#futurerestore-help

strange af

Maybe they skip rc?

why

Who knows 14.5 out next week anyways

If 14.5 gets jb then rc blobs will be available on tss

@lilac wren still can't get it to match

interesting

Why you got 2

Xcode is gonna make ur mom mad lol

huh, apparently you can't OTA from 9.3.5 or lower to 14.6+ anymore

https://www.theiphonewiki.com/wiki/Beta_OTA_Updates/iPad_Air/14.6

Users still running older versions of iOS (up to 9.3.5) are now presented with a dummy update file, and are instructed to use iTunes to install software updates.

that's fine, this is only 14.6+ and only from 9.3.5-

for the delayed OTA you need to be on 11.3+ anyway

well they can until 14.5 is unsigned

it is with MITM

but at that point just use iTunes

unless you want to do this on an Apple TV 4K

no

only latest

you can use delayed ota

and MDM

also MITM yes

but for average user no

but bear in mind that ota signing and ipsw signing is not synchronous

not time wise

if a version is signed for ipsw

it may not be signed for ota

and vice versa

hello

anything new

or anybody need help?

ah

There’s an app that says what’s taking up storage lol

You may need to delete apfs snapshot backups

Daisy Disk

LMAO

is there windirstat for macos

lol

huh

@zinc moon http://www.derlien.com/

try this

or this: http://grandperspectiv.sourceforge.net/ if the first one doesnt work

Daisy Disk is a lifesaver

idk if there's anything as good for free, but you should look

Finallyyyy I successfully updated to ios 14.3

Using Ota?

Sending TSS request attempt 1... futurerestore: failed with exception:
[exception]:
what=SEP firmware is NOT being signed!

I'm an idiot

I used 14.4.1 instead of 14.4.2

hmm, if I use OTA SEP it won't even work

just messing with pwndfu

oh fuck I used 14.4 blobs instead of 14.3

Any success?

Wish you luck lol

no

still panicked

Fdr is ass

why succession crashing

using beta?

Yeah

what does it crash on

what step

Extracting .dmg from IPSW

uh

never had that issue on 14.3

it stays there for like 5 minutes

and then crashes

open succession

go to settings

and check version #

1.4.16~b4

damn

disable tweak injection?

into succession

its my mums phone i just jailbroke it

no tweaks

also theres no restore system button

I could jb my parents

in checkra1n loader app

And they wouldn't even know lol

how do i fix this in 5 minutes help

They want cercube lol

I kinda want to do it

stupid banking apps istg

screenshot succession page

the home page

lol i gave the phone back to my mum but it said 14.1 iPhone9,3

She wanted a jb?

not that

i dont need that

i need to see what it says at the bottom

@zealous bridge ask for phone back

Download clean filesystem

And settings

the ipsw is in wrong directory

or theres a corrupt ipsw

when i press download it says

ipsw found

do you want to use it

remove that ipsw

in filza

or get a new one

and then start succession again

ok

also when u run succession, dont close phone or let it dim

set autolock to never or get nolowpowerautolock from sparkdev

it doesnt turn off anyway

probably have autolock set to never already then

ok its downloaded

unzipping now

crashed

will try again

uhh wtf

my phone keeps looping between Apple logo and recovery screen

@green onyx same shit

wait fr?

what happened during download

ok nvm irecovery -n booted it up fine

bruh

crashed at exactly the same time as before

lol

during download?

no

did download go fine?

it went downloading, unzipping (crashed here once, reopened), verifying ipsw, extracting filesystem from dmg (crashes here consistently)

ye unzipping isnt suppose to crash

the whole process isnt suppose to crash except at the end, when it crashes and reboots

i cant even restore rootfs wow

why doesnt she have a root fs

checkra1n didnt make one for some reason

reboot

and rejailbreak

have u tried that?

yeah even safe mode

I might try with unc0ver

I don't think there's any system to restore if you never got cydia

Just reboot

i did get cydia

and i need to get rid of jb detection

so rebooting changes nothing

Oh so that's why your successioning

If theres a sepnonce in there

It’s known

Actually i’m not sure whether it was shsh host or tsssaver

Try both

Rip then

Imagine we could set APNonce directly

Without having to mess with the generator

Lol true

Because it’s signed? Lol

Thats like saying

Why cant we just change the ios version number of the blobs

And make it whatever version we want

@zealous bridge @zinc moon I forget what happened when we tried beta profile + method

iCraze is wondering if we could do that and somehow pull shit like 14.4b1

And see if that works with cicuta_virosa

What are you talking about

@zinc moon ez

imma check with img4tool hol up

ok the sep nonce is called snon

Use the iOS beta profile plus the delayed OTA method

hm

i dont think delayed updates work for betas

but try still

yeah doing it rn

ur sepnonce is 9796144df599b7e508817569add430640ac87026

it came up in tss saver too lol

unable to check for updates is what happened for me

but maybe you could get beta blobs with the BCert because it's only tied to ProductMarketingVersion

but then you either need pwndfu or need to MITM it in a way that you can keep the same SepNonce because it changes on every request

^

smh Discord not rendering the emoji properly

18D5030e

idk how to fix it on desktop but I need to reinstall emojiport on iOS

I'm on 14.3, when was it supposed to be added?

14.5

I think

Oh ok makes sense

🏳️‍⚧️ wait am I dumb or is this it?

But I'm on 14.3

O_o

Not even

Maybe yeah

Idk why discord breaks it then

Bc I can't see it in your username

i also have this one

wait see what

hmm yeah it's still broken even with emojiport

Sloopie 🏳⚧

still needs a jailbreak and supervision

might as well use otadisabler at that point lol

Rip

Wow doesn’t work for me either

🏳️‍⚧️

testing

It’s def discord’s fault

yeah Discord fucks it up I guess

Test

Wow discord seems to break all those joined emojis

and without the beta profile?

Oh no 14.3 is gone now? :(

wait what rly

loss

Oops

lmao

it will fail if you spoof systemversion

oh

anyway Filza keeps failing to edit that file for me so I have to use the terminal

we still got 11 hours left bois

makes sense

as long as you have the delay profile

it'll still show 14.3

Let's sniff that

I want to see what the request was

are you sure it's final

lol

I think you should sniff the request and response, it'll probably answer your questions

yeah tbh

if we can sniff the response it'll tell us the build number

nah from pallas

tss is way later

Well if you block tss you never have to risk it

nah you dont even need to download it tbh

this is weird, I spoofed to 18C65 and I'm not getting any update with the profile

the first request and response should be enough

lemme try

either block the gs.apple.com response with a proxy (no SSL) or just have an SSH session open with reboot pretyped

yeah and get rid of the pinning

[[SSL Kill Switch]]

gs.apple.com doesn't use SSL in the first place so no need if you just want the TSS request/response

i think we want mesu more than TSS

would be easier

while we're MITMing someone should get a BCert bc I want to see if it will work for the next 3 days beyond April 26

IIRC someone managed to just force restart at the verifying screen to stop the update even, but SSH open and hitting enter on reboot (make sure to be root) is easier

or that yeah

im trying to see if 14.3 will show up rn hold on

And if you request 14.3 specifically? That'll help decide if it's gdmf being weird or the phone

idk I can try to MITM it

14.4.1-14.4.2 has same SEP as 14.4

uhhh

guys

preboard is filling up the whole thing

is that supposed to happen

yeah for some reason it didn't work

What's it say

even 14.4->14.4

uh what is preboard doing

im scared

this thing is updating

oh shit

Lol berry what did you even do

nvm

Are you sure it's updating

yeah but the SEP is the same... maybe there's something telling it that "this SEP was installed with a 14.4.2 BuildManifest"

preboard just took rly rly long

it filled up halfway

you know @sacred estuary the weird thing is a few days ago I got my 14.4 SEP to generate a BCert for 14.3 but TSS rejected it with error 94

and someone else after also reported failed to verify (not downgrade) on iPhone10,6

Happened to the 12.4.9 ipad and did the whole "press home to upgrade" and Apple logo progresd bar, when it was done it was still on 12.4.9

so maybe Apple unsigned it for this device only idk

like A14

What was the issue with A14 for OTA again

@celest basalt i'm getting 14.3

I went to test it after that and 14.3-14.4.1 all gave me a BCert but TSS error 94

and then 14.4.2 managed update went through and since then I'm not able to get a BCert again

personalisation error apple side

Ah ok

yeah, TSS just rejects even the managed request for A14

spoofing 18C65

weird

I even used OTAEnabler

watch taurine kp

like it always does

yeah

yeah

works on iOS 14

then get a proxy like charles or mitmproxy

Proxyman

or that

I prefer Fiddler

i keep getting mixed up

still annoyed that I updated to 14.4.2 and now both pwndfu and OTA methods are failing to go back lol

ikr

the thing that gives me consolation is:

• I can at least still JB, even if without passcode
• eventually when a new exploit drops 14.3 will become irrelevant because I plan to update when Taurine gets updated for new versions anyway

if pwndfu did get fixed would you go back then

its at like 201

I manually compiled Cryptic's branch and it goes through everything and enters restore mode but then SEP panic

if no Taurine 14.4 update yet then yes

what happened to testing pwndfu on A10 yesterday?

failed

because enterpwnrecovery

what was the last error exactly bc there are a few that are solved by retrying but I guess it failed even after multiple retries

^

someone could test on A9 too, I only have A11

a9 has to be mac only

right because of the sigcheck removal stuff not working on Linux

it could if they wanted to bc checkra1n does it

yeah you need eclipsa

mesu.apple.com/assets/v2

you need to userspace reboot after this btw

nah just capture the response

and check what the build id is

yeah

should be in json format

then you did something wrong

oh im stupid

You have to block gdmf first

gdmf

not mesu

Mesu is fallback

it should be the only one there

so whatever you have

exit and enter the softwares update page again and just check the new one that pops up

do you have the beta profile

same error I get on A11, running futurerestore again before DFU times out fixes it for me

either that or create an empty file (e.g. junk.txt) and then irecovery -f junk.txt before starting FR

@sacred estuary was that the request or response

although that should only be required for iPhone X according to checkm8-nonce-setter

yep

thats not it

lol

unless its b64

Yeah it is b64

nope thats final

9.9.14.4

oops

Build version is 18D52

which is final

has anyone actually tested if cicuta works on b1

I think that's the full response

the only beta blobs I have are for 14.5

I have blobs for 14.4.2

do i have b1 blobs

hmm

test it on Corellium

if only their custom IPSW upload actually worked...

no lol

lmfao

Ok

rip

lol

spoof kernel version

ez

Blobs for what device

Ok

I think the reason it's not a delta is because iOS14PublicSeed doesn't have deltas for stable -> "beta" (even final)

Whenever I can I always download every blob I can for safe keeping

Yep

I know

@lilac wren do you think we can MDM and RequestedProductVersion it

What are you trying to do

taurine has to reboot

We can always request product version even after 90 day

14.4 beta 1

Oh I see

Morning

Oh yeahhhh

Idk how that would work because 14.4 beta 1 isn't a normal version number

we can do 14.4 then edit the build id

There's no requested product buildid though

yeah could test the BCert theory I had because it's only tied to ProductMarketingVersion and not BuildID

Hm it’s worth a try

@sacred estuary tether boot would work then

sure

ffs

but isnt already jailbroken stage 2

as long as we can race for the voucher

we’ll know it works

what about restore rootfs?

that still runs the exploit

i think

Oh

Just do that with taurine then

Guys didn't we already solve this

oh

Download update while jailbroken then mdm install only

Lol

i dont think thats what we're tryna do lol

Oh ok I'll read again

post exploit on Odyssey won't work properly on iOS 14 though

all we need is race for voucher

Oh ok

i dont think we even need the converting part

ask someone who knows swift lol

lemme take a look at it

@sacred estuary weeeee

so we just edit the version i think

https://github.com/Odyssey-Team/Odyssey/commit/3c3c00a2c4029f8ba7d2a30533274a1f395a587b#diff-c5749ab06a98edf122b2b6e0d8af36e5095423871c6fba703b87195fc7cd53efR80

why does it say 13.7.1

@sacred estuary

go figure

all mentions of it

the code is nice

just change the false to true

that should work in theory

oh wait it says 13.7.1 because that's the condition for being unsupported

lol

could make it 14.0 though because 13.7.1 will never happen

best of luck

https://github.com/Odyssey-Team/Odyssey/blob/7682a881ffec2c43fe3ed856215ca08e1139fe9e/Odyssey/app/ViewController.swift

Just make the if statement blank

Although idk if it will actually work that easily

xcode i think

i have never used xcode before in my life

@lilac wren pls halp

lol i really tried this:

"RequestedProductVersion": "14.4",
"RequestedBuildVersion": "1818D5030e",

i got 200 OK

but

18D52

oh wait

you found it

link beta profile pls @sacred estuary

did you try compiling that one thing

Umm.......................

you need the whole app i think

uh

Because the last key doesn't exist I thought

i have 200 OK

so

maybe i just need the profile

It just ignores that key right

why are u guys compiling odyssey?

ah

just change version checks

and i think theres a reason why CS didnt allow rejailbreak

^

i do

i also have more

weeeeeeeeeeeeeeeeeeeeeee

i have every blob

im always prepped

im A11 too

i am here bruh

can u get the ipa to compile?

if so, sure

wait why

I only have A12 and A7? I think it's a7

taurine isnt OSS and does version checks

yeah

just spoof

version

wait

with checkra1n?

yeah

then reboot

and do taurine

will that work?

i dont need -u lmao

i have itunes backups

@sacred estuary how did you get 14.4 beta profile lol

is there a time frame?

bc i have class soon

i take ap calc

alr

ill try it after dinner

14.6 one?

hopefully u guys arent asleep by 7pm EST

but i think tanbeer sleeps at 6pm EST

7am your time is like

1am

for me

idk

what is est

eastern

gmt what

im in canada lol

so 4pm my time

ok

I am utc+2

19:00 Sunday, Eastern Time (ET) is
00:00 Monday, British Summer Time (BST)
oh no

pog, see you tmr

sleep well

eh i'll be awake until 4 anyway

ramadan vibe

focus on getting the ipa to compile for now

oh right

what conclusions are u trying to make from this

to see if circuta works on 14.4 beta 1?

yes

and i am checking

if we can ota to 14.4b1

alr, i can test beta 2

lol

oh yes

it should work

nice ecid

Oh fu*k

no like i have beta 1 and beta 2 blobs

folky really saving this

LOL

@sacred estuary 14.4 first try lmfao

A11 gang with blobs

best device ever

can confirm

tim apple uses a11

true, i can mess around how hard i want

i could delete /var and still be fine

I AM INVINCIBLE lol

noooooo

unless you only have OTA blobs like me

I can't figure out why SEP panics for pwned restores

that was because of interrupting checkra1n I think

oh wait, since tdy is the last day for otas and btickets expire after 3 days, can someone try getting one? and try using it tmr?

last one was just failed to send iBSS

or does it not work like that

yeah I said this already

yeah

wef

oeuf

just delete PreBoard.app

ez

ahh i cant get ota to work

i cant request a beta build

lol what

thats so weird

with beta profiles

even if i spoof 14.5

14.4 comes up

wen eta downgrade

ldrestart didnt work

yeah I got the same weird

then

need to reboot

lol

did you reboot

nyu

just try rebooting

it worked 4 me

Is this more research on spoofing ota?

no, this is testing if 14.4 beta 1 is vuln to circuta

lol

Taurine for beta 1 lol?

well beta 1 was released before 14.3 came out

Who has blobs tho lol?

Nyu?

the person you are talking to

i do

99 percent it is LMAOOO

for 14.4 beta 1 and 14.4 beta 2 lol

true lol

Apple don't patch shit

In beta

hopefully beta 1 and beta 2 work

How are you going to make taurine not unsupported for 14.4 beta again

also, froggy, why u looking at my reddit acc /s

Go to the firmware spoof version

yeah i cannot get the beta to show up

hold on

And see if it work lol

Lmho

what if i sniff regular

odyssey with circuta

So u guys spoofed 14.3 on 14.4beta?

but that wont work

bc tfp0

odyssey is probably trying to get tfp0, which doesnt exist on 14

Lol remember the spoofer guy

Tho that was a great idea

ok

That's what I said lol

@lilac wren OMG

Folklore say it won't work

beta profiles

have

is systemversion.plist in root or var?

