#futurerestore-help

FLEXall
Load FLEX loader dynamically.
https://DGh0st.github.io/Files/?p=com.dgh0st.flexall

What does this tweak do?

Well if you read the description

There’s so many options in it that I don’t know what it actually does or how it works

What are you trying to do with it

Trying to change the price on Amazon

To prank a friend

There’s so many options

Honestly This kind of thing scares me so I just don’t touch it with a 10ft pole

Id just use a computer and inspect element prices

I don’t know the first thing about coding

Is it dangerous

I thought it was gonna be a noobfriendly tweak

I saw a video on YouTube saying you can get premium subscription for about anything using it

It’s probably a bit over the top for what you’re trying to do then

Yup, I tried ersatz but that didn’t work for Amazon

It works for almost every app though

it’s because the amazon app is a website

That makes sense

This flexall tweak definitely edits html pages

I just don’t know how to do it

This other guy helped me a bit but It’s confusing as hell

@valid adder please guide me how to use your files

@rustic blaze extract the .tar.xz and then

./futurerestore-v253 --use-pwndfu --rdsk rdsk1470.dmg.patched.im4p --rkrn rkrn1470.patched.im4p -t blob.shsh2 --latest-sep --latest-baseband 14.7.ipsw -d

I have not tried the 14.7 patch, only 14.5.1, but it will likely only fix rootfs shit and not Face ID

wait

what root fs issue

@celest basalt

when you restore to 14.x with iOS 15 SEP on iPhone X or newer it will get into an FDR loop when restoring Savage (Face ID) firmware

you have to force reboot and manually exit recovery for it to finish

it restores successfully, except Face ID is broken and there's no rootfs snapshot

it's possible to create one manually (stock checkra1n and u0 already do this) but I haven't managed to get Taurine working even after that

what the fuck

wait

what happens if u restore with succesion after this

I tried, doesn't change anything

rip

the rootfs stuff seems to be fixed with the patched files (not confirmed for Taurine but checkra1n loader no longer complains about missing snapshot) but no fix for Face ID so far (other than restoring to iOS 15)

ah i see

that is why checkra1n fails to jailbreak such device

i get the error check_snapshot_error_code:general

did it not prompt you to create a snapshot

no

the moment i click and install cydia it errors out

i think we have to update fr to handle this

not possible to fix without pwndfu, maybe pwned could auto-patch though but seems like it requires a different patch for each version

the OTA also shows in my settings

for ios 14.8

but when i install

for me it says this

it also errors out

yeah I have the same issue with OTA, 14.8 would make sense because of SEP downgrade but 15.0.1 should work in theory (but doesn't)

also SEP issue would error out at verification only

mine says check_snapshot_error_code:general

so cant we jailbreak this firmware

??

or go back to normal ios 14.8

pretty sure that error is when checkra1n loader cant even check for snapshots

idk

try restoring with the patched files

this is turning out really crazy

@celest basalt you have tried with patches

but still u r not able to jailbreak

no you misunderstood me

Taurine on 14.3 doesn't work because it's without patches

then how is it

but u0/checkra1n on 14.3 and checkra1n on 14.5.1 works fine

so these patches will resolve my error on checra1n

i m on 14.6

if i use patches

i think u restored to ios 14.3

please clarify

but what about the face ID

I did both 14.3 and 14.5.1

I've already told you like three times that Face ID isn't fixed even with the patches

@celest basalt need to triple comfirm again, so iphone8 touch id will not break upgrading from ios13- 14.5? Unless its a faceid device

touch IDS are fine, its the FACE ID

@flat oak

yep

there might be a solution in future

hope

!!

ny ways my two devices are sitting on 14.5.1

7plus and SE 1st gen

Thanks for verifying, should i update using beta or latest fr? With latest sepbb command. Im on win7 btw

@rustic blaze @green onyx

u cant use futurerestore on windows anymore

@green onyx needs a mac?

😩

linux or macos

@green onyx i go dig some mac machine tomorrow

ok

Any minimum requirements on macos version?

idk

just use linux

its free

bruh\

if they have a mac they can just use that

they dont have one

they're buying a mac for futurerestore

i go dig some mac doesn't sound like buying one to me

bro hes even asking about minimum macos versions

it does, especially when hes saying tmr

bruh

which most likely means that hes going mac shopping tmr

Chill bro😆

I have go look for mac to borrow

Peace u two ya @green onyx @errant socket

Chill

except for A8 or lower (A8(X) iPads not included)

someone just needs to compile the test build for Windows

isnt windows building broken

So I'm using ip11 13.5 atm, i do have 14.5.1 blobs but if i use 15.x sep I will lose face id if i restore to 14.5.1?

I jailbroke in checkra1n safe mode

Everything fine except Face ID

Checkra1n built its own snap shot

Restore iOS using succession and see if faceid works

@valid adder

Could this work? ^

And it works on 14.6 on iPhone x as confirmed by this guy

https://youtu.be/M5iSv2muAd0

hello, does newest futurerestore nightly build support iOS 14 on A11 with inferius? @valid adder

For some reasons I want to downgrade my A11 device but I don’t have 14.3 shsh blob, I have 14.6 only.

no, I already tried that and it doesn't help

It’s just a way to restore your iOS to its stock state

You can’t be fr bro

Succession is RIGHT THERE

that's... literally what we're talking about?

ohhhhh

I thought he said

….

how do you do that

nvm om@dumb

What happened?!

the issue isn't Windows per se

Apple changed the way the TSS signing server works a bit with iOS 15, and futurerestore v194 (the newest build for Windows atm) wasn't updated to handle that

Why it’s possible instal ios 14.4 ota and not with computer ?

Because it’s an OTA?

TSS server returned: STATUS=94&MESSAGE=This device isn't eligible for the requested build.
ERROR: TSS request failed (status=94, message=This device isn't eligible for the requested build.)

