#futurerestore-help

refreshing (im)patiently

Username: Rebel
Password: 123

not secure tf

ill ping u guys when it comes out

im on pc too

For what

imaging not having a script

it says not secure lol

i cant log in

it's https

Your mom

let me make a new acc

thats gone lol

maybe chrome is stupid

Same, considering writing a quick script to just tell me when it updates lol

#!/bin/bash

while true
do
    hash=$(curl https://support.apple.com/en-us/HT201222 | shasum)
    sleep 2
    if [[ $hash == *"672d801deab7c42d7dac5f88109f683e6580455c"* ]]
    then
        echo 'Nope'
    else
        echo 'HERE'
        echo 'HERE'
        echo 'HERE'
        echo 'HERE'
        echo 'HERE'
        echo 'HERE'
    fi
done

edit this I was just lazy

true I tend to do that too except a Pushover notification

and I just grep for 14.5

too lazy atm bc on phone

Same except discord webhook

software update is still stuck on "preparing update" I will wait longer

just wait

im surprised ppl didnt do this earlier

I haven't been in a jb scene for a while. I just checked reddit yesterday and everyone is saying last day

😂

well it's suppose to be

bro, how slow is apple on CVEs

there better be a lot

got 14.5 lmao

u updated to 14.5?

bruh

Even I know better not to update to these versions

no

@celest basalt still signed?

whats signed?

yes

Signed for me too

14.3

im on windows so cant be bothered to check

its showing 14.5

ah

but 2 gb

probably a delta

Just get tsschecker from procursus

You can check from phone

ez

https://support.apple.com/en-us/HT212323

ew

tvos

tvOS

wtf

how did u get tvos

mine doesnt have tvos after refresh

https://support.apple.com/en-us/HT212324

YO

SIGUZA

LOL

I got the link from checkra1n server

CVE-2021-1816: Tielei Wang of Pangu Lab

Lol

Siguza wtf

siguza big boi

pangu lab lol

nice untethered

https://support.apple.com/en-us/HT212317

YO

ooh

@zealous bridge

@celest basalt

@zealous bridge

bro

this guy

has 2 kernel exploits

Pattern f

2nd one aint even a proper vuln ngl

patternf

bro

hes a legend

well that was fun lol

patternf has 2

3?

or do the first 2 count as 1

nice

cve

promising?

hopefully patternf or modernpwner can release

modern’s doesn’t look to be here

Did you futurerestore

After jan 26

Yes

pattern f has a third

i dont even get 14.3 lol

Cant use it then

just keep trying

Thanks Tanbeer and Froggy

modern didnt tell apple

thats why

oh lol unable to verify

yea thats sep

How do apple patch without them knowing lmfao

Gonna remove mdm profile. Appreciate all your help

They said they’d wait

till apple patch

14.5 is actually pissing me off lol

someone else

lol so jb coming soon?

modern pwners for 14.4:

it was anon

time to ota to 14.4 lol

@low summit someone else is downloading 14.3 rn so it's just you

no

lmao

fkkk

why tf it shows 14.5

they have a server?

yes

it's called Hack Different

dm me invite?

this is the big boi

if it gets released

not hard to find but sure

probably jb soon

do u have another mdm to try?

Intune :P

lets try it lol

that one more success

I just finished school and I kinda wanna eat a snack

maybe later

lol

👌

So we got:

• 2 useful kernel vulns patched
• 1 potential webkit patched
• some other WebKit thing that was used in the wild

@green onyx yeah I think honestly 14.4-14.4.2 may happen soon

if they release

https://twitter.com/0xalsr

Probably not the modernpwner thing

this guy

can you dm it to me as well? am curious

hopefully it is

@green onyx could Siguza or that guy maybe release? Cause there’s no reason to hold it if it’s already patched in my thought process, right?

siguza doesnt know what it is

siguza's cve isnt kernel

^this is the real gem

oh I can’t read

u0 coming soon lmao?

whats that apple neural engine one

isnt that one useful for A11+ devices

@green onyx so I was looking through older security notes and I noticed you can also use cicuta_virosa on Apple TV

(tvOS 14.3-)

yes u can

and does shit use it

or no

nah

not yet

well the only uncheckm8 tv

will probably not have 14.3

jtv would know

omg ur back

14.5 is out

Lol

same build as rc tho lol

Also CVE out

wait ur grounded?

