Posts tagged Utilities
The iOS developer, @Notcom recently released an updated version of his TinyUmbrella to version 5.10.08. TinyUmbrella 5.10.08 can save iOS 5.1 SHSH blobs for the new iPad (iPad 3) and Apple TV 3G. You can download TinyUmbrella 5.10.08from the link below.
For those of you who don’t already know, TinyUmbrella lets you save SHSH blobs for the Apple TV, iPad, iPhone, and iPod Touch, which are required to be able to downgrade the device firmware to an older version. Alternatively, you can use tools like SHSH Blob Extractor or iSHSHit.
This is what Notcom has posted on his blog about this TinyUmbrella 5.10.08 update:
Welcome to the ‘Save SHSH’ Family!
With the new iPad 3 and Apple TV 3, it’s been quite busy. Add to that all the cool new information surrounding a few new iOS 5.1 jailbreaks and we have quite the party.
TinyUmbrella now has support for saving 5.1 SHSH for Apple TV 3 and the iPad 3 (all versions). As of now we still cannot restore them but we are working on getting that working from a bunch of angles. I’ll let you know more when I do.
Save your SHSH!
You can find the TinyUmbrella download links below along with the step-by-setp guide to save SHSH blobs with TinyUmbrella:
Download Tiny Umbrella v5.10.08
First and foremost, for those of you who are on iOS 5.0.1 already, you are out of luck. Now those of you who are still on iOS 5.0, you can now save not only your SHSH blobs but also your APtickets, which are used in Apple’s new firmware verification process. What exactly does this mean? It means that if you are on iOS 5.0 right now, and for some reason you need to restore (it updates to iOS 5.0.1) then you can have the option to downgrade back to iOS 5.0 granted you have used iFaith to save your APticket before you restored.
It should be noted that if you are on iOS 5.0.1 already, you CANNOT downgrade to iOS 5.0.
This is mainly for people who have saved their APtickets on iOS 5.0 as they will be the only ones who can downgrade back from iOS 5.0.1 to iOS 5.0.
An APticket is a piece of information, almost like a screenshot. When you use Apple’s iOS 5.0 firmware, your device has an APticket saved for iOS 5.0. When you update to iOS 5.0.1, our APticket changes to an iOS 5.0.1 APticket. This is how Apple keeps you from downgrading.
By using iFaith, you can not only save your SHSH blobs, but also your current iOS 5.0 APticket. This allows you to use the APticket you had for iOS 5.0 to downgrade back to iOS 5.0 from iOS 5.0.1 since your iOS 5.0 APticket is still valid. Now if you don’t save your APticket when you are on iOS 5.0, ten your new APticket is the one given to you by iOS 5.0.1, which means that you don’t have an APticket for iOS 5.0. Since you don’t have one, you cannot downgrade back to iOS 5.0 from iOS 5.0.1. In this case, iOS 5.0.1 would be the lowest you could go.
Currently, iFaith only supports Windows, as iH8sn0w is a Windows user himself. He is also the famous developer behind Sn0wbreeze, which is the Windows-only jailbreak tool. At this point in time, there isn’t any information regarding a Mac version and its release.
Download iFaith 1.4 for Windows
iFaith release notes:
iFaith v1.4 Release notes:
* Now dumps iOS 4.4.x (Apple TV 2)/5.0.x apticket + SHSH blobs!
* Dumping is MUCH faster.
* Full Windows XP support.
* Major code improvements.
* Bug fixes.
** DOES NOT SUPPORT A5 DEVICES YET! **
Now available at: http://iH8sn0w.com
“You gotta believe in the voltage that lives inside us,
So lets buckle up and break our walls down. (Whooooaahhoo)”
We recommend dumping your SHSH and APtickets if you’re on iOS 5.0. It will give you the option to downgrade back to iOS 5.0 anytime after you have used the software utility.
The Chronic Dev Team has recently published a blog post titled “Weapons of Mass Exploitation” where they provide an update on the untethered jailbreak for iOS 5. It was more of a call to action, asking the jailbreak community to help send in device crash reports via a tool they released called the C-Dev Reporter. The crash reports would help the Chronic Dev Team discover a vulnerability in iOS, which they could use to help release a jailbreak.