RequestedProductVersion

lmfao

thats jokes

wait in a profile??

no in the request

nice so how do they request a beta version

or they don't

ah

im onto something

also, to make this work, im getting Ora1n, not checkra1n right?

does it matter

Tell coolstar to make a version uncheck for taurine @green onyx lol?

nah

Imagine

Easy

it does

@lilac wren the difference is

bc if i jb with taurine

mesu's base URL

bootstrap mismatch

im going to get fucked

yeah so we can't request a specific beta still

i need filza and a package manager to change plist

I guess it just determines 14.5 vs 14.6

@zinc moon u have beta one blobs?

oh i see

so i just swipe up on taurine after i get voucher

14.4

yeah

Then how u trying lol

They trying to see if taurine works on 14.4 beta 1 @zinc moon

Because it's out before 14.3

Lol

It definitely is supported lol

pog @zinc moon is mem edition

congrats!

Oh yea congratulations

Remember when pangu support 8.2 beta one and not 8.1.3 LMAOOO?

Tether boot lol

i may have a way

Sloopie got it lol

The tether boot

Lol GG

Lol

Lol

Succession?

Lol

It's online lol

Let's go

Lol

lmfao

DABEZT

CONGRATS

I'm next lol

Or I think

A berry u mean

whyyyyy

Congrats!!!

No more weird berries?

*tanberry

Bro folklore load 14.4 beta lol

Try it

@lilac wren public seed also gives me 14.6

wtf

Do you need a mac for tethered boot?

Odyssen1x?

Does this mean exploit failed

Stage 1: race for voucher ivace uaf
perform_user_data_element_uaf_race: success on 288 iteration
uafed_voucher: 16931
Stage 2: leak task port address and overlapped index
Bad fake element dump!
perform_user_data_element_uaf_race: success on 437 iteration
uafed_voucher: 40615
Stage 2: leak task port address and overlapped index
Got fake element dump!
Overlapped index: 0
Cannot find next spray entry

wait

it's still running

nvm

after dinner

i have class

lol

it raced the voucher successfully

perform_user_data_element_uaf_race: success on 54 iteration
uafed_voucher: 25967
Stage 2: leak task port address and overlapped index
Got fake element dump!
Overlapped index: 0
Next spray index: 36
task_port: 0xffffffe19d4200a8
Stage 3: Convert uaf into pktopts uaf

exploit worked good

and got the tfp

yep

thats a success

ooh ok

that was easy

Lght I'm doing tether boot lol

pls share ipa now

lol

ok lol

it's stuck on this stage 3 though

that takes ages

lol

Ur already doing taurine?

you still on 14.3?

I am

which?

Oh u guys modifying taurine?

Lmao

no 14.3, wanted to test if I could have it work

it finished!

Respray fake user_data_element
Destroy uafed voucher...
Established custom r/w primitives!
Stage 4 (DEMO): pwn kernel
task PAC: 0xfade4561a18e4000
PAC decrypt: 0xfade4561a18e4000 -> 0xffffffe1a18e4000
proc PAC: 0x5ca939e1a0801d50
PAC decrypt: 0x5ca939e1a0801d50 -> 0xffffffe1a0801d50
ucred PAC: 0xb6eaed61a13926d0
PAC decrypt: 0xb6eaed61a13926d0 -> 0xffffffe1a13926d0
Overwriting kernel credentials :)
getuid() returns 0
whoami: root
Out.

root

yes

you are root

this was in an already jb'en state

Froggy God modify taurine lol

no

wait

it works?

yes

Yes

pog

Of course it works

Lol

yes rejailbreak would seem to work

at least the exploit works

not sure if odyssey is meant to rejb however

it isnt

what about u0

lol

no

pls no

yes

its not OS

@lilac wren interesting

why not lol

lol

thats even better

we can check if 14.4 beta 1 kernel = 14.3

if so, it would work

so taurine can fool it?

