API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Sep 26th, 2022
70
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 8.19 KB | None | 0 0
raw download clone embed print report
  1. palera1n | Version 1.0.0
  2. Written by Nebula | Some code and ramdisk from Nathan | Patching commands and help from Mineek | Loader app by Amy
  3.  
  4. [*] Getting device info...
  5. [*] Pwning device
  6. usb_timeout: 5
  7. [libusb] Waiting for the USB handle with VID: 0x5AC, PID: 0x1227
  8. CPID:8003 CPRV:01 CPFM:03 SCEP:01 BDID:10 ECID:000109EE380B60A6 IBFL:1C SRTG:[iBoot-2234.0.0.2.22]
  9. Found the USB handle.
  10. Stage: RESET
  11. ret: true
  12. [libusb] Waiting for the USB handle with VID: 0x5AC, PID: 0x1227
  13. CPID:8003 CPRV:01 CPFM:03 SCEP:01 BDID:10 ECID:000109EE380B60A6 IBFL:1C SRTG:[iBoot-2234.0.0.2.22]
  14. Found the USB handle.
  15. Stage: SETUP
  16. ret: true
  17. [libusb] Waiting for the USB handle with VID: 0x5AC, PID: 0x1227
  18. CPID:8003 CPRV:01 CPFM:03 SCEP:01 BDID:10 ECID:000109EE380B60A6 IBFL:1C SRTG:[iBoot-2234.0.0.2.22]
  19. Found the USB handle.
  20. Stage: PATCH
  21. ret: true
  22. [libusb] Waiting for the USB handle with VID: 0x5AC, PID: 0x1227
  23. CPID:8003 CPRV:01 CPFM:03 SCEP:01 BDID:10 ECID:000109EE380B60A6 IBFL:1C SRTG:[iBoot-2234.0.0.2.22] PWND:[gaster]
  24. Found the USB handle.
  25. Now you can boot untrusted images.
  26. [*] Converting blob
  27. img4tool version: 0.197-aca6cf005c94caf135023263cbb5c61a0081804f-RELEASE
  28. Compiled with plist: YES
  29. Extracted IM4M to work/IM4M
  30. [*] Downloading BuildManifest
  31. Version: 3fc8c093f4660f6c6e07c0c9214618733da01ffc - 36
  32. libfragmentzip version: 0.60-120447d0f410dffb49948fa155467fc5d91ca3c8
  33. init pzb: https://updates.cdn-apple.com/2022SpringFCS/fullrestores/012-07139/A5D0A6E7-CED5-43A6-841A-ED420B0FBDFD/iPad_64bit_TouchID_ASTC_15.5_19F77_Restore.ipsw
  34. init done
  35. getting: BuildManifest.plist
  36. 100% [===================================================================================================>]
  37. download succeeded
  38. [*] Downloading and decrypting iBSS
  39. Version: 3fc8c093f4660f6c6e07c0c9214618733da01ffc - 36
  40. libfragmentzip version: 0.60-120447d0f410dffb49948fa155467fc5d91ca3c8
  41. init pzb: https://updates.cdn-apple.com/2022SpringFCS/fullrestores/012-07139/A5D0A6E7-CED5-43A6-841A-ED420B0FBDFD/iPad_64bit_TouchID_ASTC_15.5_19F77_Restore.ipsw
  42. init done
  43. getting: Firmware/dfu/iBSS.j71t.RELEASE.im4p
  44. 100% [===================================================================================================>]
  45. download succeeded
  46. usb_timeout: 5
  47. [libusb] Waiting for the USB handle with VID: 0x5AC, PID: 0x1227
  48. CPID:8003 CPRV:01 CPFM:03 SCEP:01 BDID:10 ECID:000109EE380B60A6 IBFL:1C SRTG:[iBoot-2234.0.0.2.22] PWND:[gaster]
  49. Found the USB handle.
  50. Now you can boot untrusted images.
  51. [libusb] Waiting for the USB handle with VID: 0x5AC, PID: 0x1227
  52. Found the USB handle.
  53. [*] Downloading and decrypting iBEC
  54. Version: 3fc8c093f4660f6c6e07c0c9214618733da01ffc - 36
  55. libfragmentzip version: 0.60-120447d0f410dffb49948fa155467fc5d91ca3c8
  56. init pzb: https://updates.cdn-apple.com/2022SpringFCS/fullrestores/012-07139/A5D0A6E7-CED5-43A6-841A-ED420B0FBDFD/iPad_64bit_TouchID_ASTC_15.5_19F77_Restore.ipsw
  57. init done
  58. getting: Firmware/dfu/iBEC.j71t.RELEASE.im4p
  59. 100% [===================================================================================================>]
