#futurerestore-help

but he said it wasnt code changes

no

like the top bar

code, pull requests

etc

tab added

always man-buns fault

either im a dumb fuck

or im blind

both

😛

what is there now

that wasnt

I was trying to save my blobs on A12 for 14.4 using system info and get this. Don’t remember running into this when I saved my blobs for 14.3

System info is broken on 14 atm

System Info is broken

on 14

Oh ok. Thought it was me

@green onyx @zealous bridge so what we enabled was the issues tab lol

that wasn’t enabled?

lmao what

^

didnt even notice

wait

isnt it set to be on

by default

not for forks

damn fr

ngl, i never knew that

fixes look good

guess im a dumb fuck now lmao

lol

https://github.com/marijuanARM/futurerestore/issues/10

“Fix the notorious SEP panic FDR error when restoring to 14.2 or lower sometimes” thats possible?

i thought you said it was a lost cause

thats just the issues with v194

do we still not know for sure if sep is compat

and its a checklist

not everything is easilly fixed

yeah i was guessing that would be the case

Just some people will get the wrong idea if they saw that

Is there something else I should use to save 14.4 blobs while on a12 14.3?

some people cant read a checklist

its unchecked

@fair lark just save with the proper apnonce

also, wheres ibec issue fix

or is that just apple's drivers being shit

@green onyx thats not fixable without 200$ drivers

ah i see

theres no way we are gonna force people to enable unsigned driver mode

true

checkra1n is signing theirs tho

when checkra1n for windows comes into fruition

Can you point me in the right direction? I’m a tutorial kinda guy

you need new term, dimentio, and libkrw

Oh ok so if I manually set nonce it should work?

I'm curious, are you already JB'd

Yep on 14.3

@fair lark once u have these things ill tell u how

Since upgrading seems to break setting my apnonce. Is there a fix?

no

thats part of iOS

Oh. So is future restore dead now once you hit iOS 14?

no

wtf

Don’t I need to set my apnonce to use it?

every time u reboot, the apnonce and generator changes

yes

and to set it, u need a jailbreak

Right. So now that I’m at 14. I can set my apnonce in unc0ver

Can’t

And TSS Saver says error reading generator

get libkrw

and dimentio

I have dimentio. It’s a dependency for TSS Saver

then get libkrw

That fixed it

Thanks

Ok so I downloaded libkrw but tss saver still says error reading generator for me

hence why I said to use the dimentio way

login as root in newterm

Alright I’m there

dimentio

then screenshot

show me that librw is installed

and also show where dimention and libkrw are installed from

I know my generator stuff but apnonce how do i figure this ?

Oh I may have the wrong dimentio. Should it be from Conan repo? Mine is procursus

procursus will be updated eventually

try conan for now

Alright switched

I have iphone xr

TSS saver seems to work now. Can I rely on the blobs it produces for a12?

yes and no

I would use dimentio

screenshot

ok

save with tsssaver

then send me your tsssaver link

wait for it to queue

blobs still saving

Oh oops

?

Guys, is it possible to downgrade an iphone 7 from ios 14.4 to 14.2 with ios 14.2 shsh blobs saved? Thank you

Pls somebody help me 😦

yes u need checkra1n

I already jailbroken it

@valid adder what should I do now? thanks for your time

install dimentio from conan repo

What are my actual odds of hitting a nonce match w/ -w ? Could be forever/never sort of thing yeah? (aka do you all think it's a fruitless endeavor?)

yah not feasible

a7 has dfu nonce collisions

recovery collisions were patched all the way back in 10.2.1

ahh gotcha. oooh shoot. I can JB my 13.7 and then do some manual nonce setting stuff right? I'll dig into that

yes

Hi, so I’m new to this FutureRestore so I’m going to use the GUI to help me out so I don’t mess anything up. The one thing that I’m slightly confused about is the “Arguments” section, if I’m trying (and I really just want to give it a try, I saw that fails aren’t fatal or much to worry about, unless it fails half way through) to go from 13.5 to 14.2, would I want to use the Update argument, or keep it at Debug?

Another question, blobs that were saved with System Info correctly, those would be valid to use, correct?