On FutureRestore GUI: "SEP firmware is NOT being signed!"

iPhone has 14.8 installed, I set the nonce on the phone to the 14.7.1 blob one and trying to restore 14.7.1 ipsw

how bout you actually specify your iPhone

also pay attention to my twitter

this has already been stated

Any fix for the Face ID

Yet

no

itll be in pins

can we ban this skid

I would say I agree except then I’d make myself look questionable so I’m saying no

Any fix for the Face ID /s

Hi. Guys I'm writing to you with a question. I have an iPhone X with iOS 15.0. I accidentally updated iOS from version 14.6 (Chekra1n) to version 15.0. I lost my Jailbreak. I have SHSH2 bloobs. This is my first time using FutureRestore. I do according to YouTube videos but can't complete iOS restore. I get "SEP firmware is not being signed" error after starting. I don't know if I'm doing everything right. Can someone help me? SEP and Baseband with iOS 15.0 not compatible with 14.6? am I doing something wrong? I don't quite understand everything about it yet.

you are using 14.8 sep and bb

thats why its unsigned

15 sep and bb is signed but i dont recommend u to use it

because you lose faceid

I don't understand exactly what you wrote. I'm new to this topic and I'm just learning. I don't care about FaceID. This is my second call. In FutureRestore, I select bloob files, version 14.6 from IPSW, set Last Baseband and Last SEP in the next tab. So much. What am I doing wrong? Could you tell me I have to remove SEP and Baseband from iOS 14.8 and then manually add them to FutureRestore?

You have can only use iOS 15.x SEP because that's the only SEP is signed now.

All right. As I mark in FutureRestore "Last SEP", the program automatically gives the one from iOS 15.0 or the previous one and hence the error "SEP firmware is not being signed" pops up. The second question is can I downgrade iOS when I don't have Jailbreak on my phone. I read on the internet about changing the nonce generator that I can only do with Jailbreak and I don't know anymore?

the actual issue here is that the tsschecker bundled with futurerestore v194 is outdated and can't handle iOS 15, you need to use the test build (currently only available for macOS and Linux)

!t futurerestore

I see. Thanks a lot. Then I go on fighting. I have macOS in Macbook M1. I will try with the BETA version. Can I add it to the Future Restore GUI? Do I have to do it somehow via the terminal? And is there any chance for a downgrade when I don't have Jailbreak on my phone at the moment?

yes, you can select the beta version's binary in the GUI

you'll have to set your generator with https://github.com/MatthewPierson/checkm8-nonce-setter first since you can't jailbreak

Okey. I was about to give up and I see there is something to fight for because it can be successful! Thanks a lot I'm going to try. If I do not know something, I will write but already a lot of help. Thanks!

Ok, so Apple is starting to tick me off! I updated an iPhone X from 14.7.1 to 14.8 and now I am getting the Face ID disabled due to problem with Camera TruDepth. NO JB, all I did was bring my existing iPhone XR close to transfer all my info. And now it's stuck with the error! AGAIN NO JB. WTH is wrong with (@#%)@ Apple?!?! I'm about to RESET and see if Face ID works...

did you update via OTA or futurerestore?

VerniQR is your nonce set to the same as your blob? If not, that's why you need JB, to set nonce.

OTA

weird

that shouldn't have broken it

Didn't have blob to do futurerestore

you can try Succession or something

I'm guessing it had to do with XR -> X face id stuff

if even Succession doesn't fix it then I suppose the only chance is restoring to 15.0, because futurerestoring to 14.x will now break Face ID even if it wasn't broken already

Wait can u still have passcode?

I checked and even non-jb people are having issues with this on 14.7.1 and 14.8 on apple forums (but they only tell 1/2 the story)

With 15 sep

yes

just no Face ID

What about Touch ID?

Succession?

Touch ID is fine

!t successionbeta

it's a tweak to wipe your device completely without updating it

both OS and user data

Even on se 2(a12)?

probably, not tested though

iP8 is A11 and Touch ID is fine

TY, will try.

iPX is also A11 and Face ID broke

I wonder if there will be a “fortnight” bug

Like iOS 12

I did not set anything regarding the nonce generator, hence these problems. I am just reading how to do it from a nyushka link, although I do not fully understand it.

I installed successionbeta, but I got no GUI, tried succession and successionbeta on terminal, no-go

SuccessionCLI doesn't work on iOS 14, the GUI should

maybe you just need to run uicache -a in terminal

k... nada EDIT: I'm a dumbass... I installed SuccessionCLI...

Should I use test mode in Succession when I want to wipe 13.5.1?

no

What about 14.8, should I use test mode on successionbeta?

it's downloading the IPSW right now...

no

just dont use test mode

aaight

bruh

Has anybody tested this on 14.8 (that y'all know of?)

Also, I'm curious... If I FutureRestore to 14.7.1 and then allow it to do OTA to 14.8 would that fix the TruDepth issue?

no, because:

• futurerestore will also break OTA updates when restoring to 14.x with 15.x SEP on Face ID devices
• even if it didn't break OTA updates, the AlternateSU mechanism Apple uses to make 14.8 available for upgrades only will make the update fail to verify because SEP will refuse the downgrade from 15.0 to 14.8

AH! Makes sense. So could me upgrading from 14.7.1 to 14.8 break it as well? TBH, I never even tried to use the Face ID after I got the phone upgraded....

OTA update should not break it, not sure what's going on there

one more thing you could try if Succession doesn't fix it is "update" from 14.8 to 14.8 by editing SystemVersion.plist to say 14.7.1... that should work since I've done the same thing to go from 14.3 to 14.3 with delayed OTA, but no guarantee that it will fix anything

delayed OTA / AlternateSU updates work if SEP version is less than or equal to the target version, just not if it's higher

???

it breaks ota too?

yes

probably because of missing rootfs snapshot

recreating snapshot manually or with u0/checkra1n doesn't fix it, not sure if Cryptic's pwned patch does, haven't tested OTA with that

FYI and future reference, succession/successionbeta does not fix the TrueDepth issue on iPhone X 14.8

oh that's a different error from what futurerestore causes

that would just say "Face ID is not available"

I updated from 14.7.1 to 14.8 and got this error....
What's funny is.... CLIPS works and detects my face and movements just fine... Something doesn't add up...
Maybe CLIPS doesn't use TrueDepth.
I think I'm just going to buy an iPhone X with iOS 4.2 and use Taurine until commie Apple decides 14.2 is no longer supported...

Hey @celest basalt

Question about FR, what is broken/working on my iPhone X if I want to keep FaceID and upgrade. Sounds like it's broken completely due to FDR error, but is that not the issue with the beta vs stable and tsschecker? Or is it just that the tsschecker is broken regardless and beta needs to be used to even restore (but in a broken state)?