  60. download succeeded
  61. usb_timeout: 5
  62. [libusb] Waiting for the USB handle with VID: 0x5AC, PID: 0x1227
  63. CPID:8003 CPRV:01 CPFM:03 SCEP:01 BDID:10 ECID:000109EE380B60A6 IBFL:1C SRTG:[iBoot-2234.0.0.2.22] PWND:[gaster]
  64. Found the USB handle.
  65. Now you can boot untrusted images.
  66. [libusb] Waiting for the USB handle with VID: 0x5AC, PID: 0x1227
  67. Found the USB handle.
  68. [*] Downloading DeviceTree
  69. Version: 3fc8c093f4660f6c6e07c0c9214618733da01ffc - 36
  70. libfragmentzip version: 0.60-120447d0f410dffb49948fa155467fc5d91ca3c8
  71. init pzb: https://updates.cdn-apple.com/2022SpringFCS/fullrestores/012-07139/A5D0A6E7-CED5-43A6-841A-ED420B0FBDFD/iPad_64bit_TouchID_ASTC_15.5_19F77_Restore.ipsw
  72. init done
  73. getting: Firmware/all_flash/DeviceTree.j71tap.im4p
  74. 100% [===================================================================================================>]
  75. download succeeded
  76. [*] Downloading trustcache
  77. Version: 3fc8c093f4660f6c6e07c0c9214618733da01ffc - 36
  78. libfragmentzip version: 0.60-120447d0f410dffb49948fa155467fc5d91ca3c8
  79. init pzb: https://updates.cdn-apple.com/2022SpringFCS/fullrestores/012-07139/A5D0A6E7-CED5-43A6-841A-ED420B0FBDFD/iPad_64bit_TouchID_ASTC_15.5_19F77_Restore.ipsw
  80. init done
  81. getting: Firmware/078-12488-106.dmg.trustcache
  82. 100% [===================================================================================================>]
  83. download succeeded
  84. [*] Downloading kernelcache
  85. Version: 3fc8c093f4660f6c6e07c0c9214618733da01ffc - 36
  86. libfragmentzip version: 0.60-120447d0f410dffb49948fa155467fc5d91ca3c8
  87. init pzb: https://updates.cdn-apple.com/2022SpringFCS/fullrestores/012-07139/A5D0A6E7-CED5-43A6-841A-ED420B0FBDFD/iPad_64bit_TouchID_ASTC_15.5_19F77_Restore.ipsw
  88. init done
  89. getting: kernelcache.release.ipad6f
  90. 100% [===================================================================================================>]
  91. download succeeded
  92. [*] Patching and repacking iBSS/iBEC
  93. main: Starting...
  94. iOS 15 iBoot detected!
  95. getting get_sigcheck_patch() patch
  96. applying patch=0x18038e518 : 000080d2
  97. applying patch=0x18038e4d4 : 000080d2
  98. main: Writing out patched file to iBSS.patched...
  99. main: Quitting...
  100. main: Starting...
  101. iOS 15 iBoot detected!
  102. getting get_boot_arg_patch(-v keepsyms=1 debug=0xfffffffe panic-wait-forever=1 wdt=-1) patch
  103. getting get_debug_enabled_patch() patch
  104. getting get_sigcheck_patch() patch
  105. applying patch=0x87000fed8 : 000080d2
  106. applying patch=0x87000fe94 : 000080d2
  107. applying patch=0x870011a9c : 200080d2
  108. applying patch=0x870013008 : 9a950610
  109. applying patch=0x8700202b8 : 2d76206b65657073796d733d312064656275673d307866666666666666652070616e69632d776169742d666f72657665723d31207764743d2d3100
  110. main: Writing out patched file to iBEC.patched...
  111. main: Quitting...
  112. none
  113. none
  114. [*] Patching and converting kernelcache
  115. Reading work/kernelcache.release.ipad6f...
  116. [NOTE] Image4 payload data is LZSS compressed, decompressing...
  117. Extracted extra Image4 payload data: to work/kpp.bin.
  118. Extracted Image4 payload data to: work/kcache.raw
  119. main: Starting...
  120. Kernel: Adding AMFI_get_out_of_my_way patch...
  121. get_amfi_out_of_my_way_patch: Entering ...
  122. get_amfi_out_of_my_way_patch: Kernel-8020 inputted
  123. get_amfi_out_of_my_way_patch: Found Internal Error: No cdhash found. str loc at 0x9630fa
  124. get_amfi_out_of_my_way_patch: Found Internal Error: No cdhash found. str ref at 0x105cc64
  125. get_amfi_out_of_my_way_patch: Patching AMFI at 0x10582a8
  126. Kernel: Adding could_not_authenticate_personalized_root_hash patch...
  127. get_could_not_authenticate_personalized_root_hash_patch: Entering ...
  128. get_could_not_authenticate_personalized_root_hash_patch: Found "successfully validated on-disk root hash" str loc at 0xd21409
  129. get_could_not_authenticate_personalized_root_hash_patch: Found "successfully validated on-disk root hash" xref at 0x1cce84c
  130. get_could_not_authenticate_personalized_root_hash_patch: Found previous cbz at 0x1cce828
  131. get_could_not_authenticate_personalized_root_hash_patch: Found "could not authenticate personalized root hash!" str loc at 0xd2135e
  132. get_could_not_authenticate_personalized_root_hash_patch: Found "could not authenticate personalized root hash!" xref at 0x1cce924
  133. get_could_not_authenticate_personalized_root_hash_patch: Found cbz target at 0x1cce904
  134. get_could_not_authenticate_personalized_root_hash_patch: Patching root hash check at 0x1cce904
  135. main: Writing out patched file to work/kcache.patched...
  136. main: Quitting...
  137. Reading work/kcache.patched...
  138. Reading extra: work/kpp.bin...
  139. Compressing payload using LZSS...
  140. IM4P outputted to: work/krnlboot.im4p
  141. Reading work/krnlboot.im4p...
  142. Reading work/IM4M...
  143. Creating Image4...
  144. Image4 file outputted to: boot-iPad6,11/kernelcache.img4
  145. [*] Converting DeviceTree
  146. dtre
  147. [*] Patching and converting trustcache
  148. trst
  149. none
  150. [*] Booting device
  151. [==================================================] 100.0%
  152. [==================================================] 100.0%
  153. [==================================================] 100.0%
  154. [==================================================] 100.0%
  155. [==================================================] 100.0%
  156. [==================================================] 100.0%
  157.  
  158. Done!
  159. The device should now boot to iOS
  160. If you already have ran palera1n, click Do All in the tools section of Pogo
  161. If not, Pogo should be installed to Tips
  162.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!