Heya, the "Wait" argument is basically irrelevant now and doesn't work with modern devices. The "Debug" argument supposedly prints extra logs, no harm in having it turned on. And the "Update" argument basically acts as a normal update, preserving data on the phone (including jailbreak files) through the restore. You should only use this argument if you see the "updateinstall" key in your blob. Use a text editor to search for it

Okay thank you! I see my generator key and the “updateInstall” that you were talking about 🙂 I’m gonna give this a shot, but I have to be sure, so sorry for bugging, but if it fails trying to go from iOS 13.5 to 14.2, it would fail before anything serious starts to happen, right? I just like to be completely sure with things like this 😂

yeah you just have to force exit out of recovery mode if anything goes wrong

Okay thanks for the help!

OMG

FINALLY! Restored to 14.2 from 13.5 on an iPhone 11 Pro Max using FS 😄

FR*

thank you so much guys! FR is insane

any one have bugs to report

nope

Awesome Tex! That's almost exactly my setup and i'm trying to do the same. Did you start from a JB 13.5 and manually set a nonce ? (or did you just not have any ApNonce issues w/ your blob & device when doing futurerestore?). Thanks!

@ember ridge I did not set a nonce, all I did was use odyssey jailbreak with 0x1111** generator, because when I saved 14.2 blobs I was jailbroken on unc0ver

am I allowed to share a reddit post link here? because that's the guide i followed to a tee

Whats the warning about

i think its fine, open shsh.host and look at them

It says valid

you should be good

Aight

ahh interesting, thanks! would you mind DM'ing me that guide ?

why dm

ah word right on, wasn't sure if posting that was allowed or not

i wasn't sure either that's why i asked

https://www.reddit.com/r/jailbreak/comments/m26sc1/tip_futurerestored_my_11pro_to_142_from_135/

i got the exact same errors as him and followed the fixes he posted

One more question, is it okay to be jailbroken when trying to Futurerestore? Or should I do a Restore RootFS first and set the ApNonce in Unc0ver?

@wraith harbor isn't that how you set the generator? by tapping jailbreak?

That’s how I usually do it, but not entirely sure

i ran a restoreFS first and then jailbroke to set generator 0x111.. then FR

it's ok to be jailbroken if you restore. if you update, then I'd rootfs

im assuming the log file from FR from 13.5 to 14.2 wouldn't help in any way, would it? lol

Gotcha! Thank you. The nonce was set before I jailbroke again, but I didn’t know which way is better to go forward

Is there a baseband on iPads?

if your ipad supports cellular, yes

I cannot find it in the build Manifest

No, wifi ipad

then use --no-baseband

Ok

Thx 😊

np

itunes restore takes forever 😭

This does mean that it’s set, right? Excuse me for all the questions 😭

That’s from inside of Unc0ver

are you trying to set it to 0x66a4...?

Yea, it says that after I did a Restore RootFS, and it’s my correct nonce

I even saved it to my notes in case and it’s all correct

ok then I think you're good

Okay cool thank you! Gonna try this out now 😅

Ok so it’s been a while since I’ve used TSS Saver but shouldn’t the link to open URL eventually become active once the blobs have been processed?

I’m still getting 404 not found hours later

Can ECID be used for anything nefarious? Is it ok to send in chat?

I couldn’t DM you

It didnt work

Unable to find device

check pinned

Okay so irecovery

Ok, i'll try it again 😆

no

read pinned

Thanks, its working now

np

Ok for some reason im still getting that iBEC error

#futurerestore-help message

how did u set ur nonce

@topaz solar u look at my blobs or havent gotten around yet

aight

im hitting my head against the wall

14.2 loads pwned restore mode fine

but 14.4.x doesn't

does this work on 14.3? a12?

from conan repo it does

okay and from there i use tsssaver right?

im trying to save on-device blobs

please dont call it that

@celest basalt

on-device blobs are a separate thing

^

Thank you for everyone helping!! I successfully updated from 13.5 to 14.2 on iPhone 11 using FutureRestore GUI 🥰

well its because i didnt save blobs before, and i am told you can retrieve them from your current version on the device

is 14.2 still a gamble

wym accessible

I got my nonce from System Info and set it in Unc0ver

like for blind ppl

whats screen reader

oh

before i continue, is this even possible? save me the tine if not

so if I wanna use a friend of mine mac will I be able to use gui if I put all the files on an external hdd

not usable on a12-a14

PoC?

