diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 3d01451..010acbf 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -52,6 +52,8 @@ jobs:
mv ./resources/lib/* ./exclude/lib
mv ./resources/tools/*linux* ./exclude/tools
mv ./resources/firmware/FirmwareBundles ./resources/firmware/JailbreakBundles ./exclude/firmware
+ mkdir ./resources/firmware/FirmwareBundles
+ mv ./exclude/firmware/FirmwareBundles/Down_iPhone3* ./resources/firmware/FirmwareBundles
- name: Download and extract libimobiledevice_win
run: |
diff --git a/README.md b/README.md
index 4d484ee..31390ed 100644
--- a/README.md
+++ b/README.md
@@ -54,9 +54,12 @@
| iPad 2 (except iPad2,4) |
| iOS 7.1.2 |
- iPhone 4 GSM (iPhone3,1) |
+ iPhone 4 (all models) |
+
+
+ | iOS 4.3 to 6.1.3 |
+ iPhone 4 GSM |
- | iOS 4.3 to 6.1.3 |
diff --git a/resources/device.sh b/resources/device.sh
index 4043466..115daff 100755
--- a/resources/device.sh
+++ b/resources/device.sh
@@ -159,7 +159,7 @@ GetDeviceValues() {
if [[ $ProductType == "iPhone3"* ]]; then
DeviceProc=4
if [[ $ProductType == "iPhone3,1" ]]; then
- Log "iPhone 4 GSM detected. iPhone4Down functions enabled."
+ Log "$ProductType detected. iPhone4Down functions enabled."
Echo "* This script uses powdersn0w by dora2ios"
else
Log "$ProductType detected. Your device is not supported by powdersn0w (yet)"
@@ -212,9 +212,10 @@ EnterPwnDFU() {
local pwnDFUTool
local pwnDFUDevice
local pwnD=1
+ local pwn="-p"
local Selection=()
- if [[ $ProductType == "iPhone3,1" ]]; then
+ if [[ $DeviceProc == 4 ]]; then
pwnDFUTool="$pwnedDFU"
if [[ $platform == "win" ]]; then
Log "iPhone 4 device detected in DFU mode."
@@ -248,6 +249,12 @@ EnterPwnDFU() {
SaveExternal ipwndfu
fi
+ if [[ $pwnDFUTool == "$gaster" ]]; then
+ pwn="pwn"
+ elif [[ $ProductType == "iPhone3,3" && $platform == "linux" ]]; then
+ pwn="-s"
+ fi
+
Log "Entering pwnDFU mode with: $pwnDFUTool"
if [[ $pwnDFUTool == "ipwndfu" ]]; then
cd resources/ipwndfu
@@ -262,11 +269,8 @@ EnterPwnDFU() {
cd ../..
SendPwnediBSS
fi
- elif [[ $pwnDFUTool == "$gaster" ]]; then
- $pwnDFUTool pwn
- pwnDFUDevice=$?
else
- $pwnDFUTool -p
+ $pwnDFUTool $pwn
pwnDFUDevice=$?
fi
if [[ $DeviceProc == 4 || $DeviceProc == 7 ]]; then
@@ -274,7 +278,7 @@ EnterPwnDFU() {
SendiBSS=1
fi
- if [[ $ProductType == "iPhone3,1" ]]; then
+ if [[ $DeviceProc == 4 ]]; then
if [[ $pwnD != 1 ]]; then
Error "Failed to enter pwnDFU mode. Please run the script again. Note that kDFU mode will NOT work!" \
"Exit DFU mode first by holding the TOP and HOME buttons for about 15 seconds."
@@ -458,6 +462,29 @@ kDFU() {
FindDevice "DFU"
}
+Remove4DL() {
+ local Link
+ if [[ ! -e saved/$ProductType/$1_p ]]; then
+ Link=$(cat $Firmware/11D257/url)
+ [[ -n $2 ]] && Link=$(cat $Firmware/$2/url)
+ Log "Downloading $1..."
