pwnDFU
else
device_buttons
fi
restore_idevicerestore
else
restore_latest
fi
else
device_enter_mode pwnDFU
restore_latest custom
if [[ $device_type == "iPhone2,1" ]]; then
print "* If the restore succeeded but the device does not boot:"
print " -> Go to: Other Utilities -> Install alloc8 Exploit"
fi
fi fi
fi fi
;; ;;
@ -3202,15 +3220,16 @@ device_ramdisk() {
log "Mounting root filesystem" log "Mounting root filesystem"
$ssh -p 2222 root@127.0.0.1 "mount.sh root" $ssh -p 2222 root@127.0.0.1 "mount.sh root"
sleep 2 sleep 2
log "Let's just dump both activation and baseband tars" #log "Let's just dump both activation and baseband tars"
log "Creating baseband.tar" log "Creating baseband.tar"
$ssh -p 2222 root@127.0.0.1 "cd /mnt1; tar -cvf baseband.tar usr/standalone usr/local/standalone" $ssh -p 2222 root@127.0.0.1 "cd /mnt1; tar -cvf baseband.tar usr/standalone usr/local/standalone"
log "Mounting data partition" log "Mounting data partition"
$ssh -p 2222 root@127.0.0.1 "mount.sh pv" $ssh -p 2222 root@127.0.0.1 "mount.sh pv"
log "Creating activation.tar" #log "Creating activation.tar"
$ssh -p 2222 root@127.0.0.1 "cd /mnt1; tar -cvf activation.tar private/var/root/Library/Lockdown" #$ssh -p 2222 root@127.0.0.1 "cd /mnt1; tar -cvf activation.tar private/var/root/Library/Lockdown"
log "Copying tars" log "Copying tars"
$scp -P 2222 root@127.0.0.1:/mnt1/baseband.tar root@127.0.0.1:/mnt1/activation.tar . #$scp -P 2222 root@127.0.0.1:/mnt1/baseband.tar root@127.0.0.1:/mnt1/activation.tar .
$scp -P 2222 root@127.0.0.1:/mnt1/baseband.tar .
print "* Reminder to backup dump tars if needed" print "* Reminder to backup dump tars if needed"
if [[ -s $dump/baseband.tar ]]; then if [[ -s $dump/baseband.tar ]]; then
read -p "Baseband dump exists in $dump/baseband.tar. Overwrite? (Y/n)" opt read -p "Baseband dump exists in $dump/baseband.tar. Overwrite? (Y/n)" opt
@ -3220,15 +3239,17 @@ device_ramdisk() {
else else
cp baseband.tar $dump cp baseband.tar $dump
fi fi
: '
opt= opt=
if [[ -s $dump/activation.tar ]]; then if [[ -s $dump/activation.tar ]]; then
read -p "Activation records dump exists in $dump/activation.tar. Overwrite? (Y/n)" opt read -p "Activation records dump exists in $dump/activation.tar. Overwrite? (Y/n)" opt
if [[ $opt != 'N' && $opt != 'n' ]]; then if [[ $opt != "n" && $opt != "n" ]]; then
cp activation.tar $dump cp activation.tar $dump
fi fi
else else
cp activation.tar $dump cp activation.tar $dump
fi fi
'
$ssh -p 2222 root@127.0.0.1 "rm -f /mnt1/baseband.tar /mnt1/activation.tar; nvram auto-boot=0; reboot_bak" $ssh -p 2222 root@127.0.0.1 "rm -f /mnt1/baseband.tar /mnt1/activation.tar; nvram auto-boot=0; reboot_bak"
log "Done, device should boot to recovery mode now" log "Done, device should boot to recovery mode now"
return return
@ -3410,22 +3431,23 @@ shsh_save_onboard() {
device_find_mode Recovery device_find_mode Recovery
log "Dumping blobs now" log "Dumping blobs now"
(echo -e "/send ../resources/payload\ngo blobs\n/exit") | $irecovery2 -s (echo -e "/send ../resources/payload\ngo blobs\n/exit") | $irecovery2 -s
$irecovery2 -g dump.shsh $irecovery2 -g myblob.dump
$irecovery -n $irecovery -n
"$dir/ticket" dump.shsh dump.plist "$ipsw_path.ipsw" -z "$dir/ticket" myblob.dump myblob.shsh "$ipsw_path.ipsw" -z
"$dir/validate" dump.plist "$ipsw_path.ipsw" -z "$dir/validate" myblob.shsh "$ipsw_path.ipsw" -z
if [[ $? != 0 ]]; then if [[ $? != 0 ]]; then
warn "Saved SHSH blobs might be invalid. Did you select the correct IPSW?" warn "Saved SHSH blobs might be invalid. Did you select the correct IPSW?"
fi fi
if [[ ! -s dump.plist ]]; then if [[ ! -s myblob.shsh ]]; then
warn "Saving onboard SHSH blobs failed." warn "Saving onboard SHSH blobs failed."
if [[ -s dump.shsh ]]; then if [[ -s myblob.dump ]]; then
mv dump.shsh ../saved/myblob-rawdump_$device_ecid-$device_type-$device_target_vers.dump mv myblob.dump ../saved/myblob-rawdump_$device_ecid-$device_type-$device_target_vers.dump
log "Raw dump saved at: ../saved/myblob-rawdump_$device_ecid-$device_type-$device_target_vers.dump" log "Raw dump saved at: ../saved/myblob-rawdump_$device_ecid-$device_type-$device_target_vers.dump"
warn "This raw dump is most likely not usable for restoring."
fi fi
return return
fi fi
mv dump.plist ../saved/shsh/$device_ecid-$device_type-$device_target_vers.shsh mv myblob.shsh ../saved/shsh/$device_ecid-$device_type-$device_target_vers.shsh
log "Successfully saved $device_target_vers blobs: saved/shsh/$device_ecid-$device_type-$device_target_vers.shsh" log "Successfully saved $device_target_vers blobs: saved/shsh/$device_ecid-$device_type-$device_target_vers.shsh"
} }
@ -4113,7 +4135,8 @@ menu_other() {
if [[ $device_type == "iPhone"* ]]; then if [[ $device_type == "iPhone"* ]]; then
menu_items+=("Dump Baseband") menu_items+=("Dump Baseband")
fi fi
menu_items+=("Activation Records" "Clear NVRAM") #menu_items+=("Activation Records" "Clear NVRAM")
menu_items+=("Clear NVRAM")
if [[ $device_type != "iPod2,1" ]]; then if [[ $device_type != "iPod2,1" ]]; then
menu_items+=("Just Boot") menu_items+=("Just Boot")
fi fi
@ -4466,7 +4489,7 @@ for i in "$@"; do
"--disable-bbupdate" ) device_disable_bbupdate=1;; "--disable-bbupdate" ) device_disable_bbupdate=1;;
"--disable-sudoloop" ) device_disable_sudoloop=1;; "--disable-sudoloop" ) device_disable_sudoloop=1;;
"--disable-usbmuxd" ) device_disable_usbmuxd=1;; "--disable-usbmuxd" ) device_disable_usbmuxd=1;;
"--activation-records" ) device_actrec=1;; #"--activation-records" ) device_actrec=1;;
"--ipsw-hacktivate" ) ipsw_hacktivate=1;; "--ipsw-hacktivate" ) ipsw_hacktivate=1;;
esac esac
done done