The iPhone Wiki is no longer updated. Visit this article on The Apple Wiki for current information. |
Difference between revisions of "IRecovery"
m (→Features: Fixed up a wiki markup typo.) |
m |
||
(43 intermediate revisions by 16 users not shown) | |||
Line 1: | Line 1: | ||
− | {{DISPLAYTITLE: |
+ | {{DISPLAYTITLE:iRecovery}} |
− | iRecovery is a libusb-based CLI utility for Mac OS X, Linux, and Windows. It is able to talk to [[iBoot]] and [[iBSS]] via USB. It's completely open source; the source code is released under the terms of the GNU GPL v3. The full license text can be found in the LICENSE file on github. |
+ | iRecovery is a libusb-based CLI utility for Mac OS X, Linux, and Windows. It is able to talk to [[iBoot (Bootloader)|iBoot]] and [[iBSS]] and [[iBEC]] via USB. It's completely open source; the source code is released under the terms of the GNU GPL v3. The full license text can be found in the LICENSE file on github. |
+ | Please note that there is no official compiled version available. |
||
It currently connects to: |
It currently connects to: |
||
− | * [[DFU 0x1227|0x1227]] ([[DFU]]/[[WTF]] Mode 2.0) |
+ | * [[DFU 0x1227|0x1227]] ([[DFU Mode]]/[[WTF]] Mode 2.0) |
− | * [[Recovery Mode (Protocols)#Recovery_Mode_2.x_.28DevID.3D0x1281.29|Recovery Mode 0x1281]] (Recovery Mode/iBSS) |
+ | * [[Recovery Mode (Protocols)#Recovery_Mode_2.x_.28DevID.3D0x1281.29|Recovery Mode 0x1281]] (Recovery Mode/iBSS/iBEC) |
==Credits== |
==Credits== |
||
Line 10: | Line 11: | ||
==Thanks== |
==Thanks== |
||
− | pod2g, tom3q, planetbeing, geohot and posixninja. |
+ | [[User:Pod2g|pod2g]], [[tom3q]], [[User:Planetbeing|planetbeing]], [[User:Geohot|geohot]] and [[User:posixninja|posixninja]]. |
==Features== |
==Features== |
||
===DFU 2.0 (0x1227)=== |
===DFU 2.0 (0x1227)=== |
||
− | It can upload a file, such as an iBSS, so that you can unplug and spawn a shell with 0x1281. |
+ | It can upload a file, such as an [[iBSS]], so that you can unplug and spawn a shell with 0x1281. |
===Recovery 2.0 (0x1281)=== |
===Recovery 2.0 (0x1281)=== |
||
Line 36: | Line 37: | ||
./iRecovery -k |
./iRecovery -k |
||
Sends Chronic Dev's + Geohot's latest usb exploit. Implemented into blackra1n. |
Sends Chronic Dev's + Geohot's latest usb exploit. Implemented into blackra1n. |
||
− | This was updated near |
+ | This was updated near {{date|2009|10|17}}. [http://github.com/posixninja/irecovery posixninja's fork] |
In newer builds this is now -e |
In newer builds this is now -e |
||
Line 43: | Line 44: | ||
./iRecovery -a |
./iRecovery -a |
||
or by sending /auto-boot in a shell. |
or by sending /auto-boot in a shell. |
||
+ | |||
+ | In newer builds it is now: |
||
+ | ./iRecovery -n |
||
====USB Reset==== |
====USB Reset==== |
||
Line 49: | Line 53: | ||
====Batch Scripting==== |
====Batch Scripting==== |
||
− | iRecovery now supports batch scripting, this allows you to send commands to iBoot from a pre written list of commands, this also |
+ | iRecovery now supports batch scripting, this allows you to send commands to iBoot from a pre written list of commands, this also supports scripting such as /auto-boot and /upload <file> |
./iRecovery -b <file> |
./iRecovery -b <file> |
||
or in a shell: |
or in a shell: |
||
Line 57: | Line 61: | ||
You can now send raw commands via the -x21 -x40 or -xA1 flags |
You can now send raw commands via the -x21 -x40 or -xA1 flags |
||
− | == |
+ | ==Example Output== |
+ | |||
+ | iRecovery -s |
||
+ | ====================================== |
||
+ | :: |
||
+ | :: iBSS for n82ap, Copyright 2009, Apple Inc. |
||
+ | :: |
||
+ | :: BUILD_TAG: iBoot-596.24 |
||
+ | :: |
||
+ | :: BUILD_STYLE: RELEASE |
||
+ | :: |
||
+ | :: USB_SERIAL_NUMBER: CPID:8900 CPRV:30 CPFM:03 SCEP:05 BDID:04 ECID:000003293C113D76 IBFL:00 |
||
+ | :: |
||
+ | ======================================= |
||
+ | |||
+ | Entering recovery mode, starting command prompt |
||
+ | ] printenv |
||
+ | build-style = "RELEASE" |
||
+ | build-version = "iBoot-596.24" |
||
+ | config_board = "n82ap" |
||
+ | loadaddr = "0x9000000" |
||
+ | boot-command = "fsboot" |
||
+ | bootdelay = "0" |
||
+ | auto-boot = "true" |
||
+ | idle-off = "true" |
||
+ | boot-device = "nand0" |
||
+ | boot-partition = "0" |
||
+ | boot-path = "/System/Library/Caches/com.apple.kernelcaches/kernelcache.s5l8900x" |
||
+ | display-color-space = "RGB888" |
||
+ | display-timing = "optC" |
||
+ | framebuffer = "0xfd00000" |
||
+ | secure-boot = "0x1" |
||
+ | |||
+ | == Supported Raw Commands == |
||
+ | |||
+ | Currently Supported by All Firmware:<br> |
||
+ | Reboot - Reboots Iphone |
||
+ | |||
+ | More IBoot Commands Information:<br> |
||
+ | http://code.google.com/p/chronicdev/wiki/iBootCommands |
