#futurerestore-help

hah nobody helped me

im so smart

before he became genius

🤓

shut up you frog

:(

/j

cryptic is smart

whos the person

in their pfp

himself ofc

tbh I just see people as their pfp

so I thought nyu was a girl

do you look like your pfp irl

Lil Cryptic

i am not a chinatown gang manager who's blind, no

lil peep was epic

rip

bro looks like a crackhead

@cinder flume helped me

Lol

oh he died

in my first fr

i noticed a trend

people who help you with your first fr

arent that active

cryptic is quite active

so is nyu

yeah

idk

nyu is rly active lmao

ive seen him here

like

4 times

nyu is tbh

snowball was a genius before

she stepped down ig

I need to keep talking and be active ig so I can change nickname

oh

im so close to mem edition istg

what level is that

50

ooh yes that'll be so cool

im on 48 and a 1/2

wow

we're both professional virgins then

true

waiy what

keep it halal bro

im not a virgin

uhh

haram

maybe

ur haram stfu

/s

didn't you say you were like 17 tb

16

United Kingdom moment

lol

age of consent is 16 here

i love this channel

same

same

there are like 7 actives here

and its not dead

just saying ive been here before any of you

thats what i like

so stfu noob /s

when did you join

wow

uhh

i joined in june 2018

fascinating times

i meant in this channel

btw

I got here like March

oh

i joined in June 2020 wtf

and already have send almost half of TB's messages in this channel

TB?

tanbeer

ive only been active for as long as you have

how do you have 20k messages here then lol

oh

from when i joined to u0 6’s release date i didnt say anything

well hardly anything

oh fr?

i was inactive asf

yeah

i used to havw 25k messages before my current ones

jailbreaking was dead

I spoke once in like u0 5 release

but they were all cleared

Wait did i leave the server

i was always scared of this discord

Ohhh

No wonder

as you should

everyone was so much more hostile

noob

back then

well #futurerestore-help is cozy

its so much friendlier now

true

compassion #1

its literally its own server

futurerestore-help

haha yeah

name me one channel with a better community than this one

#moderator-backroom

im just happy a certain mod isnt spamming our asses with "take it to general"

oops

#818879231772983357

didnt mean to put that

this lol, there's nobody here so

true

and the fact that this channel is perfect without moderation

yeah

besides if a mod tells us to go to #general bc someone needs help here

no eta kids

well hardly any

who will be here to help them

^ this

mods would ruin this channel

if they started paying attention to it

yeah probably

im just happy eta kids are keeping them bussy

i think mods know about the off topic nature that happens here

I hope so

they do

but they decided that we do more good than harm

so they just leave us be

definitely

i dont want anything to change here, at all

LOL

LMAOO NO WAY

check mine

lol

literally this is the only place I stay

whats the %

94.2%

94.2%

someone check mine

i have 16k messages and 2,690 are here

pls

ill do it

i will

im guessing 75%

beat me to it

63%

wow

Wow 63%

Damn

i need to step up my percentages

wow

I’m not that active ig

thats a lot man

63% vs 94% ok god damn

or you're extra active in this server in other channels as well?

yes that too

in #jailbreak or #genius-bar maybe

There was a period where you like disappeared from here tb lol

that was school

its gonna come again

from next week

i remember that girl called shady

i have twelve hour school so i cant be active ever

she used to talk all the time

i think she created cfw guides

with emma

you what???

ye

no way

TB this is you total vs #futurerestore-help, #genius-bar, and #genius-bar-2

like 66%

not much different

and #jailbreak?

WOOW NO FUCKING WAY

SHE USED TO HAVE LIKE

30K MESSAGES

jesus

yeah

9,822 from tb in #jailbreak

the server got nuked

remember

alexk

did it all

?