In the past, the Chronic Dev Team released GreenPois0n, which was a popular jailbreak tool for iOS 4.2.1. A few months back, they announced that they had discovered 5 new vulnerabilities in the iOS 5 beta and recently a bug in iOS 5 that could possibly help in developing an untethered jailbreak on iOS 5.
The Chronic Dev team has given the following update on the untethered jailbreak for iOS 5:
During my JailbreakCon talk in September, I was excited to announce that the Chronic Dev team had already discovered 5 different exploits for use in our upcoming jailbreak. Unfortunately, that announcement was a bit premature, because in the subsequent weeks, Apple found & patched a (critical) few of those exploits, between the beta versions we used for testing and the final release of iOS5 on October 12.
Sadly (and trust us, we are much more sad about this than any of you could possibly be), this has prevented us from being able to release a new jailbreak as quickly as we wanted to. As I hinted at earlier this week on Twitter, I was initially disheartened to think that so many of the countless hours we’ve worked on this jailbreak seemingly went right down the drain.
Not to mention, these are by no means the first exploits that have been “lost” by Chronic Dev (or any other iOS hacking teams) in this manner. In fact, these are just a few in a long-running series of exploits that were patched by Apple before we hackers could make use of them in a free jailbreak for you, our loyal fans.
They then went on to explain the method Apple uses to find vulnerabilities:
One of the primary challenges in working with userland exploits is that, every time any program crashes on your iPhone, a “crash report” is generated and instantly sent back to Apple. As you can imagine, while we’re working out all the kinks in the exploitation of a vulnerability, we may need to crash any particular program thousands & thousands of times.
It’s possible to change your iTunes settings to stop sending this diagnostic information back to Apple, and of course everyone in Chronic Dev has made this change on all our development machines. However, even this is not always 100% effective at preventing Apple from obtaining our data. For instance, if one of us is at a friend’s house and plugs our iPhone up to his or her computer (even just to charge it), it’s very likely that computer is set up to send all our valuable data & crash reports right back to Apple.
Chronic Dev team have released a new tool called C-Dev Reporter, which uses a similar method to help find the vulnerabilities:
All this program requires from you is to attach your iOS device to your computer and click a single button!
At this point, the program copies all the crash reports off your device (which, under normal circumstances, would be sent right back to Apple), and instead sends this data to a secure, private server hosted by your friendly Chronic Dev team. Next, our program proceeds to neuter your copy of iTunes, simply by changing your settings to prevent your computer from sending any further diagnostic information from your device to Apple.
Using this agglomeration of your crash reports and our ninja skills, Chronic Dev will be able to quickly pinpoint vulnerabilities in various programs by using the same techniques Apple currently employs. At the very least, your data will help point us in the direction of which applications are the most vulnerable, so we can focus our time & energy on these with laser-like intensity. And, of course, this will also prevent Apple from accessing all your valuable data, just so they can then turn around and use it against you.
You can download C-Dev Reporter using this link. As mentioned before, the idea of the new tool is to help in identifying new vulnerabilities and in turn result in a jailbreak for future iOS software updates, but it appears to be a long term solution. The news should come as a disappointment to iOS device users who have been eagerly waiting for an untethered jailbreak and in case of iPhone 4S and iPad 2 users a jailbreak for iOS 5.
As of now, it looks like Dev team who have jailbroken iPhone 4S are the only hope when it comes to releasing to jailbreak for iPhone 4S and iPad 2.
Source: Chronic Dev Team (blog)
Even for those of you who aren’t jailbreakers, TinyUmbrella is a great little app that allows you to save your iPhone, iPod touch or iPads SHSH blob files locally. Some of you may be wondering what SHSH blobs are and what the purpose of saving them might be. It is quite simple, if you have your blob files stored locally, you can downgrade your iDevice to an earlier version of iOS; useful if your iPhone gets hit with a bug in the latest version of iOS, or an app you can’t live without stops working.