Theres a lot

This one

Is the big one

time for me to catch up in xp lmao

yes

your sister did something so you’re being impacted by it... huh

tf is cve again

hence his fam issues

no wonder ur mom is mad yesterday

ik what it is lol

they just showed it

results are like apple patched alot of shit

I think this likely means the new iPad Pro won’t have any jailbreakability

We’ll see

Maybe they accidentally started with 14.4.2 on launch models

Yeah

thats shit lol

Cause it’s useless

no

any ipsw blobs

i think

i use the 0x111 one

didnt try the other one

using the shortcut i cant set for the one thats not 0x111

They all have generators

One is 0x111111...

does the other one work with fr too?

One is 0xbd34a880be0b53f3

yes

oh yea that ^

the shortcut has issues with the 0xbd one tho

Does it?

setting nonce yes

says failed to verify

ap

I thought I fixed that

0x111 works tho

Bd34 should work too

not using ur latest shortcut just the one u gave me

that day

i believe on my X both work

Oh ok

but my 7 only 0x111 works

works fine with X

any blob

we tried on some guy yesterday and his ssh wont connect

that was weird

Yeah

u0 or checkra1n

checkra1n

i think he has that

I can already auto-detect the jailbreak

he did that already

still wont connect

And I already have the warnings

lol

respring like 2 times too

my ipad is fked up

mdm dont work

I want another u0 or checkra1n tester

Before release

ill do my ipad

lol

or do u need a completely new person?

Just need a fresh jb

once i figure out this 14.3 mdm thing on ipad

14.5 & 14.6 beta 1 SEP/BB are compatible

everyone knew that

yes we know

check pins

dunno why this is pinned

it's common knowledge

we been pinned tho

The form does not accept 14.4.2 as an answer for i(Pad)OS version.

lol because it's a number field instead of text

just put 14.42 or something ig

is futurerestore a one time thing or can you do it multiple times

multiple times

alr

ok froggy is a real bro

ios 14.3 coming

gz

really dont want u0 tho lmao

lol preparing takes a whole 20 min

ikr

takes longer than the download

omg it just moved soon as u said that lol

lol

man I wish I didn't use futurerestore to 14.2. I was that use case where I did not save 14.3 but 14.2

imagine this gets signed all the way thru to ios 15

Could have gotten 14.3 but oh well

still better than 14.4 lol

14.2 isn't bad

rip dabezt lol gone again

usually firmwares are compatible with a version up (eg: 13 compat with 12 - 15 compat with 14)

oh

and yet "updating" down from 14.5 loops you

wdym?

updating down lol

new meta

@celest basalt is this still present on the final? you said build numbers are the same so I assume so?

jtv invented a brand new term

downdate?

14.5rc and stable is most likely the exact same

I haven't tested it with the RC but most likely yes

if you try to Shift+Update in iTunes or futurerestore -u down from 14.5, it will most likely recovery loop you

ok so downdating from 14.5 will recovery loop you ^

u gonna update to 14.5?

although you'll probably go to jail if they're underage

preparing stuck again lol

I might once checkra1n is updated idk, but if I ever downgrade for a semi-untether I won't be able to use my backup so ehh

i think 14.5 might have patched modernpwner

is there any confirmation?

nothing about modernpwner in CVE notes but there was pattern-f

honestly if its patched it aint too bad. jb coming soon then

imagine an untether being released but it requires no passcode and only works for beta versions

ill take it

untethered better than sep ngl

bruh.. a buggy OS with zero protection.. pass

unless you've got a tester

i remember when untethered broke bluetooth

that was like 4.2.1

no-one uses bluetooth as much imo.. it's all wifi

Untethered was nice. I remember my ipod touch 4g waay back then

use to never use bluetooth but now airpods lol

I must be in high school at that point lol

we should make checkra1n untethered, open up the phone and put in some tiny rpi, when the phone turns on to DFU power is sent to the rpi and it boots checkn1x and just does it immediately

well untethered so long as you enter DFU when unjailbroken

you know what that's semi untether

yea

lol

miss pangu 9 untethered

i would love webra1n with the ability to connect via ota from another users' pc on a proxy server to inject the code

imagine a semi untether jb but ran thru a website

like jbme

imagine going to the apple store to jailbreak demo devices

good times

they stop that now lol

i did it once with pangu lmao

they blocked via dns i'm assuming

i install that pangu semi untether

i'd have a proxy server set up.. you just to webra1n -c ota -p <url:1234>

and u could delete var in the process lol

that's been done

who did it with jbme

Yeah I know, I've done it on 4.x

jailbreak.me

i did it on ios 9

and 10.3.3

i would put u0 on all demo phone

just to troll

@lilac wren is vmware better than virtual box?