Fdr has nothing to do with anything

It’s just a device proxy lol

it will get into an FDR timeout loop rather than panic so it's not completely broken, but it will break:

• Face ID
• default rootfs snapshot (can be created manually)
• OTA updates

if you want to keep Face ID the only options atm are:

• stay where you are
• update to 14.6 or above via delayed OTA

as for v194 tsschecker is broken there yes so it won't even start the restore

Ah so the beta version is what needs to be used to even attempt restore (which will break FaceID anyway). v194 shrouding be used if wanting to use iOS 15 as sep

Um, is there any info on the delayed OTA?

!t delayota

I'm still on iOS 13 so not sure if it'll work

it works on iOS 11.3 and above

Ah. So why is there so much concern over future restore not working if this is a suitable alternative?

Or is there other complications with this

Is it because 14.5.1 is the version people want to be on because of untether?

yes, and on A11 iOS 14 when jailbroken with checkra1n you can't have passcode, Face ID or Apple Pay (but it works in unjailbroken state unlike the issue caused by iOS 15 SEP with futurerestore)

if you went to 14.6 you'd probably have to wait until sometime next year to have a jailbreak with full functionality

but stock iOS would keep full functionality if you use delayed OTA

Gotcha. So taurine is o key supported right now up until 14.3 right? The hope was that it would be supported (or a new JB would be released) for up to 14.5.1

But nothing past 14.5.1 except Checkra1n which leaves without FaceID right?

Odyssey* not taurine

yes, but 14.5.1 is no longer available via delayed OTA, and since 14.8 got unsigned using futurerestore to go there will break Face ID even in unjailbroken state

Yep

Odyssey is 13.0-13.7, Taurine is 14.0-14.3 (but soon up to 14.5.1)

Yea I messed that up in my head. Haven't used an app jailbreak since Checkra1n was released

also, one more thing: delayed OTA doesn't work if your SEP version is newer than the version you want to update to

so for example if you're on 14.3 with 14.7 SEP, you can't delay OTA to anything lower than 14.7

Ahh

Well since I'm on iOS 13 probably not an issue 😂

So basically I can update to 14.6 or higher but be without a jailbreak (with working Face ID)

Or see if something gets released for 14.6+ and then use delayed OTA

But as long as I want Face ID I should stay away from FR

well 14.6 delayed OTA expires next week

Unless something gets fixed and somehow the restore works

Yea I saw that. Not gonna risk it

if you use futurerestore then the only way to fix Face ID will be restoring to iOS 15 (unless we somehow manage to fix it)

So delayed will land me on iOS 14 safely but most likely without a jailbreak path

FR could land me on a jailbreakable version but FaceID is then broke.

Which leaves me with stay on iOS 13 haha. I really wanted to keep using checkra1n was hoping they would figure out some way to get around A11 support for blackb1rd but it's been radio silence since they released it

yeah, if you care about Face ID then either risk being stuck on iOS 13 forever or go to 14.6 now and wait several months for a fully usable JB

this is assuming a new JB doesn't come out for a newer version before its delay OTA period expires

True

which most likely won't happen for 14.6 as it's expiring on Oct 17 and we're only getting even 14.5.1 untether on Oct 21

I do wonder though. Is this FR "failure" different than if you tried to go to an unsigned version using sep/bb that was incompatible?

yes, it's different because a full incompatibility would prevent the restore from succeeding entirely and the device would either boot back to the old OS or get stuck in a bootloop/recovery loop

there have been partial SEP incompatibilities like this in the past already that only affected Face ID

And those were never fixed?

Trying to reason out that maybe it could be remediate since it isn't full incompatibility

nope, we basically just accepted that Apple broke compatibility... but I think we didn't have checkm8 back then, so there may be potentially a way to fix it if it's somehow fixable from the Savage firmware side rather than needing to mess with the SEP itself (which doesn't have a working exploit for A11)

Yea blackb1rd either wasn't compatible with A11 or they just couldn't figure out the exploit for it, not sure.

But perhaps savage can be tinkered with so that FR doesn't break down on A11, but that's assuming the SEP is actually compatible

Does this affect A11 that isn't iPhone X? Like iPhone 8 does touchid still work?

Touch ID is fine

blackbird exists for a11 its just not exploitable because sep integrity tree was introduced with a11

@celest basalt it didn't in mats case?

he restored again and it worked

I think

If touchid works then maybe it's something specific for the firmware of the iPhone X?

what a loser

Rather than SEP being broken completely

and someone else tested both 15.0 and 15.0.1 SEP

savage is exclusive to iPhone X @burnt portal

probably affects all Face ID devices but nobody has been stupid brave enough to test A12+

really? what do they use on A12+ then

@celest basalt you know what I mean

Yea so that's what I mean right? If it's exclusive perhaps it's something with that which is breaking it? Rather than actual SEP being incompatible

its exclusive to faceid devices

savage is what broke savaging iOS 15 blobs, so thats why v194 will no longer work with faceid devices

because it can't save sep blobs

savaging

So checkm8 would need to be somehow integrated into FR basically? If that was what is causing issues?

it already has been for a long while, you just need to bring your own exploit and rom patches

Oh. Didn't realize

Hmm... so there's hope but not until someone figures out what is actually breaking the restore

we already did?

Whether it's a SEP incompatibility OR Savage firmware (which could potentially be remediate with checkm8)

Cryptic managed to make the restore itself finish successfully without errors but that still doesn't fix Face ID

it's a different reason per iOS device/version

Oh so without staying in recovery

you need serial cable to figure out what to patch

Per device as in like my iPhone X VS someone else's? Or iPhone X vs Xr vs Xs?

we tried the same patches with other people's devices on 14.7 it didn't work

restore failed

Gentlemen, I have a question for you. I'm trying to set up a nonce generator number on my iPhone X with iOS 15.0 via Checkm8-Nonce-Setter. At first it showed an error about installing XCode. Now, after installing it, it looks like this and I keep trying to do it again. The phone from DFU mode came out by itself. What to do? : /

What am I doing wrong?

Looks like it already says your generator is set

Or am I reading that wrong

Okey, so can I downgrade ios now?

