special libimobiledevice version needed? about ipwndfu HOT 21 CLOSED

Try running ./ipwndfu -p first. This will exploit your phone into pwned DFU Mode.

from ipwndfu.

did that with redsn0w.
Tried with pwned DFU and normal DFU but I get the same error on both. So libimobiledevice version doesn't matter?

from ipwndfu.

If you are restoring an IPSW in iTunes, either one works.

libimobiledevice is not the issue here.

You can't use pwned DFU Mode from redsn0w before running ipwndfu -x. You must use ipwndfu -p to go into pwned DFU Mode, my jailbreak tool requires a special pwned DFU Mode (I have a modified, improved exploit payload) to install alloc8 exploit which redsn0w doesn't have.

from ipwndfu.

Thanks this helped me a lot. But when the iPhone reboots it's stuck at a white screen and gives me the following error. System is a debian

root@deb:/home/usr/ipwndfu# ./ipwndfu -x
Installing alloc8 exploit to NOR.
Dumping NOR, part 1/8.
Dumping NOR, part 2/8.
Dumping NOR, part 3/8.
Dumping NOR, part 4/8.
Dumping NOR, part 5/8.
Dumping NOR, part 6/8.
Dumping NOR, part 7/8.
Dumping NOR, part 8/8.
NOR backed up to file: nor-backups/nor-00000077010DED4F-20170415-151049.dump
Sending iBSS.
Waiting for iBSS to enter Recovery Mode.
Sending iBSS payload to flash NOR.
Traceback (most recent call last):
File "./ipwndfu", line 533, in
device.flash_nor(new_nor)
File "./ipwndfu", line 425, in flash_nor
recovery.send_data(device, payload)
File "/home/usr/ipwndfu/recovery.py", line 33, in send_data
assert device.write(0x04, data[index:index + amount], 1) == amount
AssertionError

from ipwndfu.

Is this Debian install running in a virtual machine?

This might be just a random issue. Have you tried rebooting your phone and trying the process again?

from ipwndfu.

Debian is on a physical acer machine freshly installed.
And I did try a reboot and got the same behaviour. Tried iOS 3.1 and 5.0.1 both with the same white screen.

Edit:
Did some further testing and it looks like it get stuck at sending the payload. The restore it self looks clean because I can tethered boot with redsn0w.
iPhone is a Week 38 2010 device. Does that matter?

from ipwndfu.

Guess you don't know why the error is happening. Any way I could help you to debug or send you some needed informations?

from ipwndfu.

It is odd. I have not seen this issue before, and I don't think anyone else reported it either.

You are correct, it fails at the step of sending the payload for iBSS. You mentioned that you also have a Mac.

Could you try to use my tool on a Mac? It does not use libimobiledevice at all, so that shouldn't matter. Could you make sure your dependencies are installed (as described in README) and then running the following 2 commands?

$ ./ipwndfu -p
$ ./ipwndfu -x

If there are errors, let me know what the exact errors messages are.

from ipwndfu.

Okay I did a clean install of macOS 10.11.6. Did all the patching and noticed the mac file is called libusb-1.0.dylib not libusb-1.0.0.dylib anymore. Restored with redsn0w CFW from 6.1.6 to 5.0.1.

Run:
$ ./ipwndfu -p
Worked as expected
$ ./ipwndfu -x
Gave me this error

Installing alloc8 exploit to NOR.
Dumping NOR, part 1/8.
Dumping NOR, part 2/8.
Dumping NOR, part 3/8.
Dumping NOR, part 4/8.
Dumping NOR, part 5/8.
Dumping NOR, part 6/8.
Dumping NOR, part 7/8.
Dumping NOR, part 8/8.
NOR backed up to file: nor-backups/nor-00000077010DED4F-20170419-012828.dump
Sending iBSS.
Waiting for iBSS to enter Recovery Mode.
Sending iBSS payload to flash NOR.
Traceback (most recent call last):
File "./ipwndfu", line 534, in
device.flash_nor(new_nor)
File "./ipwndfu", line 426, in flash_nor
recovery.send_data(device, payload)
File "/Users/mth/Desktop/ipwndfu/recovery.py", line 33, in send_data
assert device.write(0x04, data[index:index + amount], 1) == amount
File "/Library/Python/2.7/site-packages/usb/core.py", line 948, in write
self.__get_timeout(timeout)
File "/Library/Python/2.7/site-packages/usb/backend/libusb1.py", line 824, in bulk_write
timeout)
File "/Library/Python/2.7/site-packages/usb/backend/libusb1.py", line 920, in __write
_check(retval)
File "/Library/Python/2.7/site-packages/usb/backend/libusb1.py", line 595, in _check
raise USBError(_strerror(ret), ret, _libusb_errno[ret])
usb.core.USBError: [Errno 60] Operation timed out

After the error my device is stuck at the white screen. Does this error help you?

from ipwndfu.