yes

by far

alr

i need a windows vm

VMWare is 1000000x better

remember my rants lol

yes

vmware is better yea lol

*that moment when peeps think 'I wasn't talking to the TV.. but i'll consider it anyways'

#futurerestore-help message

kvm is best but I'm assuming not everyone is a sweaty nerd

so vmware 🙂

kvm is too much work imo

preparing is so slowwwww lol

well at least if there's an untether then fake passcode isn't defeated by just rebooting

imagine bootlooping upon entering any form of password

rogue SEP

rogue mom

rogue ATV

another success lol

ipad on 14.3

pog

still signed...

@lilac wren is there any way to transfer clipboard from host to vm?

I think you have to install vmware tools

yeah virtualbox and vmware have options for that

i did

hm

i thought so

its in the VM settings

but i dont know where i can enable it

let me recheck

Helping 2 people at once, both people see 14.5 instead of 14.3..... hope apple didn't make a dumb change

froggy got a lot on his hands

lol

true

imma stop bothering him

lol

i'll check for you

you're fine

14.3 says it's signed

yeah it is

it also shows 14.3 in pvm

rpv?

14.4 doesnt work either

only shows 14.5 what's going on lol

hold on

@dreamy shard is the user with the issue

what's the issue

We push 14.3, only 14.5 shows up

and starts downloading

push 14.3 via MDM?

^ note that

or

pallas

14.3 via MDM yes

oh

14.5 starts downloading, so it did receive the MDM's request

i thought you meant requestedproductversion

just decides to update to 14.5 instead of 14.3

fuck

I just spilled water on my keyboard

Welp

oh god

lmao

How to jailbreak my device?

good question

aren't we all jailbroken at heart

yeah theoretically we're not in jail

so we're jailbroken

ez

I just joined this server just to know how to jailbreak my device lol

can you see the massive channel name that says #jailbreak ?

I have seen a lot of people having their device jailbroken and it is so good

#futurerestore-help is probably not the right channel...

ok it appears to be fine

you tried MDM?

taurine time lol

meant my kb

oh

lol

Pallas is returning the right thing

he's got a lot on his hands rn dabezt... maybe ask him later lol

helping like 5 people at once

i got to 14.3

it's MDM

on ipad

lol

so needs to be a bit private

lol

yeah

switch for sure

taurine just shit on me lol

need to rfs

i wish i could help with all this pushing mdm lol

seems like mad work

same

but idk how it works

nor do i do mdm

What y’all doing

new pfp finally

uh just MDMing

cause 14.3 still signed

It is?

yep

Is this the same person Cryptic lol

Little peep

or something

lil peep

Yes

So let’s figure out bcert

would be epic if you could use A10 SEP hax to generate it

idk if it would let you just change ChipID to 0x8015 though or if it uses a different key for A11

can someone on A11 not check

check what

this

not that simple

would need to figure out how to use A10 SEP as a signing oracle first

you can't just change values inside the actual generated BCert after the fact, that would invalidate it

Hey guys, I’m stuck on FDR 0xXXXXXXXX waiting for message... and it keeps timing out

what device and ios are you restoring too

iPhone 11 from 13.5 to 14.3

weird

It just started going again

Took like 10 min

oh ok

I had that on my X when restoring to 14.4, just took forever but worked

imagine FDR error all you had to do was wait

It instead it’s

Exits

Instaexits

Imagine 👀

I mean

all you have to do is wait

a billion years

for TSS to be cracked

rats. still just showing 14.5

we can get lucky and manage it in one year

will be cracked before a billion years pass 😄 just gotta wait for quantum computers 😄

apparently A10+ is SHA384-RSA4096

not 1024 like theiphonewiki says

wait rly?

yes

@lilac wren how is it going

how many ppl are u helping at once rn?