or u still need to modify?

thats why chimera works on 12.5.2 without an update

AllowSameBuildVersion 🤔

yea

but u0 works too

on 12.5.2

kernel check > version check

u0 works too lmao

u0 sucks

bootloop incoming

lol

by that theory u0 > taurine

lol

overall, no

not true

at that aspect, yes

14.4 beta 1 is stable?

lol

u0's check is shit anyway, it only checks kernel version for detecting support, not for exploit selection

lol

u have blobs for 14.4 beta?

no

damn lol

tho ur out of 14.4 for good

kernel can't be the same bc they blocked JIT in 14.4b1, but idk if they patched cicuta_virosa

most likely they didnt

8.2 beta had exploits that 8.1.3 doesnt

in beta 1? it came out b4 14.3

nice

bcert

whats that

expires after 3 days

saving them tdy

extending ota?

OMGH

and seeing if we can use them to ota tmr

YES

I FOUND IT

?

tanberry clutch

found the cert?

ITS THAT

difference between delta and full ota?

CYAMOONN

need to re-add the profile

is this a new profile for prolonging ota

you can specify this?

well

let's see

pog

its a check

a request

right when

bruh how

you install the profile

Validity: From
Sat Apr 24 2021 16:36:55 GMT+0200 (Central European Summer Time)

To
Tue Apr 27 2021 16:36:55 GMT+0200 (Central European Summer Time)

for the BCert

lmk if it works lol

not for checkra1n devices?

bruh wheres the request gone

can i save blobs for 14.4 beta on a 7 tho

ota blobs

lol

ota blobs dont work lmao

useless af

it doesnt work for now

it will work for A11-

ota or ipsw

wont work until pwndfu yea lmao

pwndfu is broken rn

nooo its not giving me the request back

its too good to be true

apple stop fucking up

lemme try 89#

it's not just that I think, mine enters restore mode fine but then panics

how likely is a 14.4 jb tho? wouldnt they wait for ios 15

nah

13.7 JB happened months before 14.3 too

oh i know how to get it back

an error occurred nooo

what did i do

oh wait

is it in the public seed or dev seed

^

that

no

this would help those who dont have 14.3 blobs but 14.4 beta 1 blobs

but that shouldnt happen anyways since 14.3 ota still works

true

So it's still pretty useless

14.4b1? no

Who has blobs tho

¯_(ツ)_/¯

ugh why is it encrypted

@sacred estuary you might as well use cicuta by itself at this point

compile that into an app of your own

omg

yeah that has a .xcodeproj

so just git clone

ugh i cant figure this out without getting a request from someone who requested .4 dev beta 1

one sec

http://updates-http.cdn-apple.com/2020WinterSeed/fullrestores/001-89170/465DFF18-D918-45F0-99A0-D2A15D600AFB/iPhone_4.7_P3_14.4_18D5030e_Restore.ipsw

lol no idea then

oh shit i need a build id

!t successionbeta

I've linked this before but this seems to be the only documentation on the BAA stuff delayed OTAs use, and it only mentions Activation Lock... I wish there was more documentation on it
https://support.apple.com/guide/security/localpolicy-signing-key-creation-management-sec1f90fbad1/web

i know, this is the reason we can't downgrade

i feel like it's hard-coded into SEP

but I still don't understand how my device managed to generate a BCert with 14.4 SEP suddenly but it still got rejected

I don't see anything in the request about the source version

bruh

idk why this doesnt work

like I saw the managed TSS request in the log but error 94

the only thing that changes is docID

14.3 update showed up after a rejb btw

told you

ldrestart isn't always enough I guess

works on beta

so is CC patched on beta 1 or nah?

xcode app signer?

you can't downgrade below 14.0

because sep isnt signed

now my X is again not even generating the BCert for the delayed OTA, I have no idea how it worked that one time but I shouldn't have let the 14.4.2 OTA go through, that broke it...

