User Tag List

  1. iPhooey's Avatar
    Thanks, Zokunei that's exactly what I was looking for, however when I run the jar file, at the stage where it's supposed to send the syringe exploit and load the Ramdisk, it simply kicks it out of DFU mode back into normal.

    So I tried copying the files created in my temp/ssh_rd folder, and manually running tetheredboot.exe -i [iBSS dfu file] -k [kernel file] -r [ramdisk]

    This happens:
    Code:
    Initializing libpois0n
    ERROR: The process "iTunes.exe" not found.
    ERROR: The process "iTunesHelper.exe" not found.
    Waiting for device to enter DFU mode
    Device must be in DFU mode to continue
    Device must be in DFU mode to continue
    Device must be in DFU mode to continue
    Device must be in DFU mode to continue
    Device must be in DFU mode to continue
    And yes, of course it's in DFU mode, but shouldn't tetheredboot be sending the syringe exploit, instead of libpois0n? How do I force it to use the correct exploit? Or could there be another reason why it's not communicating with the device?
    2013-10-18 11:42 PM
  2. Zokunei's Avatar
    I don't know exactly how tetheredboot works, but it sounds like it's looking for iTunes. Maybe you're supposed to have iTunes running when you run it?
    2013-10-19 01:08 AM
  3. DC_Dave's Avatar
    Just a though, you aren't using iTunes 11.1? iH8sn0w's blog says stay away from this version.
    iH8sn0w.com
    2013-10-19 09:07 AM
  4. freddybob's Avatar
    You guys are really great. I sure wish there is something I can do for you some day. I have not heard of this but will start the search for it. Thanks Zokunei.



    I did get most of the way through the iFaith method and 'something happened' - I will have to dig out notes and give that another shot because I can't remember. I am trying the dd command today and also the make_no_erase_ipsw for iOS7 if I can figure that out. I think I just need to find an iOS7 IPSW - hopefully on that IPSW site I got the original iOS6 one.

    Thanks again men. I will report back later today.
    Hey iP4Nub, hopefully you've got this sorted by now but I ran into a similar problem tonight with mounting issues using the same program that you're using. Try using:

    mount -t hfs -r /dev/disk0s1s1 /mnt1

    This will force it to mount in read only, found this from this website Mount a trashed hard drive using Target Disk mode - Mac OS X Hints
    2013-10-21 04:37 PM
  5. iPhooey's Avatar
    I took your suggestion, Zokunei, and ran tetheredboot while iTunes is running.

    Code:
    C:\RD>tetheredboot.exe -i iBSS.n81ap.RELEASE.dfu -k kernelcache.release.n81 -r 0
    38-4361-021.dmg
    Initializing libpois0n
    Waiting for device to enter DFU mode
    Found device in DFU mode
    Checking if device is compatible with this jailbreak
    Checking the device type
    Identified device as iPod4,1
    Preparing to upload limera1n exploit
    Resetting device counters
    Sending chunk headers
    Sending exploit payload
    Sending fake data
    Exploit sent
    Reconnecting to device
    Waiting 2 seconds for the device to pop up...
    Uploading iBSS.n81ap.RELEASE.dfu to device
    [==================================================] 100.0%
    Waiting 10 seconds for the device to pop up...
    Uploading ramdisk 038-4361-021.dmg to device
    [===                                               ] 5.1%Unable to upload ramdis
    k
    Unable to upload data to device
    
    C:\RD>
    It errors out at 5.1%, arrgh. :/
    2013-10-21 08:40 PM
  6. iPhooey's Avatar
    I feel like I'm getting close again, I'm getting the same (or very similar) error that Gecko iPhone toolkit gave, about a file called _AMRecoveryModeDevice
    Code:
    c:\RD>itunnel_mux.exe --devicetree DeviceTree.n81ap.img3 --kernelcache kernelcac
    he.release.n81 --ramdisk 038-4361-021.dmg
    [ERROR] locate_AMRecoveryModeDeviceSendFileToDevice: Could not locate function p
    rolog!
    [INFO] Waiting for a device in Recovery mode to connect..
    What exactly does this mean?
    2013-10-22 04:50 PM
  7. iPhooey's Avatar
    Let's go back to square one, --the furthest I've gotten was when GIT booted it's ramdisk in Redsn0w, and I was able to successfully load the Ramdisk.

    So let's approach the problem from this angle: Why does PuTTY hang when trying to connect?

    Just out of curiosity, is this the method that Gecko iPhone toolkit is more or less based on?

    Currently I'm trying to recover data from my iPod Touch 4G.

    Gecko iPhone Toolkit loads up it's Ramdisk and my iPod displays
    Code:
    listening port 1999 and running /sbin/sshd
    I try connecting with PuTTY to localhost:2222, doesn't work. I get "Network error: Connection refused".

    EDIT:
    Apperently, GIT doesn't usbmux to forward the ports until you run their bruteforce script (which I don't want to do because I'm not trying to crack my passcode, I'm just recovering data).

    So I used itunnelmux.exe --lport 22

    Code:
    C:\Users\Owner\Downloads\itunnel_mux_rev71>itunnel_mux.exe --lport 22
    [ERROR] locate_AMRecoveryModeDeviceSendFileToDevice: Could not locate function p
    rolog!
    [INFO] Waiting for new TCP connection on port 22
    [INFO] Waiting for device...
    [INFO] Device connected: ramdisk tool Dec  1 2011 14:40:41
    At this point I run PuTTY, pointing it to localhost and port 22, this time it doesn't refuse the conection, but the itunnelmux windows says this:

    Code:
    [INFO] Info: New connection...
    [ERROR] AMDeviceConnect = -402653083
    [ERROR] Error: Device Connect
    And of course PuTTY just hangs
    2013-10-23 08:04 PM
  8. newacct's Avatar
    I am able to SSH into my iPhone. However, I cannot find any disks. Any suggestions? The phone is on iOS 7 if that makes any difference.

