+ Reply
Results 1 to 11 of 11

Your favorite Apple, iPhone, iPad, iOS, Jailbreak, and Cydia site.


Thread: Redsn0w V. 0.9.15b question

is a discussion within the

redsn0w

forums, a part of the

Jailbreak / Downgrading / Upgrading

section;
Hey guys How does Redsn0w identify the version of the IPSW you trying to use? I edited the .plist files in the IPSW and changed the name and it is
...
  1. #1
    What's Jailbreak?
    Join Date
    Mar 2013
    Posts
    5
    Thanks
    1
    Thanked 1 Time in 1 Post
    Wink Redsn0w V. 0.9.15b question
    Hey guys How does Redsn0w identify the version of the IPSW you trying to use? I edited the .plist files in the IPSW and changed the name and it is still saying it is 4.8.2 when I changed everything I could find to 6.1.2. What am I missing? Thank you, WN

  2. #2
    What's Jailbreak?
    Join Date
    Mar 2013
    Posts
    5
    Thanks
    1
    Thanked 1 Time in 1 Post
    Wink Issue solved!
    OK, I found the issue, I forgot to edit the .plist manifest and the .plist restore files with the 10B146. I did a successful downgrade from 6.1.2 to 4.2.8 without any saved blobs.

  3. #3
    My iPhone is a Part of Me bbrks's Avatar
    Join Date
    May 2012
    Posts
    890
    Thanks
    160
    Thanked 176 Times in 133 Posts

    Just curious, why did you go back to 4.2.8???

  4. #4
    Super Duper Moderator blkcadi's Avatar
    Join Date
    Aug 2008
    Location
     Valley of the Sun, ARIZONA ♥♥♥
    Posts
    30,268
    Thanks
    3,659
    Thanked 9,527 Times in 5,846 Posts

    ^agree, why? So many more features in the newer OS's

  5. #5
    Superbad Modder-ator Simon's Avatar
    Join Date
    Nov 2007
    Location
    Bermuda
    Posts
    46,244
    Thanks
    6,599
    Thanked 14,785 Times in 6,878 Posts

    Just editing a couple plist files isn't going to get you around the need for SHSH. If you did do what you claim you probably had SHSH on cydia without you realizing it. Cydia saves them automatically.


  6. #6
    What's Jailbreak?
    Join Date
    Mar 2013
    Posts
    5
    Thanks
    1
    Thanked 1 Time in 1 Post
    Hey guys, I did it just to do it. I got thrown into a new position at work and I am diving in head first to learn all this stuff. I have learned so much just by doing (it also helps that I am able to experiment with iPhones that are not mine I started on my quest after a few iPhones at work had WiFi issues after certain updates and none of the blobs were saved. My company repairs and refurbishes iDevices and I come from a PC repair background and I got put into the role of lead tech/software guy about a month ago. Any victory right now is a big one

    Quote Originally Posted by Simon View Post
    Just editing a couple plist files isn't going to get you around the need for SHSH. If you did do what you claim you probably had SHSH on cydia without you realizing it. Cydia saves them automatically.

    I did not use Redsn0w or Tinyumbrella to do this, I did it through iTunes with an altered IPSW file. I changed the signitures on the file and iTunes showed it was restoring to 6.1.2. As far as it knew I was not rolling back the iOS.
    Last edited by Wicked Newbie; 03-18-2013 at 01:23 PM.

  7. #7
    Superbad Modder-ator Simon's Avatar
    Join Date
    Nov 2007
    Location
    Bermuda
    Posts
    46,244
    Thanks
    6,599
    Thanked 14,785 Times in 6,878 Posts

    The method you are describing is not something new. It is a method tried in the past by people and known to not work. If restoring to previous firmware were as easy as "tricking" iTunes into thinking it is the latest firmware then we would have no need for SHSH at all would we?
    You also don't need to use tiny umbrella or redsnow to go back to 4.2.8. If you have ever at any point used tiny umbrella then your hosts file may have been changed to cydia's address instead of Apple's. That is one explanation into how this could have happened. The other is 4.2.8 is still being signed by Apple for whatever reason (4.1 is still signed for iPhone 3G/3GS).
    Even if you were to "downgrade" to 4.2.8 by tricking iTunes into thinking you were using a 6.1.2 firmware you would get an error at the baseband part of the restore since they require their own set of SHSH and are randomly generated by Apple for each restore.

    So basically what we have here is 2 real options if you received no baseband error:
    1: You are mistaken and did not do what you said
    2: Apple is still signing 4.2.8

    One way I could check/confirm this is with your ecid.

  8. #8
    Super Galactic Moderator Orby's Avatar
    Join Date
    Aug 2010
    Location
    Omicron Persei Eight
    Posts
    5,667
    Thanks
    40
    Thanked 569 Times in 520 Posts

    Well, here's what I'm thinking:

    The baseband portion of the restore isn't as pertinent here, as the baseband can be set to not upgrade as part of a redsn0w or other custom ramdisk without causing any restore errors--or the baseband error can just be bypassed on the Verizon iPhone 4.

