#futurerestore-help

uh no, what wouldn't make sense is if it was just a different OTA zip

I thought we already established that the difference is in the TSS request with the BCert... I have no idea wtf you're talking about

oh because something happened yesterday

we had a tester on A14

going from 14.1 to 14.2

and it didn’t work because A14 “didn’t have an ota” for 14.2

pallas just didnt give us a url

so thats why im assuming they’re different

thats why im asking dhinak to check

ok ssl kill switch 2 just fucked my jailbreak

Here

What happened

Im testing

Futurerestored to 14.1

Yayyy

tried to checkra1n but ssl kill switch just deleted webkit

Lol what

so had to fr again and now im tryna taurine

but taurine keeps kp

so idk what to do

i cant even ssh

This is a fresh wipe from FR?

-u

ah

restored rootfs with checkra1n before

still got err_jailbreak

but i fixed that

now taurine just kps every single jailbreak

ssl kill switch doesnt work on u0 either

Get unc0ver and jailbreak then rootfs maybe?

problem isnt rootfs

taurine cant jailbreak at all

why is taurine kping though

idk

same thing happened when i spoofed to 14.1 on my main

Are you ok with wiping the phone

i wanna use that as a last resort

True

Hm

I have sileo

But im not jailbroken

so cant open

dont have ssh either

What about trying 1.0.2 or something

hm

And is the version spoofed on this phone

ig i’ll try

no

this is literally 14.1

Checkra1n doesn't work for this either?

if i try checkra1n and install ssl kill switch webkit just doesnt exist anymore

every app crashes on launch

in safari before it crashes i can see “error: webkit not found”

Lol that's weird

You could try doing all the superstitious stuff like turning off passcode + sign out of iCloud + airplane mode

Or check console.app when it's jbing?

Turn on log window maybe

In Taurine

i am

nothing out of the ordinary

looks completely normal

How many times have you tried taurine

4

Hm

Trying 1.0.2 now

Ok

wow i rly took how fast the exploit was on a13 for granted

this shit takes ages

Are you still having issues with jb?

Was that a kp idk

Theres normally two splash screens right

no sileo works

pog

Yea there's 2 splash screens

1.0.3 is just dog shit i think

Nice

It's fine for me

morning

morning

Gm

we’re getting close

o?

testing 14.2

on 14.1

7

ayyy

btw

check ur mentions

ah ok

want you to run an ota for me

uh when I hop on computer

i gave everything there

ok np

14.3 shows

Nice

Wait you requested 14.3 or 14.2

gm

im tired af rn

Good morning!

When did you go to sleep folky

WHAT

HOW

Lol

shhh

gc

like 11pm lol

but yesterday was break for me

so literally played games all day

which was why i wasnt really active here yesterday lol

i slept for 11 hours

Ah ok

@lilac wren do you working on error fdr ?

no

fdr will never be fixed

@valid adder he back

will save

Lol

I hope

dont hope

Lol told u

He back

was he back yesterday?

wasnt active yesterday

I don't think so

Yesterday no

https://github.com/tihmstar/gido_public

huh

this is what tihmstar released

yeah

a4 gid key

Oh wow

Froggy what device has fdr error?

A11 and above?

A11+ trying to go to 14.0 - 14.2

GG lol

someone has 14.2 blobs

nvm he has A9

a key that encrypts everything on device

private

Prob

oof

A4 really be the least secure phone lol

A4 security is dead?

Well

Cant say now

Theoretically yes

who even uses a4 still

true

imagine we could manually make blobs?

yes shsh blobs can be decrypted with the GID key

so we could make em?

ye

for a4 yes

fk lol

but tbh we could just decrypt the ipsw

i want a11

and install anything

not happening

a4 who cares lol

i also dont want security compromised lol

ngl, this sounds a lot like eta wen jb for 14.4.2 but alright

look at jailbreak lol

kid keep asking for modernpwner

he said its not just webkit lmao

@unreal isle can you stop bothering people here

I mean personally I kinda want to untether downgrade my iPad 1 to 3.2 or something at some point if/when something comes around so I'd say some people care a tiny bit about A4

late but morning I guess just scrolling through old messages in this channel and am I understanding correctly that we really haven't gotten anywhere actually meaningful with the mitm stuff other than getting the 14.2 ota to appear or am I stupid?