3.5

I told the .5 to wait while I figure out if it's an issue with everyone or just them

we had any success with MDM?

oh

i could try rn

have to go soon tho

ok go ahead

OK I'm back up

got 20 minutes to try

Thanks to froggy

see if internet speed will let me down

I am interested to see if this method works with jamf pro

I have access to it as I am an IT admin

it probably does

probably

just need to locate the install already downloaded update thing

I'll dig around. but don't want to push profiles to strangers in production

it does

im pretty sure tanbeer did it

@zealous bridge remember the guy with 3 apple corp accs?

not successfully

but i do remember it being there

lol

can't you make a new blueprint or something

we already have a profile for 90 day lol

I'm not talking about the profile

a blueprint is a set of MDM configurations that can be applied to one or more selected devices

@lilac wren i cant even download it from pallas for some reason

it errors instantly

oh

that's probably the issue then

A10X is pretty good tf

No difference on ios 14

@lilac wren fixed it, forgot i still needed the delay profile

huh?
http://updates-http.cdn-apple.com/2020WinterFCS/patches/001-87796/D0BB56EC-C8E9-45D1-870F-26DBF33518B3/
access denied

14.3 was removed from gdmf

nvm

i didnt

for real

so it's over?

it's here for me

idk whats going on

I get it in pallas

i just cant download it

TSS still signed

just the file doesn't download

access denied

oh

thats the issue

fuck

Is there a way to make apple id without 2 factor?

yes, create it in iTunes

Lol fk I did it in browser

Now I can't turn off lol

still access denied

I think 14.3 is over

yeah

they nuked it

but

how

did i get

14.2

Omg lol

before

Last update?

For me?

TSS still accepting it so doesn't that mean we could somehow trick it still

you can still get 14.2 to show up and download lol

OH YOURE RIGHT

Map local

with what file

who can download it

oh no

siguza

that was my inital thought

@royal flint

Welp jamf cannot update to 14.3

uh

isnt it specific for each device

?

https://gdmf.apple.com/v2/pmv

or is there just one 14.2 ota

14.3 is GONE

OGG

it is I believe

oh no

yeah because it's pulling from gdmf

it was there earlier today

"SupportedDevices": [
        "iPhone12,1",
        "iPhone11,8"
      ],

ur saying s1guza has ALL of the OTAs

lol

?

fine maybe not lol

was showing it is specific to each device

oh

Yeah I was just curious. You have access to jamf?

only Jamf Now

wait what

14.3 is gone?

Supposedly

OH WAIT

IT IS

its gone

rip

FROM GDMF

GG

OTA is dead

ripp

wat

update the post

the fuck y'all blabbing

https://azure.dhinakg.tk/nerd/2021-04-26_16-51-12.png

tf

https://azure.dhinakg.tk/nerd/Code_2021-04-26_16-51-27.png

how

mdm only is dead, you have to use mitm now

wait

yea

?

you have to use the install only method now

although you should probably check if it's still signed

the OTA zip's are pulled

mitm wont work

yeah

apple actually nuked 14.3

access denited

gg

lol

still signed via TSS

instead of turning off TSS they just turned off the actually OTA file

how

how are you getting the ota file @royal flint

so its impossible now

for 14.3

i just started downloading it

the link you sent is for the folder

oh true

but

the device

doesnt install it

either

http://updates-http.cdn-apple.com/2020WinterFCS/patches/001-87781/4846F5C3-5DE6-455E-BE07-7F6576F07211/com_apple_MobileAsset_SoftwareUpdate/41166f3fb28620ef1cd27998d0c7eafc893907d1.zip

you used RequestedProductVersion?

for iPhone10,6

wait can we still map local then

link still up

ipsw.me and theiphonewiki has all the OTAs

can get links that work for iPhone10,4 too

ye but the phone isnt pulling them from there

http://updates-http.cdn-apple.com/2020WinterFCS/patches/001-88018/F88B8B75-7EDE-4D7C-9C0C-566448BD9470/31092a11930cc4358245113295fb4e8666430563.zip

wait

this is broken

can u download the ota

we can still map local

and place it in the dir?

with the otas

that one is denied

what device

12,1

board?

