Differences

This shows you the differences between two versions of the page.

--- iphone5s [2019/10/10 15:48] – 2a02:8071:3eba:0:466d:57ff:fe22:1dfc
+++ iphone5s [2021/10/31 10:42] (current) – external edit 127.0.0.1
@@ Line 1: / Line 1: @@
+<code bash>
+sudo -u aur aur sync -cu img4lib-git img4tool-git futurerestore-s0uthwest-git libirecovery-git liboffsetfinder64-git tsschecker-git ipwndfu-linushenze-git igetnonce-git
+pacman -Sy img4lib-git img4tool-git futurerestore-s0uthwest-git libirecovery-git liboffsetfinder64-git tsschecker-git bsdiff libimobiledevice ipwndfu-linushenze-git igetnonce-git
+</code>
+  * https://github.com/MatthewPierson/iPhone-5s-OTA-Downgrade-Patches
+  * next: https://github.com/tihmstar/iBoot64Patcher
+  * next: ipwndfu-linushenze-git https://github.com/LinusHenze/ipwndfu_public
+Source https://ipsw.me/
+<code bash>
+wget "https://api.ipsw.me/v4/ipsw/download/iPhone6,2/14G60" -O iPhone_4.0_64bit_10.3.3_14G60_Restore.ipsw
+unzip -j iPhone_4.0_64bit_10.3.3_14G60_Restore.ipsw "Firmware/dfu/iBSS.iphone6.RELEASE.im4p" "Firmware/dfu/iBEC.iphone6.RELEASE.im4p"
+</code>
+https://www.theiphonewiki.com/wiki/Greensburg_14G60_(iPhone6,2), https://www.theiphonewiki.com/wiki/Firmware_Keys/10.x
+<code>
+f2aa35f6e27c409fd57e9b711f416cfe
+d9b18bc51d93f2385fa4e83539a2eec955fce5f4ae960b252583fcbebfe75
+f2aa35f6e27c409fd57e9b711f416cfe599d9b18bc51d93f2385fa4e83539a2eec955fce5f4ae960b252583fcbebfe75
+</code>
+<code bash>
+img4 -i iBSS.iphone6.RELEASE.im4p -o ibss.decrypt -k "f2aa35f6e27c409fd57e9b711f416cfe599d9b18bc51d93f2385fa4e83539a2eec955fce5f4ae960b252583fcbebfe75" -D
+img4 -i iBEC.iphone6.RELEASE.im4p -o ibec.decrypt -k "f2aa35f6e27c409fd57e9b711f416cfe599d9b18bc51d93f2385fa4e83539a2eec955fce5f4ae960b252583fcbebfe75" -D
+img4tool -e -o ibss.raw ibss.decrypt
+img4tool -e -o ibec.raw ibec.decrypt
+</code>
+untested:
+<code bash>
+#iBoot64patcher ibss.raw ibss.pwn # we propably dont need this since we just want to downgrade, no fancy verbose boot
+#iBoot64patcher ibec.raw ibec.pwn
+#img4tool -p ibss.im4p --tag ibss --info iBoot-hax ibss.pwn # rewrite to:
+img4tool -p ibss.im4p --tag ibss --info iBoot-hax ibss.raw
+#img4tool -p ibec.im4p --tag ibec --info iBoot-hax ibec.pwn
+img4tool -p ibec.im4p --tag ibss --info iBoot-hax ibec.raw
+ideviceinfo -k UniqueChipID # get ecid, booted & connected via usb, in decimal
+# 6556969683248
+# tsschecker -e “your-ecid” -s -o -i 9.9.10.3.3 --buildid 14G60 -d iPhone6,2 --save-path .
+ tsschecker -e "6556969683248" -s -o -i 9.9.10.3.3 --buildid 14G60 -d iPhone6,2 --save-path .
+img4tool -p ibss.im4p -c ibss.img4 -s 6556969683248_iPhone6,2_10.3.3-14G60_8ad81806489d1764d7ee1c17f0129b4e8cd10e70.shsh2
+img4tool -p ibec.im4p -c ibec.img4 -s 6556969683248_iPhone6,2_10.3.3-14G60_8ad81806489d1764d7ee1c17f0129b4e8cd10e70.shsh2
+bspatch /usr/bin/futurerestore /usr/bin/futurerestore_patched /home/onny/projects/iphone5s/iPhone-5s-OTA-Downgrade-Patches/futurerestore.patch
+sudo ipwndfu -p
+rmsigchks
+irecovery -f random.txt
+irecovery -f ibss.img4
+irecovery -f ibec.img4
+# edit original ipsw
+igetnonce
+tsschecker -e "your-ecid" -s -o -i 9.9.10.3.3 --buildid 14G60 -d iPhone6,2 --save-path . --apnonce “the number we just grabbed”
+futurerestore -t “new-shsh-file” -b baseband from 10.3.3 ipsw -p Alitek's_OTA_buildmanifest.plist -s sep from 10.3.3 ipsw -m Alitek's_OTA_buildmanifest.plist 10.3.3.ipsw
+</code>
+===== neuer versuch april 2020 =====
+  * dfu
+    * 10 sekunden home + power
+    * 10 sekunden weiter home
+  * https://www.theiphonewiki.com/wiki/Kernel#Boot-Args
+  * https://github.com/avltree9798/icloud-bypass/blob/master/icloud-unlock.py

Project-Insanity

Site Tools

Differences

Page Tools