nothing is happening here

even if it appears its not some big breakthru

unless downgrade is possible

I mean it's significant technically since it would allow you to in theory update to 14.3 past April 26th 2021

at least when 14.4 jb comes out this ota would still work for 14.4

@zealous bridge had anyone gotten

FR

To work

On an ATV

yes

many many many times

@vivid nova the fuck how do you set nonce

gonna fr to work on ur mom tho

dimentio?

with checkra1n, nvram com.apple.System.boot-nonce=<generator here>

are atvs prone to checkm8?

yes

Where do you change that file

In order to set nonce

you SSH in

if you're doing it to a 4K, don't bother

@vivid nova the HD became mine

But I have no display

Would it still work

wdym no display

no tv

No tv for me

And I’ll never plug it into the living room tv

the hdmi port or the tv its self

I don’t have a tv itself lol

I have an HDMI cable

And the power cord

you can use a computer monitor too

Well that too I don’t have lol

Except for my moms laptop

She uses it sometimes tho

plug it into your mom

OH MY GOD

SHUT UP

NOW

@split torrent

@zealous bridge when you fix A11 onboards

Would I have to save them again

i cant fix something thats not broken

Or do I save them when you do the fix

@low summit what’s this about

lol so its already fixed?

i know why everyones onboards fail

he means for a11

and its not because theyre broken

Why is it then

so are u working on a fix or nah?

theres no fix

its not broken at all

so why does it fail on a11

the reason is because everyone is ota’ing and img4tool sucks

so it needs an update thats it

no

So what can be done

people need to stop ota’ing

and start ipsw updating

Wdym

thats never gonna happen

been saying this for days

especially for 14.3 ota

Explain what would that solve

if you ota to a version

then try save blobs for it

*onboard blobs

then the onboard blobs will be ota blobs

which are useless without a bootrom exploit

And if I IPSW/FRd updated to the version

then they would be ipsw blobs

Would they be valid

yes

ipsw blobs can be used with fr

ota can’t (yet)

@low summit looks like it’s semi working

Already

what if i use succession and save onboard again

But my dad def OTA’d this phone lol

would it be ipsw blobs?

OK THIS??

there's 3 blobs..
ipsw blobs
ota blobs
the blobs on your moms face

succession isnt a replacement to ipsw

so its still ota?

Aren’t those called boobs

blobs of cum

tvs dont have boobs

what if we run fr

will our blobs be ipsw

or nah

yes, it just gets the ramdisk from the ipsw, picks and chooses files, and then sees (is the file broken? ok, i’ll update it) And (is the file not broken, ok! i won’t touch it)

yes

oh wtf

but you have normal blobs anyway

so whats the point

true

True

he doesnt on his 8

My dads iPhone is def OTA’d

So no point in trying

lol

then ur fked

@zealous bridge does updating through itunes count as ota (not restore)? no right bc its not over the air

I’m not fucked but I don’t want to jb it in the first place

It’s not

u will in the future

When is the future bro

thats ipsw

In the time I won’t need those apps I’ll probably have a newer phone

ota is only thru device

seems legit

aight

correct

semi working onboard lol

thats ipsw

so whats the point of me saving onboard 14.3

so never use ota

seems legit

i did use ota lol

once cryptic pushes v195 of fr you can use ota blobs

oh ok

but A11 and below only

strange that succession doesnt make ur ios install as ipsw

ok im on a11

how would it get past tss signing

OH YE

damn

i forgot

succession doesnt use tss at all

HUH???

so if i fr to 14.3 and then save onboard is it ipsw blob then @zealous bridge

yes

Tanbeer were you joking

ok lol

About 195

no

If you’re fr this would change a lot

im fr

once pwned 64 bit works

But HOW would OTA blobs even work?

