horrorho / inflatabledonkey Goto Github PK

Our CloudKit protobuf definitions work well but are now quite ancient. There is a newer partial dump available obtained using Protod on Windows binaries. Only a small subset are recoverable using this tool.

I don't have access to them and I haven't tried, but using Protod on dumped iOS CloudKitDaemon framework binaries could possibly work wonders.

I now also have the reverse engineering chops to pull protobuf definitions kicking and screaming out of Windows binaries, although it takes more effort and the field names aren't often present.

I succesfully create jar file, then type
java -jar InflatableDonkey.jar [email protected] password

And retreive list of snapshots, then select one and app stucks on
Retrieving snapshot: 93 MB iPhone Anton Fedorov (iOS 9.1) 2016-09-05T09:23:54.092Z

What should I do to fix it? Can you help me?

This is not an issue. This is a thank you and evidence that it is working, at leas works with iOS 9.1 backups, idk about 9.3 but for 9.1 is perfect. I run it an a Windows Machine and everything is god

:) pretty god job

I tried to use the Java and found a serious problem. The reason to fail to detect iCloud backup within iOS 9.3+ and higher is that the length of protectionInfo.getProtectionInfo(located in protectionInfo) is discordant with ASN1. The length of wrong files is always 59 bytes，but the length of analysis is larger than this. Thus, it causes parse()(located in DERUtils) displaying abnormally. I fail to analysis it. BTW, I find almost all iOS 9.3+ devices encounter this problem while downloading backups. I hope someone can give me some suggestions

Could you please explain, why InflatableDonkey retrieve data from previous snapshots while I need filed from specified one? For example, I have 3 snapshots (initial, second and third). I've not completely downloaded initial (it is 19G size) and want to download only third (100M). When I said to retrieve it with "--snapshot 2" I see that it is downloading files from initial snapshot. Just trying to understand the logic behind that. I'm thinking about workflow like this:

1. user specify date range to get some data type (for example, call logs)
2. execute "script" and expect to receive only logs from specified time range

Would that require script to retrieve all previous backups history to get data from specified date range or not?

Hi,
This is great tool, but I have a problem.
I can't read plist file download from any domain.
it is in binary plist format, but can't open and can't convert to xml format.
do you know why ?

Hello,
Hope you are doing well. I'm getting handshake exception for one device which os version 9.3.2. except for this device other ones working properly. if you want credentials i'll give no problem

There are two types of Data Protection encryption that may be present on files, namely AES-CBC and AES-XTS. The AUTO switch, which is enabled by default, is only accurate about 95% of the time. As far as I'm aware the same mode is used throughout the backup.

If you experience file corruption please try switching between the modes manually with either --mode CBC or --mode XTS. The logger output should tell you which mode you're currently in, so try the other one.

Hopefully someone out there who knows how it works will let us know... Failing that, there is a workaround I'll implement at some point.

Hello,

Thanks for this wonderful code all you you managed to write.
I'm calling for your help as I work on a program that uses iOS backups. Since iOS 10.2, they changed the way backup encryption work (if you enabled it with a password)

The keybag has now 3 new entries in its header, namely "DPWT", "DPIC", "DPSL".

DPWT is equal to 1 (WT = Weight? Wrap Type?)
DPSL is a salt of a 20 bytes length
DPIC is a iteration count (i guess) of 10'000'000 (I think it is related to this : http://ftp.ripe.net/rfc/authors/rfc8018.txt, search for 10,000,000)

As for what DP stands for, I'd go for either Data Protection, or Derivated Password, ... not sure.

Now when you try to unwrap the keys contained inside the backup with only the password derived with PBKDF2 it fails, so I think they added an extra layer of security.

I tried many and many combination, and if you want you can access here a script in python that do the tests and shows my tries here

Another addition is that the Manifest.db is fully encrypted, and a new entry has appeared in Manifest.plist which is "manifiestKey", of 44 bytes. However the first four bytes never changes (04 00 00 00) even between devices, so I suggest we can drop it and use the last 40 bytes as a wrapped key.

Again I'm free if you have any questions regarding this.

I have about 3gb of backup in my account but the inflatableDonkey cant find the device. Its ok with ios 9 but not with 9.3 any solutions ?