    The limera1n exploit (what redsn0w and practically everything else uses as part of the jailbreaking process) will allow for any unsigned (or incorrectly signed, or mismatched) code to be written to the device at any level. Therefore, you could write a stock 4.2.8 IPSW to the device without the correct SHSH blobs inserted in the IMG3 files. However, past experiences taught us that such a device won't boot reliably or run stably, even with an untethered jailbreak.

    Now here's where it gets interesting. Starting in iOS 6.x, Apple only signs the "important" or bootrom-facing portions of their IPSWs. In the normal bootchain, the only parts of the code that are SHSH signed are the LLB and the kernelcache. iBoot and all subsequent code (except the kernelcache) are verified through other means. Since iBoot and LLB are overwritten during the boot-up process, and the kernel cache and userspace are pwned by a jailbreak, it just might be possible... with an IPSW stitched together JUST SO and probably jailbroken, too.

    I'd love to have a copy of the IPSW you used to do this, and a picture (or whatever is needed) of a root ssh session running the following commands:

    # date
    # uname -a
    # ps -awwx
    # sha1sum /Applications/Mobile*/Mobile*
    # sha1sum /System/Library/Caches/com.apple.kernelcaches/kernelcache

    Since I don't have a N92 device, this may take some finagling to test, but sunshine is the best disinfectant--and dogfooding of new claims.
    Last edited by Orby; 03-18-2013 at 05:21 PM.

  9. #9
    Superbad Modder-ator Simon's Avatar
    Join Date
    Nov 2007
    Location
    Bermuda
    Posts
    46,244
    Thanks
    6,599
    Thanked 14,785 Times in 6,878 Posts

    Quote Originally Posted by Orby View Post
    Well, here's what I'm thinking:

    The baseband portion of the restore isn't as pertinent here, as the baseband can be set to not upgrade as part of a redsn0w or other custom ramdisk without causing any restore errors--or the baseband error can just be bypassed on the Verizon iPhone 4.

    The limera1n exploit (what redsn0w and practically everything else uses as part of the jailbreaking process) will allow for any unsigned (or incorrectly signed, or mismatched) code to be written to the device at any level. Therefore, you could write a stock 4.2.8 IPSW to the device without the correct SHSH blobs inserted in the IMG3 files. However, past experiences taught us that such a device won't boot reliably or run stably, even with an untethered jailbreak.

    Now here's where it gets interesting. Starting in iOS 6.x, Apple only signs the "important" or bootrom-facing portions of their IPSWs. In the normal bootchain, the only parts of the code that are SHSH signed are the LLB and the kernelcache. iBoot and all subsequent code (except the kernelcache) are verified through other means. Since iBoot and LLB are overwritten during the boot-up process, and the kernel cache and userspace are pwned by a jailbreak, it just might be possible... with an IPSW stitched together JUST SO and probably jailbroken, too.

    I'd love to have a copy of the IPSW you used to do this, and a picture (or whatever is needed) of a root ssh session running the following commands:

    # date
    # uname -a
    # ps -awwx
    # sha1sum /Applications/Mobile*/Mobile*
    # sha1sum /System/Library/Caches/com.apple.kernelcaches/kernelcache

    Since I don't have a N92 device, this may take some finagling to test, but sunshine is the best disinfectant--and dogfooding of new claims.
    He said he didn't use redsnow to do this though. So no stitching and no limerain exploit came into play here.

  10. #10
    Super Galactic Moderator Orby's Avatar
    Join Date
    Aug 2010
    Location
    Omicron Persei Eight
    Posts
    5,667
    Thanks
    40
    Thanked 569 Times in 520 Posts

    Quote Originally Posted by Simon View Post
    He said he didn't use redsnow to do this though. So no stitching and no limerain exploit came into play here.
    In that case, I am now very interested to hear this.


  11. #11
    What's Jailbreak?
    Join Date
    Mar 2013
    Posts
    5
    Thanks
    1
    Thanked 1 Time in 1 Post
    Default Maybe, maybe not..
    Good morning guys On the surface it appears I was successful in my endeavor, what do I need to check to see if it was truly done? The iPhone was at 6.1.2 with no saved blobs anywhere. I customized 4.2.8 so that when I fired up iTunes and did the shift key shuffle and chose the IPSW iTunes saw it as 6.1.2 and restored the iPhone. It has since been restored again to 6.1.2 and put back into stock to be sold. When I have time to do this again to another iPhone I will let you guys know. What do you need from me so we can cross reference what I am hoping to acheive here? I am almost 99% certain I have done what I set out to accomplish, but there is that nagging 1%.... I would love to have all of your input on this, knowledge is power and more is better

Posting Permissions
  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts