iOS Downgrading

Futurerestore Windows:

Steps to follow:

FUTURERESTORING WITH WINDOWS:
0. You will need iTunes 12.4.3 from: Here
1. Download Zadig, Gaster and Futurerestore Windows
2. Get the device in DFU
3. Select device in DFU and replace the driver with LibUSBK
4. Use Gaster
5. Replace the driver to WINUSB again with Zadig
6. Go to device manager and delete the DFU driver
7. Scan for changes and now iTunes should detect your device. If not use Windows Update to get Apple USB driver.
8. Run Futurerestore with --use-pwndfu --set-nonce and all other flags and it will get stuck at red screen or in recovery mode with error to "unable to find device".
9. Again go to device manager and delete iBoot driver.
10. Again scan for new changes.
11. Now re-run Futurerestore without --use-pwndfu and --set-nonce but keep other flags. 
12. The restore will proceed and succeed. 

Futurerestore Linux/MacOS:

Turdus Merula Linux:

Step-by-Step Guide for Linux:

Downgrading iOS without SHSH Blobs

A10/A10X Downgrade Guide:


Installing Dependencies:
Open a new terminal and run:
  • sudo apt update -y
  • sudo apt install libusb-1.0-0-dev libusbmuxd-tools libimobiledevice-utils usbmuxd libimobiledevice6 -y
---
Preparing Files:
1. Extract the Turdus Merula archive.
2. Locate the following binaries in the extracted folder:
  • ra1n_libusb
  • idevicerestore
Now, make them executable by running the following commands in a terminal:
  • sudo chmod +x <drag ra1n_libusb binary here>
  • sudo chmod +x <drag idevicerestore binary here>
Tip: Just drag the binary files into the terminal window after typing the command.
---
Starting/Restarting USBMUXD:
In a new terminal type these commands one by one:
  • sudo systemctl stop usbmuxd
  • sudo usbmuxd -p -f
Leave this terminal minimized.
---
Prepare the Device:
1. Connect your device to your Linux PC.
2. Place the device into DFU mode.
3. In terminal, run:
  • sudo ./ra1n_libusb -ED
Wait for it to complete. This places the device into Pwned DFU mode.
---
Restoring the Device:
1. Once again, place the device into DFU mode.
2. Run the restore command:
  • sudo ./idevicerestore -o <path-to-your.ipsw>
> Replace `<path-to-your.ipsw>` with the path to your IPSW file.  
> You can drag the IPSW file into the terminal to automatically paste its path.
Wait for the restore to finish.
---
Booting the Device:
1. Re-enter DFU mode.
2. Run the boot command:
  • sudo ./ra1n_libusb -t <iBoot.img4> -i <signed-SEP.img4> -p <target-SEP.im4p>
>  These files are generated in the `img4` folder after restore in the same directory.  
> Open the folder and drag the appropriate `.img4` files into the terminal to complete the command easily.
---
Done! Your device should now boot the target iOS version.
-------------------------------------------------------------

A9/A9x Downgrade Guide:

(Install Deps, Restart USBMUXD & "Chmod" files as above)

Step 1: Enter Pwned DFU Mode
  • sudo ./ra1n_libusb -ED
> This will place your device into Pwned DFU mode.

Step 2: Generate the SHC block from your target IPSW
  • sudo ./idevicerestore --get-shcblock [path_to_ipsw]
> Replace [path_to_ipsw] with the full path to your downloaded IPSW file.
> A file will be created inside the "block" folder of Turdus Merula.

Step 3: Re-enter Pwned DFU Mode
  • sudo ./ra1n_libusb -ED
> Your device will be in recovery mode after the SHC block was generated, so you must re-enter Pwned DFU mode again before proceeding.

Step 4: Generate the PTE block using the SHC block
  • sudo ./idevicerestore --get-pteblock --load-shcblock [path_to_shcblock] [path_to_ipsw]
> This creates the PTE block required for restoring without SHSH blobs.
> Replace [path_to_shcblock] with the path to the SHC block file from the "block" folder, and [path_to_ipsw] with the IPSW again.

Step 5: Re-enter Pwned DFU Mode again
  • sudo ./ra1n_libusb -ED
> The device likely will be in recovery mode, you'll need to go back into Pwned DFU mode.

Step 6: Begin the downgrade using the PTE block
  • sudo ./idevicerestore -o --load-pteblock [path_to_pteblock] [path_to_ipsw]
> This initiates the actual restore process.
> Replace [path_to_pteblock] with the path to the PTE block file from "block" folder, and [path_to_ipsw] as before.

> After restoring, your device will go into recovery mode. Enter DFU mode again and run this tethered boot command using the PTE block.
Step 7: Perform the tethered boot after downgrade
  • sudo ./ra1n_libusb -TP [path_to_pteblock]
> PTEblock file should be in the "block" folder of Turdus Merula.
Done! Your device should now boot the target iOS version.

Disclaimer: The content available on this website is for educational and informational purposes only. This website does not provide, advise or cause any loss or damage to the viewer and all of the content is intended for educational purposes only under fair use. I do not intend to promote stealing or to promote illegal activities. Jailbreaking is 100% legal and is covered under the Digital Millennium Copyright Act (DMCA). Under this act, you can Jailbreak your device legally. On this website, nothing illicit is shown and does not promote piracy. In Copyright Disclaimer Under Section 107 of the Copyright Act 1976 allowance is made for "fair use" for purposes such as criticism, comment, news reporting, teaching, scholarship, and research. Fair use is a use permitted by copyright statute that might otherwise be infringing. Non-profit, educational or personal use tips the balance in favor of fair use.

2 comments:

  1. Anonymous4 February 2025 at 18:14

    Bro iphone 8 hai os ko downgrade kerna hai ap ker k dey sakty hai keiya ???

    ReplyDelete

Subscribe to: Posts (Atom)