+ $partialzip $Link Firmware/dfu/$1.${HWModel}ap.RELEASE.dfu $1
+ mkdir -p saved/$ProductType 2>/dev/null
+ cp $1 saved/$ProductType/$1_p
+ mv $1 tmp
+ else
+ cp saved/$ProductType/$1_p tmp/$1
+ fi
+ Log "Patching $1..."
+ if [[ -n $2 ]]; then
+ $bspatch tmp/iBSS tmp/pwnediBSS resources/patches/$1.${HWModel}ap.$2.patch
+ else
+ $bspatch tmp/$1 tmp/pwned$1 resources/patches/$1.${HWModel}ap.RELEASE.patch
+ fi
+ Log "Booting $1..."
+ $irecovery -f tmp/pwned$1
+}
+
Remove4() {
Input "Select option:"
select opt in "Disable exploit" "Enable exploit" "(Any other key to exit)"; do
@@ -467,19 +494,13 @@ Remove4() {
* ) exit 0;;
esac
done
- if [[ ! -e saved/iPhone3,1/iBSS_8L1 ]]; then
- Log "Downloading iBSS..."
- $partialzip http://appldnld.apple.com/iPhone4/041-1966.20110721.V3Ufe/iPhone3,1_4.3.5_8L1_Restore.ipsw Firmware/dfu/iBSS.n90ap.RELEASE.dfu iBSS
- mkdir -p saved/iPhone3,1 2>/dev/null
- cp iBSS saved/iPhone3,1/iBSS_8L1
- mv iBSS tmp
+
+ if [[ $ProductType == "iPhone3,1" ]]; then
+ Remove4DL iBSS 8L1
else
- cp saved/iPhone3,1/iBSS_8L1 tmp/iBSS
+ Remove4DL iBSS
+ Remove4DL iBEC
fi
- Log "Patching iBSS..."
- $bspatch tmp/iBSS tmp/pwnediBSS resources/patches/iBSS.n90ap.8L1.patch
- Log "Booting iBSS..."
- $irecovery -f tmp/pwnediBSS
sleep 2
Log "Running commands..."
$irecovery -c "setenv boot-partition $Rec"
diff --git a/resources/firmware/FirmwareBundles/Down_iPhone3,2_7.1.2_11D257.bundle/Info.plist b/resources/firmware/FirmwareBundles/Down_iPhone3,2_7.1.2_11D257.bundle/Info.plist
new file mode 100644
index 0000000..7248cab
--- /dev/null
+++ b/resources/firmware/FirmwareBundles/Down_iPhone3,2_7.1.2_11D257.bundle/Info.plist
@@ -0,0 +1,123 @@
+
+
+
+
+ DownloadUrl
+
+ Filename
+ iPhone3,2_7.1.2_11D257_Restore.ipsw
+ FilesystemPatches
+
+ FirmwarePatches
+
+ Restore Ramdisk
+
+ Decrypt
+
+ File
+ 058-4107-013.dmg
+ IV
+ 4d45b18575f0e48ef0c1f1fea1663e0e
+ Key
+ 2ab11294614e2fda8e8c806208e3bd96337877673e166702e5f5df558da48b09
+ TypeFlag
+ 8
+
+ RestoreDeviceTree
+
+ DecryptPath
+ Downgrade/DeviceTree.n90bap.img3
+ File
+ Firmware/all_flash/all_flash.n90bap.production/DeviceTree.n90bap.img3
+ IV
+ 206e596d02d01842941d90ad71f4265f
+ Key
+ 38f09516b60d5d2839ac7ed8d6f288af53babf8d49d1b70bc509170c3dcd0f2a
+
+ RestoreKernelCache
+
+ DecryptPath
+ Downgrade/kernelcache.release.n90b
+ File
+ kernelcache.release.n90b
+ IV
+ 054fa7c7537f0d7f5271349656d729e6
+ Key
+ f24fa28626283eb1e252fec878ab0716d0fd7b6e62cf114fcd1ce132ba96d633
+ TypeFlag
+ 4
+
+ RestoreLogo
+