like normal blobs

well 14.4 jb coming so i dont even need ipsw 14.3 blobs

But they’re over the air

ota blobs on A12+ doesnt work bc no checkm8

you think i dont know that

lol

My dads iPhone is an 8 so I don’t have to worry

I meant like wouldn’t they need to be used in the IOS settings

no

do u even need sep

the hashes are in the blob

but some arent

checkm8 patches those

So the device doesnt check it

ez

I meaaan

if not checkra1n

easy

@zealous bridge so basically

We’ve been sitting on this

For a while

@low summit I still need the COVID apps

ig yh

u have covid apps?

what

after covid

bruh

I literally signed a disclaimer on the plane

Saying I’d download the apps

why u even sign that shit

Because I had to

Wtf

For the vaccine and detection

Tawakkalna, the bypass for it is on a pirate repo and that didn’t work for me

vnodebypass

Didn’t work

kern

and get libkernrw

Kern?

OH MY GOD

I CANT BELIEVE I FORGOT LIBKERN

did u not get that?

ur an L

NO

I forgot

my guy

mad dumb

iPhones in jailed mode so I’ll have to wait till my mom finishes using her Mac

vnode not even in piracy repo tho

It’s not vnodebypass

man really be using vnode without libkernrw

It’s called tawakkalnabypass

oof vnode

fking L

It’s in the forbidden H repo

whats wrong

stop plz

Ok

forbidden mom repo

@vivid nova whats wrong with vnode?

same reason what's wrong with flyjb

whats wrong with flyjb

And grand grand father of the person who made vnodebypass is racist

lol

Therefore

Vnodebypass

Is tacist

the fact the dev has zero kernel experience...

so pwn ?

I mean

u said racist dev

thats pwn

Pwn is racist himself

But pwn didn’t make vnodebypass

if you want to bypass an app's detection, don't manipulate the kernel

so kern is the same issue

what do u use for jb detection

you just apply countermeasures to the app

what I use are standard yes/no checks

@vivid nova do you have the ability

To get some bitches

no i meant for bypasses

get ur mom yea

Because you desperately need some

just said it, standard yes/no checks

it's just hooking a function to say "no, i don't have cydia/dpkg/apt, yes I am legit and with your mom"

so literally just libhooker configurator

libhooker? librarian hooker?

nah

lol stfu

@zealous bridge when are we getting futurerestore ramadan

ramadans on tuesday app

or not decided

nah its more like a-bypass

it is

fuck

@zealous bridge 2030 will have TWO Ramadan’s

wanted to go taraweeh today lmao

i have to lead

tf

a-bypass is nice.. problem is it doesn't cover a whole lot

But those visas

Aren’t valid

thats long ways away

wdym doesnt cover a whole lot

i lead taraweeh bitch

banking apps

oh you meeant

In the UK

yes

Tbh Ramadan is easy after the first day

true

first 1-5 days

do u have off in the uk for ramadan

no

on eid we do

the end

of ramamdan

but not during it

@zealous bridge the eid money your grandma gives you BROOO

true

My grandma gave me once 50 JDs

make sure ur parents dont see tho

70 dollars

tanbeer getting lbs

off-topic

My mom

Saw it

And she said let me save it for you

this is #futurerestore-help

when is it ever on topic

turning into random-sh!t

@vivid nova Plesse let us enjoy this channel, as long as someone isn’t asking for help this is okay imo

non of the chats are on topic

#general-2

thats jb

This channel is literally

Perfect

jb is #general-1

We don’t need a green name to tell us to go on topic

why did we run the ota test in jb

and not here

that night

we should’ve created an OTA channel

nah

too much work

It’s literally one channel

geniuses are like semi-mods

bruh

That’s the annoying thing bro

they have no perms

except manage messages

@split torrent is the new owner

@vivid nova love you no homo but can I just refer to you

As green name

can i refer you to that kid that mom just wants gone so she can watch TV

she literally puts on whatever Netflix she finds

And falls asleep

On the first 20 mins

then i sneak in and...

thats what tv is for. going to sleep

The 2 has vibration?

guys

just chill out

kinda cringe for going against each other

^

We just joking but I agree it’s cringe

Let’s just act normal

ok so whats the status on 14.2 profile

u tested already?

no profile

Didn’t work it seems

@zealous bridge does the 14.2 download and install?

will disclose when we’re ready

more testing needs to be done

o

But why a 14.2

but what is the whole point of going to 14.2?