Hi @horrorho . I'm getting this error. Any idea?

<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
    <dict>
        <key>protocolVersion</key>
        <string>2</string>

        <key>localizedError</key>
        <string>MOBILEME_TERMS_OF_SERVICE_UPDATE</string>

    </dict>
</plist>
    at com.github.horrorho.inflatabledonkey.responsehandler.DonkeyResponseHandler.handleResponse(DonkeyResponseHandler.java:53)
    at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:222)
    at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:164)
    at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:139)
    at com.github.horrorho.inflatabledonkey.cloud.accounts.Accounts.account(Accounts.java:56)
    at com.github.horrorho.inflatabledonkey.Main.main(Main.java:138)

Im using an apple ID that keeps returning as bad apple id/not an icloud account

I know the phone is using iOS 10 but part of me thinks the issue is the fact the password has a $ in it, is there any way to get around this?

Hi,

I understand that this is experimental software, so I'm not sure if this is a known issue or not. I'm trying to recover a backup from my iCloud account but the files are not being decrypted for some reason, I've had some success with another iCloud account as a test, but none with my own, not really sure why as they are both from iPhones running iOS9.

The files are downloaded but are unreadable and this is what is shown in the output:
11:29:25.289 [main] WARN c.g.h.i.data.der.DERUtils - -- parse() - failed decode: {} java.lang.IllegalArgumentException: tag mismatch, expected 1 got 2490 at com.github.horrorho.inflatabledonkey.data.der.DER.asApplicationSpecific(DER.java:121) ~[InflatableDonkey.jar:na] at com.github.horrorho.inflatabledonkey.data.der.ProtectionInfo.<init>(ProtectionInfo.java:109) ~[InflatableDonkey.jar:na] at com.github.horrorho.inflatabledonkey.data.der.DERUtils.parse(DERUtils.java:57) [InflatableDonkey.jar:na] at com.github.horrorho.inflatabledonkey.data.der.DERUtils.parse(DERUtils.java:47) [InflatableDonkey.jar:na] at com.github.horrorho.inflatabledonkey.pcs.xzone.ProtectionZoneAssistant.importProtectionInfo(ProtectionZoneAssistant.java:161) [InflatableDonkey.jar:na] at com.github.horrorho.inflatabledonkey.pcs.xzone.ProtectionZone.newProtectionZone(ProtectionZone.java:123) [InflatableDonkey.jar:na] at com.github.horrorho.inflatabledonkey.pcs.xzone.ProtectionZone.newProtectionZone(ProtectionZone.java:116) [InflatableDonkey.jar:na] at com.github.horrorho.inflatabledonkey.cloud.clients.AssetTokenClient.asset(AssetTokenClient.java:94) [InflatableDonkey.jar:na] at com.github.horrorho.inflatabledonkey.cloud.clients.AssetTokenClient.lambda$assets$0(AssetTokenClient.java:87) [InflatableDonkey.jar:na] at java.util.stream.ReferencePipeline$3$1.accept(Unknown Source) ~[na:1.8.0_91] at java.util.stream.ReferencePipeline$3$1.accept(Unknown Source) ~[na:1.8.0_91] at java.util.stream.ReferencePipeline$2$1.accept(Unknown Source) ~[na:1.8.0_91] at java.util.ArrayList$ArrayListSpliterator.forEachRemaining(Unknown Source) ~[na:1.8.0_91] at java.util.stream.AbstractPipeline.copyInto(Unknown Source) ~[na:1.8.0_91] at java.util.stream.AbstractPipeline.wrapAndCopyInto(Unknown Source) ~[na:1.8.0_91] at java.util.stream.ReduceOps$ReduceOp.evaluateSequential(Unknown Source) ~[na:1.8.0_91] at java.util.stream.AbstractPipeline.evaluate(Unknown Source) ~[na:1.8.0_91] at java.util.stream.ReferencePipeline.collect(Unknown Source) ~[na:1.8.0_91] at com.github.horrorho.inflatabledonkey.cloud.clients.AssetTokenClient.assets(AssetTokenClient.java:90) [InflatableDonkey.jar:na] at com.github.horrorho.inflatabledonkey.Backup.assets(Backup.java:113) ~[InflatableDonkey.jar:na] at com.github.horrorho.inflatabledonkey.Main.main(Main.java:241)~[InflatableDonkey.jar:na]`

Thanks for your hard work!

