Prometheus

From The iPhone Wiki
Revision as of 00:34, 3 January 2017 by IAdam1n (talk | contribs) (Waiting for device...)
Jump to: navigation, search

Prometheus is a tool that can be used to upgrade/downgrade previously signed iOS versions on 64-bit devices.

Requirements

  • jailbroken 64-bit device (except iPhone 5s and iPad Air that generate the same nonce multiple times
  • SHSH2 saved with tsschecher

FAQ

This FAQ guide was written by tihmstar.


Q: What iOS's does it support?

A: Prometheus is not really limited to any specifiy iOS. promethues itself is the idea to restore a firmware by using replayed tickets and upgrading sep+baseband. futurerestore allows you to select an ios and apticket which is being used during restore, as well as baseband and sep which will get a fresh ticket and also restored. Right now it only makes sense to restore to iOS 10.x firmware, as the iOS 10 SEP does not work with iOS 9 (and probably lower). You need to be careful though, because if apple stops signing iOS 10.2 and lets say iOS 10.3 SEP is not compatible with 10.1.1 anymore, than you can't even really restore to 10.1.1


Q: Do I need to be currently jailbroken?

A: If you're jailbroken (with tfp0) you can use the generator method. This allows you to put a generator to nvram to force generate a specifiy APNonce. This makes it really convinient to make the device generate the same APNonce which is also inside your APTicket. (in case you know the generator for that nonce). I personally did run noncestatistics to figure out what nonce is generated the most on my iPhone5s (this only works with devices which do have collisions). Then i requested an 10.1.1 ticket for that specific nonce while it was signed. So now i can use the reboot-until-nonce-matches method for restoring my iPhone5s. If you didn't do all this, you probably can't restore without a jailbreak


Q: Which jailbreaks support TFP0?

A: Afaik ios 7 and ios 8 have tfpo, iOS 9.1 by pangu has host_get_special_port and qwerty's jbme has host_get_special_port. the 10.x has tfp0


Q: What devices are supported?

A: In theory all 64bit device should be supported. Right now iPhone7 and iPhone7+ are not supported, but that is something which could probably be fixed with an update. Also there are some bugs in futurerestore, but once everything is ruled out, all 64bit device should be supported. Right now i have no plans in testing 32bit, but i think that the method could work with 32bit. If someone wants to adjust futurerestore for 32bit, go ahead, sourcecode is on github


Q: I saved SHSH2 with the nonces that had collisions on iOS 9 for iPhone 5s/iPad Air but none are found when on iOS 10. What do I do?

A: iOS 10 has different colliding nonces to iOS 9. If the nonces you saved SHSH2 cannot be found once you are on iOS 10 and you require the collision method, then you are out of luck and can't use Prometheus.


Q: My device is stuck on "Waiting for device...". What can I do?

A: This happens if you have saved SHSH2 but it has the wrong boardconfig. To check the boardconfig or more information on this, see this post.

External links

tutorial
tihmstar's talk
noncestatistics