If it’s more buggy

you don’t get it

not 14.2, it can work for future ios versions

this

Hmm

we already know its gonna work for future ios

until the delay sign is over

nvm

u guys dont get it

lol

i love how he mentioned that and still doesn’t get it

i think everyone can agree that updating from 13.x to 14 is dumb

tldr: u can go to any future ios version without having it be signed and without blobs but needs more testing and its upgrade only

why

only thru updating

otas cant downgrade

@green onyx had to edit that 3 times huh

5 times wasnt it

bruh

and if u dont have the latest sep

@low summit if ur waiting for a downgrade solution just forget about it

downgrades are impossible

im not

^

cause albert is a fucking pain

impossible on what for what

for downgrades, wait for ipwndfu

thing is

otas

i know how to fix it

i know how to fucking bypass it

but i can’t

you can downgrade ota

bypass downgrading?

not downgrading

like use otas for downgrade

bypass LocalPolicy

ah

like the blob or the zip

like use settings

zip

using zip.. yes

u could go to any ios version but do u need to be jailbroken?

no

we’re working on a non-jb solution as well

but its kinda useless

need an exploit tho

since you can jb

true because 14.3 lower all can jb

the whole point is to stay on a jailbroken firmware

Who is we

and when a jb comes out

me and the crew

ohhh

😎

u can use this method to update

without blobs

The kewl kids

I get it

so this wont cover ppl on nonjb devices

^

lol true

going on a heist

fbi alert

kewl kid klub

kkk...

kkk....

bruh

Lol

now theres a real fbi alert

lol

what uk have mi6?

yes

does anywhere else have mi6

no idea

bruh

we have cia

your mom

mi6 is uk-only

lmao

true

whats the uk equilvalent to fbi

mi5

it seems 'true' is said despite things being false

true

What's mi4

^

or mi6

or mi5

mi3?

military intelligence

its 1-6?

mimom

mi6 is foreign intelligence

mi5 is security service

mi6 is gathering intelligence like cia

mi3 was eastern european intelligence gathering

mimom vacuums and cleans

mi2 and 1?

mi1 is code breaking

mi2 is russian and scandinavian intelligence gathering

mi7 in the works?

mi7 was first world war military intelligence

Eta when mi15

mi69

mi15 was 1942 military intelligence

specifically for aerial technological advancements

is there any way to downgrade from 14.5 to 14.4?

what device

with X, yes

11 max pro

no

you can downgrade to 14.4.2

if you're updating to a beta firmware.. then expect bugs

thats what ur mom said when she upgraded to you

not before i finished off yours last night

my mom thinks ur the devil

so false

and surprisingly, you said 'mom'

yeah

i had to think twice

why is JTV into moms

he horny

i didn't think twice when your mom came

😳

yeah she was gonna kill you so you had to run

i think i killed her..

nah shes here

she wasn't last night

same as mine

gotta protect our moms from JTV

^

sorry... your 'mum'

national sex offender

mum

mum

op

this

mum

lol british, mum

mum

bri’ish

can't be a sex offender if she turns me on with the remote

👀

Tom Scott is offended

if ur killing people i think you should be

tom scott is op

and cryptic walks in like those awkward pornos

you’ve seen a lot of those

Hi stepmom

your mom watches them... so i have to broadcast it

oh

that wasnt as bad

i thought you’d say

i make them with your mom

or something

i could, but i'll surprise you with it one day

uh guys

can’t wait

this is #futurerestore-help

stfu

stfu = Stop That Freaking Update

this is literally #come-here-if-you-want-to-hear-joshs-terrible-mom-jokes

true

imagine making a room for mom jokes

jtv’s heaven

i'd dominate it

that also applies to #jailbreak and #genius-bar

as much as i do your moms

you’d be the only one there

so yeah technically you would

guys, we should stop lol

Jules would join

maybe rick too

@granite hull

cringe

Hello

thats the wrong jules

ik

thats what ur mom said

*that's

lmao cant believe the guy replied tho

@split torrent wya

*can't

*

Oh

no wyu

#public-mod-logs message
lmao when did this happen

oh i got shat on for reporting someone who sent a random apk

oh wow

#bot-commands message
LMAO

rip tanbeer

Joemother

Just to make sure

It’s impossible to currently downgrade from 14.4.2 to iOS 14.3? For iPhone 11.