for a bot

i dont know exactly what happened tbh

its looooong

why did it get nuked what

I think I remember? or maybe it was a different server

someone needs to explain to me cause im curious af

#announcements message

that was in 2020

over a year ago

@lilac wren a retired admin called alexk wanted to add a bot, basically, aaron and other admins said no,

thats when the incident happened ig

he started to tamper with shit

when that happened

they took his perms away

however

through a backdoor

wow petty

he deleted this server

tf

how

what i said is super simplified

GOD KNOWS BRO

a bot probably

seems like he had an alt

I've made a backdoor in another server ngl

you need to be owner to delete a server

a bot cant delete a server afaik

simple, I react with a specific emoji to the bot from a specified alt and it gives me moderator perms

the bot has manage server perms so it can delete all channels

oof

thats whats strange

https://www.youtube.com/watch?v=xRFFKdhBzVk

also manage roles deletes all roles

bro turned to the wrong jailbreak

you can also ban all members

so delete server with extra steps

omg

he didnt delete the server, but delete the channels

think about GIR right, it has manage roles and manage members for sure. it can ban people with like ?ban and also gives muted role + member pro, etc

imagine if that happened to the subreddit

so it can do everything but delete the server

ban all members

i had a pic of the pins

of 2018

on icloud

lemme try find it

lol

lol never give a bot besides automod any perms in a subreddit

fucking alexk man

he did all that for a bot

the server had around 1.5m messages

before all this happened

oh so

they added his bot in the end?

#jailbreak alone now has 3.57M messages now

oh wow

otherwise how would the backdoor exist

he had perms to change the bot

if he has manage servers perms, other bots usually let those people use their commands

so he had perms to change other bots maybe

oh

hmm

whos that directed at?

Ultra the genius

i remember the day

3/13/2020

bro when it happened

the shock

i have a photo

of a message

from alex

k

wait why is the quality like that

Aaron got warned lol

lmfaoo

lol

im on ios 14.3 with my xr
could i save blobs, update ios 14.4.2 and futurerestore my device later back to ios 14.3?

what the fuck

stay

as long as sep is compatible yes

only if a jailbreak comes out for 14.4.2

^ and that

and sep and bb must be compatible

so right now no

and the blobs for 14.3 have to be good

not onboards

oh shit i forgot that

wdym good?

ios 14.3 is unsigned now

so unless you saved blobs before

cant save them now

@lilac wren onboards arent bad

shit

but for them to work with fr you needed to have ipsw updated to the version you’re saving onboards for

If you ota’ed then it’ll save ota blobs

Which are useless for A12+

omg

dont do it

basically

ok so nervermind then

@zealous bridge you ever used onboard blobs?

Not successfully

what device did you try

whats onboard blobs

Actually

@slim grove nothing

sheeesh

I used onboards for A9 successfully

jk onboard blobs are like

blobs you get from the version

if youre on it

even if its unsigned

and that worked because i ipsw updated

but youre a12

so it wont work

but my a13 didnt work

so rip

@zealous bridge do they have a high success rate for a10

@slim grove do you remember how you updated to 14.3

its not chip specific

@zinc moon @zealous bridge did y’all here about what sloopie did in Sileo server or no

the superviosor profil thing

no

untether downgrade?

yes, which would technically work for A8/A9

HUH

they got a sep exploit?

what

@stiff hazel how did they do it

i hope a writeup comes out soon

wtf i understand nothing

Involves tether downgrading once, blackbird, the fact A8/A9 uses arbitrary sep, and something I’m forgetting

Tested in concept with A10 via succession tether downgrade to 14.2 (which meant 14.2 with 14.3 sep) then updating using the OTA method to untethered 14.3 which worked

what

but

it didnt work for me

oh i frd

thats why

if only i never frd to 14.4.1

makes sense

but doesnt change much

@zealous bridge it proves downgrading

is possible

for the ota

we always knew it was

method

for sep exploit

sep exploit always allowed downgrading to some extent

is there a tool for tethered downgrade with checkm8

@zealous bridge my dad might give me his iphone 8 when i travel to him tommorow, if hes on 14.4, can i downgrade?

divise works, idk what succession tether is tho

no

sad

This would technically allow A10 but the issue is SEP isn’t arbitrary on A10 so you would need sep blobs... and the tsschecker that is normally used is bugged and doesn’t save sep blobs so yeah

yeah true

someone link succession tether whatever

never heard of it before

i just hope my dads old 8 is lower than 14.3

if it is

ill try testing

stuff

A11 might work under same conditions as A10 in the future if they somehow can get blackbird to work, A12+ is never gonna work with this method

with it

blackbird?

sep exploit

wtf

blackbird is the same of the sep exploit

i thought blackbird worked for a10

and lower

blackbird works on A8-A10

(X)’s included

A11?