+ DecryptPath
+ Downgrade/applelogo@2x~iphone.s5l8930x.img3
+ File
+ Firmware/all_flash/all_flash.n90bap.production/applelogo@2x~iphone.s5l8930x.img3
+ IV
+ 2287b716b833ba84566cf365e3368d37
+ Key
+ 2ab11294614e2fda8e8c806208e3bd96337877673e166702e5f5df558da48b09
+
+ iBEC
+
+ Decrypt
+
+ File
+ Firmware/dfu/iBEC.n90bap.RELEASE.dfu
+ IV
+ a6ff0ef84ca1c536f540b81c0c858858
+ Key
+ 45f08035e58d63e6426f1b81fa760e6019b37a42c5286b108b4c37f58e0bc06b
+ Patch
+ iBEC.n90bap.RELEASE.patch
+ TypeFlag
+ 8
+
+ iBSS
+
+ Decrypt
+
+ File
+ Firmware/dfu/iBSS.n90bap.RELEASE.dfu
+ IV
+ a5e8a7cd8e659db3b6f983409b98b66c
+ Key
+ 42865aa964f0cba160d173794530e40e46910e14383f3ac9d24cd650ebdb9926
+ Patch
+ iBSS.n90bap.RELEASE.patch
+ TypeFlag
+ 8
+
+
+ Name
+ iPhone3,2_7.1.2_11D257
+ Platform
+ 1
+ RamdiskMountVolume
+ ramdisk
+ RamdiskOptionsPath
+ /usr/local/share/restore/options.n90b.plist
+ RamdiskPatches
+
+ asr
+
+ File
+ usr/sbin/asr
+ Patch
+ asr.patch
+
+
+ RootFilesystem
+ 058-4498-010.dmg
+ RootFilesystemKey
+ 10a8d34290659b33117f5b6dfe59055d6a38400819dbbecfd3ad50b7b68619c5bf10f852
+ RootFilesystemMountVolume
+ Sochi11D257.N90bOS
+ RootFilesystemSize
+ 1515
+ SHA1
+ b3c0c0adc95ae2ae1184e9aa111845cd705975d9
+ SubPlatform
+ 6
+
+
diff --git a/resources/firmware/FirmwareBundles/Down_iPhone3,2_7.1.2_11D257.bundle/asr.patch b/resources/firmware/FirmwareBundles/Down_iPhone3,2_7.1.2_11D257.bundle/asr.patch
new file mode 100644
index 0000000..02b195e
Binary files /dev/null and b/resources/firmware/FirmwareBundles/Down_iPhone3,2_7.1.2_11D257.bundle/asr.patch differ
diff --git a/resources/firmware/FirmwareBundles/Down_iPhone3,2_7.1.2_11D257.bundle/iBEC.n90bap.RELEASE.patch b/resources/firmware/FirmwareBundles/Down_iPhone3,2_7.1.2_11D257.bundle/iBEC.n90bap.RELEASE.patch
new file mode 100644
index 0000000..c56face
Binary files /dev/null and b/resources/firmware/FirmwareBundles/Down_iPhone3,2_7.1.2_11D257.bundle/iBEC.n90bap.RELEASE.patch differ
diff --git a/resources/firmware/FirmwareBundles/Down_iPhone3,2_7.1.2_11D257.bundle/iBSS.n90bap.RELEASE.patch b/resources/firmware/FirmwareBundles/Down_iPhone3,2_7.1.2_11D257.bundle/iBSS.n90bap.RELEASE.patch
new file mode 100644
index 0000000..71a86ae
Binary files /dev/null and b/resources/firmware/FirmwareBundles/Down_iPhone3,2_7.1.2_11D257.bundle/iBSS.n90bap.RELEASE.patch differ
diff --git a/resources/firmware/FirmwareBundles/Down_iPhone3,3_7.1.2_11D257.bundle/Info.plist b/resources/firmware/FirmwareBundles/Down_iPhone3,3_7.1.2_11D257.bundle/Info.plist