n104ap

bro

since schools and corps dont need 14.3

apple is free to fuck us

RIP

this is what they're doing

we got nuked

So it’s intentional

Damn

yes

wouldn't be surprised

they know what we're doing

sounds apple tbh

gg

it was fun while it lasted

Wouldn’t even be surprised if some apple employees were here

they 100% are

ye

oh i got it

@split torrent

apple is the fun guy at parties

i got the ZIP

yay

the fuck

i dont get that link

was the case with nintendo so i wouldn't be surprised

lol

Samsung gang

i just got it from ipsw.me

i get http://updates-http.cdn-apple.com/2020WinterFCS/patches/001-87796/D0BB56EC-C8E9-45D1-870F-26DBF33518B3/com_apple_MobileAsset_SoftwareUpdate/74ad73145baab8cde8475ea3f0d6f7aec2516fb8.zip which works fine

link

actually @quick stag is an apple employee

they definitely are here

http://updates-http.cdn-apple.com/2020WinterFCS/patches/001-87796/D0BB56EC-C8E9-45D1-870F-26DBF33518B3/com_apple_MobileAsset_SoftwareUpdate/74ad73145baab8cde8475ea3f0d6f7aec2516fb8.zip

no link from ipsw.me

yes

from ipsw.me

the ipsw.me page

whatd i do

not the actual ota link

ur here to gather intelligence

work for apple

https://ipsw.me/download/ota/iPhone12,1/18C66?prerequisite=

and report back to tim apple

yes

get out of here mr steve jobs

I mean this server's already being monitored

so

Big Steve

yes

that one works, the one you said didnt work

by u

anyone want to try ipsw.me then

@zealous bridge can u download the ota and save it to the ota dir? and then use that to upgrade?

by your spies?

who tf is big steve

i keep hearing it

U

not on device

steve is head monitor

@lilac wren has anyone confirmed RequestedProductVersion is dead?

nein

yes

because i can get the links just fine with that.

it's never dead

big S

yeah idk why the device is pulling the weird one

explain the process

Stevie

that doesnt work

what is the current build

okay guys ping me when i should put the announcement saying it's dead

yep don't put it yet

14.3 spoofed to 14.3RC 18C65

this will help you with futurerestore

i am lazy give build number
oh

i don't think many people saw it in the <90 seconds it was up

@zealous bridge same device?

12,1 n104ap

I was one who saw it

cannot reproduce i get the working link i sent

the one that works?

on gdmf?

idk then

wtf is my device doing

ok I can’t help in this chat not smart enough

send the link

i can try

link for what

what are you gonna do with a downloaded OTA lol, map local?

the link that tanbeer has trouble with

you can't just pick out whatever link you want to use

yeah why aren't we doing map local

nah, just test if link is broken or not

because it's not needed??

then why isn't it working for anyone lol

i have no clue wtf you guys are doing

same

can someone give a coherent account of what you are following

bruh my device is still giving the wrong link

what are u doing with the ota file?

i don't see that link in ipsw.me either

how are u going to load that ondevice?

/2020WinterFCS/mobileassets/001-85984/29D6D6BE-1A90-4E87-B761-BBC4D0B2B5AE/com_apple_MobileAsset_SoftwareUpdateDocumentation/38fb6c36e883bc967870abfc0c72243c393ab1cf.zip im getting this now

bruh

that's docs

oh

shite

dumbass

lol

bruh

the device isnt even downloading it then

So is it dead is it alive what’s the status what

well, its dead

MDM only is dead

you now need MITM + MDM

but what dhinakG and tanbeer and froggy is testing if mitm works

is mitm still alive?

as long as TSS is alive

ah, so as long as its signed

@celest basalt @lilac wren TSS still alive?

<Error>
<Code>AccessDenied</Code>
<Message>Access Denied</Message>
<RequestId>EGJTMEQKF2PMGJNR</RequestId>
<HostId>bnQRHCAvHomdfYo7u7kGF+1wLKH30wUwENqAmx80l+cT7pcm1Rm4mBdxSKKTwRPalsZUYrDsLdk=</HostId>
</Error>

tss is still signing

yes

So if it’s still signing then it’s not completely dead

yes

apple is going to take action soon tho

tester trying rn

i mean, gdmf doesnt have 14.3

not sure mitm works

@royal flint is the device supposed to download from the folder or the zip

It's dead?

bro

Like dead dead?

who the fuck is saying gdmf doesnt have 14.3

it has it

@red sleet status:

• MDM is definitely dead
• MITM may/may not be dead

i literally checked 2 different devices

Still works lol?