Is it PyBoot @stiff hazel

A11 partially patched it by I think sep being 64-bit or something

A12 full patched it

nah

u need a bootrom exploit to see if its patched

nobody knows if A12 patches it

eh true

A11 is full patched

A10 is partial

huh

what

ye

A10 is fine

what does exploiting sep do exactly

thats why theres a workaround for A10 for sep

So a11 sep fix is possible?

change it?

A11 is full patched

We’re talking blackbird

yes

ik

how the hell is A10 partial

theres a reason why checkra1n didnt work on A10 for a long time

blackbird worked partial on A10

they needed a sep exploit

but checkra1n team worked on workaround

And to implement it

no

they made a work around

A10 is partial

be right back finding info on blackbird

for blackbird

sure

oh yeah remember A9 worked but A10 didnt

^

then they fixed it later

A10 is partial

true

wait

so

exploiting sep

changes the sep?

Lets sep run arbitrary code

so if blackbird works on a10

doesnt that mean

i can change the sep to 14.3

This is from the pdf attached here https://twitter.com/windknown/status/1291308058493116416?s=20 so I’m doubtful

So I’m confused what you’re referring to @green onyx unless I missed something

A8/A9 never even needed the sep exploit for checkra1n, only A10 (and still technically A11) needed it for checkra1n

I stg why does libMRYIPC want to reboot every update... I almost always click it

https://www.reddit.com/r/jailbreak/comments/ixrt40/discussion_untethered_downgrades_with_blobs_and/

That was checkra1n indeed for 0.11.0 yes

@stiff hazel what are the results of sloopie's expirement?

For the concept it worked

and in practice?

no example currently but everything should work unless there is something else we’re missing

how many testers are there

if this can work for A10 i will happily participate

so would this work to downgrade to 13.7 and upgrade to 14.2 with blobs? to try again at fdr

1. I don’t know
2. It can’t unless you have sep blobs saved for <14.4 which you likely won’t even if you have saved blobs because the common tsschecker is bugged

oh

but how do i even save sep blobs

in the first place

There’s a tsschecker fork which fixes the bug and saves them

The main one needs to have that be merged into it

what about tss saver

and shsh host

I don’t know? Maybe on Wifi iPad’s and iPod’s?

Think they use the main (bug) version

Think anyone can help me I upgraded my libmryipc and it completely broke all my tweaks and I’m having to load my jailbreak without tweaks to even type this out or else I’ll be in a infinite apple logo loop

@celest basalt was there when this was being looked through so you can ask them about it exactly

shouldve pinged me smh

well no one thought to ping you sorry

although dhinak might’ve been pinged

lol /s

hey as long as this works idc

also from the same pdf

i thought you didnt need blobs

for blackbird

what tool do you use to patch sep with blackbird

^

Wanna know as well

same

the issue is simple: we don’t have a (known) tool yet.

what we’re thinking is, pongoOS should be able to handle what we want to do with blackbird

again, this whole thing relies on us assuming nothing else is preventing the entire thing that we’re not thinking about

problem is, pongo only pwns SEP on A10 right now

Tether downgrading doesnt touch SEP right

would making a ui tool for this be simple

@celest basalt lets gooo i guess

not A8-A9 yet since it isnt necessary for checkra1n

but A10 needs SEP blobs

nvm i need sep blobs

yeah, would need A8/A9 stuff

could maybe fork pongo or something

Succession downgrading doesn’t
Downgrading with futurerestore likely would I think

how do we “use an arbitrary sep”

blackbird can load arbitrary sepos since they don’t at all rely on sep blobs and shit

so use 14.2 arbitrary sep + blackbird is just blackbird

got it

not necessarily to my knowledge but eh maybe

this discussion from here appears relevant I think? #554064188243181581 message

https://checkra.in/news/2020/09/iOS-14-announcement

ah yes

im wrong

sorry about that

@stiff hazel is right

A11 is partial

and A10 works

@stiff hazel sorry for the late replies, i was in class lol

ok well i can try this on a9 tomorrow if i can get all the tools required

you’re fine lmao

but tbh stuff like this is kinda pointless

because checkra1n exists

this is what sloopie thinks

apparently, this doesnt require blobs

SEP on A8/A9 is arbitrary

hm

doesn’t require sep blobs

ah yes

FR??