for what

ah okay. and succession doesnt work on a12 for me so i guess am fucked lol

well u are the smart person who didn't save blobs /s

im4m doesnt have generator @topaz solar

ondevice is im4m

i got my phone just as the 14.3 signing window closed

oof

hello

uh

i do not recall

no generator

only BNCH

oh wait

im4r

has generator

but tihm removed im4r parsing

it doesnt give generator

one can dream

BNCN is the genertor @topaz solar

BNCH is the apnonce

N stands for nonce H stands for hash

@topaz solar

aite fingers crossed that it boots into 14.3

Guess I tried a few too many times

If it was saved shouldn’t the link work?

Damn it worked Im officially on 14.3

Now its time to restore from backup and Ill be good

So do I update itunes now so that my phone can connect

im getting an error saying that itunes cannot connect to my iphone

h

@topaz solar except I haven't seen one blob with a bncn

hey @valid adder should I update my itunes because everything is fine im on 14.3 but itunes cannot connect to my phone so I can restore my backup

why is your itunes outdated in the first place

well its not outdated as I just used future restore but I keep getting an error message when I plug my phone up to itunes

its saying itunes cannot connect to this iphone An unknonwn error occurred (0xE800000A)

14.2 is still a gamble, but I was also able to get to 14.2 with no problems on iPhone 11 using the GUI. So it still can be a huge gamble, since some people are still having issues.

Indeed. Now it does! Lol

@valid adder I'm trying to understand it, is this right

Encrypt: Key is UID Key + 0x568241656551e0cdf56ff84cc11a79ef = AES Key 0x8A3

Encrypt Using AES 128: Key is AES Key 0x8A3 + Generator = Entangled Generator

Hash Using SHA 384: Entangled Generator = AP Nonce

Ok one sec

0x1111111111111111 and 0x095BA1068912E511FC57FA6CDEDE6DDD

That's not my nonce lol

Correct

Oh lol

https://stor.tsssaver.1conan.com/tsssaver/shsh/6196650004512814/

May I ask how you did it so fast? Do you have a tool or just like "encrypt aes 128 online" "hash SHA 384 online"

@topaz solar

Ah ok

Do you really think people would know their 0x8A3 key but not nonce or something lol

Oh ok lol

So could you brute force a nonce with this

I did some calculations

Only a few million centuries I think it was if you do 50 a second

#futurerestore-help message

#futurerestore-help message

Lol

Hey, I’ve got an old SE on 14.2, and I want to get it onto 14.3. It’s a test device mostly, and I want to use it as my guinea pig . I’ve future-restored before, so I’m not new to this. When I try to restore on Windows using manually specified SEP&BB, I get the same error whether I’m using the assets from 14.4 or 14.4.1

I just get several of:
[TSSR] Checking BuildIdentity 0
[TSSR] Selected BuildIdentity For Request

and then a “Failed to open output file download/Firmwares.ipsw Read error: Unknown error

anybody have any thoughts? The GUI was nice, but it just sat there doing nothing. So I did the advice from the command line

It's only possible to read ap nonce from recovery mode?

Like you can't read anything before the hash like entangled generator?

Isn't it just 16^16

Bc base 16, 16 digits

Lol

Very true

@topaz solar what about getting every single device's *AP nonce for 0x1111? We wouldn't need to break a hash—only create a UID key, encrypt, entangle, hash, boom ap nonce. Then do the next uid key. and that way, theoretically A12+ blobs can be saved for every device regardless if they're jailbroken.

I assume you can't get a UID key without being jailbroken?

Otherwise obviously we would already know nonces without needing to jailbreak

Dang

But the sha brute forcing only gets the generator for one device

This method would get nonces for everyone

UID key is unrelated to UDID?

Wait we're saved

I have a raspberry pi

It will brute force for us

Too ez apple

Crap I’m still getting that error message with iTunes I need to restore my backup

@topaz solar how did u get entangled

So, I pulled my A12 on-device SHSH blobs via img4tool//dev/rdisk1. What (if anything) are these blobs useful for (and is there a way i can validate them)?

they need to have BNCN to be used @ember tulip

@topaz solar /cc

Is the 14.4.1 sep and baseband the Same as 14.4, so i can use latest baseband and sep command?