This is what I get immediately after I run the utility with a username + password, when it tries to load the snapshots.

[main] WARN c.g.h.i.c.c.BackupAccountClient - -- backupAccount() - failed to retrieve protection info
Exception in thread "main" java.util.NoSuchElementException: No value present
at java.util.Optional.get(Optional.java:135)
at com.github.horrorho.inflatabledonkey.BackupAssistant.backupAccount(BackupAssistant.java:89)

Is it possible to do for 2 way factor authentication enabled Appli Ids

While 2FA is not yet implemented inside InflatableDonkey, I've found that pyicloud (https://github.com/picklepete/pyicloud/) able to pass 2FA process, but it cannot operate with backups as InflatableDonkey. In my project, I'm looking for some kind of combination to allow 2FA apple IDs to use InflatableDonkey super power :) I'd put more efforts to make this working this week but still not sure if it is conceptually possible.

When I try to log in using 2FA enabled appleid I get obvious error message, with key indication:

localizedError
ACCOUNT_INVALID_HSA_TOKEN

My understanding is that icloud servers expect to get some header with that HSA Token. After some digging inside pyicloud, I've found that during their 2FA validation process, there are some cookie params with similar name, something like "....WEB_HSA_TRUSTED..." (I'm sorry i cannot tell exact param name right now). Does anybody know what it is that and if it is even possible to extract HSA_TOKEN from pyicloud to use in InfatableDonkey "--token" process.

Is it possible to download less than an entire domain? For instance, instead of downloading the entire HomeDomain, is there a way to simply download the Notes folder from the HomeDomain?

Any help with this matter would be greatly appreciated.

Hello:

First of all - thank you for your great work! I used this app to extract data i needed from my phone - but before I could do that I had to go through the hassle of backing up my phone to iCloud - as I never used it before. I'm planning to do this for another phone of mine - and if I could just modify your app to point to local folder instead, that would be useful.

I'm not a Java guy - but I assume you have something like the following pseudo-code:

downloadiCloudBackup(string userName, string password, string tempFolder);
processBackup(string tempFolder);

if that's the case - can you please point me to corresponding module - so I can update the logic to skip downloading and instead use local backup folder? or am I totally mistaken and these things are not compatible at all?..

Thanks again.

I've been having a problem with backups being downloaded with blank image and video files. The files are the sizes they should be but there's nothing on them if that makes sense. It's only with some downloads though, I don't know if it's an issue with the backup or the program but help would be appreciated.

Thank you!

Hi,

I had tried to debug the code in Eclipse LUNA. and also installed maven as plugin in eclipses. few error are there at run-time. Please help me out to resolve these errors.

Description Resource Path Location Type
The method map(Function<? super Object,? extends R>) in the type Stream is not applicable for the arguments (KeyBagID::new) KeyBagManager.java /InflatableDonkey/src/main/java/com/github/horrorho/inflatabledonkey line 109 Java Problem

The type KeyBagID does not define KeyBagID(Object) that is applicable here KeyBagManager.java /InflatableDonkey/src/main/java/com/github/horrorho/inflatabledonkey line 109 Java Problem

The type Map.Entry does not define getKey(Object) that is applicable here BackupAssistant.java /InflatableDonkey/src/main/java/com/github/horrorho/inflatabledonkey line 117 Java Problem

The type Map.Entry does not define getValue(Object) that is applicable here BackupAssistant.java /InflatableDonkey/src/main/java/com/github/horrorho/inflatabledonkey line 117 Java Problem

The type of uuid(byte[]) from the type KeyBlob is Optional<byte[]>, this is incompatible with the descriptor's return type: Optional KeyBagManager.java /InflatableDonkey/src/main/java/com/github/horrorho/inflatabledonkey line 106 Java Problem

The type of uuid(byte[]) from the type KeyBlob is Optional<byte[]>, this is incompatible with the descriptor's return type: Optional KeyBagManager.java /InflatableDonkey/src/main/java/com/github/horrorho/inflatabledonkey line 106 Java Problem

