Site Tools


Hotfix release available: 2024-02-06a "Kaos". upgrade now! [55.1] (what's this?)
New release available: 2024-02-06 "Kaos". upgrade now! [55] (what's this?)
iphone5s
sudo -u aur aur sync -cu img4lib-git img4tool-git futurerestore-s0uthwest-git libirecovery-git liboffsetfinder64-git tsschecker-git ipwndfu-linushenze-git igetnonce-git
pacman -Sy img4lib-git img4tool-git futurerestore-s0uthwest-git libirecovery-git liboffsetfinder64-git tsschecker-git bsdiff libimobiledevice ipwndfu-linushenze-git igetnonce-git

Source https://ipsw.me/

wget "https://api.ipsw.me/v4/ipsw/download/iPhone6,2/14G60" -O iPhone_4.0_64bit_10.3.3_14G60_Restore.ipsw
unzip -j iPhone_4.0_64bit_10.3.3_14G60_Restore.ipsw "Firmware/dfu/iBSS.iphone6.RELEASE.im4p" "Firmware/dfu/iBEC.iphone6.RELEASE.im4p"

https://www.theiphonewiki.com/wiki/Greensburg_14G60_(iPhone6,2), https://www.theiphonewiki.com/wiki/Firmware_Keys/10.x

f2aa35f6e27c409fd57e9b711f416cfe
599d9b18bc51d93f2385fa4e83539a2eec955fce5f4ae960b252583fcbebfe75
f2aa35f6e27c409fd57e9b711f416cfe599d9b18bc51d93f2385fa4e83539a2eec955fce5f4ae960b252583fcbebfe75
img4 -i iBSS.iphone6.RELEASE.im4p -o ibss.decrypt -k "f2aa35f6e27c409fd57e9b711f416cfe599d9b18bc51d93f2385fa4e83539a2eec955fce5f4ae960b252583fcbebfe75" -D
img4 -i iBEC.iphone6.RELEASE.im4p -o ibec.decrypt -k "f2aa35f6e27c409fd57e9b711f416cfe599d9b18bc51d93f2385fa4e83539a2eec955fce5f4ae960b252583fcbebfe75" -D
img4tool -e -o ibss.raw ibss.decrypt
img4tool -e -o ibec.raw ibec.decrypt

untested:

#iBoot64patcher ibss.raw ibss.pwn # we propably dont need this since we just want to downgrade, no fancy verbose boot
#iBoot64patcher ibec.raw ibec.pwn
#img4tool -p ibss.im4p --tag ibss --info iBoot-hax ibss.pwn # rewrite to:
img4tool -p ibss.im4p --tag ibss --info iBoot-hax ibss.raw
#img4tool -p ibec.im4p --tag ibec --info iBoot-hax ibec.pwn
img4tool -p ibec.im4p --tag ibss --info iBoot-hax ibec.raw
ideviceinfo -k UniqueChipID # get ecid, booted & connected via usb, in decimal
# 6556969683248
# tsschecker -e “your-ecid” -s -o -i 9.9.10.3.3 --buildid 14G60 -d iPhone6,2 --save-path .
 tsschecker -e "6556969683248" -s -o -i 9.9.10.3.3 --buildid 14G60 -d iPhone6,2 --save-path .
img4tool -p ibss.im4p -c ibss.img4 -s 6556969683248_iPhone6,2_10.3.3-14G60_8ad81806489d1764d7ee1c17f0129b4e8cd10e70.shsh2
img4tool -p ibec.im4p -c ibec.img4 -s 6556969683248_iPhone6,2_10.3.3-14G60_8ad81806489d1764d7ee1c17f0129b4e8cd10e70.shsh2
bspatch /usr/bin/futurerestore /usr/bin/futurerestore_patched /home/onny/projects/iphone5s/iPhone-5s-OTA-Downgrade-Patches/futurerestore.patch
sudo ipwndfu -p
rmsigchks
irecovery -f random.txt
irecovery -f ibss.img4
irecovery -f ibec.img4
# edit original ipsw
igetnonce
tsschecker -e "your-ecid" -s -o -i 9.9.10.3.3 --buildid 14G60 -d iPhone6,2 --save-path . --apnonce “the number we just grabbed”
futurerestore -t “new-shsh-file” -b baseband from 10.3.3 ipsw -p Alitek's_OTA_buildmanifest.plist -s sep from 10.3.3 ipsw -m Alitek's_OTA_buildmanifest.plist 10.3.3.ipsw

neuer versuch april 2020

iphone5s.txt · Last modified: 2021/10/31 10:42 by 127.0.0.1