So if my blob has the <key>generator</key> line, I should be okay?

those blobs are valid but to use them your device has to reproduce the the BNCH apnonce hash which is generated from the BNCN nonce generator

probably ok

idk tho

not sure how img4tool converts it

yo so I need some help on finding my generator

i already set it as 0x1111111111111111, but im not sure thats the same one i used when i saved my blobs

or even when i jailbroke with checkra1n last year

i dont remember ever changing it or even setting it

https://github.com/tihmstar/img4tool/blob/master/img4tool/img4tool.cpp#L500 appears to be what it does

oh so it does do it

cool

for my own curiosity, is the IMG4 format/layout documented anywhere?

never noticed that

well the underlying blob is asn1 der

img4, im4p, im4m, im4r are the headers

they just tell the device what info the image is

beat me

lmao

its pretty cool that each component has the verification for every single device component

yeh why is bncn private

can one of u guys help me?

what is your problem ??

Open your *.shsh with notepad, notepad++, text...

Ctrl + F find "Generator"

i did and nothing came up

So your shsh is broken

or incorrect

i validated it tho and it said it was valid

@midnight stream no its not

a12-a13 use noapnonce

i think it always have

im ipx

they are still usable

tsssaver crashed during saving

only saved noapnonce

where did u save

tsssaver

tell me the name of the blob

18A8395_15400076bc4c35a7c8caefdcae5bda69c140a11bce870548f0862aac28c194cc.shsh2

0xbd34a880be0b53f3

there is the generator

damn howd u find that

for future reference you could have checked pins

#futurerestore-help message

oh shit i didnt even see that thank you bro

so i just set my generator as that in dimentio?

yep

as root

alright sick

with conan dimentio

yeah

conan repo cuz the other one is outdated

yeah i will thank you

following up, prob a bit off-topic, but yep, there it is:

openssl?

indeed

also can use lapto.js

openssl is more fun 🙃

not when he saved

still not dead for a7 dfu

im using the futurerestore gui, and im stuck on "waiting for message from FDR"

should i just abort and try again?

@valid adder

@midnight stream

screenshot

i waited 20+ min and nothing happened

i tried a second time and it did the same

@valid adder

lol where i didnt even see it

whats the problem if someone sees my udid

oh alright

Yaaaas, it worked on my mac finally

Joemama

@turbid shadow u were helping someone with Hebrew username right and it failed?

14.2 on A11 Status?

There is no eta for doing research

It is an unknown mystery

Research and reversing takes time

it works if u go from ios 13

I have blobs for 14.3. Can I go there from 14.4.1?

what device

@green onyx iPad 5 (WiFi)

what chip is that

huhhhh? no

A9

then yes u can

u can use checkra1n to set generator

and then use fr to downgrade

to downgrade

true

hey, so i have two blobs saved for 14.3, one where the gen is 0x11111 and so on and one where its different. Im using unc0ver, so i can just use the one with 0x111 and dont have to set any other nonce in u0 since its the default right?

hope that all made sense lol

just use either

doesnt matter?

I'd pick the 0x1111 bc it's easier

okay thank you

guess ill try the tutorial pinned in here on weekend then thanks

@celest basalt try the gui lol

its easier

I love you azure... 32kb/s

What does waiting on message from FDR mean when using future restore GUI

dw about it

its normal

gui uhmmm, could u give me a link?

what is that? the server for logs?

https://github.com/JohnnnnyKlayy/FutureRestore-GUI

thank you 😄

yes it's where logs will be sent

Ahhh ok so it was fine to close the program out

no

why did u stop fr

poggers, how much does hosting cost

$0.0052 an hour for the VM, but storage is always what costs me ~$5 a month

so the vm is around $3 a month

+5 for storage

$8 a month total

mhm kinda expensive ngl

eh I have $80 student credit that expires in like a month so I'm fine for now

nice

As System info is broken rn, how do i save blobs for 14.4.1 for example ?