Type mismatch: cannot convert from Map<Object,Object> to Map<SnapshotID,Device> BackupAssistant.java /InflatableDonkey/src/main/java/com/github/horrorho/inflatabledonkey line 110 Java Problem

The type Map.Entry does not define getKey(Object) that is applicable here BiMapSet.java /InflatableDonkey/src/main/java/com/github/horrorho/inflatabledonkey/util line 59 Java Problem

The type Map.Entry does not define getKey(Object) that is applicable here BiMapSet.java /InflatableDonkey/src/main/java/com/github/horrorho/inflatabledonkey/util line 66 Java Problem

The type Map.Entry does not define getValue(Object) that is applicable here BiMapSet.java /InflatableDonkey/src/main/java/com/github/horrorho/inflatabledonkey/util line 59 Java Problem

The type Map.Entry does not define getValue(Object) that is applicable here BiMapSet.java /InflatableDonkey/src/main/java/com/github/horrorho/inflatabledonkey/util line 66 Java Problem

Type mismatch: cannot convert from Map<Object,Set> to Map<K,Set> BiMapSet.java /InflatableDonkey/src/main/java/com/github/horrorho/inflatabledonkey/util line 54 Java Problem

Type mismatch: cannot convert from Map<Object,Set> to Map<V,Set> BiMapSet.java /InflatableDonkey/src/main/java/com/github/horrorho/inflatabledonkey/util line 61 Java Problem

Just found some issue with call history data. Based on InflatableDonkey --help, there are new set of parameters - "--item-type" where it is possible to easily set what type of data you want to retrieve. There are option "CALL_HISTORY(call_history.db)" supposed to download call history db, but there is no such a file in my backups, but there are "CallHistory.storedata" inside HomeDomain. Probably it is a bug in help, but more problematic is that I see data inside this file ended by 11 of August, while there were a lot of calls after till today (22 of August). Also, I've found that inside 3 existing snapshots from 2016-08-11, 2016-08-13 and 2016-08-21 this "CallHistory.storedata" identical for all snapshots and file date is exactly '2016-08-11'. If I compare that with sms.db - all is fine and and the latest snapshot contain data till 2016-08-21. Do you've an idea why that could happen?

Hi There,
It may confuse you.
I want to know what is the snapshot id 18AFF02F6FD2DE96A173C8B018A42D675ABDCCDE
Its not device unique id.

My objective is I want to get co-relate pyicloudService(https://github.com/picklepete/pyicloud) id with the above which is coming like:

{ u'i9vbKRGIcLYqJnXMd1b257kUWnoyEBcEh6yM+IfmiMLh7BmOpALS+w==': <AppleDevice(iPhone 4S: Johnny Appleseed's iPhone)> }

I am not a Java guy, trying to use it. Need your assistance to understand the problem.

Thanks in advance

horrorho sensei et all,
I noticed reincubate's iphone backup extractor gives you access to your photostream, which doesn't seem to be a part of the general backups. I deactivated my icloud backups (InflateableDonkey returns No Snapshots/No Devices), still with reincubate i can download my photostream data. anyone familiar with the icloud/photostream connections?

Hi,

I have tested with 2 devices. On both devices I can validate the email/password. I also get the name for the icloud account. But for both devices, I get the message that there are no backups

The first device is on ios 9.0.2 - I think it is possible that this script only works on 9.2
The second device is on ios 9.3.2 - for this it should not work from what others have reported.

Hello,

Sometimes some records have more encrypted key (in ProtectionInfo.EncryptedKeys) and when you try to get the master key in Optional encryptedKey(Set encryptedKeySet) you try only the first one.

Sometimes the other ones will work but not the first one, I made a quick fix (more of a hack) to try if it worked and it did.