Correct you need a jailbreak

To use blobs

And you need blobs to downgrade

I have blobs

Still need a jailbreak then

Dam

ur blobs are probably not usable anyways

if u saved them with blobsaver at least

u need a jb

to set nonce

@celest basalt what ios are u on

nvm

then u cant fr sadly

well even if u have a jb 14.2 fr is not possible

fdr error

yup sadly

https://support.apple.com/en-gb/guide/security/secc1ffa3a47/web

In 2019, Apple achieved FIPS Security Level 2 for the embedded hardware module identified as “Apple Secure Enclave Processor (SEP) Secure Key Store SKS) Cryptographic Module” enabling government-approved use of SEP generated and managed keys.

so SKS = Secure Key Store

we saw that in the BCert

https://github.com/mwpcheung/AppleSEPFirmware

sks Module

this module provide ECDSA algorithms. sign, attesting ...etc Apple generate a class-shared ECDSA private key encryped

with AES gid as a CA. another root ca is generated by AES UID. apple's white paper says the SEP GID/UID is different

with kernel AES GID/UID. it's really like what apples says. the most chanlleging is to calculate the AES gid key,

which I think It's imposible.

https://twitter.com/keenjoy95/status/1142643499394715648

https://medium.com/hackernoon/demystifying-apples-touch-id-4883d5121b77

Only the Secure Enclave has access to cryptographic operations and it is the only entity to handle all data protection keys (iOS has several) through the “Secure Key Service” (SKS) which is an application running on the SEP.

well, Secure Key Store/Service

https://image.slidesharecdn.com/behindthesceneswithiossecurity-161124083712/95/behind-the-scenes-with-ios-security-31-638.jpg?cb=1479977009

did you just reaffirm the obvious

just looking for stuff

seems easy to crack

just ask @split torrent

true

passcode is 690690

brih

@split torrent really be living in this channel

@lilac wren told you

lol what

it has to be either you or dhinak

how did you get my OTP

Plus i lied anyway

It was 690 360

but still insecure

nice

huh, Filza won't let me edit SystemVersion.plist

worked with vim

what

-r--r--r-- 1 root wheel 570 Apr 12 00:25 /System/Library/CoreServices/SystemVersion.plist

it's set to unwritable even for root 🤔

it is

chmod it

hey, i need help

i'm on ios 14.4.2 rn, jailbroken on checkra1n- trying to downgrade to ios 13.2- and i'm using futurerestore gui

you cannot downgrade to 13.2

yet, i keep getting iBEC errors

SEP is incompatible

i have blobs tho?

can i downgrade to ios 13.5?

no, 14.0 is the lowest you can go

i have an iphone x, so i dont think futurerestore supports 14-14.2, right?

yeah, on an X probably 14.2 is the lowest that works

and ironically, I don't have blobs for 14.3, so I can't downgrade to that

does 14.2 work?

14.2 should work afaik, though it's been a bit more hit or miss than 14.3

i see, so it might take a few tries?

14.2 is completely broken from 14.x

only from 13.x

oh

Its a hit or miss

how can i downgrade then?