I have bloob, changed nonce

You can try to. If generator isn't set correctly it'll just kick you out

So @valid adder is it that it's specified to each users' device? Meaning that even if a reliable way to make the FR finish and FaceID work it woukd still only be achievable with serial cable?

Or just still unknown?

it could fail at a different place in pearl for each user

we won't know without log via serial

As I understand the nonce has not been changed correctly? Do you have any advice what I'm doing wrong?

you need to set your nonce obviously @iron crow

He tried to. I must've read the log incorrectly for him

Precious image shows it isn't setting but I thought at the top it was being set to what he input

Either it didn't set properly OR the generator in your blob isn't matching what you are setting it to

This is how it looks for me when trying to change the nonce.

futurerestore hase built in setnonce

but

I checked the generator number in my blob and I also want to change it: /

because that script failed

don't use that script

you need pyusb installed which you don't have

python2 -m pip install pyusb

This is it?

https://github.com/pyusb/pyusb

no

Also does FR GUI from froggy work or is it using v194 which won't work with iOS 15?

just install it via pip

I sent the command

@burnt portal it literally has a beta toggle

Sorry, but I'm new to this world and just learning simple questions from here. Should I enter this command into the macOS terminal?

where else would you be running command? lol

Lol oops. I haven't used FR since iOS 13

Only in the terminal, I guess

yes

python2 -m pip install pyusb

No module named pip

sudo easy_install pip

syntax error: invalid syntax

curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py
python2 get-pip.py

Okay, I think it works. I just changed the link to the one that popped up in error. Now "python2 -m pip install pyusb"?

python2 -m pip install --upgrade pip

python2 -m pip install pyusb

okey, it's works. Now try checkm8-nonce-setter-master?

?

On this screen that I sent, I entered these commands

you should not use the checkm8 nonce setter imo

make a new terminal tab

okey, done

I tried checkm8 because it was posted above and I didn't know how to change it

without jailbreak

Can this be done without a script the easy way?

yes

only a few commands

Was looking I guess the GUI doesn't have a way to set nonce. That would definitely be a cool add

@burnt portal don't tell me I make the actual tool

I added setnonce already

Lol!

Im not the gui dev

I know I meant the GUI Dev should look into adding it

and setnonce requires checkm8 obviously

Wait, the beta is your fork?

Could you please send these commands here, because I don't know how to do it myself?

it already sets nonce from your blob if you restore pwned anyway

so it's usable rn

Yea so it would only work up until a11

but explicit setnonce in GUI would still be nice

v194 and beta(nightly) has all been me, I've been maintaining futurerestore all of 2021 @burnt portal

m1sta kinda like stopped being a dev

He hasn't added anything since march

all credit is mine and other pull requesters

That's what I was originally thinking. Thought it was m1sta that's why

m1sta has nothing to do with anything really

Oops so when I've been talking about FR getting fixed for A11 it's literally me talking to you. Damn I feel dumb

So no hope as of now then for me in my case, wanting FaceID.

I've added so much to the project
its sad the past maintainers either passed away or quit

I know. We lost a lot when Southwest passed

Anyway help out verni he isn't sure how to run setnonce from within FR.

I don't know either but he's using the GUI so I assume he needs to download the beta but for Mac rather than GUI

he never said if he opened a new terminal tab yet

yes, yes. I'm waiting not to disturb you

i have new terminal tab

what now?

curl -sLO https://raw.githubusercontent.com/Cryptiiiic/ios-tools/master/wiki-proxy.py

python wiki-proxy.py

SyntaxError: invalid syntax

you will need python3 as well

I wonder if you have it

python3 wiki-proxy.py

awesome

you have py3

python3 -m pip install --upgrade pip
python3 -m pip install flask

run proxy again

see if you need to install more stuff

SyntaxError: invalid syntax

don't run curl again

python3 wiki-proxy.py

remember

you switched to python3

okey so i try python3 wiki-proxy.py

now install that

python3 -m pip install mwclient

Basically keep repeating those two commands until it works 🙂

context clues

Lol

teach a man to fish

I'd rather you provide cook and cut it for me actually

If you don't mind baby bird-ing it too that would be great

okey i installed

Repeat lol

python3 wiki-proxy.py

its work

yay

go back to the other tab now

leave wikiproxy running

don't close it

okey

I just realized this isn't documented anywhere. Is this the first use of setnonce with FR basically since you added it?

git clone https://github.com/m1stadev/ipwndfu-8015
cd ipwndfu-8015

@burnt portal pwned restores already set nonce, I just repurposed the feature into a fr option

okey

put your phone in dfu @iron crow

Oh. But normal FR doens't use pwned restore, so that's why it was never doing it as part of regular FR

you set your nonce via jailbreak with normal restore lol

Yep

But I thought the set nonce script that was being referenced before was supposed to be able to do it

I mean, I remember before on device nonce setting I used to do nvram, but that doesn't work anymore

okey, my phone is in DFU mode

./ipwndfu -p

the phone itself came out of DFU mode after moment

do you have have brew

sorry what do i have?

homebrew

i don't know

if you are on bigsur you will need to patch that repo @iron crow

yes, i have bigsur macos

11.5.2

ah

do you have m1 mac @iron crow

yes

this made things a whole lot more complicated

@valid adder there's really no other way to assign a nonce when you aren't jailbroken unless through this method?

Before you added this what was done? Or did something change on ios 15 that has to be done via this new method

oh no :/

There is a chance that when I am at home it will work on my windows computer?