This would be the new code, but as I said it's just a test code :

`Optional< byte[]> masterKey(Set encryptedKeySet, LinkedHashMap<KeyID, Key> keys) {
logger.info("-- masterKey2()");
Optional<byte[]> opb = encryptedKey(encryptedKeySet, false)
.flatMap(ek -> unwrapKey(ek, keys));

    if (!opb.isPresent())
    	return encryptedKey(encryptedKeySet, true)
                .flatMap(ek -> unwrapKey(ek, keys));
    else
    	return opb;
}

Optional<EncryptedKey> encryptedKey(Set<EncryptedKey> encryptedKeySet, boolean second)  {
    logger.info("-- encryptedKey() - encrypted key set: {}", encryptedKeySet);
    if (encryptedKeySet.size() != 1) {
        logger.warn("-- encryptedKey() - unexpected encrypted key count: {}", encryptedKeySet.size());
        if (second)
        {
        	Iterator it = encryptedKeySet.stream().iterator();
            EncryptedKey ek = (EncryptedKey) it.next();
            ek = (EncryptedKey) it.next();
            Optional<EncryptedKey> oek = Optional.of(ek);
            return oek;
        }
    }
    
    Optional<EncryptedKey> ek = encryptedKeySet.stream()
            .findFirst();
    
    return ek;
}`

Just so you know.

I know the mmeAuthToken can be retrieved during the authentication process, but is it possible to retrieve it afterwards from an already downloaded backup?

Hello,

Will you please give me a sample to download only HomeDomain folder and i need a Photos also..
Your help most appreciatable.

Hello,

I recently tried the new build on my icloud that was having issues previously with opening some app domain files, such as attachments, .plist files and more. Initially it chose CBC, the files were still unreadable, then I tried --mode XTS and they were still unreadable. Thank you for the hard word

Example with --mode XTS
18:14:34.939 [main] INFO c.g.h.i.file.FileAssembler - -- write() - written: backups/APPLEID/DEVICEHASH/20160717/AppDomainGroup-group.com.kik.chat/cores/private/75f5929ef6674491bffeb2f92d2e5b69/attachments/f23397a6-a80a-4671-9d45-bdff118f3868 status: true mode: AES_XTS flags: 0x0000000000bf4f0e01000001
Example without --mode XTS
18:29:37.509 [main] INFO c.g.h.i.file.FileAssembler - -- write() - written: backups/APPLEID/DEVICEHASH/AppDomainGroup-group.com.kik.chat/cores/private/75f5929ef6674491bffeb2f92d2e5b69/attachments/afbb82ff-51ff-4af2-9530-e7e82327f479 status: true mode: AES_CBC flags: 0x0000000000bf37f701000001

Hi,

I need some help. I tried downloading backup from icloud of ios 10.2 and 9.3. However, it turns out that dbs like sms, call history etc are either encrypted or corrupt in both the downloads and tools like sqlite manager ask for a key to view the dbs. Where can these keys be located? Please help.

Thankyou

I've had requests for assistance in analysing the call history data from iOS10 backups. I have no iOS10 devices to play with at present, so I cannot help at this time. Please chime in if you have knowledge/ suggestions on how the data is organised.

Unless someone can demonstrate a clear difference between the files on the iOS10 device and the backup recovered by InflatableDonkey (either via jailbreak or even another backup tool) I'm going to assume it's a purely analytical/ digital forensics issue. I need tangible evidence before labelling the issue as a bug.

Hi. Just wondering if you by any chance know if it is possible to get device UDID for iCloud 9 device. Currently I can't find anything like that in incoming data. I remember UDIDs were used as a primary device identifier back then for iCloud 8 and lower. Also, I wonder where Info.plist and Manifest.plist could be.

Hi,

first of all - thanks for developing this tool and keeping it up to date.

The issue is as follows:

From device labeled as "iPhone8,1 N71AP" the downloaded media files (images/video) are not readable if they are in whatsapp/messenger or pretty much any other directory other than camera roll. Camera roll stuff is completely fine.

Also on a side note, it would be much easier if it would be possible to at least have an option for all the whatsapp files to be dropped just in 'whatsapp' directory similar to camera roll rather than building the whole whatsapp directory tree which makes it way harder to access files. I understand that it probably pulls that way from the server but would it be possible that it just saves all files in main directory so you don't have to go through trees of directories to see the files?

Thanks!