I thought since my phone rebooted to 14.3 and I was going through the process of setting my phone up like it was brand new it was a good idea

can you find a server that's cheaper tho

self hosting?

idk

and it has to be a server bc it accepts requests

can't just be any vps I don't think

ah i see

yeah you gotta be able to open a port

in my case

port 6969

nice

nice indeed

@green onyx im in 1.4 now. I have blobs for every Ios 13 version. Is it possible to downgrade to Ios 13 from 14.4?
@sacred estuary did you update grom ios 13 or downgrade from ios 14? and did you use the MacOS or windows build? MacOS didnt worked for me

no

u cannot

and why are u on ios 14.4

because it was initially said that you can downgrade from 14.4 to 14.2. So I updated

no u cant

wtf

where did it say

if its a yt tutorial, its fake

it was pinned in the discord
10 days ago

APTicket-APNonce mismatch, error can somebody explain what i need to do for me to pass this point am struggling i have an xr on 13.3 and want to go to 14.3 i have blobs which are valid ?

Are the blobs for iPadOS 14.4 valid for 14.4.1? I don't see any blobs for 14.4.1 listed in the 1conan TSSSaver web page... (My blobs are all save din https://stor.tsssaver.1conan.com/shsh/5921145076851238/)

How do i know for sure that my blobs saved with it are going to work ?

Hi, everyone ✌️ I’m having this error in Future restore GUI apnonce does not match apticket nonce please any Help 🙏

set generator

use [[dimentio]]

okay, good. my 14.4.1 seem to be okay

14.4.1 blobs*

i have 3 storage of blobs

so poggers

all of mine are either on shsh.host or desktop in a jb folder

I’m trying to upgrade from 13.5 to 14.3 blobs unc0ver bu t I’m getting that error 😭

i have it on shsh.host, @topaz solar 's server and adam's bot

@topaz solar how much is hosting rn

http://tsssaver.1conan.com/check

like $ per month

and how much storage is used up rn

Ive just checked mine and its invalid damn bro now i know why it failed

oh, i got them on adams bot too

I resaved and not working

Actually I didn’t need to resave for when 14.3 came out, or when 14.4 came out.

Then how?

Weird that it just worked for me

¯_(ツ)_/¯

holy fuck

Will future restore work for 14.2?

Depending on device

iPhone X

I verified my blobs and match correct I have save in shshhost

@covert lily iPhone X

Should work then......

I did set generator in uncover but however I’m getting that error

dont use unc0ver

i just said

use dimentio

Going to use FR to update my iPX from 13.5 to 14.3
Can I use lastest sep and latest baseband
or do I need to specify them

Did they update it recently? I’m on 14.4 with 14.2 blobs. It messed up when I tried the first time on 13.2

I have Xs Max will that works?

yes

When I used the terminal for the command it put the device into restore mode and stopped working. I had to force a hard reboot

use latest

My b

I have 2 blobs which should I use?

either is fine

What is the difference? And how do I know the correct generator I used for that blob?

there is no difference

upload the blob to https://verify.shsh.host

to figure out the generator

also open the blob with notepad

ctrl+f

and search updateInstall

can u find updateInstall

Yes found it, It is the same as the one in TssSaver atm

I'm using checkra1n

alright

@celest basalt macos, linux or windows

Oh sorry it is a difference one from the one in tsssaver

windows

https://github.com/JohnnnnyKlayy/FutureRestore-GUI/releases/tag/v1.51

download that

screenshot pls

true but im not using to typing that

admin access to ur server

ios 14.4 blob

bruh

@topaz solar wrong blob i think

Rip ECID leaked

so ur generator is 0xbd34a880be0b53f3

can confirm

lol my generator is actually 0x4206942069420699

How to set my device to that before I futurerestore?

lmao what

oh

@celest basalt use dimentio

update unc0ver too

[[dimentio]]

hes using checkra1n

I'm using dimentio already on checkra1n

use newterm

use a terminal app

and su

alpine

dimentio 0xbd34a880be0b53f3

i use ssh keys

and alpine easy af for me

mhm true

ill set it to be the same

as my passphrase

where

Am I good to go now on that blob?

good

yes

where lmao

i did submit a blob

hol up

found it

why

kinda cool imo

and why are there captchas

bruh

shsh.host doesnt have it

12k

mhm true

i dont abuse tho

lmao what

oh

i meant for saving blobs

wait

they have it now

lmao

ye i just realized lol

true

question. before using futurerestore should i turn off passcode? i keep getting Unable to place device into recovery mode from Normal mode

no its fine

when itunes pops up when fr puts my device in recovery mode, should i close it?

or just leave it

Am I good to go?

you can even check -u

What does it do?

