JailbreakRoot Tech Reports
Friday, January 27, 2012
How to Save APTickets / SHSH Blobs iOS 5.0.1 with Redsn0w for Downgrade
Do you like this story?
Since Apple has killed the battery-zapping bugs in soon-to-be released iOS 5.1, many users will update their iPhone, iPad or iPod touch with the latest mobile operation system without acquainted with the fact that they will lose the untethered jailbreak on 5.0.1. In order to protect your jailbreak, you will have to save your SHSH blobs.
Note: I would like to re-iterate here that none of the tools – Corona 5.0.1 untether, Redsn0w 0.9.10b4or Greenpois0n’s Absinthe jailbreak is compatible with iOS 5.1, so many of us have to choose between an improvement in the battery or keeping jailbroken device alive. If jailbroken device is not your priority then probably this article is not for you.
Note: I would like to re-iterate here that none of the tools – Corona 5.0.1 untether, Redsn0w 0.9.10b4or Greenpois0n’s Absinthe jailbreak is compatible with iOS 5.1, so many of us have to choose between an improvement in the battery or keeping jailbroken device alive. If jailbroken device is not your priority then probably this article is not for you.
If you are a new user, you must understand the concept of SHSH. Read more in detail about what are SHSH blobs? These blob certificate file act as a life saver to downgrade your firmware.
Since iOS 5.x accommodates APTickets, saving SHSH files is bit tricky. I have used redsn0w 0.9 here to save SHSH for my iPod touch 4G since it also supports saving SHSH+APTickets and these APTickets are crypto-verified before submitting to Cydia, just like the main blobs. Right now Cydia server can’t send back the APTickets, so we’ll use stitched IPSWs for 5.x.
Here’s the tutorial that you must follow to take the backup of SHSH blobs and APTickets for successful downgrade in future (say, from iOS 5.1 to 5.0.1).
Instructions to Save SHSH Blobs, APTickets
Step 1: Launch RedSn0w 0.9.9 and select ‘Extras’. You can download the latest version of redsn0w from our dedicated download section.
Step 2: Select ‘SHSH blobs’
Step 3: Place your iDevice in DFU mode. If you are a newbie, here’s the DFU mode video demo.
- While iDevice is connected to the computer, turn off the device.
- Prepare to press the POWER + HOME button for 5 seconds.
- Then while holding down the power button, press the Home button for 10 seconds.
- Release Power button while holding down the HOME for 10 seconds .Your screen is completely black
Step 4: Click the Fetch button and let them work. This will now start fetching the SHSH blobs stored in the device and then send them to Cydia server. If you have already sent SHSH blobs you will get message saying – Cydia server already has a full set of blobs for this configuration.
After this process, your iDevice restarts automatically and a plist file will be created in redsn0w directory on your computer. It is very important for you to keep this file in safe place.
Step 5: Now its time to send the signed and APTicket SHSH backup on the server Saurik. To do so – click on Submit and then specify the SHSH.plist file.
Step 6: Next step is to create a firmware with this file SHSH.plist / APTicket.
Click on Stich -> IPSW
Step 7: Enter the iOS firmware you signed SHSH with and save the APTicket.
Step 8: Click ‘Local’ button and then specify the file SHSH.plist previously created. It will start loading kernel cache and stitching the blobs. It will automatically add APTickets, patch iBSS and iBEC in the background.
You will get a popup windows saying – ‘Blob stitching done’. Your iOS 5.x personalized firmware is created and available on your computer. The windows will display the path of the customized IPSW. This custom IPSW can be used with iTunes and TinyUmbrella to restore iOS device to iOS 5.0.1.
And there you have it, you’ve saved SHSH blobs and APTickets. If something went wrong, feel free to ask @JAlLBREAKS.
Restoring a Customized iOS
Make sure that ‘#’ is added in front 74.208.10.249 gs.apple.com in your host file. Now, before you run the iTunes to restore your customized iOS, you must place your iOS device in Special DFU mode: Pwned DFU. To do so, launch the Redsn0w 0.9.9 and go to “Extras” menu and then “Pwned DFU”.
Place your iDevice in DFU mode and then click on Pwned DFU. Launch iTunes then simply indicate the firmware created earlier (with signed and APTicket SHSH). Click
- Mac: ALT (keyboard) + Restore button (iTunes)
- Win: SHIFT (keyboard) + Restore button (iTunes)
Can I use TinyUmbrella to backup SHSH blobs /Apticket ?
Saving SHSH blobs with TinyUmbrella will not going to work since iOS 5 has new SHSH mechanism (with APTicket). You can downgrade from iOS 5.x to iOS 4.x (however, you must have saved SHSH blobs for iOS 4.x) using TinyUmbrella but the tool doesn’t work for downgrading between versions of iOS 5.x (for instance, iOS 5.1 to iOS 5.0.1).
We only have one method – that is redsn0w – that stitches 5.x blobs to a custom firmware file and use that file to restore to iOS device. Here, it is important to keep in mind that as of today, redsn0w is not yet compatible with iPad 2 and iPhone 4S. There is no way you can downgrade from iOS 5.1 to 5.0.1 for A5 device.
Can I downgrade iPhone 4 or iPad 2 from iOS 5 to iOS 4.x?
TinyCFW has been tested for downgrading iPhone 4 and iPad 2 running iOS 5.0.1 to iOS 4.3.3 without getting stuck in a 1015 recovery loop. But the tool only works if you have already saved 4.3.3 SHSH blobs else you are out of luck.
Let us know if you were able to save SHSH blobs and APTickets for iOS 5.0.1 for your device or not? Share your results in comments section below.
Via CydiaBlog
Follow Us Twitter,google+ and Facebook Page.
Via CydiaBlog
Follow Us Twitter,google+ and Facebook Page.
This post was written by: Rinkul Jena
Rinkul Jena is a professional blogger, web designer and front end web developer. Follow him on Twitter
Subscribe to:
Post Comments (Atom)