I think I'm missing something here. Every time I've downloaded a backup, I only get the "temp" folder and nothing else. Just that folder filled with tmp files. Am I meant to decrypt them myself or is there something faulty with my setup? I should probably specify I've only tried this with media files thus far.

Hello there,

I really appreciate the work you do. I do not want to bug you but apparently, when using this I run into a peculiar error.

[main] �[34mINFO �[0;39m c.g.horrorho.inflatabledonkey.Main - -- main() - token: Optional.empty
[main] �[34mINFO �[0;39m c.g.horrorho.inflatabledonkey.Main - -- main() - Account: ************************
[main] �[31mWARN �[0;39m c.g.h.i.data.der.KeySet - ** KeySet()  - bad checksum OR code failure
[main] �[34mINFO �[0;39m c.g.horrorho.inflatabledonkey.Main - -- main() - output folder backups: *:\***********************\InflatableDonkey-master\target\backups\*************************
[main] �[34mINFO �[0;39m c.g.horrorho.inflatabledonkey.Main - -- main() - output folder chunk cache: *:\**************************\InflatableDonkey-master\target\backups\*************************\cache
[main] �[31mWARN �[0;39m c.g.h.i.c.c.BackupAccountClient - -- backupAccount() - failed to retrieve protection info
Exception in thread "main" java.util.NoSuchElementException: No value present
        at java.util.Optional.get(Unknown Source)
        at com.github.horrorho.inflatabledonkey.BackupAssistant.backupAccount(BackupAssistant.java:89)
        at com.github.horrorho.inflatabledonkey.Backup.snapshots(Backup.java:72)
        at com.github.horrorho.inflatabledonkey.Main.main(Main.java:139)

*:\************\InflatableDonkey-master\target>

Just notifying you what the error is about. Again I appreciate your work and I hope by providing this we can make it a more, stable release by trying to fix it. Thanks beforehand.

Hello!

Firstly, I want to say thank you for developing this great tool. It is exactly what I have been looking for.

Secondly, please forgive me if this question has already been covered, and if I word it in a less than technical manner.

Is there a way of using this tool with two-step verification enabled on my account? Can I obtain (and use) the DsPrsID/mmeAuthToken? I have tried using an app-specific password I generated, too, but this doesn't seem to work. I receive the following message:

[main] Warn c.g.h.i.cloud.auth.Authenticator - --authenticate() - HttpResponse Exception: Unauthorized: Exception in thread "main" org.apache.http.client.HttpResponseException: Bad appleID/ password or not an iCloud account?

at com.github.horrorho.inflatabledonkey.cloud.auth.Authenticator.authenticate(Authenticator.java:81)
at com.github.horrorho.inflatabledonkey.Main.main(Main.java:125)

Thanks in advance for any suggestions/updates on this matter.

Functionality/ optimisations that I would like to implement given time. Possibly of interest to those wanting to port this project.

• DsPrsID token caching. At present users are advised to manually handle dsPrsID tokens for repeated usage of an iCloud account. NB Do we need to obfuscate/ encrypt tokens?
• CloudKit token caching.
• Escrowed key bag caching. A full escrowed key bag SRP exchange is conducted each time the tool is called. This is unnecessary and slow, we can cache the escrowed key bag and verify matches using the supplied digest.
• Manifest cache for snapshots.
• Asset cache for snapshots. NB Tokens do expire after 48 hours.
• Cache purge. Over time our chunk cache may well become bloated and we have no way of removing obsolete chunk data. We would need to authorise all assets over all devices/ snapshots and then disregard the unneeded chunks. Consider a --purge command.
• Improved cached file reconstruction. As it is we reconstruct cached files from cached chunk data even if they already exist. This is potentially slow, particularly with physical storage devices. We can verify a file's presence/ hash and safely skip reconstruction. Also within the confines of a snapshot and assuming that data once written remains intact, we could just verify a file's presence/ length/ time stamp. The latter method although quick is potentially risky and we might want to issue a --force switch to override it.
• Empty files/ directories. At present these are ignored although we should really reconstruct them.
• iTunes style backups.
• Two-step verification.

Functionality I've been reluctant to implement.