if it doesnt for a10

yes but for A9 and A8

oh

nvm

maybe we just need to find a way to get ota to downgrade sep

not possible afaik

and for a10?

no

iirc no

that has sep blobs and tsschecker sucks so you likely don’t have them saved

well anything is possible

wait

what happened

to

tsschecker

that’s like saying checkra1n A13 is technically possible

Been bugged and doesn’t save sep blobs

well it is, in maybe 10 years?

my question is if ipsw can downgrade sep why cant ota

it must be possible

Is MITM really possible? Tried a bit and kept getting blocked, found

Apple services will fail any connection that uses HTTPS Interception (SSL Inspection). If the HTTPS traffic traverses a web proxy, disable HTTPS Interception for the hosts listed in this article.

true, full otas have bb and sep

maybe we can pwn ota

lol

i have saved ota blobs

so go figure

via MITM

That's MITM?

did u dump ota blobs from the ota?

I thought you just used tss checker or dump onboards

it was in a .ips iirc

u didnt actually request it from tatsu

no actually

^ Your phone didn't request it from tatsu and you didn't MITM the request

Or you actually did?

tanbeer dumped them from the ota

his device did request blobs for the ota upgrade

TSS request is sent in cleartext

@zealous bridge if i frd to 14.0.1 and put 14.0.1 bb and sep instead of latest

its in device logs too

would it work

14.0.1 sep isnt signed

yes but if you want to save usable blobs you need to MITM the request

oh right sep and bb need to be signed aswell

isnt it the response

14.4 bb is exactly the same as 14.0 bb

in the logs, you have a full response but those blobs have an unknown generator

which are the blobs

The big issue is sep

the request is truncated and you need the full BCert to replay it

BCert only needs to match against ApChipID, ApECID, ProductMarketingVersion and SepNonce

doesnt that only apply to A14

so you can replay and save blobs with an arbitrary apnonce

oh right

no

OTA blobs are useless on A12+ anyway

ik

but i was just showing it was possible

I meant to reply no to this

that was a different thing

also cant we just set generator then

before sending the request

for A14 TSS refuses with error 94 even with a proper managed request

with MITM it

probably not, it randomizes the generator before requesting the APTicket

what the hell is you two saying

although maybe if one is already set it wouldn't? idk

thats what i was thinking

hmm

MITM is literally not hard anyway, just disable SSL decryption

but like you said you can save them to use with arbitrary apnonces

TSS request is in cleartext so

yep

mitm sep shit

so

what was the conclusion

of the big boy words they said

becuase i did not understand shit

lol

tldr: ota blobs dumped from otas dont work

because u dont know the generator

and its not even a proper request

and even if u did, its useless on A12+ anyways

the bcert is shortened

So only way is to MITM

which is trivial

is it even possible to mitm?

yes

how

how do I MITM without updating then lol, force reboot right after i get the request

^

any proxy

huh

mitmproxy works iirc

you could have the proxy modify the response

also nyu used something

like finger idk

send an invalid TSS response to the device

ah true

I used Fiddler yeah

lol

that ^

finger = fiddler

trust me

Fiddler AutoResponder should work, though I can't test it anymore since I updated to 14.4.2 and failed with the downgrade

but I just let the 14.3->14.3 update go through yesterday and it went fine

@celest basalt can we do something like this currently?
https://www.reddit.com/r/jailbreak/comments/gxgboo/discussion_how_to_update_appletv_hd_4k_to_1345/

hm

they use charles

yeah should be possible technically

but again, thats lower firmware to a higher firmware

not for me on 14.5 bc no downgrades, can't even JB it with checkra1n atm

ok ill try stuff with that

you have to supervise the Apple TV

nah for phones

no tweak exists for tvOS so just edit the plist manually

isnt bcert tied to a specific version tho

oh

yeah but I meant the same method we used to update iPhones

no MITM trickery just let it update

doesnt that include modifying the response to a lower firmware? how would that work if bcert was tied to a specific version

i’m guessing what they’re wanting is versions below 14.3

no, that was a different method

don't need to modify the response in this case

just use the same delayed update thing

oh

i cant read then

Couldn’t delayed updates also work on tvOS and audioOS and shit

These options are available in iOS and iPadOS 11.3 or later, macOS 10.15.6 or later, and tvOS 12.2 or later.

