Closed shMatrix closed 11 months ago
edwin170
commented
11 months ago If you want to fix recovery mode, try copying the firmware/all_flash/* from an IPSW of the version you are or were on before the downgrade to the IPSW for the iOS that you want to downgrade. This should restore recovery mode. remember after future restore success restore it to the original ipsw
edwin170
commented
11 months ago and remember that when you do jailbreak, activate the local boot
shMatrix
commented
11 months ago Nothing helped. How to restore device at all?
Itunes DFU Mode gives me 4014 error.
./downr1n.sh stuck on
[*] Waiting for the ramdisk to finish booting
May be the device is still not fully discharged. Don't know how to verify this.
edwin170
commented
11 months ago Nothing helped. How to restore device at all? Itunes DFU Mode gives me 4014 error. ./downr1n.sh stuck on
[*] Waiting for the ramdisk to finish bootingMay be the device is still not fully discharged. Don't know how to verify this.
please force reboot and put it on the real dfu mode and then try boot or restore with itune if you want it.
shMatrix
commented
11 months ago I force rebooted the device, put to real DFU (power+home button 10~sec, release power button and hold ~10sec) then executed ./binaries/Linux/gaster pwn got this:
ser@user-Latitude-E5470:~/downr1n/binaries/Linux$ sudo ./gaster pwn
usb_timeout: 5
usb_abort_timeout_min: 0
[libusb] Waiting for the USB handle with VID: 0x5AC, PID: 0x1227
CPID: 0x7001
Found the USB handle.
Stage: RESET
ret: true
[libusb] Waiting for the USB handle with VID: 0x5AC, PID: 0x1227
CPID: 0x7001
Found the USB handle.
Stage: SETUP
ret: true
[libusb] Waiting for the USB handle with VID: 0x5AC, PID: 0x1227
CPID: 0x7001
Found the USB handle.
Stage: SPRAY
ret: true
[libusb] Waiting for the USB handle with VID: 0x5AC, PID: 0x1227
CPID: 0x7001
Found the USB handle.
Stage: PATCH
ret: true
[libusb] Waiting for the USB handle with VID: 0x5AC, PID: 0x1227
CPID: 0x7001
Found the USB handle.
Now you can boot untrusted images.and tried to restore via Itunes. Itunes gives same error 4014
Unexpected device state 'DFU' expected 'Recovery' (Probably forced into DFU mode externally)
edwin170
commented
11 months ago I force rebooted the device, put to real DFU (power+home button 10~sec, release power button and hold ~10sec) then executed ./binaries/Linux/gaster pwn got this:
ser@user-Latitude-E5470:~/downr1n/binaries/Linux$ sudo ./gaster pwn usb_timeout: 5 usb_abort_timeout_min: 0 [libusb] Waiting for the USB handle with VID: 0x5AC, PID: 0x1227 CPID: 0x7001 Found the USB handle. Stage: RESET ret: true [libusb] Waiting for the USB handle with VID: 0x5AC, PID: 0x1227 CPID: 0x7001 Found the USB handle. Stage: SETUP ret: true [libusb] Waiting for the USB handle with VID: 0x5AC, PID: 0x1227 CPID: 0x7001 Found the USB handle. Stage: SPRAY ret: true [libusb] Waiting for the USB handle with VID: 0x5AC, PID: 0x1227 CPID: 0x7001 Found the USB handle. Stage: PATCH ret: true [libusb] Waiting for the USB handle with VID: 0x5AC, PID: 0x1227 CPID: 0x7001 Found the USB handle. Now you can boot untrusted images.and tried to restore via Itunes. Itunes gives same error 4014
Unexpected device state 'DFU' expected 'Recovery' (Probably forced into DFU mode externally)
when it says "Now you can boot untrusted images." it means that the exploit did it correctly so you just need --boot
shMatrix
commented
11 months ago Yeah, but it's not booting.
The script is stopping on:
[*] Waiting for the ramdisk to finish booting
Instead of turning on the screen and starting to boot, I see in the background that the device disappears for a couple of minutes in device manager, and then is detected again in DFU mode. Meanwhile the script continues showing:
[*] Waiting for the ramdisk to finish booting
and nothing happens next.
I was told that after downgrade A8X device can get deep sleep and only fully discharging can get the device out of it. Maybe this is the case? Anyway, could you please help me to restore device?
edwin170
commented
11 months ago Yeah, but it's not booting. The script is stopping on:
[*] Waiting for the ramdisk to finish bootingInstead of turning on the screen and starting to boot, I see in the background that the device disappears for a couple of minutes in device manager, and then is detected again in DFU mode. Meanwhile the script continues showing:[*] Waiting for the ramdisk to finish bootingand nothing happens next. I was told that after downgrade A8X device can get deep sleep and only fully discharging can get the device out of it. Maybe this is the case? Anyway, could you please help me to restore device?
let it discharger complete like 2 days and after that restore using iTunes
Any chances to fix deep sleep for A8X devices? In my case it goes deep sleep right away after screen is locked and I have to wait while it's fully discharged.