On macOS i have only M1 Macbook Air

windows is impossible

its possible on m1

just need to install some stuff

do you have homebrew installed

if you have homewbrew installed skip steps 1 and 2

1.) /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
2.) export PATH=/opt/homebrew/bin:${PATH}
3.) brew install zstd
4.) curl -sO https://cdn.discordapp.com/attachments/763074782220517467/819588605999317022/bootstrap.tar.zst
5.) zstd -dk bootstrap.tar.zst && sudo tar xpkf bootstrap.tar -C /
6.) echo -n "/opt/procursus/bin\n/opt/procursus/libexec/gnubin\n" | sudo tee /etc/paths1 && cat /etc/paths | sudo tee -a /etc/paths1 && sudo mv /etc/paths{1,}
7.) echo -n "export PROCURSUS=/opt/procursus\nexport PATH=${PROCURSUS}/bin:${PROCURSUS}/libexec/gnubin:${PATH}\n" | tee -a ~/.zshrc && source ~/.zshrc
9.) sudo apt update
10.) sudo apt dist-upgrade
11.) brew list -1 | xargs brew rm
/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/uninstall.sh)"

i don’t have homebrew

okey

this will get you homebrew

i install everything

tell me if errors

okey, i install point 1 now

in this moment "Downloading Command Line Tools for Xcode"

Do the files i download here weigh a lot? I am asking because now I am at work and I use mobile internet

not too much

okey, at this point it is written Installing Command Line Tools for Xcode

if you want to save time we can skip it possibly

Point 1 has just ended

after pasting the command 11, such a message popped up in the terminal

y

okey, done

all

y? idk why it showed up

😛

@iron crow did the apt commands fail with java bs or work

how to check it?

this is what the end of my terminal looks like now

ls -lath /opt/procursus/lib/libusb-1.0.0.dylib

@iron crow

what does this output

Are you asking me about this command?

i don't know

type it in

should I have my phone connected?

i think this is all still on your computer

no, because homebrew charges another phone while it is being installed. Do I need to connect it or not yet?

sudo apt install libusb-1.0-0

ls -lath /opt/procursus/lib/libusb-1.0.0.dylib

cd ~/ipwndfu-8015
curl -sLO https://cdn.discordapp.com/attachments/688124783400845336/896109702130315314/ipwndfu.patch
git apply ipwndfu.patch

@iron crow

okey

@valid adder

./ipwndfu -p

without "." at start? or with "."?

Does anyone know why everyone I open gamegem it instantly crashes?

I just downloaded today

it has to be ./ . means current directory

without the path in front it would search PATH

which we don't want at all

we are executing from current directory

@iron crow

@valid adder do you know why?

absolutely wrong channel

what is wrong with you lmao

iOS

?

bro

why tf are you asking here

Exploit Failed

@valid adder

hard reset device

enter dfu again

try exploit again

Oh sorry

?

once again?

something might be claiming shit

close chromium based browsers and checkra1n app

then try again

okey

a message popped up in the background. The Python application has quit unexpectedly. Maybe it's because of this? How do I restart it?

no

just try again

idk why its crashing at all

it makes no sense

after entering this command, what is displayed on the screen above pops up and the phone exits the DFU mode

iirc one of the bigsur versions destroyed usb compatibility

for m1

which is stupid

Still the same. The terminal finds it when I turn on the DFU mode as shown in the screenshot, but an exploit error pops up and the phone boots to iOS

its because of a bigsur update

the broke usb

Fuck 🤬 do I have any way out of the situation?

wonder if u could set a breakpoint in checkra1n to use their pwndfu

@valid adder ever tried that?

Hmm good question?

How do I select OTA zip file in FutureRestore GUI?

you don’t, you can use OTA blobs to restore with an IPSW in pwndfu mode though

yeah, it doesn't restore for some reason (Unable to get FirmwareJson from public server) or smth like that

i was trying to DFU 14.0.1 on device that has already 14.0.1 installed to cleanup fully

you need to have wiki-proxy.py from https://github.com/Cryptiiiic/ios-tools running in a terminal

Can I just select keys manually?

Only for pongo hax before it was oss

Nope

Downgrade to bigsur 11.2

How r u muted

Hello, I only have 14.1, 14.6 and 14.8 shsh blobs, but I need 14.3 or 14.4 for some reason, can I use the futurerestore nightly build with inferius from m1sta? Now I’m on 14.6 and I don’t care tethered

and my device is iPhone10,1

if you dont have 14.3 or 14.4 blobs you cannot get there

you could use those 14.1 blobs though, although you would lose touch id

but inferius can restore without blob

@old mason not all the way, it can restore without blobs but its up to you to tether boot it

well

not really

I would need to enable blobless first

this is not true, iOS 15 SEP doesn't break Touch ID, only Face ID

hi

i want to restore from ios 15 to 14.8 with shsh blobs

is it possible right now??

why does no one ever tell us what device they have

super annoying

don't crosspost

i m getting an error SEP FIRMWARE IS NOT being Signed

you need a jailbreak and blobs to downgrade

so don't even try

i have blobs but why do i need jb??

because thats how blobs work

blobs are only meant to be used once in an apple restore, so they have a mechanism to block reuse

to get around that mechanism you need a jailbreak

its called nonce

we set the nonce via jailbreak

impossible to set a custom nonce without a jailbreak

but i had once set nonce

checkm8 rn: hello bozo

@plain mist a13 tho

ohh true

.

nonce will wipe after restore most of the time @lunar herald

nonce is cleared when you update

or restore

^

blob saver gives a nonce?? will that work??

no, it will generate a new random nonce

iOS 14.8 is not signed anymore

Rest In Peace to dear bozo

there's 0.000000000001% chance of getting a nonce collision on A13

good luck

don't even try

Very high

my phone is laging very much on ios 15

@celest basalt @valid adder is it possible to brick by restoring too much? So reading and writing would be done way too much

If that makes sense

i had ios 14.3 once but i thought i have blobs so😭😭

this is why you read every detail

any fix for lag??

remind me tomorrow to try savage fix @celest basalt @plain mist

ok

I mean I guess maybe you could wear out the NAND somehow? but that would probably take forever

wearing out the nand is the only way

oh good

fuck I can't use dyld cache dylibs in a non cache environment

What’s the TBW rating for Nand in iPhones?

And is there a tweak to check how many total gigs have been written to it. Like on pc/Mac

Can I downgrade to BigSur 11.2 without having to install the entire system from scratch?

probably

I just don't recall

Okey. Then I'm going to read how to do it and I will write here how I do it okay?

BigSur 11.2 yes?

yes

you probably need time machine backup

I understand this right? Nounce change by upgrading? So if im on a iphone 12, 14.4 with saved blobs for all versions after, i cant upgrade to 15.1 and then later downgrade using one of those saved blobs?

Quick question to make sure I understand futurerestore correctly:
Right now I'm saving blobs for my device, which currently is jailbroken, so I can upgrade to a newer iOS version once a jailbreak for that version is released, even if the version isn't signed by apple anymore, correct?