I thought that I cannot update while I’m jailbroken

nah Ive used it on my X

and the X can be jailbroken on 14.4.1

so not like restore failed is a bad thing

ive done -u at least 20 times

But I have to lose the FaceID

ur blob has updateInstall

u can use -u

how does -u have anything to do with face id

no u dont

it flashes sep i think

I mean jailbreaking 14.4.1 would break it

bruh

im saying u jailbreak 14.4.1 to set nonce

It’s here an bypass for this unknown request personalized data recevied futurerestore

to downgrade to 14.3

Ohh, got you

?

there is no scenario here where u lose face id

wait

dont use -u

ur downgrading

its risky

Yes

Great, didn’t think of that before

-u is only when upgrading

nah

works both ways

Ohhhh @green onyx

hes upgrading right?

I know thanks

damn fr

hes on X so it doesn't matter

Im upgrading right now yeah

true

I’m good no matter what happens

it works both ways but I wouldn't risk arm64e

this is true

Going to update my friend’s iP11 tomorrow so I’m testing it first on my iPX first today without using -u

ooh it should be good now right?

@celest basalt as soon as it says done: restore succeeded your phone doesn't have to be plugged in

its succeeded

it does its loading thing

ondevice now

@valid adder should I use lastest sep and baseband or manually specify it?
I remember opa334 saying latest breaks it

Or that was fixed on latest version

you haven't needed to manually specify in weeks lol

opa fixed it weeks ago

Good to hear, thanks.

Since I don't have 14.3 blobs on my X, is it possible to do a blobless upgrade using pwndfu and removing sigchecks? I looked at inferius but it seems it's not updated for ios 14.

@real star what version are u on

13.5

do u have 13.5 blobs

you can't get to 14.3 im just curious

you can only boot it tethered

blobless required untethered bootchain exploit

checkm8 is semi-tethered

I do have 13.5 blobs

oh shit

ngl why is ur queue in the thousands tho

@real star u can only go to 14.4.x

how many ppl are saving blobs

tf

bruh

can I upload my blobs

I'm fine with booting tethered

then just use Divise

@real star

@topaz solar because me an 1000 other people dont have 13.5 blobs but I dumped onboard

Thanks I hadn't heard of that, will check it out!

looking now

what about v2 -> patreon transfer

copy*

aight

@topaz solar fix cron job for patreon subdomain as well

tired of doing this lol:

oh shit now patreon just doesnt work at all

nvm I just didnt reboot browser

what is the origin of acme

seems like a legacy name they kept

I use letsencrypt and nginx

or I used to

cant ssh anymore

also doesn't look like 14.4.1 is queuing

cool

ooooof

my 13.5 blobs only have upgrade install

wtf

apple

this is onboard

let me try reconverting dump

yah blob.dump does that

sad

What should I do?

Hit cancel on itunes

open link and do what it says

why did you not

click

the

link

its

there

so

you

dont

annoy

us

it's literally like spelled out for him lol

but it's not annoying if you just ignore it

or let someone else help

I was pinged twice here

Welp

I'm sorry guys

Trying that fix rn

No you're fine, it's ok to be nervous haha

@covert lily

Tried that fix but didn't work for me, going to try the iTunes version opa mentioned it

@celest basalt alright

try mine

#futurerestore-help message

I'm on phone, I don't have it

wait inbox exists on desktop

@covert lily next to your name then, its the @ symbol

bottom left

lmho why would they put a feature on mobile but not desktop

@sinful spade when has it not??

it has

im just too dumb to look in the corner

Thanks

fyi ghost pings don't appear in mentions

I wish it would at least say (Deleted Message) or something

:(

Yeah it was 1Conan asking me to retry saving blobs. Queue is at 12k items

yes

my 14.4.1 havent saved yet

and im on patreon saver

so be patient

imagine not saving 14.4.1 as soon as it came out

Neither have mine but yeah I'm solidly on 14.3 w blobs for 14.2

And 14.4

I set generator with dimentio like u said but however still saying apnonce does not match apticket I’m using uncover version 5.3.1 Xs Max on 13.5 😭

