Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2023-10-04 | restore: Improve checkpoint log output again, make sure to always check for ↵ | Nikias Bassen | 1 | -5/+8 | |
errors Turns out even with a CHECKPOINT_RESULT of 0 we can still have a CHECKPOINT_ERROR string. | |||||
2023-10-04 | restore: Refine checkpoint log output | Nikias Bassen | 1 | -6/+15 | |
2023-10-04 | restore/tss: Prefer DeviceGeneratedRequest for Rose TSS request, and add ↵ | Nikias Bassen | 2 | -4/+11 | |
missing tag | |||||
2023-10-02 | restore: Add new SE,ChipID 0x36 to list of known values | Nikias Bassen | 1 | -1/+1 | |
2023-10-02 | restore: Attributed status code 50 with SEP load failure | Nikias Bassen | 1 | -0/+1 | |
2023-10-02 | restore: Handle SepStage1 (SEPPatchImageData) in NORImageData | Nikias Bassen | 1 | -0/+25 | |
2023-09-29 | tss: Add Ap,SikaFuse to TSS request as seen for iPhone 14/15 devices | Nikias Bassen | 1 | -0/+8 | |
This is currently implemented as a workaround as the evaluation of when this value should be set is unclear. Right now we set it when UID_MODE is set too. | |||||
2023-09-14 | Refactor ipsw code to transparently stream images directly from ZIP or ↵ | Nikias Bassen | 9 | -355/+272 | |
extracted ipsw This allows flashing directly from IPSW archive without having to extract it first, and ultimately removes the "Extracting filesystem from IPSW" part. Restoring from extracted IPSW is also supported, just pass the path to the directory that has all the files from a given IPSW. | |||||
2023-09-14 | autoconf: Link against libusbmuxd too | Nikias Bassen | 1 | -0/+2 | |
2023-09-14 | tss: Make missing ApNonce non-fatal for IMG3 | Nikias Bassen | 1 | -2/+1 | |
For IMG3 devices, DFU does not provide ApNonce, but a valid SHSH is needed to boot into iBSS (which then does provide ApNonce). Thanks to @tihmstar for providing the fix! | |||||
2023-09-13 | normal: Don't do unpair before entering recovery mode, remove pairing record ↵ | Nikias Bassen | 1 | -6/+4 | |
afterwards instead | |||||
2023-09-13 | restore: Remove plist debug print for non-existent UniqueBuildID | Nikias Bassen | 1 | -1/+4 | |
and print it in a better format if it does exist | |||||
2023-09-06 | fdr: Fix a debug log message | Nikias Bassen | 1 | -1/+1 | |
2023-09-06 | tss: Bump auth client version to match iOS 16.5 | Daniel VanBritsom | 1 | -1/+1 | |
Sourced from the iOS 16.5 UpdateBrain.dylib | |||||
2023-07-25 | Add generic TSS request generator | Clément Decoodt | 1 | -2/+67 | |
This uses the DeviceGeneratedRequest and DeviceGeneratedTags to generate the full TSS request. This allows to have a more future-proof approach to new firmware names they add. | |||||
2023-07-25 | Add SE,ChipID 0x2C | Clément Decoodt | 1 | -1/+1 | |
2023-07-25 | Display iBoot boot stage | Clément Decoodt | 2 | -0/+29 | |
This helps debugging cases where the iDevice does not go into stage 2 because of a missing firmware | |||||
2023-07-25 | Add support for incoherent iBoot parameters | Clément Decoodt | 1 | -5/+7 | |
Some firmwares to load during iBoot stage 1 can have both: - isLoadedByiBoot = false - isLoadedByiBootStage1 = true This allows to load it at stage 1 | |||||
2023-05-23 | Use DeviceGeneratedRequest plist for SE TSS requests | Clément Decoodt | 2 | -8/+22 | |
2023-04-21 | Updated to use latest libplist API | Nikias Bassen | 1 | -1/+1 | |
2023-04-14 | Allow setting custom TSS request URL through command line switch | Nikias Bassen | 2 | -6/+34 | |
2023-04-13 | img4: Remove unused debug code | Nikias Bassen | 1 | -31/+0 | |
2022-10-19 | restore: Fix compilation error due to wrong variable name | Nikias Bassen | 1 | -2/+2 | |
2022-10-19 | restore: Only print boot object v3/v4 plist in debug mode | Nikias Bassen | 1 | -2/+8 | |
2022-10-18 | Use limera1n_is_supported instead of compatibility check added with previous ↵ | Nikias Bassen | 1 | -17/+1 | |
commit | |||||
2022-10-12 | Check if device is limera1n-vulnerable for --pwn option | Alfie Cockell Gwinnett | 1 | -8/+30 | |
2022-10-11 | recovery: Also send "go" and "reset" commands with bRequest set to 1 | Nikias Bassen | 1 | -2/+2 | |