Yes, thanks! Could you try hard rebooting your phone and trying the same thing one more time?

from ipwndfu.

Hard reboot: Hold Power + Lock buttons for 5-6 seconds until the screen turns black.

from ipwndfu.

Did you verify the SHA1 hash before you patched the file? If you patched libusb-1.0.dylib instead of libusb-1.0.0.dylib without checking the hash, it might have been patched incorrectly.

from ipwndfu.

Yeah I checked he SHA1 and they were diffrent to yours. I thought this is because im on EL Capitan and not Sierra.

from ipwndfu.

Yeah it's solved! I did a reboot and tried again and now it was successful. So it looks like it's not possible to use linux after all? If you want I can test how far I can downgrade before I get the 28 iTunes error?

from ipwndfu.

Hmm, I don't recommend applying the patch if the SHA1 hash doesn't match, it likely won't work. it seems that you got lucky and it worked this time.

I don't know what is broken when you use Debian, and I don't know how many users used Linux successfully with my tool.

The way it works now is just a temporary solution, and it is a bit complicated. I'm working on making a custom IPSW tool so you can simply restore an IPSW in iTunes to jailbreak. This should prevent a lot of the random issues that might occasionally happen with the current tool.

Because your phone is from 2010, you should be able to downgrade to 4.x and 3.x. If you ever try, let me know if it worked, and I'll add the info to my compatibility list. Thanks for the help!

from ipwndfu.

I need to do the patching because without I can't even bring my device in pwned DFU.

And I did some further testing. My Week 38 2010 iPhone is able to restore back to iOS 3.1.
Interesting I tried an other even older iPhone 3GS and got the same error as yesterday but this time a reboot did not fix it by the first try. It looks like a random success since the next clean restore and mac restart gave me the same error.

I don't want to sound rude and I'm very thankfull for your work but it might be better to wait until you finish the custom IPSW tool. Will your tool be able to creare custom IPSW for iOS 3.0? Is there an opportunity I might can help?

from ipwndfu.

Yep, you did need to patch libusb to make it work, however different files (identified by having a different hash) need their own patch. If you don't have the right patch for your file, applying the wrong patch leads to unpredictable results. You might corrupt libusb and any software which depends on it could be broken or behave unpredictably. This problem might be caused by that, or it could be something else.

brew reinstall libusb
openssl sha1 /usr/local/Cellar/libusb/1.0.21/lib/libusb-1.0.0.dylib

This will reinstall libusb. Could you post the SHA1 hash from the second command?

from ipwndfu.

got this hash

7845d1bc03a4a79721bd2b088c75e61de19cf9e4

Can you provide the correct patch or do I need to find the patch my self?

from ipwndfu.

I'll make the patch.

from ipwndfu.

Libusb on Mountain Lion, Mavericks, Yosemite, El Capitan, and Sierra is now automatically set up and does not have to be installed or patched.

Try again and let me know if it works.

from ipwndfu.

My Week 38 2010 iPhone is able to restore back to iOS 3.1.

Thanks for the report. I added it to the list in JAILBREAK-GUIDE.

assert device.write(0x04, data[index:index + amount], 1) == amount
AssertionError

I believe I fixed that issue on Debian on April 19 with f4dab58, it should now work.

usb.core.USBError: [Errno 60] Operation timed out

There were some things I changed this week which should fix this issue or at least make it happen less often. Let me know if this is still an issue.

I don't want to sound rude and I'm very thankfull for your work but it might be better to wait until you finish the custom IPSW tool. Will your tool be able to creare custom IPSW for iOS 3.0?

I agree that this tool is not user friendly. I want to make a custom IPSW tool which will be much easier to use, but I'm not sure how soon I will be able to do that. iOS 3.0 is the first version I want to do.

Feel free to reopen if you are still seeing any of the issues reported earlier.

from ipwndfu.