Well I just made a new OTA blocker

wasn't there a new version that doesn't need offsets

With just a .xml file

https://github.com/pattern-f/TQ-pre-jailbreak/commit/8da54a9cc19c271f9b4488f143835e9cfd563c1d

u cant rn

what are you installing?

You need to compile the external folders too

Somehow

idk how

try using modernpwners

and see if u can get ssh working

Yes unless you have 14.3 blobs

ik for a fact that modernpwner's can compile

i remember a lot of ppl on twitter screenshotting ssh with modernpwner's cicuta

what ios version are u

Any other 14 blobs

?

?

L

U only have 13 blobs

?

AMAuthInstallHttpRequestBaaCertificate
this sounds like it's requesting the BCert from a server 🤔

I got you give me like 10 minutes

whats in patternf's readme

@celest basalt do u know how?

no idea

@coral falcon well my device just panicked in the middle of an ota update and it put me back in the existing OS

sooo

idk

uh

did I just bootloop

yes

Nooooo

hold on time to stare at the apple logo

what did you do

U have blobs?

phew im fine

Lol

XR

Scared us

It took 2 minutes to reboot

so cant use blobs

and i thought it looped

Just realized

@sacred estuary do you want an iPA or xcodeproj

ipa probably

2 min is normal lol

ok doing some final tests

Yay

uh

bruh

what arr you doing

use https://github.com/CoocooFroggy/FutureRestore-GUI

just get the static binary

lol

@wheat lagoon why are u compiling it manually

use the gui

it can grab a compiled version

just use the static build

^

compiling futurerestore is a pain, Cryptic has a script and I have a Docker image but that's for Linux only

darn it, this is the one time I would prefer unc0ver to taurine

xcode

Opa has a Windows script

That's what I said lol

Use u0

luke has a linux script

yeah Cryptic's script is for Linux static builds

and I made a Dockerfile based on it (haven't published it yet but I can)

@coral falcon what happened with the snapshot

U figured it out?

What's the conclusion

So it restores ur previous snapshot?

yay i have a BCert

oh its a 14.4.2 one

rip

OMG

OTA UPDATES ARE BROKEN

LMFAI

Didn't take too long to boot

BTW

ota has just completely broken on me

@sacred estuary lmk if this works? I successfully signed it with reprovision

Taurine or u0?

neither

Odyssey?

Lol

no it's just the exploit wrapped in swiftui lol

Lol

Nice

why does my phone always want me to log in to my Apple ID again after I spoof systemversion

ssh?

wdym

it's an ipa

an ipa to exploit circuta right?

yes

@lilac wren is this patternf's or modernpwners?

Folklore only one with blobs lol

I can

How u tether boot

Give me steps

you dont have 14.3 blobs

dont do it

nice device name

unless you want nosep

U need that?

in case you fuck up

Lol

You're lucky it errored out early

alr

im just going to see if dabezt can get it to work

@wheat lagoon No iOS 13 versions are compatible with latest baseband / SEP

if you're using FutureRestore you need to go to iOS 14.0 or later

u cant

bruh

I think this error means you need more space on your computer—but don't try it going to iOS 13, you'll bootloop

^

just dont

The exploit is running

pog

Ip7 can't tether boot?

No sep?

it can

I tho we just trying the ipa lol

it works on 14.4 b1?

Oh shit

Yep

are we sure this guys on b1

^

wait a sec

No idea

screenshot systemversion.plist

just because it's running doesn't mean it works... lol

screenshot about section

^

yes

Did you include sileo lol

how do we get legitimate proof

screenshare

U can't

it literally just runs the exploit, I didn't make a jailbreak lol

So how u know it works LMAOOO

you open Console.app and read the exploit logs lol

No ssh lol

Just exploit

Console.app doesn't need ssh

thats all we need

OK cool

the exploit

lol

nah for android

14.4beta

Yes but its running it does not finish in 1 second

U sure ur on 14.4 b1

To sign with repro

🤦‍♂️

Lol

Lmho

Tanbeer stop trolling

Yep so don't ask if it woorks in 1 second

Yep i need to update that

?

lol we need someone competent testing

Is this guy legit?