• Post retrieval snapshot/ file manipulation. I've had numerous requests to organise files in numerous different ways post recovery. I believe this should remain outside the remit of this project as most modern operating systems already provide the necessary tools to accomplish this. Also in accommodating numerous file reorganisation strategies we risk significantly complicating our command line arguments.

Additionally:

• We aren't really there with separation of concerns, so to cleanly de-construct InflatableDonkey into core libraries: CloudKit, PCS, chunking etc. This would provide a foundation on which we can build other CloudKit based tools.

Hey,
I have an bug that with occurs when downloading from the any domain except for CameraRollDomain. iOS 9.2

Sample output looks like:

12:53:34.488 [main] WARN c.g.h.inflatabledonkey.KeyBagManager - -- keyBagClient() - IOException: com.github.horrorho.inflatabledonkey.exception.BadDataException KeyBagFactory, no key bag data 12:53:34.494 [main] WARN c.g.h.inflatabledonkey.KeyBagManager - --fetchKeyBag() - failed to fetch key bag: K:987KUL+uS4CC6p2PkXitRQ== 12:53:35.260 [ForkJoinPool-1-worker-0] WARN c.g.h.i.file.KeyBlobCurve25519Unwrap - -- doUnwrap() - no public key for protection class: 3 12:53:35.262 [ForkJoinPool-1-worker-0] WARN c.g.h.i.file.FileAssembler - -- decrypt() - failed to unwrap encryption key

Thank you for the help and your hard work on this project.

horrorho! First of all: where is that piggy bank of yours we can flood with love and gratefulness? this is an amazing project and i'm impressed by your persistence!

here are a couple of my feature ideas (rather low priority!)

• Filter multiple extensions at once like "--extension jpg,jpeg"
• Filter extensions on a higher abstraction level like "--extensions photos videos"
• Skip existing files
• optional flat output folder structure /output/file.ext vs. /device/snapshot/domain/d1/d2/file.ext

most respectfully –
a vampire in the darkness :)

On OSX 10.10

When I run mvn package I get this error :

src/main/java/com/github/horrorho/inflatabledonkey/SnapshotSelector.java:[67,25] incompatible types: inferred type does not conform to upper bound(s)
    inferred: ? extends java.util.Collection<com.github.horrorho.inflatabledonkey.data.backup.Snapshot>
    upper bound(s): java.util.Collection<com.github.horrorho.inflatabledonkey.data.backup.Snapshot>,java.lang.Object

    at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:212)
    at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:153)
    at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:145)
    at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject(LifecycleModuleBuilder.java:116)
    at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject(LifecycleModuleBuilder.java:80)
    at org.apache.maven.lifecycle.internal.builder.singlethreaded.SingleThreadedBuilder.build(SingleThreadedBuilder.java:51)
    at org.apache.maven.lifecycle.internal.LifecycleStarter.execute(LifecycleStarter.java:128)
    at org.apache.maven.DefaultMaven.doExecute(DefaultMaven.java:307)
    at org.apache.maven.DefaultMaven.doExecute(DefaultMaven.java:193)
    at org.apache.maven.DefaultMaven.execute(DefaultMaven.java:106)
    at org.apache.maven.cli.MavenCli.execute(MavenCli.java:863)
    at org.apache.maven.cli.MavenCli.doMain(MavenCli.java:288)
    at org.apache.maven.cli.MavenCli.main(MavenCli.java:199)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:483)
    at org.codehaus.plexus.classworlds.launcher.Launcher.launchEnhanced(Launcher.java:289)
    at org.codehaus.plexus.classworlds.launcher.Launcher.launch(Launcher.java:229)
    at org.codehaus.plexus.classworlds.launcher.Launcher.mainWithExitCode(Launcher.java:415)
    at org.codehaus.plexus.classworlds.launcher.Launcher.main(Launcher.java:356)

Any idea ?

Thanks !

Follow-up from #30

Thanks for the info, have overlooked the constructed types. Will need to read the resources more properly next time 😉. Quite like the online decoders. 👍

... I do have a private tool I created to rip the ASN1 templates that Apple uses from it's binaries. It's not polished and not easy to use, you need to provide it with the exact offset of the template. It's this tool that is responsible for the output you see in comments. I can upload it to GitHub if you like.