So only viable option is 14.3

14.3 only

If you have blobs

can i manually set a sep?

no

sep has to be signed

so, in other words, i'm stuck?

yes

bc i dont have 14.3 blobs

frick

stay on your version and save blobs for EVERY version this time

maybe you could try what we did with Sloopie earlier, hacking together a 14.2 tether boot and initiating a delayed OTA update (which will fail, but should return blobs), but that's pretty complicated and you have to wait for a futurerestore pwndfu fix even if it works

isnt sep arbitrary? dont you need sep blobs for that

these are all the blobs i have, will any of them work?

no

not right now

uuuggghhhh

thanks tho

well, 14.4 will, but useless to go there

exactly

true

rather stay on 14.4.2 to protect yourself against webkit exploits

now, when i exit recovery mode, is my checkra1n jailbreak going to be gone as well?

I actually have no idea how the 14.2 tether boot returned valid managed blobs because I think it was with 14.4.2 SEP or something

yes, you have to rejailbreak

frIIIICKKK

well, depends on which stage it failed at, you might not have to do a restore if the OS still boots up, just rejb

i see

not sure if SEP incompat errors are fatal

apparently they pwn sep with blackbird

honestly losing the jb sucks more to me, means i gotta wait until i have access to a mac again

but to pwn on A10/A11 you need sep blobs

A8/A9 you dont

A11 probably won't even work bc the exploit times out

which exploit

blackbird

A11 has 64 bit SEP and additional mitigations apparently

oh true

wait on a11 you cant even do it then

don't need a Mac, just a computer (or even a Raspberry Pi)

cause it was partially patched

so you get the sep too high error

i have a windows 10 machine, how can i jb?

!t odysseyn1x

probably could get a toaster with USB if it runs linux

lmfao

thanks mate

wen eta toast bread over usb

right I forgot it does this let me rejb...

what is that

userspace reboot after changing systemversion = panic

oh

wait i think supervision works on free

ok so what i press

where are you rn

oh fr

nice

tf

no way that works on free

it does lol

ohhhhhh the profile editor is paid

so what i press

is it on the "Hello" setup screen

-_-

then who cares lol

change the organisation from none

allow activation lock

u already got profile

to something

you need an org?

you just need to change the organisation

nothing else

yeah

ok

cant change anything lol

doesnt work

its unclickable

everything is?

try organization

its already at none

change it

change it to

what else is there

choose

and then u could add

Choose

Yeah

Then add

bruh

I got this glitch with checkra1n again

any name works?

and I entered DFU cleanly through recovery first

yea

any name

https://cdn.discordapp.com/attachments/779156258799878195/830935932408168478/VID_20210412_004200.mp4

is it usb

no

ok now i could click

see the video

LMAOOO

now what

it's def a software issue not hardware

what the actual fuck

persists in jailed state but restore rootfs fixes it

Press next

allow activation lock?

doesnt matter

or just leave everything normal?

yeah

Allow activation

Doesnt rly matter if you unsupervise later

lol nope

need paid

this glitch haunts me... this is why I want to be back on 14.3 with Taurine already

told you

welp

there was no way that was free

that kinda stops us

well apple config is free

is it seriously mac only though

that'd be so bad

develop free utility

it is mac only

its an apple app

can libimobile do it maybe

no but the windows version is outdated lmao

so its useless

Not that I know of but you can check the repo

yeah looking and it doesn't seem to be a thing

wen eta idevicesupervise

MITM for usb connection when

so now what lol

nothing

yeah or get a Mac VM

get a mac

or we get another tester lol

where is @zinc moon

ikr

sorry for making you wipe the phone for nothing then lol

idc lol

no use for the phone

send it to me plz

for what?

i can test depending on what it is

i mean for testing i have use

gonna have to wipe @green onyx

u need a mac

do you have a phone you're willing to wipe

and a mac

ah

or mac vm

mac part, nvm

and mac vms take a couple hours to setup

i have a mac but apple config dont work on it

for sluggish performance

6

i have a 6+ tho

that i can wipe all the time

its A8

on 12.5.1

with blobs

I can send installer for Mojave

a legit one that I downloaded

uh

macos vms suck

from Apple I mean

it took me like 3-4 hours to setup one

mac vms are shit

lol

^

i took 6 hours to setup mine

took me 20 minutes from my own mac lol

theyre so bad

was super easy

dragged in one file

and literally unusable

yeah well

u have a real mac

tell me one thing that doesnt match up there