tvOS yes, good luck with audioOS or watchOS though

which business uses apple tvs

lmao

schools and meeting rooms for airplay and whatnot

both sep&bb must be compatible to downgrade with fr?

or sep is enough

Yes

ok

both

Sep and baseband both

👍🏻

true

damn

after the ota thing

nobody needs help with fr now

@vivid nova crazy sister check

just rename this channel to #ota-help

too much use from your mom i see...

She threw it at me once

aight whats new

haha 😅 true

regardless of a broken remote, you can still use your phone @zinc moon

what sloopie did, potentially mitm’ing 14.3 shit, that’s about it

just keep it on vibration for her

nothing rly, just explaining the concept of mitm the tss requests to these guys

Sloopie is trying untethered downgrades on A8/9

ah ok

BRO???

LOL

LMAOOOOOOOOOOOO

lol

depending on the age... would make no difference

https://tenor.com/view/rick-and-morty-sweet-home-alabama-gif-9637175

When I try to downgrade with FutureRestore from 14.4.2 -> 14.3, I get errors.

cool

She’s 8 bro

JTV out of line

what errors

8 year olds watch TV

yea

which?

YouTube

screenshot them to me

lol @digital cobalt literally disappeared

true

sus alt

true

josh you rocking with invest??

incest

how would that make sense if there's no bloodline relation with TVs

she’s not a tv

its called electric fluid

The vibration will be unlocked when she’s 16

this is getting into some weirdass shit

Yea

Let’s stop

how to jb a sister lol

and you say I'm out of line...

Before this turns into another #jailbreak

someone’s getting a bit too frisky to be talking in #futurerestore-help right now...

#futurerestore-help more like #general-2

get her in trouble with the law, then hook up the bars to a tank

#

how do i untether jb a sister

i need untether !!!!!

aight

we should really stop

@digital cobalt u good?

@green onyx he also asked in two different GitHub issues...

literally says that as he’s continuing the weirdness

ppl really dont know how to use github

or github issues

ban him pls

LOL

Asked him to get muted here two

demote capt pls

why

for making batch

hm

batchomatic is good

ban

are u fr

stfu

probably uses discord light mode

weirdo

@lilac wren u do know that batch breaks dpkg right?

not even breaks

ok time to rootfs

Froggy actually uses light mode

yes lol

just fucking shits on it

how do i extract debian files on windows

Admins are inactive rn

only people whom use light mode, go to stores without a mask use batchomatic

too lazy to boot in kubuntu

Wait for cam to come online, instaban

froggy:
loves ibec
uses discord light mode
think batch is good

#CancelFroggy #CancelCulture #DramaAlert

im pretty sure froggy wears a mask

doubt

iBEC gang

he got vaccinated tdy

u like ibec?

Lol wow

I’m getting my second dose on Sunday

I injected your mom

im not wearing one rn

i heard its suppose to hurt

Good thing I’m not working

damn does anyone know how to convert a juice theme into a fufu theme?

this is #jailbreak right

no

this is #futurerestore-help

Mike moment

Rip

i can convert your mom from innocent to naughty

!​t noTAG4u

!t joshyouaren’tfunny

Can we return this place

To normal

lool

please

yes

No

“i can return your mom to normal”

I thought you was josh

this

josh moment

josh is the simplest most predictable molecule

who tf is josh?

On the planet

^ this

@vivid nova clearly me

tell your mom i said hi

I'll tell his mom tv said hi

ok zoomer

Ok who

Lol I actually use zoom fk

is anyone in bedtime's server

^fufu dev

@vivid nova tell apple I said hi

tell @split torrent yourself

Imma call apple

Do it

not before I call your mom

@split torrent @zinc moon 's mom said hi

oi apple

join

Tim cook ain't ready for some kid

LOL

one

Apple let me Ota update thx

<@&430363671722590209>

Who’s this role for

@zealous bridge elaborate on the whole not a virgin thing

i refuse

what?