new file mode 100644
index 0000000..4fd8c3c
--- /dev/null
+++ b/resources/firmware/FirmwareBundles/Down_iPhone3,3_7.1.2_11D257.bundle/Info.plist
@@ -0,0 +1,143 @@
+
+
+
+
+ FilesystemPatches
+
+ FirmwarePatches
+
+ RestoreKernelCache
+
+ File
+ kernelcache.release.n92
+ IV
+ b84212f017d5ffd962db0bbe050581dc
+ Key
+ 92e5720cadf724cdf428d44119b634ab3346aef1ab4e3e20abc8ecb73f7f8642
+
+ DecryptPath
+ Downgrade/kernelcache.release.n92
+ TypeFlag
+ 4
+
+
+ Restore Ramdisk
+
+ File
+ 058-4107-013.dmg
+ IV
+ e6562294eb9989aaca7fda5b57065fde
+ Key
+ ad5cfa520f1018d4083710011f627107389785f425303938e5412dff1aee65bb
+ Decrypt
+
+ TypeFlag
+ 8
+
+ iBSS
+
+ File
+ Firmware/dfu/iBSS.n92ap.RELEASE.dfu
+ IV
+ f5f67870c11f90c5f0f416df89618470
+ Key
+ 579c6275ac9835fe7a4c148ee1e6af5289431996d51fa145a8d5bc438559bdb1
+ Patch
+ iBSS.n92ap.RELEASE.patch
+ Decrypt
+
+ TypeFlag
+ 8
+
+ iBEC
+
+ File
+ Firmware/dfu/iBEC.n92ap.RELEASE.dfu
+ IV
+ 858cc5776b240dd9c5eac82e56dd6706
+ Key
+ 97c37caee1839d5bf6a51a5d7fbdd5b24d6e4fc50a151d82dd66777825e0efab
+ Patch
+ iBEC.n92ap.RELEASE.patch
+ Decrypt
+
+ TypeFlag
+ 8
+
+ RestoreDeviceTree
+
+ File
+ Firmware/all_flash/all_flash.n92ap.production/DeviceTree.n92ap.img3
+ IV
+ 8662383170bb93fffe2dbdd181a620da
+ Key
+ 8473b8932e1957c1e650f15cb3b6f49f497e241ebacfaa7d0b1eca3b15fc633c
+ DecryptPath
+ Downgrade/DeviceTree.n92ap.img3
+
+ RestoreLogo
+
+ File
+ Firmware/all_flash/all_flash.n92ap.production/applelogo@2x~iphone.s5l8930x.img3
+ IV
+ 2287b716b833ba84566cf365e3368d37
+ Key
+ 73f0cef0f12ed5e43b53c87373a2be672481c4fc0f1f542c5e8da8b7d518611f
+ DecryptPath
+ Downgrade/applelogo@2x~iphone.s5l8930x.img3
+
+
+ RamdiskPatches
+
+ asr
+
+ File
+ usr/sbin/asr
+ Patch
+ asr.patch
+
+
+
+ RamdiskMountVolume
+ ramdisk
+ RamdiskOptionsPath
+ /usr/local/share/restore/options.n92.plist
+ RootFilesystem
+ 058-4110-009.dmg
+ RootFilesystemSize
+ 1522
+ RootFilesystemKey
+ 423b3503689b7058d1398d1b5d56a7b1ccf4d79e1c3e6ba853122b4f86820a9e3bc911f6
+ RootFilesystemMountVolume
+ Sochi11D257.N92OS
+ SHA1
+ aaeda3c8e1979189faa153cdf43e817a3f81f74c
+ Filename
+ iPhone3,3_7.1.2_11D257_Restore.ipsw
+ Name
+ iPhone3,3_7.1.2_11D257
+ DownloadUrl
+
+ Platform
+ 1
+ SubPlatform
+ 6
+
+
diff --git a/resources/firmware/FirmwareBundles/Down_iPhone3,3_7.1.2_11D257.bundle/asr.patch b/resources/firmware/FirmwareBundles/Down_iPhone3,3_7.1.2_11D257.bundle/asr.patch
new file mode 100644
index 0000000..57b511f