you can dump 14.3

onboard

@covert lily

yep, use System Info (ECID -> APTicket) or SHSHDump

don't just copy apticket.der bc that has no generator

!t ibec

!t ibec

capt

what

the

fuck

ah

so it put my phone in recovery mode but it says thus now

========================>]
[TSSC] opening /tmp/futurerestore/basebandManifest.plist
[TSSR] User specified to request only a Baseband ticket.
Request URL set to https://gs.apple.com/TSS/controller?action=2
Sending TSS request attempt 1... response successfully received
Found device in Normal mode
Entering recovery mode...
ERROR: Failed to place device in recovery mode
futurerestore: failed with exception:
[exception]:
what=Unable to place device into recovery mode from Normal mode

code=8978449
line=137
file=futurerestore.cpp
commit count=29:
commit sha =2994651a10d8176a298b31e7706b4b6af97975d1:
airalkhasbraeda-3:~ raedaniroukh$ £

the phone itself is in recovery mode tho

what should i do

should i retry

just

retry

you should have retried before posting here

run everything again

should i exit recovery before retrying?

no

ok

@green flower why say what I already said

@zinc moon no lol entering recovery is the issue, so exiting would just break it over and over again

I already fixed this for the next release

I tried again and

ERROR: Unable to connect to device?!
ERROR: Unable to get FirmwarePreflightInfo
[WARNING] failed to read BasebandGoldCertID from device! Is it already in recovery?
[WARNING] using tsschecker's fallback to get BasebandGoldCertID. This might result in invalid baseband signing status information
[TSSC] opening /tmp/futurerestore/basebandManifest.plist
[TSSR] User specified to request only a Baseband ticket.
Request URL set to https://gs.apple.com/TSS/controller?action=2
Sending TSS request attempt 1... response successfully received
Found device in Recovery mode
Device already in recovery mode
Found device in Recovery mode
Identified device as d101ap, iPhone9,3
Extracting BuildManifest from iPSW
Product version: 14.0.1
Product build: 18A393 Major: 18
Device supports Image4: true
Got ApNonce from device: 27 32 5c 82 58 be 46 e6 9d 9e e5 7f a9 a8 fb c2 8b 87 3d f4 34 e5 e7 02 a8 b2 79 99 55 11 38 ae
checking APTicket to be valid for this restore...
[Error] ECID inside APTicket does not match device ECID
APTicket is valid for 3763146000429502740 (dec) but device is 3439615971885114 (dec)
Cleaning up...
[exception]:
what=APTicket can't be used for restoring this device

code=46858257
line=715
file=futurerestore.cpp
commit count=29:
commit sha =2994651a10d8176a298b31e7706b4b6af97975d1:
Done: restoring failed!

ecid doesnt match

please dont post text

screenshot

but full log

Alright

I take a screenshot of everything?

nah

for next time

but

im getting a similar error but appnonce does not match apticket

can you screenshot itunes ecid

thats not related to his error @green flower

im on mac let me see if it gives me the ecid

then finder

if not

irecovery

i cant get the ECID

one sec

@zinc moon

chmod 0755

then run it

irecovery -q

chmod 0755

?

the

file

chmod 0755 ~/Downloads/irecovery
~/Downloads/irecovery -q

this ^

oh ok

@green flower that issue is caused by nonce not being set correctly

u use dimentio?

permission denied

@zinc moon screenshot

ok nvm it showed something else this time

80C313C28002E

not u lol

copy paste ecid

0x000c3850002b003a

yes

so, what do i do with the ECID

holdup

tf

where did you get this build from

we are are on 194

not 29

also

why are you using bash on bigsur

https://github.com/marijuanARM/futurerestore/releases

@zinc moon

@green flower dimentio from conan repo run as root?

do i use that just like the normal futurerestore?

yes i downloaded from that repo

@zinc moon extract it

i di

did

@green flower make sure libkrw is also installed

@zinc moon then just rename the command to -v194

show me command

i dont understand

show me the command u ran

futurerestore

the failed result?

no

the command

or how i wrote it

yes

How are onboard blobs created/saved—does the phone cache Apple's signed SHSH for the version you have installed, and you simply dump it? or does the phone generate a signature (which I don't think is possible)? Do you need to build it, or does it just exist and you need to fetch it?

ok just a sec

they work because of the fundamental concept of how iOS secure bootchain works

starting in iOS 7 64bit with img4

all components have embedded im4m blobs

we dump iboot im4m from disk1

that is onboard

contains all components in the im4m

ah I see, so iOS refuses to run if the firmware that's on the phone is not signed?