<@&430363671722590209>

<@&430363671722590209>

aaron

your mom

Ur mom

Wait tvs don't got

im on hold with apple support

i can hear ur ping

A representative will be with you shortly.

Fixed

ur acc shit

Since iOS 10.. I've never seen this until today..

Jtv the apple employee

https://tenor.com/view/spongebob-patrick-panic-run-scream-gif-4656335

Apple's changing the servers

There has been an influx of calls today. Please wait, as a representative will be with you shortly.

I'll call up your mom and be with her shortly

Apple let me downgrade without blobs

Lol this is fire in General vc

why does it sound like BTD6 music

wtf lol

nothings happening

apple is playing piano wow

apple u fker

pick up already

wtf

WTF

bruhhh

LITERALLY

LMAO

I LEFT

fk that shit

lmao

i muted that person

i dipped

nice

@split torrent how are u so good at music

https://www.businessinsider.com/apple-ceo-tim-cook-changes-apples-on-hold-music-2014-7

The same way I'm good with their mom

@vivid nova BRO

My tv just

Turned off

Randomly

It keeps doing that

The Apple TV?

All I do is watch YT

Yes

Not the display itself

Tanbeer your audio is flickering in and out

@zealous bridge what are u playing on ur mic lol

oh

i hear it now

Adjust your sleep timing

I think noise suppression?

What in the hell is a sleep timing

The timer for sleep

In settings, general

o

i have a feeling @split torrent is a bot

I’ll see it tom

JTV u work for apple

@split torrent does your mom love you

tanbeer really trolling rn

You don't have anyone named "mom" in your contacts.

I can’t hear him

You gotta be a hot

i can but kinda laggy

its probably bc his cousin's wifi sucks ass

but its fine lol

yeah tanbeer has noise suppression or bad wifi

might be the mic

ah rip

I’ll say something

nvm

@split torrent tell me a joke

What if it’s a selfbot

gg apple closing their server on ur device

no more app store

charge ur phone lol

Yh rip

Have you heard the joke about yoga?

Never mind, it's a bit of a stretch.

-_-

@split torrent fuck me

@split torrent what is 0 divided by 0

@split torrent can u remove app store for certain devices?

guys this is too much

ill fk ur mom

for them to say to their Siri

And then paste here

I’ll do you one better

I’ll make a bundle deal to fuck you AND your mom

Ok I feel like I’m ruining this channel

this is #futurerestore-help ...

Let’s go back to normal

Imagine that you have 0 cookies and you split them evenly among 0 friends. How many cookies does each person get? See? It doesn’t make sense. Tanbeer doesn't have friends.

true

LMFAO

Apple the philosopher

@zealous bridge how do custom IPSWs work

Since whatever you’re using to restore has to reach out to the Apple servers

ask @split torrent

Doesn’t that mean it’ll invalidate the custom IPSW?

once the firmware is on device, the filesystem is verified by iboot, which can be compromised with a bootrom exploit

can u preserve bb and sep with that?

bb and sep have their own ROM and OS

So no

cfw used to preserve bb

wait does bb even have rom

idk but theres a processor for it

yeah exploits exist

they dont do that anymore?

no

What does FR need to reach out to the Apple server, then?

since you need bootrom exploit + sep exploit + bb exploit nowadays

an internet connection? lmao

oh

they not the same shit anymore

its not hard to ping the apple servers

icloud is also in apple servers?

one of them

I mean like

Why do they do it

so they have multiple servers for different things?

All major companies do

one for sep one for bb?

because they need to verify signatures

The device won’t restore without it

So technically, we can use Custom IPSWs with a checkm8?

?

tethered probably

does android need to validate signatures?

never used android before

to move from firmware to firmware?

dont know jack shit abt it

lol

Is there a way to spoof apples response? If the say no, can it be spoofed as yes?

id assume its different for each vendor

not that simple

encryption exists

so what was the point of cydia server back in the day?

No except for huawei and xiami

Ah

of course otherwise u could break icloud ez

guess things were simpler before

could someone help me determine for sure whether or not I can FR

Since onboard blobs exist, do onboard SEP and BB blobs exist?