Binary files /dev/null and b/resources/firmware/FirmwareBundles/Down_iPhone3,3_7.1.2_11D257.bundle/asr.patch differ
diff --git a/resources/firmware/FirmwareBundles/Down_iPhone3,3_7.1.2_11D257.bundle/iBEC.n92ap.RELEASE.patch b/resources/firmware/FirmwareBundles/Down_iPhone3,3_7.1.2_11D257.bundle/iBEC.n92ap.RELEASE.patch
new file mode 100644
index 0000000..e83fd00
Binary files /dev/null and b/resources/firmware/FirmwareBundles/Down_iPhone3,3_7.1.2_11D257.bundle/iBEC.n92ap.RELEASE.patch differ
diff --git a/resources/firmware/FirmwareBundles/Down_iPhone3,3_7.1.2_11D257.bundle/iBSS.n92ap.RELEASE.patch b/resources/firmware/FirmwareBundles/Down_iPhone3,3_7.1.2_11D257.bundle/iBSS.n92ap.RELEASE.patch
new file mode 100644
index 0000000..71a86ae
Binary files /dev/null and b/resources/firmware/FirmwareBundles/Down_iPhone3,3_7.1.2_11D257.bundle/iBSS.n92ap.RELEASE.patch differ
diff --git a/resources/firmware/iPhone3,3/10B329/sha1sum b/resources/firmware/iPhone3,3/10B329/sha1sum
new file mode 100644
index 0000000..2548c2f
--- /dev/null
+++ b/resources/firmware/iPhone3,3/10B329/sha1sum
@@ -0,0 +1 @@
+42f09fdc2e35426cc402ee683efb3b5e62dfe46a
diff --git a/resources/firmware/iPhone3,3/10B329/url b/resources/firmware/iPhone3,3/10B329/url
new file mode 100644
index 0000000..bc77748
--- /dev/null
+++ b/resources/firmware/iPhone3,3/10B329/url
@@ -0,0 +1 @@
+http://appldnld.apple.com/iOS6.1/091-2351.20130319.Fe431/iPhone3,3_6.1.3_10B329_Restore.ipsw
diff --git a/resources/firmware/iPhone3,3/11D257/sha1sum b/resources/firmware/iPhone3,3/11D257/sha1sum
new file mode 100644
index 0000000..d588d64
--- /dev/null
+++ b/resources/firmware/iPhone3,3/11D257/sha1sum
@@ -0,0 +1 @@
+aaeda3c8e1979189faa153cdf43e817a3f81f74c
diff --git a/resources/ipsw.sh b/resources/ipsw.sh
index 97c95b0..941baf4 100755
--- a/resources/ipsw.sh
+++ b/resources/ipsw.sh
@@ -42,7 +42,6 @@ JailbreakSet() {
}
JailbreakOption() {
- echo
Input "Jailbreak Option"
Echo "* When this option is enabled, your device will be jailbroken on restore."
if [[ $OSVer == "6.1.3" ]]; then
@@ -249,7 +248,6 @@ IPSW4() {
local JBFiles=()
local JBFiles2
local JBSHA1
- local WinBundles
if [[ -e $IPSWCustom.ipsw ]]; then
Log "Found existing Custom IPSW. Skipping IPSW creation."
@@ -287,10 +285,9 @@ IPSW4() {
if [[ $OSVer == "7.1.2" && ! -e $IPSWCustom.ipsw ]]; then
if [[ $platform == "win" ]]; then
ipsw="${ipsw}3"
- WinBundles="windows/"
fi
Log "Preparing custom IPSW..."
- cp -rf ../resources/firmware/${WinBundles}FirmwareBundles .
+ cp -rf ../resources/firmware/FirmwareBundles .