it needs to always have a signature to boot?

now replace futurerestore in that folder with my v194

@zinc moon

ok

@lilac wren yes, but can be bypassed with one patch(2 instructions)

patch img4interposercallback to return 0

but I assume you can't just do this with a jailbreak like unc0ver

instead of running the original code

this is how im getting verbose serial logs

because I load a patched iBEC with custom bootargs

nah

need checkm8

thought so

ok that's cool! good luck on your research, and thank you for the knowledge

divise may be able to do it tho

idk what the requirements are for divise are

failed

yep

@zinc moon screenshot

very odd indeed

ah ok, so changes you make to booting are reverted on reboot?

so..should i exit recovery>

@lilac wren yes there is no untethered bootchain exploit

not since de rubus

iOS 7

ah ok

I plan to make a wiki on all my iOS knowledge

please

its 5 years worth of experience

or contribute to iPhone wiki?

yeh I do occasionally

so there as well

you need to put your knowledge somewhere haha

just posted 14.4.1 X keys lol

otherwise you'll get asked the same questions like 1000x

im gonna try again

it wont work

at all>

?

Think I'm gonna fr to 14.3 now I can still use 14.4 sep right as it's signed or should I use 14.4.1's sep+bb

think how many people won't have to ask you how getting onboard blobs works if you had a wiki page on them

it looks like you saved blobs for a different device so it probably won't work on the device you're trying to restore rn

this is the device

i have no other iphones

can you send me the apticket you have downloaded

the one from the site is valid

but maybe your download corrupted

AP ticket?

how do i get tht

this file

i send the file itslf?

uh oh

bad blob?

let me check something else

maybe? what do i do in that situtation

Can I use futurerestore to go from ios13.5 to 14.1 on iphone XR? I know I have blobs saved

I know what happend I think

what happened?

will have to ask conan

he asleep now tho

wait

im dumbb

the blob is valid

man im confused

whats the problem then?

ok you might need to know this

but sometimes the laptop randomly disconnects

seems like a bug in futurerestore

from the phone

theres a lot of reconnecting during futurerestore

unless you mean other cases of disconnect

what can i do in the meanwhile?

try a different computer

would a VM work

yes

or ubuntu

or windows

is there a way for me to get back the phone

while i download the vm tommoro

fr --exit-recovery

futureresore --exit-recovery

doesnt work

like froggy said

what about it didnt work

let me screenshot

wrong futurerestore

please delete 180

you have to use 194

alright

it just shows me that big ass list of stiff i could do

because

you made a typo

oh

--

--exit-recovery or --exit--recovery?

Bad experience with future restore on iphone 11 pro max from 13.6.1 to 14.3 with shsh blob made to update it to 14.4 any way to down grade it to 14.3

looks to me like one dash

think you can just do -e

@wintry wind no

or -n

i forgot which

IT'S -e

ty

😢

@wintry wind send the log or we cant fix it for future users

ok its doing it

inb4 restored because of recovery loop

its out of recovery mode

i meant the other guy

@wintry wind I sware if you did that

can i move a file inside a vm or do i have to download it again

you can move it in, what software

virtualbox

hit settings

first tab general hit advanced

drag'n'drop switch to host to guest

or bidirectional

@green flower screenshot dimentio

hey @valid adder sorry to bother you again, do you know what UniqueBuildID is in a blob? I can't find info on it. Is it just the build ID for the version like 18D65 or whatever

*not a blob, in the request to Apple for a blob

just a unique identifier for specific device iOS version

in the example it's fqzW0B++Zdrs+PRwohkwU6prjbk=

do you have to decode this

or is that literally the ID

every data section is base64

lol

oh

thats just how plist saves it

erm it decodes to something weird though

so no corruption happens

~ep0Sk

its binary @lilac wren

thats why

oh :P

tysm

hexdump -C UniqueBuildID.bin

i didnt have that installed but i installed and retry again and still saying appnonce does not match apticket but i verify the file wich i have save in shshhost and is valid ithink i give up keep trying

dont give up

just screenshot terminal

ill help

what part u want me too screenshot

the bottom

wiki says you can get this value from the buildmanifest, what does it look like in there

same way

in b64?