Connect with us

Prometheus downgrade tool released, here’s what you need to know

Apple News

Prometheus downgrade tool released, here’s what you need to know

iOS hacker tihmstar has simply introduced freeing Prometheus downgrade tool which can be utilized (in some instances) to downgrade or improve your iPhone to recently unsigned firmware.

We extremely suggest studying our previous post about Prometheus downgrade tool, we already mentioned it intimately.

Background

Prometheus isn't a unmarried GUI tool, however a choice of equipment together with “nonceenabler”, “futurerestore” and “img4tool”. In combination, they have the improve/downgrade capability.

Prometheus can be utilized in two tactics. One makes use of “nonceenabler” and “futurerestore” in combination. That is extra dependable and quicker, however calls for a jailbreak, and .shsh2 blobs stored with a generator. The second one method makes use of most effective “futurerestore”, does now not require a jailbreak, however makes use of a probabilistic assault which would possibly take a very long time to paintings (or now not paintings at all). This 2d means nonetheless calls for .shsh2 blobs, however stored with a selected nonce and no generator. This handiest turns out to paintings for sure units, and would possibly take perpetually.

Necessities

  • A 64-bit software, with the exception of the iPhone 7(+). Don't trouble making an attempt with a 32-bit tool or an iPhone 7(+).
  • In maximum instances, a jailbreak at the firmware you are leaving.
    (Now not be required on some iPhone 5s and iPad Air, when the use of the nonce collision way).
  • If the use of Prometheus with a jailbreak, stored .shsh2 blobs for the firmware you need to repair to, with a generator. The generator is a box inside the .shsh2 document, which may also be noticed by way of opening it and taking a look close to the top of the report.
  • If the use of Prometheus and not using a jailbreak, stored .shsh2 blobs for the firmware you need to repair to, created the use of one (or extra) of the 5 particular nonces given out via tihmstar, that have been discovered to paintings maximum incessantly in a probabilistic assault.
  • If the use of Prometheus with a jailbreak, the jailbreak will have to have “tfp0” capability (“host_get_special_port” workaround could also be advantageous). This regulations out some jailbreaks.

Procedure

There's some confusion over how to apply tihmstar’s procedure, because it isn't unified. Relying in your state of affairs, you will have to apply extra than one video to whole the method. If you have your blobs stored with a generator and feature a present jailbreak, practice Steps 1 and 2. If you have your blobs stored with the 5 nonces tihmstar made public, and are making an attempt the method and not using a jailbreak, pass immediately to Step 2.

1) The video beneath presentations you how to use your jailbreak to set a selected nonce for your tool. The good thing about this is that when the precise nonce has been manually set (which can fit the generator within the .shsh2 information you stored), the repair shall be accredited instantly at the first check out, because the nonce and .shsh2 turbines fit.
Subsequently, the use of Prometheus this manner is beneficial if you have a jailbreak. Practice the above video and set your nonce with “nonceenabler”. As soon as the nonce is about and the software is in restoration mode (from 0:00 – 10:35 within the above video), you can transfer onto Step 2.

 2) The video under presentations how to repair an unsigned firmware onto your software, the use of the “futurerestore” element of Prometheus. If you simply got here from Step 1 and feature set your nonce, apply the directions from the start of the video up to 5:53, however forget about any communicate concerning the nonce collision way. At 5:53, pay shut consideration to what he says. Your software will already be in restoration mode and you will have to omit the “-w” flag right here. Then proceed with the directions (you won't have to wait during the rebooting level which the video presentations).

If you simply got here from Step 1 and have set your nonce, apply the directions from the start of the video up to 5:53, however forget about any communicate concerning the nonce collision means. At 5:53, pay shut consideration to what he says. Your tool will already be in restoration mode and you will have to omit the “-w” flag right here. Then proceed with the directions (you won't have to wait during the rebooting level which the video presentations).

If you don't have any jailbreak and began at Step 2, practice the whole thing of the video under to the letter, the use of some of the generated nonces. It's going to take a couple of mins, or an unknown quantity of time, as a result of you could have to use the nonce-collision approach. That is probabilistic and is determined by some good fortune/time. You can not use your jailbreak to instantly create the suitable nonce for you.
In combination, those two movies duvet the entire strategy of downgrading with Prometheus, the use of each the “nonceenabler jailbreak approach” and the “nonce collision no-jailbreak approach”.
Comments

More in Apple News

Popular

Featured

Noteworthy

Advertisement
To Top