$ipsw ../$IPSW.ipsw ../$IPSWCustom.ipsw $JBMemory -S 50 ${JBFiles[@]}
elif [[ ! -e $IPSWCustom.ipsw ]]; then
echo
@@ -357,6 +354,7 @@ IPSW4Cherry() {
Log "ch3rryflower will be used instead of powdersn0w for iOS 4.3.x"
SaveExternal ch3rryflower
if [[ $platform == "linux" ]]; then
+ # patch cherry temp path from /tmp to ././ (current dir)
cd tmp
echo "QlNESUZGNDA4AAAAAAAAAEUAAAAAAAAAQKoEAAAAAABCWmg5MUFZJlNZCmbVYQAABtRYTCAAIEAAQAAAEAIAIAAiNNA9QgyYiW0geDDxdyRThQkApm1WEEJaaDkxQVkmU1kFCpb0AACoSA7AAABAAAikAAACAAigAFCDJiApUmmnpMCTNJOaootbhBXWMbqkjO/i7kinChIAoVLegEJaaDkXckU4UJAAAAAA" | base64 -d | tee cherry.patch >/dev/null
$bspatch ../$cherry/cherry ../$cherry/cherry2 cherry.patch
diff --git a/resources/patches/iBEC.n92ap.RELEASE.patch b/resources/patches/iBEC.n92ap.RELEASE.patch
new file mode 100644
index 0000000..bb7cf81
Binary files /dev/null and b/resources/patches/iBEC.n92ap.RELEASE.patch differ
diff --git a/restore.sh b/restore.sh
index 8d805ad..a755427 100755
--- a/restore.sh
+++ b/restore.sh
@@ -140,8 +140,10 @@ Main() {
[[ $NoDevice != 1 ]] && Selection+=("Downgrade Device")
[[ $DeviceProc != 4 ]] && Selection+=("Save OTA Blobs")
- if [[ $ProductType == "iPhone3,1" && $NoDevice != 1 ]]; then
- Selection+=("Disable/Enable Exploit" "Restore to 7.1.2" "SSH Ramdisk")
+ if [[ $ProductType == "iPhone3"* && $NoDevice != 1 ]]; then
+ Selection+=("Restore to 7.1.2")
+ [[ $ProductType != "iPhone3,2" ]] && Selection+=("Disable/Enable Exploit")
+ [[ $ProductType == "iPhone3,1" ]] && Selection+=("SSH Ramdisk")
fi
if [[ $DeviceProc != 7 ]]; then
@@ -317,10 +319,23 @@ SelectVersion() {
Selection+=("iOS 6.1.3")
fi
- if [[ $ProductType == "iPhone3,1" ]]; then
+ if [[ $ProductType == "iPhone3"* ]]; then
[[ $Mode == "IPSW32" ]] && Selection+=("7.1.2")
- Selection+=("6.1.3" "5.1.1 (9B208)" "5.1.1 (9B206)")
- Selection2=("6.1.2" "6.1" "6.0.1" "6.0" "5.1" "5.0.1" "5.0")
+
+ if [[ $ProductType == "iPhone3,1" ]]; then
+ Selection+=("6.1.3 ""5.1.1 (9B208)" "5.1.1 (9B206)")
+ Selection2=("6.1.2" "6.1" "6.0.1" "6.0" "5.1" "5.0.1" "5.0")
+ if [[ $platform != "linux" ]]; then
+ Echo "* iOS 4.3.x downgrades are supported on Linux only"
+ Echo "* For macOS users, use cherryflowerJB instead"
+ fi
+ if [[ $platform != "win" ]]; then
+ Selection+=("4.3.5")
+ Selection2+=("4.3.3" "4.3")
+ fi
+ Selection+=("More versions")
+ fi
+
if [[ $Mode == "Restore712" ]]; then
Echo "* Make sure to disable the exploit first! See the README for more details."
Input "Press Enter/Return to continue (or press Ctrl+C to cancel)"
@@ -329,15 +344,8 @@ SelectVersion() {
BuildVer="11D257"
Mode="Downgrade4"
return
- elif [[ $platform != "linux" ]]; then
- Echo "* iOS 4.3.x downgrades are supported on Linux only"
- Echo "* For macOS users, use cherryflowerJB instead"
fi
- if [[ $platform != "win" ]]; then
- Selection+=("4.3.5")
- Selection2+=("4.3.3" "4.3")
- fi
- Selection+=("More versions")
+
if [[ $Mode == "Downgrade" ]]; then
Mode="Downgrade4"
fi