IRecovery

From The iPhone Wiki
Revision as of 16:55, 30 July 2010 by Dialexio (talk | contribs) (Updates)
Jump to: navigation, search

iRecovery is a libusb-based CLI utility for Mac OS X, Linux, and Windows. It is able to talk to iBoot and iBSS via USB. It's completely open source; the source code is released under the terms of the GNU GPL v3. The full license text can be found in the LICENSE file on github.

It currently connects to:

Credits

westbaer

Thanks

pod2g, tom3q, planetbeing, geohot and posixninja.

Features

DFU 2.0 (0x1227)

It can upload a file, such as an iBSS, so that you can unplug and spawn a shell with 0x1281.

Recovery 2.0 (0x1281)

File Uploading

You can upload a file to 0x9000000 with the following syntax:

./iRecovery -f file

In newer builds that use libusb-1.0 this is now

./iRecovery -u file

Two-Way Shell

You can spawn a shell to do all sorts of neat things with the syntax:

./iRecovery -s

Once it has spawned, you can type 'help' and iBoot will respond with its built-in command list.

Single Command

./iRecovery -c "command"

Sends a single command to the device *without* spawning a shell.

usb_control_msg(0x21, 2) Exploit Command

./iRecovery -k 

Sends Chronic Dev's + Geohot's latest usb exploit. Implemented into blackra1n. This was updated near October 17, 2009. posixninja's fork In newer builds this is now -e

Auto Boot

You can now enable auto-boot by running:

./iRecovery -a

or by sending /auto-boot in a shell.

USB Reset

Reset USB

./iRecovery -r

Batch Scripting

iRecovery now supports batch scripting, this allows you to send commands to iBoot from a pre written list of commands, this also suports scripting such as /auto-boot and /upload <file>

./iRecovery -b <file>

or in a shell:

/batch <file>

Raw Commands

You can now send raw commands via the -x21 -x40 or -xA1 flags

Example Output

iRecovery -s

======================================
::
:: iBSS for n82ap, Copyright 2009, Apple Inc.
::
:: BUILD_TAG: iBoot-596.24
::
:: BUILD_STYLE: RELEASE
::
:: USB_SERIAL_NUMBER: CPID:8900 CPRV:30 CPFM:03 SCEP:05 BDID:04 ECID:000003293C113D76 IBFL:00
::
=======================================

Entering recovery mode, starting command prompt
] printenv
build-style = "RELEASE"
build-version = "iBoot-596.24"
config_board = "n82ap"
loadaddr = "0x9000000"
boot-command = "fsboot"
bootdelay = "0"
auto-boot = "true"
idle-off = "true"
boot-device = "nand0"
boot-partition = "0"
boot-path = "/System/Library/Caches/com.apple.kernelcaches/kernelcache.s5l8900x"
display-color-space = "RGB888"
display-timing = "optC"
framebuffer = "0xfd00000"
secure-boot = "0x1"


Maintained Forks

iH8sn0w/irecovery

GreySyntax/irecovery

Updates

Chronic Dev Team is working on converting iRecovery to a library. [1].

A C++ port is also in the works by GreySyntax, dubbed iRecovery++. [2]

A VB.NET port is current under development (by Fallensn0w. [3]

Download

Offical Repository / Download here