    Code:
    -sh-4.0# ls /dev/disk0s1
    ls: cannot access /dev/disk0s1: No such file or directory
    -sh-4.0# ls /dev/disk0s1s1
    ls: cannot access /dev/disk0s1s1: No such file or directory
    -sh-4.0# ls /dev/disk0s2s1
    ls: cannot access /dev/disk0s2s1: No such file or directory
    In fact, there are no "disk*" files in /dev at all:
    Code:
    -sh-4.0# ls /dev
    aes_0
    bpf0
    bpf1
    bpf2
    bpf3
    btreset
    btwake
    console
    cu.bluetooth
    cu.builtin-serial4
    cu.debug
    cu.gas-gauge
    cu.highland-park
    cu.iap
    cu.umts
    fsevents
    klog
    md0
    mux.spi-baseband
    null
    pf
    ptmx
    ptyp0
    ptyp1
    ptyp2
    ptyp3
    ptyp4
    ptyp5
    ptyp6
    ptyp7
    ptyp8
    ptyp9
    ptyp1
    ptypb
    ptypc
    ptypd
    ptype
    ptypf
    random
    rmd0
    tty
    tty.bluetooth
    tty.builtin-serial4
    tty.debug
    tty.gas-gaugh
    tty.highland-park
    tty.iap
    tty.umts
    ttyp0
    ttyp1
    ttyp2
    ttyp3
    ttyp4
    ttyp5
    ttyp6
    ttyp7
    ttyp8
    ttyp9
    ttypa
    ttypb
    ttypc
    ttypd
    ttype
    ttypf
    ttys000
    uart.bluetooth
    uart.builtin-serial4
    uart.debug
    uart.gas-gauge
    uart.highland-park
    uart.iap
    uart.umts
    urandom
    vn0
    vn1
    zero
    2013-12-14 09:43 PM
  9. Kolido's Avatar
    Would this process fix an ipod touch 4g which is not turning on and sticks on waiting for ipod when restoring in iTunes. The device is not detected in my computer and I have no other access to it.
    2013-12-30 05:33 PM
  10. Zokunei's Avatar
    Would this process fix an ipod touch 4g which is not turning on and sticks on waiting for ipod when restoring in iTunes. The device is not detected in my computer and I have no other access to it.
    It could fix it if you have an idea of what's causing the problem and can fix it by accessing the file system.
    2013-12-30 05:36 PM
  11. giorgosh's Avatar
    Will it work for iOS7 and iPhone 5S?
    2014-03-05 07:21 AM
  12. GreenMagic's Avatar
    I cannot get the Automatic Ramdisk tool from Msftguy to work.
    Originally ATT iphone 4. iOS 5.1.1. Jailbroken with Redsn0w and unlocked it and ran with T Mo. For a year.
    Phone crashed and boot loop problem.
    I can get thru automatic ramdisk tool until "almost there..." Pops up, and then iphone goes right back into its cycling infinite boot loop. Apple logo on for 2-5 seconds, dies / goes black 5 sec, logo back on 2-5 second goes black,repeat, repeat, repeat. I can leave it like that an Automatic Ramdisk method will never finish. I need data off this phone to save.
    Damn phone stuck for 2 months or more now. Anyone have any tips?
    Do I need to make a custom ipsw for 5.1.1 and / or use the older version non automatic ramdisk tool?
    Anyone here use the msftguy automatic ramdisk tool Jar file with iOS 5.x??
    Anyone use ibeej tool? Thanks.
    Last edited by GreenMagic; 2014-05-10 at 06:59 PM.
    2014-05-06 09:20 PM
  13. TheScreamerBoy's Avatar
    Hello! I hope this still works. I have an iPod Touch 4 with iOS 6.1.6. So I wake up in the mornin (iPod works fine) go to the kitchen, go back to my room and iPod is in some weird reboot crash loop. Hopefully there's nothing inside that actually broke. But I'm starting to think that it's a hardware issue rather than a software one. well... HELP!!!!
    2018-03-24 06:02 PM
  14. TheScreamerBoy's Avatar
    I cannot get the Automatic Ramdisk tool from Msftguy to work.
    Originally ATT iphone 4. iOS 5.1.1. Jailbroken with Redsn0w and unlocked it and ran with T Mo. For a year.
    Phone crashed and boot loop problem.
    I can get thru automatic ramdisk tool until "almost there..." Pops up, and then iphone goes right back into its cycling infinite boot loop. Apple logo on for 2-5 seconds, dies / goes black 5 sec, logo back on 2-5 second goes black,repeat, repeat, repeat. I can leave it like that an Automatic Ramdisk method will never finish. I need data off this phone to save.
    Damn phone stuck for 2 months or more now. Anyone have any tips?
    Do I need to make a custom ipsw for 5.1.1 and / or use the older version non automatic ramdisk tool?
    Anyone here use the msftguy automatic ramdisk tool Jar file with iOS 5.x??
    Anyone use ibeej tool? Thanks.
    Does you screen go completely white before going black for 5 sec? Cause I think we have the same problem. (As you can see in my last post.)
    Last edited by TheScreamerBoy; 2018-03-25 at 03:04 AM.
    2018-03-24 06:07 PM
274 ... 4121314
LINK TO POST COPIED TO CLIPBOARD