Mirrors/Legacy-iOS-Kit
2
0
Fork 0
mirror of https://github.com/LukeZGD/Legacy-iOS-Kit.git synced 2025-02-04 02:56:38 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix iBoot patching for iPhone4Down

Browse Source 
for #184 and #185
this should actually fix things this time
This commit is contained in:
LukeZGD 2022-06-09 21:12:04 +08:00
parent 98380efbc6
commit b85020a91f
2 changed files with 15 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
resources/device.sh
View File

@ -245,10 +245,11 @@ EnterPwnDFU() {
[[ $DeviceProc == 4 ]] && SendiBSS=1 [[ $DeviceProc == 4 ]] && SendiBSS=1
if [[ $pwnDFUDevice != 0 && $ProductType == "iPhone3,1" ]]; then if [[ $pwnDFUDevice != 0 && $ProductType == "iPhone3,1" ]]; then
Error "Failed to enter pwnDFU mode. Please run the script again" Error "Failed to enter pwnDFU mode. Please run the script again" \
"Exit DFU mode first by holding the TOP and HOME buttons for about 15 seconds."
elif [[ $pwnDFUDevice != 0 && $pwnD != 1 ]]; then elif [[ $pwnDFUDevice != 0 && $pwnD != 1 ]]; then
echo -e "\n${Color_R}[Error] Failed to enter pwnDFU mode. Please run the script again ${Color_N}" echo -e "\n${Color_R}[Error] Failed to enter pwnDFU mode. Please run the script again ${Color_N}"
echo "${Color_Y}* If the screen is black, exit DFU mode first by holding the TOP and HOME buttons for 15 seconds. ${Color_N}" echo "${Color_Y}* If the screen is black, exit DFU mode first by holding the TOP and HOME buttons for about 15 seconds. ${Color_N}"
echo "${Color_Y}* This step may fail a lot, especially on Linux, and unfortunately there is nothing I can do about the low success rates. ${Color_N}" echo "${Color_Y}* This step may fail a lot, especially on Linux, and unfortunately there is nothing I can do about the low success rates. ${Color_N}"
echo "${Color_Y}* The only option is to make sure you are using an Intel or Apple Silicon device, and to try multiple times ${Color_N}" echo "${Color_Y}* The only option is to make sure you are using an Intel or Apple Silicon device, and to try multiple times ${Color_N}"
Echo "* For more details, read the \"Troubleshooting\" wiki page in GitHub" Echo "* For more details, read the \"Troubleshooting\" wiki page in GitHub"

20
resources/ipsw.sh
View File

@ -281,15 +281,15 @@ IPSW4() {
elif [[ $OSVer == 4.3.5 ]]; then elif [[ $OSVer == 4.3.5 ]]; then
IV=986032eecd861c37ca2a86b6496a3c0d IV=986032eecd861c37ca2a86b6496a3c0d
Key=b4e300c54a9dd2e648ead50794e9bf2205a489c310a1c70a9fae687368229468 Key=b4e300c54a9dd2e648ead50794e9bf2205a489c310a1c70a9fae687368229468
ios4="-ios4" ios4="--logo4"
elif [[ $OSVer == 4.3.3 ]]; then elif [[ $OSVer == 4.3.3 ]]; then
IV=bb3fc29dd226fac56086790060d5c744 IV=bb3fc29dd226fac56086790060d5c744
Key=c2ead1d3b228a05b665c91b4b1ab54b570a81dffaf06eaf1736767bcb86e50de Key=c2ead1d3b228a05b665c91b4b1ab54b570a81dffaf06eaf1736767bcb86e50de
ios4="-ios433" ios4="--logo4 --433"
elif [[ $OSVer == 4.3 ]]; then elif [[ $OSVer == 4.3 ]]; then
IV=9f11c07bde79bdac4abb3f9707c4b13c IV=9f11c07bde79bdac4abb3f9707c4b13c
Key=0958d70e1a292483d4e32ed1e911d2b16b6260856be67d00a33b6a1801711d32 Key=0958d70e1a292483d4e32ed1e911d2b16b6260856be67d00a33b6a1801711d32
ios4="-ios433" ios4="--logo4 --433"
fi fi
if [[ $Jailbreak == 1 ]]; then if [[ $Jailbreak == 1 ]]; then
@ -325,14 +325,18 @@ IPSW4() {
cd tmp cd tmp
if [[ $OSVer == "7.1.2" && ! -e $IPSWCustom.ipsw ]]; then if [[ $OSVer == "7.1.2" && ! -e $IPSWCustom.ipsw ]]; then
Log "Preparing custom IPSW..." Log "Preparing custom IPSW..."
cp -rf ../resources/firmware/FirmwareBundles FirmwareBundles cp -rf ../resources/firmware/FirmwareBundles .
$ipsw ../$IPSW.ipsw ../$IPSWCustom.ipsw $JBMemory -S 50 ${JBFiles[@]} $ipsw ../$IPSW.ipsw ../$IPSWCustom.ipsw $JBMemory -S 50 ${JBFiles[@]}
elif [[ ! -e $IPSWCustom.ipsw ]]; then elif [[ ! -e $IPSWCustom.ipsw ]]; then
Log "Preparing custom IPSW with ch3rryflower..." Log "Preparing custom IPSW with ch3rryflower..."
sed -z -i "s|\n../bin|\n../$cherry/bin|g" ../$cherry/make_iBoot.sh cp -rf ../$cherry/bin/* ../$cherrymac/FirmwareBundles ../$cherrymac/src .
env LD_LIBRARY_PATH=../resources/lib ../$cherry/make_iBoot.sh ../$IPSW.ipsw -iv $IV -k $Key $ios4 unzip -j ../$IPSW.ipsw Firmware/all_flash/all_flash.${HWModel}ap.production/iBoot*
cp -rf ../$cherrymac/FirmwareBundles FirmwareBundles mv iBoot.${HWModel}ap.RELEASE.img3 tmp
cp -rf ../$cherrymac/src src env LD_LIBRARY_PATH=../resources/lib ./xpwntool tmp ibot.dec -iv $IV -k $Key
./iBoot32Patcher ibot.dec ibot.pwned --rsa -b "-v" --boot-partition --boot-ramdisk $ios4
env LD_LIBRARY_PATH=../resources/lib ./xpwntool ibot.pwned iBoot -t tmp
echo "0000010: 6365" | xxd -r - iBoot
echo "0000020: 6365" | xxd -r - iBoot
env LD_LIBRARY_PATH=../resources/lib ../$cherry/cherry ../$IPSW.ipsw ../$IPSWCustom.ipsw $JBMemory -derebusantiquis ../$IPSW7.ipsw iBoot ${JBFiles[@]} env LD_LIBRARY_PATH=../resources/lib ../$cherry/cherry ../$IPSW.ipsw ../$IPSWCustom.ipsw $JBMemory -derebusantiquis ../$IPSW7.ipsw iBoot ${JBFiles[@]}
fi fi
cd .. cd ..