Arbitrary single-file extraction

[acceptable-security]

Right now the ipsw tool supports extracting the kernelcache from the ipsw, but it seems like it should be possible to extract any file from the kernelcaches using this technique. Perhaps generalizing the kernelcache code to an arbitray file selector might be useful (i.e., for downloading iBoot binaries)

[blacktop]

I assume you mean "remote" extraction? Or local?

I also extract parse dyld_shared_cache and DeviceTrees.

I haven't done anything with iBoot, but I guess with checkm8 I should take a look ;)

I could do sort of a "regex-y" extraction, but that is essentially just parsing a zip, unless there is more to it like parsing an IMG4 and decompressing or decrypting with keys?

[acceptable-security]

Ah my apologies for the miscommunication, I did mean the code executed by ipsw download --kernel ... (this code). But yeah my original thought was just replacing the check on line 170 with perhaps the ability to pick any file in the archive (passed in via a parameter), so that pulling a particular file (e.g., pulling the Firmware/all_flash/iBoot-*) that isn't the kernelcache doesn't require downloading the entire img4 file.

[blacktop]

I will add soon, thx.

[blacktop]

I have added a new sub-command:

❯ ipsw download -v 13.2.3 -d iPhone12,3 pattern Firmware/all_flash/iBoot
   • Getting files that contain: Firmware/all_flash/iBoot build=17B111 device=iPhone12,3 signed=true version=13.2.3

❯ ls iBoot*
iBoot.d421.RELEASE.im4p       
iBoot.d421.RELEASE.im4p.plist 
iBoot.d431.RELEASE.im4p       
iBoot.d431.RELEASE.im4p.plist

Thank you for the great idea! 👍