||
+ | |||
+ | NOTE: 'bgcolor' appears to be no longer supported -- requires confirmation. |
||
+ | |||
+ | ==Forks== |
||
[http://github.com/iH8sn0w/irecovery iH8sn0w/irecovery] |
[http://github.com/iH8sn0w/irecovery iH8sn0w/irecovery] |
||
Line 63: | Line 110: | ||
==Updates== |
==Updates== |
||
− | + | * A C++ port is also in the works dubbed iRecovery++ (by [[User:GreySyntax|GreySyntax]]) can be found at [http://github.com/NSPwn/iRecoveryplusplus GitHub/NSPwn/iRecoveryplusplus] |
|
+ | * [https://www.openjailbreak.org/projects/libirecovery-2-0/repository libiRecovery 2.0 in development by OpenJailBreak.org] |
||
− | |||
+ | * A VB.NET GUI port for Windows has been made under the name [[GiRecovery|Zeratul]]. |
||
− | A C++ port is also in the works dubbed iRecovery++ more info here [http://github.com/GreySyntax/iRecoveryplusplus GreySyntax/iRecoveryplusplus] |
||
==Download== |
==Download== |
||
+ | *[https://github.com/Chronic-Dev/libirecovery Chronic-Dev - libiRecovery (Mac OS X | Linux | Windows)] |
||
− | [http://github.com/westbaer/irecovery Offical Repository / Download here] |
||
+ | *[https://github.com/GreySyntax/iRecoveryplusplus GreySyntax - iRecovery++ (Mac OS X| Linux | Windows (Possibly))] |
||
+ | |||
+ | |||
+ | Note: Source only. |
||
+ | |||
+ | [[Category:Hacking Software]] |
Latest revision as of 14:05, 17 September 2021
iRecovery is a libusb-based CLI utility for Mac OS X, Linux, and Windows. It is able to talk to iBoot and iBSS and iBEC via USB. It's completely open source; the source code is released under the terms of the GNU GPL v3. The full license text can be found in the LICENSE file on github. Please note that there is no official compiled version available.
It currently connects to:
- 0x1227 (DFU Mode/WTF Mode 2.0)
- Recovery Mode 0x1281 (Recovery Mode/iBSS/iBEC)
Contents
Credits
westbaer
Thanks
pod2g, tom3q, planetbeing, geohot and posixninja.
Features
DFU 2.0 (0x1227)
It can upload a file, such as an iBSS, so that you can unplug and spawn a shell with 0x1281.
Recovery 2.0 (0x1281)
File Uploading
You can upload a file to 0x9000000 with the following syntax:
./iRecovery -f file
In newer builds that use libusb-1.0 this is now
./iRecovery -u file
Two-Way Shell
You can spawn a shell to do all sorts of neat things with the syntax:
./iRecovery -s
Once it has spawned, you can type 'help' and iBoot will respond with its built-in command list.
Single Command
./iRecovery -c "command"
Sends a single command to the device *without* spawning a shell.
usb_control_msg(0x21, 2) Exploit Command
./iRecovery -k
Sends Chronic Dev's + Geohot's latest usb exploit. Implemented into blackra1n. This was updated near 17 October 2009. posixninja's fork In newer builds this is now -e
Auto Boot
You can now enable auto-boot by running:
./iRecovery -a
or by sending /auto-boot in a shell.
In newer builds it is now:
./iRecovery -n
USB Reset
Reset USB
./iRecovery -r
Batch Scripting
iRecovery now supports batch scripting, this allows you to send commands to iBoot from a pre written list of commands, this also supports scripting such as /auto-boot and /upload <file>
./iRecovery -b <file>
or in a shell:
/batch <file>
Raw Commands
You can now send raw commands via the -x21 -x40 or -xA1 flags
Example Output
iRecovery -s
====================================== :: :: iBSS for n82ap, Copyright 2009, Apple Inc. :: :: BUILD_TAG: iBoot-596.24 :: :: BUILD_STYLE: RELEASE :: :: USB_SERIAL_NUMBER: CPID:8900 CPRV:30 CPFM:03 SCEP:05 BDID:04 ECID:000003293C113D76 IBFL:00 :: ======================================= Entering recovery mode, starting command prompt ] printenv build-style = "RELEASE" build-version = "iBoot-596.24" config_board = "n82ap" loadaddr = "0x9000000" boot-command = "fsboot" bootdelay = "0" auto-boot = "true" idle-off = "true" boot-device = "nand0" boot-partition = "0" boot-path = "/System/Library/Caches/com.apple.kernelcaches/kernelcache.s5l8900x" display-color-space = "RGB888" display-timing = "optC" framebuffer = "0xfd00000" secure-boot = "0x1"
Supported Raw Commands
Currently Supported by All Firmware:
Reboot - Reboots Iphone
More IBoot Commands Information:
http://code.google.com/p/chronicdev/wiki/iBootCommands
NOTE: 'bgcolor' appears to be no longer supported -- requires confirmation.
Forks
Updates
- A C++ port is also in the works dubbed iRecovery++ (by GreySyntax) can be found at GitHub/NSPwn/iRecoveryplusplus
- libiRecovery 2.0 in development by OpenJailBreak.org
- A VB.NET GUI port for Windows has been made under the name Zeratul.
Download
- Chronic-Dev - libiRecovery (Mac OS X | Linux | Windows)
- GreySyntax - iRecovery++ (Mac OS X| Linux | Windows (Possibly))
Note: Source only.