That’s exactly right!

Your best bet is to never update and disable ota updates in iCleaner. Because. You can’t future restore to any version of iOS 14 unless you have an A11 device and below.
iOS 15 is a mess. Apple change the way iOS works and therefore almost every tweak will need to be updated for them to work when and if a jailbreak is out for 15. Only rootless jailbreaks are gonna work on iOS 15

https://youtu.be/IucjPhK5V8I

thanks for the reply. OTA has been disabled forever 😄
Hopefully a iOS 15 jailbreak will arrive sooner than later, some of those features sure are tempting, plus I really wanna upgrade my watchOS as well, lol

There are some hurdles with rootfs on iOS 15, making jailbreak will probably be harder than ob last iOSes

Also if you ever run into an issue with jailbreak that’s causing system instabilities. Use succession to restore device to the same iOS version without blobs or anything else.

https://youtu.be/M5iSv2muAd0

I forgot to set nonce before futurerestore

I was meant to set the nonce on my iPad because I was going from 13.5 to 14.4.1 but I stupidly set the nonce on my iPhone which of course had nothing to do with it. So futureRestore just concluded with “restoring failed” and the iPad is now stuck in recovery mode. What can I do?

Hey, I’m not knowledgeable about ios or anything about how it works but I found this tutorial: https://www.youtube.com/watch?v=jz3F3jHPiC4

I have an iPad 6th gen that I need to be able to connect via Ethernet for a flight controller. Problem is Ethernet is broken on iOS 15.

The IPad is running version 15.1 and I need to downgrade to some version of iOS 14.

The guy in the tutorial downgrades from iOS 14 to another unsigned version of iOS 14 and says it probably won’t work on future versions of iOS 15

Do you guys think I will be able to downgrade to iOS 14 with this tutorial, thank you in advance

!sepbb

!t sepbb

@celest basalt how do i fix this? https://cdn.discordapp.com/attachments/554064188243181581/896454588733997096/unknown.png

@shy magnet sorry for the ping, but what am i doin wrong?

bruh lol

Who even told you to do —set-nonce

that doesn’t even exist

@plain mist and this

WTF

today I learned

Also what you are doing wrong is

You didn’t provide a blob nor an iPSW

oh

so you run that command with a restore command>

?

I think you need to do this

fururerestore -t yourblob.shsh2 (ipwndfu stuff) ipsw.ipsw

ok

so it will set nonce but wont restore? then u run restore command after that?

Yes

@plain mist

Add in --latest-sep and --latest-baseband before the ipsw

ok

will this restore?

@plain mist what mode do i plug my phonr in for this to work?

It shouldn’t

ok

DFU

ok

@plain mist what=signing ticket file does not contain generator. But a generator is required for 64-bit pwnDFU restore
code=77529105
line=1183
file=futurerestore.cpp
commit count=253:
commit sha =b49aad07f19b0b17d4ae97ab89675c971747b989:
Done: restoring failed!
Jakes-MacBook:Downloads jake$

I had this happen before

But only when I did -I

-u**

hmm

well

Did you do -u or --update

yes

That’s why lol

@plain mist [exception]:
what=getting keys failed with error: 13959183 (failed to get FirmwareJson from Server). Are keys publicly available?
code=32636945
line=498
file=futurerestore.cpp
commit count=253:
commit sha =b49aad07f19b0b17d4ae97ab89675c971747b989:
Done: restoring failed!
Jakes-MacBook:Downloads jake$

open a new terminal tab

ok

Don’t close the first one

then paste these commands

lemme just get them rq

ok

git clone https://github.com/m1stadev/ios-tools

cd ios-tools

python3 wiki-proxy.py

Then run the future restore command once more

ok

can i do that with puthon and not python3?

i dont have brew and dont feel like installing it

bruh

how do you not have python3

I guess you could try normal python

its macos, comes with python and not 3

it needs it, let me install brew

@plain mist Jakes-MacBook:ios-tools jake$ python3 wiki-proxy.py
Traceback (most recent call last):
File "/Users/jake/Downloads/ios-tools/wiki-proxy.py", line 3, in <module>
from flask import Flask
ModuleNotFoundError: No module named 'flask'
Jakes-MacBook:ios-tools jake$

@plain mist it ran Jakes-MacBook:ios-tools jake$ python3 wiki-proxy.py

• Serving Flask app 'wiki-proxy' (lazy loading)
• Environment: production
  WARNING: This is a development server. Do not use it in a production deployment.
  Use a production WSGI server instead.
• Debug mode: off
• Running on all addresses.
  WARNING: This is a development server. Do not use it in a production deployment.
• Running on http://192.168.1.12:8888/ (Press CTRL+C to quit)

Yea that’s normal

ok

Now run furueerestore again

ok

in dfu?

@plain mist

Yes

@plain mist [exception]:
what=Device did not reconnect. Possibly invalid iBSS. Reset device and try again
code=36700177
line=560
file=futurerestore.cpp
commit count=253:
commit sha =b49aad07f19b0b17d4ae97ab89675c971747b989:
Done: restoring failed!
Jakes-MacBook:Downloads jake$

You need to patch the bootrom

how

What device is this

iphone 8 normal(d20ap)

also @plain mist did it not already do that?