If you can then it would be great to share it with us. It could come handy in the future. Although for now I'm more then happy with the tools, docs and comments which you've provided.

Hi,
Thank you for your excellent work done. I have an bug that occurs when downloading Backup.
iOS 9.3.2

I try to download with other library i.e ricloud and its work fine.

sample out put looks like.
KeyBagClient - -- keyBag() - keybag UUID: K:fSpKrgFWR0+pTYQVorjAkA==
KeyBagManager - -- keyBagClient() - IOException: com.github.horrorho.inflatabledonkey.exception.BadDataException KeyBagFactory, no key bag data
KeyBagManager - --fetchKeyBag() - failed to fetch key bag: K:fSpKrgFWR0+pTYQVorjAkA==
KeyBlobCurve25519Unwrap - -- doUnwrap() - no public key for protection class: 3
FileAssembler - -- decrypt() - failed to unwrap encryption key

Thank you for the help and your hard work on this project.

Newer backups have non-sequential chunk offsets which are not properly handled. I'll issue a fix shortly.

This issue may be peculiar to InflatableDonkey in regards to the way it handles chunk data/ caching.

It seems to me that the couple last versions ignore the snapshot flag. I already tried using 1, 2 and -1 as arguments. Can someone else confirm this please? Also thanks @horrorho for the awesome job.

Hi
I ran the InflatableDonkey many times and until now everything worked great.

Today I tried to download a new backup (different user, different phone-iPhone 4, iOS 7.1.2) and I keep getting this output:

What maybe the reason?
Same result with username/password or token.

Thanks
Nir

There is a small chance with very slow connections that our authorization tokens expire and the download may abort. As a workaround just restart the backup process. File data is cached so the backup will largely resume where it left off.

This will be fixed in a future release.

First of all, I'd like to thank you for excellent work done. Could you please share your thoughts about upcoming iOS10 support? I expect that Apple guys would do some new changes into backup encryption algorithms. Do you've any expectations on that? Do you need some help in progressing this project (and may be porting to Python)? I suppose that the speed of new iOS version adoption is a key for this project success.

As most of you probably know, since iOS 8.3, Apple added the iCloud Photo Library feature, that makes all your photos and movies synced and updated automatically on all your devices.
Sadly, if this feature is turned on, the photos and movies are no longer saved in the "regular" iCloud backup.
InflatableDonkey is an amazing piece of work for downloading iCloud backups, and I was wondering if it is possible to add the feature of downloading the photo library as well? Or is it something completely different protocol wise?

Hi,

I had tried this code in java a excellent job is done for downloading ios backup. i want this code in c++ or vc++ or python because of dependency on java installation and framework to run this code. Can i run or make .exe of this code and run as a standalone executable without java dependency.

Hello there,

When retrieving a certain backup, I stumbled upon this error:

Exception in thread "main" org.apache.http.client.HttpResponseException: Service Unavailable: <html><body><b>Http/1.1 Service Unavailable</b></body> </html>
        at com.github.horrorho.inflatabledonkey.responsehandler.DonkeyResponseHandler.handleResponse(DonkeyResponseHandler.java:53)
        at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:222)
        at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:164)
        at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:139)
        at com.github.horrorho.inflatabledonkey.cloud.AuthorizeAssets.authorizeGet(AuthorizeAssets.java:115)
        at com.github.horrorho.inflatabledonkey.cloud.AuthorizeAssets.authorize(AuthorizeAssets.java:97)
        at com.github.horrorho.inflatabledonkey.DownloadAssistant.download(DownloadAssistant.java:81)
        at com.github.horrorho.inflatabledonkey.Backup.download(Backup.java:138)
        at com.github.horrorho.inflatabledonkey.Backup.download(Backup.java:102)
        at com.github.horrorho.inflatabledonkey.Main.main(Main.java:221)

I may be wrong, but this is because the tree path is too long and then this error occurs. Because I tried to delete that folder but then it gives an error that it can't delete because Source Path is too long.

Any ideas on fixing this if that's the case? Or is it maybe some other problem? Thanks beforehand

Exception in thread "main" java.nio.file.InvalidPathException: Illegal char <?> at index 22: Documents/WHERE_YOU_AT?!