+ Reply
Results 1 to 5 of 5

Your favorite Apple, iPhone, iPad, iOS, Jailbreak, and Cydia site.


Thread: Need Iphone 3Gs .faith files

is a discussion within the

3G[S] Downgrading

forums, a part of the

Jailbreak / Downgrading / Upgrading

section;
Hello, I'm Working on a way to modify the .shsh files to make it possible to downgrade to any version of the IOS possible for the Iphone 3gs. I need
...
  1. #1
    What's Jailbreak?
    Join Date
    Dec 2013
    Posts
    3
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Default Need Iphone 3Gs .faith files
    Hello, I'm Working on a way to modify the .shsh files to make it possible to downgrade to any version of the IOS possible for the Iphone 3gs. I need people to post their .ifaith files that that can be generated from Ifaith v1.4.1 to v1.5.1 straight from the Iphone. I at least need a .ifaith for IOS v4.0 and v6.1.3. However I would also like to get as many .ifaith files as possible for all of the IOS versions released by apple. The reason why I would like all versions is I believe that in each version of the ios apple didn't just create an MD5 hash for the Iphone itself but in fact created a hash for key elements in the OS itself that would be different to other IOS versions but not to that specific version of IOS. Any help would be greatly appreciated, Thanks...

  2. #2
    What's Jailbreak?
    Join Date
    Dec 2013
    Posts
    3
    Thanks
    0
    Thanked 0 Times in 0 Posts

    If anybody can help by supplying these files would be much appreciated. If my idea works I will be posting a tutorial on how to do it don't give up the battle apple shouldn't dictate on what we do with our phones.

  3. #3
    Super Galactic Moderator Orby's Avatar
    Join Date
    Aug 2010
    Location
    Omicron Persei Eight
    Posts
    5,684
    Thanks
    40
    Thanked 571 Times in 522 Posts

    Unfortunately, the SHSH files are signed including the ECID value, which varies from device to device, even amongst the same firmware version. The same is true for one particular device from one firmware version to another. You are correct in that the device does not generate one sole certificate for checking the integrity of firmware. From iOS 4 through 6, anywhere between five and twenty different pieces of firmware are accompanied by SHSH blobs. With iOS 7, this has been reduced to two to three pieces (LLB, iBSS, and on some devices, iBEC).

    Unless you have a way to defeat the signature checking (aside from an old-bootrom 3GS), or have an exploit in the RSA or SHA-1 algorithms (the iPhone doesn't use MD5 in any of its security protocols as far as I am aware), this avenue probably won't prove terribly effective.

  4. The Following User Says Thank You to Orby For This Useful Post:

    Alfroggy (12-02-2013)

  5. #4
    What's Jailbreak?
    Join Date
    Dec 2013
    Posts
    3
    Thanks
    0
    Thanked 0 Times in 0 Posts

    I understand what your saying if you look at the .SHSH file itself. However if you look at the .ifaith format that ifaith save these files into in the older versions their might be something we can take advantage in the iOS encryption check. I have a link showing people how to edit the .ifaith file and create an .ipsw. The only problem with this method is since it does a check in boot you have to use resn0w to jailbreak and to get it to boot. My solution to this problem is if we can get the slob files to the firmwares that we want to use all we have to do is edit that particular .ifaith file to our devices specifications and them you would have a signed firmware. This is the link I found with how to at least downgrade.

    [iOS] Downgrading without shsh | iOS analytics

  6. #5
    Super Galactic Moderator Orby's Avatar
    Join Date
    Aug 2010
    Location
    Omicron Persei Eight
    Posts
    5,684
    Thanks
    40
    Thanked 571 Times in 522 Posts

    Quote Originally Posted by acerti View Post
    I understand what your saying if you look at the .SHSH file itself. However if you look at the .ifaith format that ifaith save these files into in the older versions their might be something we can take advantage in the iOS encryption check. I have a link showing people how to edit the .ifaith file and create an .ipsw. The only problem with this method is since it does a check in boot you have to use resn0w to jailbreak and to get it to boot. My solution to this problem is if we can get the slob files to the firmwares that we want to use all we have to do is edit that particular .ifaith file to our devices specifications and them you would have a signed firmware. This is the link I found with how to at least downgrade.

    [iOS] Downgrading without shsh | iOS analytics
    If you edit a SHSH blob (which is all an iFaith file is, ultimately), even just one bit, you'll change the requisite hashes and thus break the RSA signature. If the signature has been broken, no iDevice will boot the file unless either you correctly re-sign the new blob (which would require Apple's private key) or bypass the signature check. Hence why you need to bootstrap the device using the limera1n exploit via redsn0w. This could be done theoretically without the hoopla of dancing around with old versions of iFaith...

    However, the best argument against doing this is even noted in that article: not only is the device a tethered boot, but any device using this method, seemingly randomly, can enter a hard DFU mode that requires a full restore to exit.

    There is a reason iFaith has integrity checks to ensure that blob version and IPSW version match. It would be much more logical and far more stable for any device that is susceptible to limera1n use a properly signed IPSW accompanied by a tethered jailbreak.

Posting Permissions
  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts