Download and parse ipsw(s) from ipsw.me or theiphonewiki.com
$ brew install blacktop/tap/ipswDownload from releases
$ docker pull blacktop/ipsw$ ipsw --help
Download and Parse IPSWs
Usage:
ipsw [command]
Available Commands:
completion Generates bash completion scripts
device Parse DeviceTree
download Download and parse IPSW(s) from the internets
dyld Parse dyld_shared_cache
extract Extract kernelcache, dyld_shared_cache or DeviceTree from IPSW
help Help about any command
kernel Parse kernelcache
version Print the version number of ipsw
Flags:
--config string config file (default is $HOME/.ipsw.yaml)
-h, --help help for ipsw
-V, --verbose verbose output
Use "ipsw [command] --help" for more information about a command.$ ipsw download --device iPhone11,2 --build 16A366
β’ Getting IPSW build=16A366 device=iPhone11,2 signed=true version=12.0
3.4 GiB / 3.4 GiB [==========================================================| 00:00 ] 79.08 MiB/s
β’ verifying sha1sum...
$ ipsw extract --kernel iPhone11,2_12.0_16A366_Restore.ipsw
β’ Extracting Kernelcache from IPSW
β’ Parsing Compressed Kernelcache
β’ compressed size: 17842843, uncompressed: 35727352. unknown: 0x3f9543fd, unknown 1: 0x1
β’ Decompressing KernelcacheNotice that the kernelcache was extracted from the ipsw and decompressed π
$ file kernelcache.release.iphone11.decompressed
kernelcache.release.iphone11.decompressed: "Mach-O 64-bit executable arm64"$ ipsw download --version 12.0
? You are about to download 17 ipsw files. Continue? Yes
β’ Getting IPSW build=16A366 device=iPhone11,4 signed=true version=12.0
3.3 GiB / 3.3 GiB [==========================================================| 00:00 ] 59.03 MiB/s
β’ verifying sha1sum...
β’ Getting IPSW build=16A366 device=iPod7,1 signed=true version=12.0
734.7 MiB / 2.6 GiB [===============>------------------------------------------| 00:57 ] 44.84 MiB/s
...Queries iTunes XML for latest version (maybe run this as a cron job) π
$ ipsw download -V latest --yes --black-list AppleTV --black-list iPod7,1
β’ Latest iOS release found is: "12.4.1"
β’ "Yo, ain't no one jailbreaking this shizz NOT even Ian Beer my dude!!!! π"
β’ Getting IPSW build=16G77 device=iPhone6,2 version=12.4.1
363.0 MiB / 2.9 GiB [======>-----------------------------------------------| 18:52 ] 49.18 MiB/s
...NOTE: you must do one device type/family per
--black-listor--white-listflag
To grab only the iPods
$ ipsw download -V latest --yes --white-list ipod
β’ Latest iOS release found is: "12.4.1"
β’ "Yo, ain't no one jailbreaking this shizz NOT even Ian Beer my dude!!!! π"
β’ Getting IPSW build=16G77 device=iPod9,1 version=12.4.1
363.0 MiB / 2.9 GiB [======>-----------------------------------------------| 18:52 ] 49.18 MiB/s
...Single kernelcache
ipsw download kernel --device iPhone11,2 --build 16B92All of dem!!!
$ time ipsw download kernel --version 12.0.1
"8.40s user 1.19s system 53% cpu 17.784 total"That's 14 decompressed kernelcaches in under 9 seconds π
$ ls -1
kernelcache.release.ipad4b.decompressed
kernelcache.release.ipad5b.decompressed
kernelcache.release.ipad6b.decompressed
kernelcache.release.ipad6d.decompressed
kernelcache.release.ipad6f.decompressed
kernelcache.release.ipad7.decompressed
kernelcache.release.iphone10b.decompressed
kernelcache.release.iphone11.decompressed
kernelcache.release.iphone11b.decompressed
kernelcache.release.iphone7.decompressed
kernelcache.release.iphone8b.decompressed
kernelcache.release.iphone9.decompressed
kernelcache.release.j42d.decompressed
kernelcache.release.n102.decompressedBut, how does it work?? π€ With the POWER πͺ of partialzip !!
This will download and decompress the kernelcache for an iPhone XS running iOS 12.1 behind a corporate proxy
$ ipsw download --proxy http://proxy.org:[PORT] --device iPhone11,2 --build 16B92To disable cert verification
$ ipsw download --insecure --device iPhone11,2 --build 16B92$ ipsw extract --kernel iPhone11,2_12.0_16A366_Restore.ipswmacOS
$ ipsw extract --dyld iPhone11,2_12.0_16A366_Restore.ipsw
β’ Extracting dyld_shared_cache from IPSW
β’ Mounting DMG
β’ Extracting System/Library/Caches/com.apple.dyld/dyld_shared_cache_arm64e to dyld_shared_cache
β’ Unmounting DMGdockerπ
$ docker run --init -it --rm \
--device /dev/fuse \
--cap-add=SYS_ADMIN \
-v `pwd` :/data \
blacktop/ipsw -V extract --dyld iPhone11_2_12.4.1_16G102_Restore.ipswExtract WebKit version from dyld_shared_cache
$ ipsw dyld webkit dyld_shared_cache
β’ WebKit Version: 607.2.6.0.1Split up a dyld_shared_cache
$ ipsw dyld split dyld_shared_cache
β’ Splitting dyld_shared_cache
0/1445
1/1445
2/1445
3/1445
<SNIP>
1441/1445
1442/1445
1443/1445
1444/1445Decompress a previously extracted kernelcache
$ ipsw kernel decompress kernelcache.release.iphone11I am playing with the idea of diffing kernelcaches by creating directory structures of Apple's src from assert strings.
Then you could use git diff or something to get a quick high level view of what Apple has changed by seeing new files being added or removed as well as seeing the line numbers of the assert strings move around.
$ ipsw kernel diff kernelcache.release.iphone11You can see an example of what this outputs HERE
- use https://github.com/gocolly/colly
- create offline copy of ipsw.me API
- download simultaniously to decrease total time (need to limit concurrent downloads and 17+ at a time could be bad)
Find a bug? Want more features? Find something missing in the documentation? Let me know! Please don't hesitate to file an issue
MIT Copyright (c) 2018 blacktop