u sure? try refreshing

you combine the BaseURL and the RelativePath

i checked like 3 minutes ago

check now

the device is just downloading from the folder then

still there

and getting access denied

strange

tf

bc i dont have it

what are you using

proxyman?

have what

charles

GDMF gives me a valid file for XR

14.3

hm

are you MITMing?

im wrong then

nvm

no I just did a GDMF request

ignore me, im a dumbass

look wtf its doing

expand the folder

not a breakpoint

access denied

http://updates-http.cdn-apple.com/2020WinterFCS/patches/001-88018/F88B8B75-7EDE-4D7C-9C0C-566448BD9470/31092a11930cc4358245113295fb4e8666430563.zip

full url

@lilac wren u should probably update ur post

the fuck is your phone doing

exactly

all i did was rpv

uhhhh are you using ssl killer

Ok

yes

send pallas request

i have ssl proxying

    "TrainName": "AzulC",
    "SessionId": "BED7F580-D37C-4338-A137-8FBF7F87F5DE",
    "ProductType": "iPhone12,1",
    "AssetType": "com.apple.MobileAsset.SoftwareUpdate",
    "ProductVersion": "14.3",
    "DeviceClass": 1,
    "DeviceVariant": "B",
    "SigningFuse": "true",
    "DelayPeriod": 90,
    "ClientData": {
        "AllowXmlFallback": "false",
        "DeviceAccessClient": "softwareupdateservicesd"
    },
    "Nonce": "132CFE93-F625-4573-BA37-C0753920E7FD",
    "Supervised": "true",
    "ProductName": "iPhone OS",
    "NoFallback": "true",
    "BaseUrl": "https:\/\/mesu.apple.com\/assets\/",
    "AssetAudience": "01c1d682-6e8f-4908-b724-5501fe3f5e5c",
    "BuildVersion": "18C65",
    "ClientVersion": 2,
    "InternalBuild": "false",
    "AllowSameBuildVersion": "false",
"RequestedProductVersion": "14.3",
    "BuildID": "238D3D4C-3940-11EB-8D33-A61B81E77CB1",
    "IsUIBuild": "true",
    "HWModelStr": "N104AP",
    "DeviceOSData": {
        "SystemImageID": "5AD8BD31-B8BD-4FD6-9C4C-90645CA26AE1",
        "BuildVersion": "18C65",
        "DeviceVariant": "B",
        "ProductType": "iPhone12,1",
        "BuildID": "238D3D4C-3940-11EB-8D33-A61B81E77CB1",
        "HWModelStr": "N104AP",
        "DeviceName": "iPhone",
        "ProductName": "iPhone OS",
        "ProductVersion": "14.3"
    },
    "SystemImageID": "5AD8BD31-B8BD-4FD6-9C4C-90645CA26AE1",
    "DelayRequested": "true",
    "DeviceCheck": "Foreground",
    "CertIssuanceDay": "2020-09-29",
    "DeviceName": "iPhone"
}```

what if you do product version 0

trying

http://updates-http.cdn-apple.com/2020WinterFCS/patches/001-87796/D0BB56EC-C8E9-45D1-870F-26DBF33518B3/com_apple_MobileAsset_SoftwareUpdate/74ad73145baab8cde8475ea3f0d6f7aec2516fb8.zip with that request

your device is officially on drugs

ffs charles 30 mins my ass

lol

what

yes their device is smashing together directory for update with file name for docs

working for iPad Pro 3 wifi

with tester

MDM

downloading 14.3 rn

MDM is working?

MDM yes

damn what

no MITM

with mdm?

also pog

yes with MDM

cryptic typing

Weird how my jamf instance does not show 14.3

will die as soon as vmware refreshes tho

You need to inject ssl pin disable into com.apple.Security Security means it will inject into every process

jamf has refreshed already

VMWare refreshed to show 14.5

in the past 30 min

ah so mdms are slowly rolling 14.3 as invalid

dunno why they didn't remove 14.3...

its not immediate

ah i see

probably refreshed to add 14.5 before they removed 14.3

So once that happens only mitm will work

or otherwise they're doing this manually lmfao

@zealous bridge

yes

remember when JTV tried to say 14.1 -> 14.3 was downgrading

hm

lol poor jtv

wonder if its something to do with SoftwareUpdateDocumentation too

for some reasons its requesting that every time

before it only used to be once

it already does

yeah no this is still drugs

is it something with ur device?