If you are running iOS 5.0.1, you might want to head on by TinyUmbrella’s official website and grab the latest version: it’s been updated to save the latest version’s SHSH blob files. @notcom (the developer of Tiny Umbrella) did mention one caveat though: Even though you can store an iPhone 4S’s blob files locally with the new version of Tiny Umbrella, there’s no known way to restore them – so don’t expect to be downgrading your iPhone 4S anytime soon.
Even though there is still no working solution for restoring 5.x on iPhone 4S I have released a 5.01.00 so you can at least save 5.0.1 SHSH. I have added tentative support for at least saving 5.0.1 SHSHs for iPhone 4S but as of now we are unable to use them fully. As soon as more information is available I will update.
Still, we recommend saving them as they might come in handy in the future and they only take a few seconds to save!
For those of you who are not on an iPhone 4S and managed to save your iOS 5.0 SHSH blob, you can downgrade from iOS 5.0.1 to iOS 5.0. To do so, follow the steps here.
Download Tiny Umbrella v5.01.00
Apple recently released iOS 5.0.1 and the jailbreak community has been advised to not upgrade. Pod2g recently found an exploit that may help to provide an untethered jailbreak and this exploit is patched on iOS 5.0.1. If you like many are seeking to use an untethered jailbreak, it would be wise to stay on iOS 5.0 because thats where the untethered jailbreak will be. For those of you who accidentally upgraded or unknowingly upgraded to iOS 5.0.1 you may be wondering how to downgrade back to iOS 5.0. In this case, you may downgrade if you have an SHSH previously saved. To do so, follow the procedure outlined below:
Required Files and Software
- Latest version of TinyUmbrella (Mac) (Windows)
- Redsn0w 0.9.9b8 (Mac) (Windows)
- iOS 5.0 Saved SHSH (needed from before)
- iTunes (latest)
- iOS5 IPSW (iPhone 3GS, iPhone 4, iPad, iPod Touch 3G, iPod Touch 4G)
Downgrade iOS 5.0.1 To iOS 5.0 With Saved SHSH
- Connect your iPhone to your computer and open TinyUmbrella.
- Click on Save SHSH (the iOS 5 SHSH will only show if you have it saved previously). Once saved, close TinyUmbrella.
- Open RedSn0w 0.9.9b8 and go to Extras > SHSH Blobs > then click Submit (it will open a window). Here, browse to the Saved SHSH file (which is in the directory C:/User/Acount Name/.shsh folder. (the saved SHSH file for iOS 5.0)
- After submitting it, you will see the Blobs Submission Report.
- Now click on Stitch, give it the same SHSH file (which you previously submitted) and give the SHSH file, then the iOS 5.0 IPSW file. Wait for it to complete.
- Now open TinyUmbrella and go to the Advanced tab. Here, check all the boxes and then close it.
- Now restore the Stitched IPSW file with iTunes in DFU mode.
Voila – you’re done! At this point we would recommend staying on iOS 5.0 and waiting for further news from the jailbreak community devs.
For those of you who do NOT have an SHSH file saved, you are currently out of luck. If you are on iOS 5.0.1, your current option is to jailbreak utilizing RedSn0w 0.9.9b8 or Sn0wbreeze 2.8b11. This jailbreak will be a tethered jailbreak, which means that you will have to connect your iOS device to your computer and “just boot” utilizing the software for every time you need to boot. You can download BigBoss’s Semi-Tether package from Cydia to help ease the pain of a tethered jailbreak. The Semi-Tether allows you to boot your iOS device and use all the stock applications until you can “just boot” with your computer as opposed to being stuck on the boot logo. As of right now, it is a decent alternative to allow you to use your iOS device for main functions.
First and foremost, everyone knows by know that JailbreakMe 3.0 was released by Comex recently. It is a userland jailbreak, which requires no USB connection, software installation, IPSW download, or any of the other things some people consider to be tedious. This specific jailbreak tool is one of the easiest for many beginners to use to jailbreak their device but it is these users who don’t follow other advice recommended from the jailbreak community to help secure their iOS device from vulnerabilities left open to exploit.
