- dont use --no-rsep for i 16.x restores
- dont do alloc8 install if restore fails/errors out
- update ipwndfu. do not usb reset on execute on intel macs
some changes for #773
- revert ipwndfu pyusb while keeping libusb1 fixes (hopefully helps #773)
- update futurerestore dev to latest (hopefully helps #772)
- change (( device_det >= 10 )) to [[ $device_det == 10 ]]; the mitigations and use cases that have this condition are only applicable to ios 10
* Initial support for dumping apps
Use Clutch to achieve app dumping, the general procedure is as follows:
* Send Clutch binary to the device
* Execute Clutch binary for app dumping
* Retrieve from device
* Cleanup IPA on device
Currently, three versions of Clutch will be needed.
* resources/clutch/clutch -> iOS 8+
* resources/clutch/clutch204 -> iOS 6 - 7
* resources/clutch/clutch13 -> iOS 5
* Ask for confirmation before deleting on-device dumped IPAs
* Add selection menu listing all user apps for dumping
Also, include it all inside a while true loop, so the user can dump
more than one app at once.
* Add note on time required for app dumps
* Enable usage for Clutch on 12.0.x only
iOS 12.1 introduced new code signature things that this version of
Clutch will not support.
* Update Clutch 2.0.4 (for iOS 6 - 7)
Repo: https://github.com/rcky844/Clutch.git (branch: ios6)
Updated binary contains backported changes to a version compatible
with Xcode 7.2 so we get iOS 6 support. This also causes it to exit
properly if it got stuck.
* Add ipainstaller for dumping apps
ipainstaller repo: https://github.com/rcky844/ipainstaller.git
Retain Clutch as an option for supported iOS versions, while expand
the supported versions to iOS 4.0+ with ipainstaller.
Update the dumping system to always copy dumped IPAs from /tmp.
* Apply entitlements to app dump binaries
* Change name of output IPA
Format: [CFBundleDisplayName/CFBundleExecutable] [CFBundleShortVersionString].ipa
---------
Co-authored-by: Ricky Cheung <rcheung844@gmail.com>
We can ask `cut` to provide us with the value before a delimiter
so we can obtain the current major version.
The original implemention will become a bad idea as Apple starts
shifting to using years as major versions, confusing the tool
into thinking it might be running very legacy iOS versions.
This also fixes issues with saving onboard SHSH for 64-bit devices
on versions before 10.x.
Co-authored-by: Ricky Cheung <rcheung844@gmail.com>
- ipwndfu pyusb update doesnt really change much, but the bug fixes are good ig
- launching on macos lower than 10.11 is now an error again. 10.11 is the lowest, and support will never go any lower bc of libressl
- remove build-essential from apt install
- update primepwn to return 1 when send data for unpacked ibss fails (macos x86_64 bin is not updated yet since i dont have my intel mac with me rn)
- no more python check, let the ipwndfu shebang do the work. hopefully fixes#763
- add existing jailbreak check on ramdisk jailbreak before jailbreaking. for #764
- update primepwn to check for cpid in serial string. fixes issue where it errors out on devices in kdfu
fix ipwndfu reliability issue on nor dump for installing alloc8
also enable hacktivating on ipod4,1, closes#756
now that all of ipwnder can be used just fine for alloc8 installing, ipwndfu is no longer used for pwning at all.
the only use case left for ipwndfu is for alloc8 installation. it used to suck on apple silicon macs (random operation time outs all the time) but now that has been fixed as i tested.
now im working on getting ipwndfu working on python3, or even better, port/write the alloc8 installation process to c.
best case: ipwndfu gets completely replaced with a c implementation for alloc8 installation.
moderate case: ipwndfu is ported over to python3. i've tried this for a bit but i have moved on to working on a c port for now.
meh case: leave ipwndfu as is. pyenv/python2 is still used and persists along with the build times and possible issues. but at least it works ig
- primepwn is now used for pwning a4/touch 2 devices, as well as sending unpacked ibss to pwned a5/a6 devices
- the only major usage of ipwndfu left is for installing alloc8
- this is done as part of lik moving away from reliance on ipwndfu
- next up will be replacing `ipwndfu -l` for sending ibss on pwned a5 (and a6 if pwned with ipwndfu)
- maybe a shatter implementation from ipwndfu too for a4 devices
- rename gasgauge-patch to multipatch because it isnt just for getting past gasgauge anymore, it also patches restored_external for getting past the invalid ticket error. using --gasgauge-patch instead of --multipatch will still work
- rename all instances of 64-bit blob dumping/saving from shsh to shsh2 extension for consistency, and since all blobs that have a generator are considered as shsh2 so shsh2 is more appropriate
- rebuild idevicerestore and ideviceactivation, with no more conflicts this time. it shouldnt segfault or error out anymore
- fix pushd relative path issue
- jailbreak with g1lbertjb userland tool on normal mode only
well ig this and ideviceactivation are the 2 binaries that have "conflicts" according to the build logs, so it makes sense that they will have issues (although idr worked fine for me). ill just have to figure out how to fix the conflict now before updating them again (by compiling static libcurl lib)