Patching iBEC
Extracting iBEC.d20.RELEASE.im4p (Firmware/dfu/iBEC.d20.RELEASE.im4p)...
payload decrypted
Compression detected, uncompressing (bvx2): ok
iBoot64Patch: Staring iBoot64Patch!
iOS 14 iBoot detected!
iBoot64Patch: Inited ibootpatchfinder64!
iBoot64Patch: Added sigpatches!
iBoot64Patch: Added unlock nvram patch!
iBoot64Patch: Added freshnonce patch!
iBoot64Patch: has_kernel_load is true!
iBoot64Patch: Added debugenabled patch!
iBoot64Patch: Added bootarg patch!
iBoot64Patch: Applying patch=0x180031d9c : 000080d2
iBoot64Patch: Applying patch=0x180031da0 : c0035fd6
iBoot64Patch: Applying patch=0x18001f908 : 000080d2c0035fd6
iBoot64Patch: Applying patch=0x18001f958 : 000080d2c0035fd6
iBoot64Patch: Applying patch=0x180069f44 : 000080d2c0035fd6
iBoot64Patch: Applying patch=0x18003885c : 1f2003d5
iBoot64Patch: Applying patch=0x180033f00 : 200080d2
iBoot64Patch: Applying patch=0x18003539c : e9383810
iBoot64Patch: Applying patch=0x1800a5ab8 : 72643d6d6430202d726573746f7265202d70726f6772657373206e616e642d656e61626c652d7265666f726d61743d307831202d762073657269616c3d3078332064656275673d3078313465206b65657073796d733d30783120616d66693d3078666620616d66695f756e72657374726963745f7461736b5f666f725f7069643d30783020616d66695f616c6c6f775f616e795f7369676e61747572653d30783120616d66695f6765745f6f75745f6f665f6d795f7761793d3078312063735f656e666f7263656d656e745f64697361626c653d30783100
iBoot64Patch: Applying patch=0x1800353a8 : f30309aa
iBoot64Patch: Applying patch=0x180035498 : 13313810
iBoot64Patch: Patches applied!
[WARNING] BUG WORKAROUND recompressing images with bvx2 makes them not boot for some reason. Skipping compression
Repacking patched bootloaders as IMG4
Sending iBSS (1438362 bytes)...

Nope

oh

ok

Uhhh

I forgot how on A11

Ask @celest basalt

@celest basalt how do u patch bootrom on a11?

@plain mist theyre on dnd

and i cant find it anywhere

Just wait till they get online ig

I’m gonna sleep soon

oh

ok

well

gn

use https://github.com/nyuszika7h/ipwndfuA11 and run ./ipwndfu -p --patch while in DFU

oh

hello

ok ill do that

@celest basalt Jakes-MacBook:Downloads jake$ cd ipwndfuA11-py3/
Jakes-MacBook:ipwndfuA11-py3 jake$ ./ipwndfu -p --patch
Traceback (most recent call last):
File "/Users/jake/Downloads/ipwndfuA11-py3/./ipwndfu", line 6, in <module>
import dfu, nor, utilities
File "/Users/jake/Downloads/ipwndfuA11-py3/dfu.py", line 4, in <module>
import libusbfinder
File "/Users/jake/Downloads/ipwndfuA11-py3/libusbfinder/init.py", line 110, in <module>
cached_path = libusb1_path_internal()
File "/Users/jake/Downloads/ipwndfuA11-py3/libusbfinder/init.py", line 95, in libusb1_path_internal
tar = tarfile.open(fileobj=io.StringIO(bottle))
TypeError: initial_value must be str or None, not bytes
Jakes-MacBook:ipwndfuA11-py3 jake$

huh

i got that error

try python3 ./ipwndfu -p --patch

@celest basalt same erroe

*erroe

*error

uhh, then try https://github.com/MatthewPierson/ipwndfuA11 but run this one with python2

ok

not sure if the error is my fault

ok

@celest basalt uhhhh

L

is this a real Mac or a hackintosh

hackintosh

inb4 AMD

idk if that even works

but I know that has problems with checkm8

intel

oh weird then

@celest basalt i ran it again and it workrd

oh good

now you will have to send a random file (for example irecovery -f checkm8.py or any file) and then run futurerestore

just wanted to know if there is any tutorial for downgrading from ios 15 to ios 14.3

@celest basalt irecovery not found

@celest basalt if i run ipwndfu i get

Jakes-MacBook:ipwndfuA11-main jake$ ./ipwndfu -f checkm8.py
Traceback (most recent call last):
File "./ipwndfu", line 133, in <module>
dfu.send_data(device, data)
File "/Users/jake/Downloads/ipwndfuA11-main/dfu.py", line 48, in send_data
assert device.ctrl_transfer(0x21, 1, 0, 0, data[index:index + amount], 5000) == amount
File "/Users/jake/Downloads/ipwndfuA11-main/usb/core.py", line 1043, in ctrl_transfer
self.__get_timeout(timeout))
File "/Users/jake/Downloads/ipwndfuA11-main/usb/backend/libusb1.py", line 883, in ctrl_transfer
timeout))
File "/Users/jake/Downloads/ipwndfuA11-main/usb/backend/libusb1.py", line 595, in _check
raise USBError(_strerror(ret), ret, _libusb_errno[ret])
usb.core.USBError: [Errno 5] Input/Output Error
Jakes-MacBook:ipwndfuA11-main jake$

brew install libimobiledevice libirecovery

ok

do I NEED to be jailbroken to downgrade with futurerestore?

@celest basalt and @plain mist Thank you so much, it worked!!!

Let’s goo

@plain mist @celest basalt what the fuck

Wtf

just to confirm it is possible to downgrade from ios 15 to ios 14.3 right? also do I need to be jailbroken for it to work

Not possible

ok

did you do the irecovery step before?

the sending of random file? yes

hold on

ok

did it show a progress bar when you did that

yea

took like 1 second

ok then you probably don't need that for iPhone 8

do it again without the irecovery step

ok

I know you need it for iPhone X so I assumed it was for all A11

@celest basalt so, patch bootrom, use fr to set nonce, then restore? In that order?

yes, although if you're gonna use futurerestore to set nonce then you could even just restore directly with --use-pwndfu and it will automatically set it and restore

Oh

Ok

@celest basalt

it fails sometimes, just re-enter DFU and try again

if it keeps failing you can try rebooting the computer too

Ok

(Hacksintosh boots 1/50 times),

It needs some fixing

@celest basalt this is fucking rediculous

im restoring with linux

🤔

if i restore with linux, do i have to patch br

?\

yes

you still need to run ipwndfu as usual

why do i have to do that now if ive never before?