2022-10-08 | recovery: Send bootx with bRequest set to 1 for all platforms | Nikias Bassen | 1 | -1/+1 | |
2022-10-05 | recovery: set bRequest to 1 when sending bootx command | Munehisa Kamata | 1 | -1/+1 | |
In macOS 13 beta 8 or newer release, bootx seems to fail if bRequest is 0 in the control transfer setup. Then, the device fails to enter restore mode. Seems like something has changed in iBEC since beta 8 and Apple Configurator 2 has set it to 1, so do the same thing. While this could be applied for all *OS variants, it's limited to macOS for now just to be safe. Signed-off-by: Munehisa Kamata <kamatam@amazon.com> | |||||
2022-10-04 | img4: Add support for stitching with additional TBM data | Nikias Bassen | 3 | -7/+191 | |
2022-10-02 | Reduce memory usage for SourceBootObjectV4 images | Nikias Bassen | 4 | -91/+201 | |
2022-09-25 | tss: Add preliminary code to set UID_MODE | Nikias Bassen | 1 | -0/+12 | |
2022-09-25 | tss: Make sure vinyl tags include eUICC,Gold and eUICC,Main digests | Nikias Bassen | 1 | -0/+19 | |
... as well as eUICC,ApProductionMode which was missing before. | |||||
2022-09-21 | img4: Add some more component tags | Nikias Bassen | 1 | -16/+28 | |
2022-09-21 | tss: Add NeRDEpoch to TSS requests for newer devices (iPhone 13 and up) | Nikias Bassen | 1 | -0/+2 | |
2022-09-20 | ipsw: Add some NULL checks to ipsw_extract_to_file_with_progress() | Nikias Bassen | 1 | -1/+12 | |
2022-09-16 | tss: Don't add @BBTicket in tss_request_new() | Nikias Bassen | 2 | -2/+1 | |
2022-09-16 | Fix Cryptex1 and Cryptex1LocalPolicy TSS request handling | Nikias Bassen | 3 | -15/+74 | |
2022-08-29 | restore: Add support for Cryptex1LocalPolicy firmware updater | Nikias Bassen | 1 | -10/+23 | |
2022-08-29 | restore: use an appropriate ticket for Cryptex1 global manifest | Munehisa Kamata | 1 | -7/+24 | |
macOS 13 introduced a new global manifest for Cryptex1 and it requires tickets found in Firmware/Manifests/restore/cryptex1/macOS Customer/ inside an IPSW, but we currently do not use the tickets and end up unexpected behavior on a Mac device after restoring, e.g. bputil fails to downgrade security mode due to "Cryptex1 manifest verification failed". This adds a proper handling to use the appropriate tickets. Signed-off-by: Munehisa Kamata <kamatam@amazon.com> | |||||
2022-08-23 | tss: Skip components with IsFTAB:true when adding AP tags to request | Nikias Bassen | 1 | -0/+6 | |
This should fix devices failing to enter restore mode due to an incorrect signature for the repective components. | |||||
2022-06-28 | restore: Don't print 'Attempting to continue after critical error' warning ↵ | Nikias Bassen | 1 | -1/+1 | |
when no error was detected This only occurred when using --ignore-errors command line option. | |||||
2022-06-28 | Make sure to exactly match the passed variant when using --variant | Nikias Bassen | 3 | -9/+9 | |
2022-06-27 | Add --variant command line switch to specify build identity to use | Nikias Bassen | 2 | -4/+16 | |
2022-06-27 | Ignore 'Research*' variant in build identity selection | Nikias Bassen | 1 | -2/+2 | |
2022-06-27 | ipsw: Add workaround for missing RestoreBehavior entries for ipsw info | Nikias Bassen | 1 | -1/+9 | |
2022-06-27 | Don't print an error message when RestoreBehavior is missing | Nikias Bassen | 1 | -13/+6 | |
2022-06-27 | ipsw: Improve error message when fwrite fails | Nikias Bassen | 1 | -2/+2 | |
2022-06-23 | Support iOS 16.0 Beta 2 (#506) | Emma Lethaltail | 1 | -0/+1 | |
2022-06-20 | Remove more serial number checks, and get ECID early on in all modes | Nikias Bassen | 8 | -135/+31 | |
Some devices seem to not have a serial number, usually in restore mode, which will cause the restore operation to fail since we specifically check for it. An earlier commit already removed the actual comparison in favor of comparing the ECID, but some checks would still result in restore failures as it can't retrieve the serial number on said devices at all. This commit also makes sure to get the ECID in all modes as early as possible and removes all the helper functions for it since they are not needed anymore. |