It is important for people to know to save their iOS 4.3.3 SHSH blobs to allow for the option to downgrade after Apple releases iOS 4.3.4 (which is bound to be released very soon). To do this, it is recommended that users download the Tiny Umbrella software released by notcom and save their SHSH blob. When doing this procedure it is important to note that the ‘Request SHSH from Cydia’ must be unchecked under the Advanced settings. For iPad 2 users, the iPhone Dev Team mentioned the following in their blog post:
But if you have the GSM or CDMA iPad2, you won’t be able to restore to 4.3.3 or lower once Apple stops signing its baseband. There are a few ideas that might work to get around this limitation, but for now it’s best to assume there’s no going back to 4.3.3 once 4.3.4 is out for iPad2 GSM or CDMA owners.
Official Site: Tiny Umbrella
The other thing to know for users who have used JailbreakMe 3.0 is that the devs recommend patching the PDF exploit used in the jailbreak. This can be done by downloading and installing “PDF Patcher 2″ from Cydia after utilizing JailbreakMe 3.0. This will patch the exploit leaving your device secure and insusceptible to further exploits using the same hole.
Don’t be like the many clueless jailbreakers out there and spread the word to as many people so they have a more secure iOS device.
Our JailbreakMe page has been updated accordingly.
Earlier this morning, one of the JailbreakMe 3.0 beta testers leaked the pdf files for the jailbreak tool. @Paulpols was amongst the first to discover and tweet about it. He mentioned the following on Twitter:
The iPad 2 jailbreak for iOS 4.3 was leaked. Possibly Wi-Fi only. Not recommended & use at your own risk. • Available @ ipad2jailbreakpdf.weebly.com
Shortly after this incident, the whole set of unverified files for the iPad, iPhone, and iPod on different iOS versions were released. Many users were ashamed of the release as it really hurts the jailbreak community. @veeence mentioned that the person to leak the files was @MultiMediaWill. Ryan Lobbins was the one to originally host it on his site and then Will specifically hosted the iPad 2 file on his site and leaked it, according to what the word going is stating. @chpwn further mentioned that the leaked version of the iPad 2 pdf (which is to jailbreak the iPad 2) was so broken and unstable that @saurik told @comex to tell everyone to not use it if it was released. @i0n1c mentioned how the tool is probably being patched by Apple already and iOS 4.3.4 is probably going to be released soon to avoid people from jailbreaking their devices. This was mentioned in the following tweet:
An iPad2 4.3jB via PDF was leaked to the masses.that means Apple will reverse the xploit tonight and 4.3.4 will kill the jb before it is out
Apple is said to be more worried about the PDF crash as it crashes Safari on iOS 4.3.3, meaning that the vulnerability is still valid and is the same one used in the jailbreak. Furthermore, it shows that all their iDevices can be rooted remotely, hence iOS 4.3.4.The Apple employees are probably hard at work dissecting the code used behind @comex’s jailbreak method. It has been said that Apple has been anticipating the release of JailbreakMe 3.0 for weeks and has the appropriate teams (PDF Dev Team, Kernel Team and Exploit Reversers) ready to help patch the exploit involved. @comex was obviously not happy about the situation when he found out someone used a dictionary attack and leaked a buggy version of his jailbreak, putting him on what he felt was a useless time limit. He is hoping that the time limit he is put on isn’t too short and that he can work on a functional release candidate for his JailbreakMe 3.0 tool before Apple patches it. It is advised that if you are seeking to utilize the tool to jailbreak your iOS device, that you save the SHSH blobs for 4.3.3 using the TinyUmbrella software:
If you are waiting on the official JailbreakMe.com: save your iOS 4.3.3 SHSHs regardless of your current iOS version: thefirmwareumbrella.blogspot.com
Leaks are mentioned to be worse in the iOS 5.0 days but what is most important is what @iH8sn0w said best in his tweet that mentioned the following:
It really is a shame that someone leaked materials regarding the JailbreakMe 3.0 jailbreak tool as now it is forcing @comex to work at a faster pace to get his tool out before Apple patches it. The leaker not only didn’t have the right to release someone’s hard work but also didn’t think very carefully about how he is jeopardizing all the hard work and putting a countless number of users at risk of being unable to jailbreak their iOS device due to Apple working on a patch for the exploit used. Reasons such as this is why developers and hackers get frustrated and deterred from the scene.
You can also stay up to date by checking out our JailbreakMe page.