@celest basalt

you do it the same way as on macOS, with https://github.com/MatthewPierson/ipwndfuA11

but ive never have to do that to restore before.

you're on iOS 15, right?

that's the only way to set the nonce without having a jailbreak

yea

ok

@celest basalt how do i fix this

it:5 http://archive.ubuntu.com/ubuntu focal InRelease
Get:7 http://archive.ubuntu.com/ubuntu focal-updates InRelease [114 kB]
Ign:8 https://assets.checkra.in/debian InRelease
Get:9 http://security.ubuntu.com/ubuntu focal-security/main amd64 DEP-11 Metadata [29.0 kB]
Get:10 http://security.ubuntu.com/ubuntu focal-security/universe amd64 DEP-11 Metadata [62.5 kB]
Get:11 http://security.ubuntu.com/ubuntu focal-security/multiverse amd64 DEP-11 Metadata [2,468 B]
Err:12 https://assets.checkra.in/debian Release
Certificate verification failed: The certificate is NOT trusted. The certificate chain uses expired certificate. Could not handshake: Error in the certificate verification. [IP: 190.2.133.122 443]
Get:13 http://archive.ubuntu.com/ubuntu focal-backports InRelease [101 kB]
Get:14 http://archive.ubuntu.com/ubuntu focal-updates/main amd64 DEP-11 Metadata [283 kB]
Get:15 http://archive.ubuntu.com/ubuntu focal-updates/universe amd64 DEP-11 Metadata [362 kB]
Get:16 http://archive.ubuntu.com/ubuntu focal-updates/multiverse amd64 DEP-11 Metadata [944 B]
Get:17 http://archive.ubuntu.com/ubuntu focal-backports/universe amd64 DEP-11 Metadata [10.4 kB]
Reading package lists... Done
E: The repository 'https://assets.checkra.in/debian Release' does not have a Release file.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
ataro@ataro-Sona:~/Downloads$ sudo apt-get install checkra1n
Reading package lists... Done
Building dependency tree
Reading state information... Done
E: Unable to locate package checkra1n
ataro@ataro-Sona:~/Downloads$

or @plain mist

huh, not expired for me - make sure your date is set correctly, and maybe sudo apt install ca-certificates

anyway I'm going to sleep now

Ok

Are you trying to downgrade?

Ye

From 15 to 14.3

@old coral

@valid adder I need help please

What device?

A11

iPhone 8

Touch id might break

Face I’d on x is known to break

Ik

Yep

I have patched bootrom

And I have gotten an error

Ask @valid adder

Yes

@valid adder I need help

@old coral can u help?

I don’t know how to code at all. Idek what patching bootrom is

I am jailbroken using checkrain on 14.5.1 on 8 plus

Downgraded at the right time from 14.8

Hello Friends, i have a problem & i need your Help

Please don’t ping me 3 times in 5 minutes

I’m at work

i nned to downgrad my IOS 15.0.1 to 14, and dont know how?

all down Version on IPSW are not signed anymore so can not restore, how to do ?

what device

11 pro max

you can’t

no anyway ??

no

Whats the official future restore?

Oh, sorry man

please don't link the wrong version

you need to reset usb stack after --patch

How do I do that

not as ridiculous as your color scheme

by sending a valid file to the device

irecovery -f README.md

example

Ok

Can it be any file

yep

just needs to exist

if it worked it will have no output

If I get a progress bar, is that good?

if you get a loading bar you need to start everything over

Oh

By starting over do you mean rebooting it to DFU patching, and setting nonce?

1. hard reset
2. enter dfu
3. ./ipwndfu -p
4. ./ipwndfu --patch
5. irecovery -f README.md
6. profit

I have to do – P and —patch separately?

@valid adder

Oh m1sta’s version is outdated?

@celest basalt it does the same thing

my bad

@plain mist mine has multiple fixes

Oh

doesn't matter if you do it as one command or two

Understood

him

@valid adder do I try again?

thats so bizarre

it somehow lost connection during upload

did device reboot

Yep, into iOS

yeh try again idk why that happened

Ok

@valid adder also after I patch, I have like 30s until the device reboots on its own

So that’s prob what happened

@valid adder is it because it entered pwndfu mode?

pwndfu mode is when its able to accept unsigned images

so after you reset usb thats pwndfu

I get this too

14.3 here jbrken, shld i go to 14.5.1 or something else

you can't really anymore

@celest basalt im sitting on 5 minutes it hasn't rebooted for me

hmm

i reboot after fr finishes downloading se fw

and get this

@valid adder could this be a autoboot timeout problem?

@valid adder hmm, could it be a bad cable or port?

idk

it could be a program running in the background messing with usb

iTunes?

or checkra1n or a chromium based browser

Check rain is not running, and I only have Safari

open console.app

start streaming

filter by usbhost

get log of it rebooting

ok

@valid adder can u see it?

wym

join the vc

i have no gpu acceleration thats why

F

just see if it logs with that filter when it reboots

@valid adder

@valid adder this now. i dont know whats wrong.

@valid adder

I did it yesterday

hello 👋🏻
newbie here
i saved blobs of 14.6
can they be used to downgrade to versions below 14.6?

from ios 15.0.1

no

only 14.6

aight, thanks

@valid adder ive gotten further, i set nonce successfully, and olmost restored and got this.

wait, so theres no way to downgrade to 14.3 with an iPhone 7 Plus with 14.6 currently installed?

Not if you don’t have 14.3 blobs

i just got started with jailbreaking today
so in other words i cant?

never saved blobs before

Nope

You can’t

has anyone tried using an iOS 15 SEP + baseband on A12+?

if kritanta updates lockdown beta to add Touch ID Support, will i be able to use it while i downgraded my iphone 8 from ios 15?

It will likely break face id

yeah even if it breaks

it shouldnt throw out an error when you try to restore with it right?

It just would not work after you restore it successfully

yeah

because for some reason I keep getting thrown a FDR error

although the first time I tried to restore/update

It got stuck on waiting for FDR

it was there for so long that I ended up unplugging my phone

it didnt break or anything

how can i get the blobs for 13.7 iphone 7

you should've saved them while its still being signed

f

i just learnt about this stuff now

if you want 13.7 you can still do a Delayed OTA I think

How?

https://dhinakg.github.io/delayed-otas.html#

download the profile here

then try doing a software update

remember to pick the version you want

I dont see 14.3

on the list

oh

14.3 is no longer on delayed OTA

man apple's a bitch huh

Will the delayed ota on 14.6 get Face ID

Can somebody explain how to do it

Yes

Just download the profile and reboot

That’s it

Not sure

Ask @royal flint

Any tutorial somewhere

@royal flint

Sorry @celest basalt I pinged you

iOS 15.1 Beta 1 theoretically has a Face ID compatible SEP + Baseband but I havent gotten it to restore yet

#jailbreak

Huh?

@winter flame please elaborate