iphone5s
sudo -u aur aur sync -cu img4lib-git img4tool-git futurerestore-s0uthwest-git libirecovery-git liboffsetfinder64-git tsschecker-git ipwndfu-linushenze-git igetnonce-git pacman -Sy img4lib-git img4tool-git futurerestore-s0uthwest-git libirecovery-git liboffsetfinder64-git tsschecker-git bsdiff libimobiledevice ipwndfu-linushenze-git igetnonce-git
- next: ipwndfu-linushenze-git https://github.com/LinusHenze/ipwndfu_public
Source https://ipsw.me/
wget "https://api.ipsw.me/v4/ipsw/download/iPhone6,2/14G60" -O iPhone_4.0_64bit_10.3.3_14G60_Restore.ipsw unzip -j iPhone_4.0_64bit_10.3.3_14G60_Restore.ipsw "Firmware/dfu/iBSS.iphone6.RELEASE.im4p" "Firmware/dfu/iBEC.iphone6.RELEASE.im4p"
https://www.theiphonewiki.com/wiki/Greensburg_14G60_(iPhone6,2), https://www.theiphonewiki.com/wiki/Firmware_Keys/10.x
f2aa35f6e27c409fd57e9b711f416cfe 599d9b18bc51d93f2385fa4e83539a2eec955fce5f4ae960b252583fcbebfe75 f2aa35f6e27c409fd57e9b711f416cfe599d9b18bc51d93f2385fa4e83539a2eec955fce5f4ae960b252583fcbebfe75
img4 -i iBSS.iphone6.RELEASE.im4p -o ibss.decrypt -k "f2aa35f6e27c409fd57e9b711f416cfe599d9b18bc51d93f2385fa4e83539a2eec955fce5f4ae960b252583fcbebfe75" -D img4 -i iBEC.iphone6.RELEASE.im4p -o ibec.decrypt -k "f2aa35f6e27c409fd57e9b711f416cfe599d9b18bc51d93f2385fa4e83539a2eec955fce5f4ae960b252583fcbebfe75" -D img4tool -e -o ibss.raw ibss.decrypt img4tool -e -o ibec.raw ibec.decrypt
untested:
#iBoot64patcher ibss.raw ibss.pwn # we propably dont need this since we just want to downgrade, no fancy verbose boot #iBoot64patcher ibec.raw ibec.pwn #img4tool -p ibss.im4p --tag ibss --info iBoot-hax ibss.pwn # rewrite to: img4tool -p ibss.im4p --tag ibss --info iBoot-hax ibss.raw #img4tool -p ibec.im4p --tag ibec --info iBoot-hax ibec.pwn img4tool -p ibec.im4p --tag ibss --info iBoot-hax ibec.raw ideviceinfo -k UniqueChipID # get ecid, booted & connected via usb, in decimal # 6556969683248 # tsschecker -e “your-ecid” -s -o -i 9.9.10.3.3 --buildid 14G60 -d iPhone6,2 --save-path . tsschecker -e "6556969683248" -s -o -i 9.9.10.3.3 --buildid 14G60 -d iPhone6,2 --save-path . img4tool -p ibss.im4p -c ibss.img4 -s 6556969683248_iPhone6,2_10.3.3-14G60_8ad81806489d1764d7ee1c17f0129b4e8cd10e70.shsh2 img4tool -p ibec.im4p -c ibec.img4 -s 6556969683248_iPhone6,2_10.3.3-14G60_8ad81806489d1764d7ee1c17f0129b4e8cd10e70.shsh2 bspatch /usr/bin/futurerestore /usr/bin/futurerestore_patched /home/onny/projects/iphone5s/iPhone-5s-OTA-Downgrade-Patches/futurerestore.patch sudo ipwndfu -p rmsigchks irecovery -f random.txt irecovery -f ibss.img4 irecovery -f ibec.img4 # edit original ipsw igetnonce tsschecker -e "your-ecid" -s -o -i 9.9.10.3.3 --buildid 14G60 -d iPhone6,2 --save-path . --apnonce “the number we just grabbed” futurerestore -t “new-shsh-file” -b baseband from 10.3.3 ipsw -p Alitek's_OTA_buildmanifest.plist -s sep from 10.3.3 ipsw -m Alitek's_OTA_buildmanifest.plist 10.3.3.ipsw
neuer versuch april 2020
- dfu
- 10 sekunden home + power
- 10 sekunden weiter home
iphone5s.txt · Last modified: 2021/10/31 10:42 by 127.0.0.1
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Noncommercial-Share Alike 4.0 International