is it me or is this very hard to read

idk what it is tbh

maybe cause i'm mdmed

try unmdming?

trying rn

are you kidding me

did it die or

im gonna jump out my window

Tanbeer what’s wrong

ok hold on

updatebrain wtf are you doing

PSA: 14.3 still signed

tanbeer, u good?

ok so far so good

need to know where this goes wrong

"__RelativePath":"com_apple_MobileAsset_MobileSoftwareUpdate_UpdateBrain/31092a11930cc4358245113295fb4e8666430563.zip","__BaseURL":"http://updates-http.cdn-apple.com/2020WinterFCS/patches/001-88018/F88B8B75-7EDE-4D7C-9C0C-566448BD9470/"}],"AssetSetId":"09e92bc9-533d-4b04-a87d-18ce0042a28c"}

@royal flint can you try an updatebrain request

i think thats where it fucks up

please backtick that

sorry

ok whats the status

i need the request for this actually

is it completely dead?

one sec

no

ah nice

mdm only will die soon™️ once airwatch refreshes

    "TrainName": "AzulC",
    "RequestedProductVersion": "14.3",
    "SessionId": "E543C1EF-C57C-4AA7-9F9C-3C94EC59C89F",
    "ProductType": "iPhone12,1",
    "AssetType": "com.apple.MobileAsset.MobileSoftwareUpdate.UpdateBrain",
    "ProductVersion": "14.3",
    "DeviceClass": 1,
    "DeviceVariant": "B",
    "SigningFuse": "true",
    "CompatibilityVersion": "20",
    "ClientData": {
        "AllowXmlFallback": "false",
        "DeviceAccessClient": "softwareupdated"
    },
    "Nonce": "68E6D42D-6289-4945-80D2-3778A3EBE928",
    "Supervised": "true",
    "ProductName": "iPhone OS",
    "NoFallback": "true",
    "BaseUrl": "https:\/\/mesu.apple.com\/assets\/",
    "AssetAudience": "01c1d682-6e8f-4908-b724-5501fe3f5e5c",
    "BuildVersion": "18C65",
    "ClientVersion": 2,
    "InternalBuild": "false",
    "BuildID": "238D3D4C-3940-11EB-8D33-A61B81E77CB1",
    "IsUIBuild": "true",
    "HWModelStr": "N104AP",
    "DeviceOSData": {
        "SystemImageID": "5AD8BD31-B8BD-4FD6-9C4C-90645CA26AE1",
        "BuildVersion": "18C65",
        "DeviceVariant": "B",
        "ProductType": "iPhone12,1",
        "BuildID": "238D3D4C-3940-11EB-8D33-A61B81E77CB1",
        "HWModelStr": "N104AP",
        "DeviceName": "iPhone",
        "ProductName": "iPhone OS",
        "ProductVersion": "14.3"
    },
    "SystemImageID": "5AD8BD31-B8BD-4FD6-9C4C-90645CA26AE1",
    "DelayRequested": "false",
    "CertIssuanceDay": "2020-09-29",
    "DeviceName": "iPhone"
}```

tester 2, iPad Pro 4th gen (2020), sending 14.3 gives them 14.5

huh no TargetBuildVersionArray weird

this is update brain

so no rpv

wait i can force 18C66 with UpdateBrain

ok then

delayrequested = false i think is normal with UB

oh wait there was an RPV

but i didnt put that in

automatic

can confirm that request

gives you the weird url?

{
            "__BaseURL": "http://updates-http.cdn-apple.com/2020WinterFCS/patches/001-88018/F88B8B75-7EDE-4D7C-9C0C-566448BD9470/",
            "__RelativePath": "com_apple_MobileAsset_MobileSoftwareUpdate_UpdateBrain/31092a11930cc4358245113295fb4e8666430563.zip"
}

thought so

i dont think its a device issue lol

same exact thing you sent

just now

#futurerestore-help message

but why

hmm

i can check pallas

one sec

yeah that's what i was going to do

https://www.theiphonewiki.com/wiki/IPad_Pro_(12.9-inch)_(4th_generation)

this?

guess i'll be going back to 18C66

iPad8,9 btw

o

@royal flint

ok

@royal flint same thing with 14.4

looks like it should work for that ipad

http://updates-http.cdn-apple.com/2020WinterFCS/patches/001-87796/D0BB56EC-C8E9-45D1-870F-26DBF33518B3/com_apple_MobileAsset_SoftwareUpdate/74ad73145baab8cde8475ea3f0d6f7aec2516fb8.zip

AND 14.5

i get 14.3

I JUST PERMA BRICKED UPDATES

i got a different url

i didn't delta

same

why

wasnt on purpose

but

how bro

my device does not know what updates are now

oh i forgot model thing

per brick ota or itunes too?

try it without SSL proxying?

just block tss

nah im not even proxying at all

still same thing

im gonna try reverting the spoof

how do I get the boardid of this ipad >:(

ipsw.me?

doesn't seem to have 4th gen pros

system info?

ooh yeah

no jailbreaking though

gestalt shortcut

yeah

going back to delta fixes the block

@royal flint

weird

man i really wanna get hired at apple to see their infrastructure for this now

after seeing all the shit that goes on with pallas and catalogs

lol imagine getting a peak at the source code

is this the url you got @royal flint http://updates-http.cdn-apple.com/2020WinterFCS/patches/001-87796/D0BB56EC-C8E9-45D1-870F-26DBF33518B3/com_apple_MobileAsset_SoftwareUpdate/74ad73145baab8cde8475ea3f0d6f7aec2516fb8.zip

board and model?

t8027 is board I think

iPad8,9

uhhh

"iPad8,9": {"ProductType": "iPad8,9", "HWModelStr": "J417AP"}

oh

yeah it

's J417AP

https://www.theiphonewiki.com/wiki/T8027

"HWModelStr": "J417AP",
"HardwarePlatform": "t8027",

HardwarePlatform is useless

its just chip id

You only need ProductType and HWModelStr

and with those two I get http://updates-http.cdn-apple.com/2020WinterFCS/patches/001-87981/1EB4B0F1-29CB-4B0E-8980-1AD1DB7C19A5/com_apple_MobileAsset_SoftwareUpdate/099801d1b261790560922867ca5295a3091207a6.zip

http://updates-http.cdn-apple.com/2020WinterFCS/patches/001-87796/D0BB56EC-C8E9-45D1-870F-26DBF33518B3/com_apple_MobileAsset_SoftwareUpdate/74ad73145baab8cde8475ea3f0d6f7aec2516fb8.zip

....

why is it still different

my request has a lot of junk

that looks what tanbeer got

so uh

what are you using to test?

{
  "TrainName" : "AzulC",
  "ProductType" : "iPad8,9",
  "AssetType" : "com.apple.MobileAsset.SoftwareUpdate",
  "ProductVersion" : "0",
  "DeviceClass" : 1,
  "DeviceVariant" : "A",
  "SigningFuse" : "true",
  "ClientData" : {
    "AllowXmlFallback" : "false",
    "DeviceAccessClient" : "softwareupdateservicesd"
  },
  "Nonce" : "HI",
  "Supervised" : "true",
  "RequestedProductVersion": "14.3",
  "ProductName" : "iPhone OS",
  "NoFallback" : "true",
  "BaseUrl" : "https:\/\/mesu.apple.com\/assets\/",
  "AssetAudience" : "01c1d682-6e8f-4908-b724-5501fe3f5e5c",
  "BuildVersion" : "0",
  "ClientVersion" : 2,
  "InternalBuild" : "false",
  "AllowSameBuildVersion" : "false",
  "BuildID" : "238D3D4C-3940-11EB-8D33-A61B81E77CB1",
  "IsUIBuild" : "true",
  "HWModelStr" : "J417AP",
  "DeviceOSData" : {
    "SystemImageID" : "5AD8BD31-B8BD-4FD6-9C4C-90645CA26AE1",
    "BuildVersion" : "0",
    "DeviceVariant" : "A",
    "ProductType" : "iPad8,9",
    "BuildID" : "238D3D4C-3940-11EB-8D33-A61B81E77CB1",
    "HWModelStr" : "J417AP",
    "DeviceName" : "iPhone",
    "ProductName" : "iPhone OS",
    "ProductVersion" : "0"
  },
  "SystemImageID" : "5AD8BD31-B8BD-4FD6-9C4C-90645CA26AE1",
  "DelayRequested" : "false",
  "DeviceCheck" : "Foreground",
  "CertIssuanceDay" : "2020-09-29",
  "DeviceName" : "iPhone"
}