Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Found undocumented baseband. Errorcode=-3. Return code: 253 #23

Closed
madmax-russia opened this issue Dec 16, 2019 · 9 comments
Closed

Found undocumented baseband. Errorcode=-3. Return code: 253 #23

madmax-russia opened this issue Dec 16, 2019 · 9 comments

Comments

@madmax-russia
Copy link

Hello from Russia ))

MacBook-Pro-Maksim:Vieux maksim$ ./vieux -i /Users/maksim/Desktop/Vieux/iPhone_4.0_64bit_10.3.3_14G60_Restore.ipsw
Given IPSW Path is /Users/maksim/Desktop/Vieux/iPhone_4.0_64bit_10.3.3_14G60_Restore.ipsw
Vieux - A tool for 32/64 Bit OTA downgrades
Still in BETA so expect issues/broken things
If you are using a 64 Bit device then connect it in DFU Mode
If you are using a 32 Bit device then just have it connected in normal mode
Starting IPSW unzipping
Continuing...
IPSW found at given path...
Cleaning up old files...
Files cleaned.
Unzipping..
Found: CPID:8960 CPRV:11 CPFM:03 SCEP:01 BDID:00 ECID:000005F7C8C73030 IBFL:1C SRTG:[iBoot-1704.10]
Device is now in pwned DFU Mode.
(14.92 seconds)
Exploit worked!

  • SecureROM Signature check remover by Linus Henze *
    Applying patches...
    Successfully applied patches

Starting iBSS/iBEC patching
Looks like you are downgrading an iPhone 5s to 10.3.3!
Patched iBSS/iBEC
About to re-build IPSW
Entering PWNREC mode...
Getting SHSH...
Restoring...
Note that errors about 'BbSkeyId', 'FDR Client' and 'BasebandFirmware Node' are not important, just ignore them and only report errors that actually stop the restore.
TSS server returned: STATUS=94&MESSAGE=This device isn't eligible for the requested build.
ERROR: TSS request failed (status=94, message=This device isn't eligible for the requested build.)
Version: 81b98e0425e17250cc83d5badaf9a8cc6399f481 - 245
Libipatcher version: 3159a387584e352f690cca859e013c3a4683f3e8 - 69
Odysseus support: yes
INFO: device serial number is F17MCB10FF9R
[INFO] 64-bit device detected
futurerestore init done
reading signing ticket resources/restoreFiles/apnonce.shsh is done
Found device iPhone6,1 n51ap
[TSSC] opening resources/restoreFiles/BuildManifest_iPhone6,1.plist
[TSSR] User specified not to request a baseband ticket.
Request URL set to https://gs.apple.com/TSS/controller?action=2
Sending TSS request attempt 1... response successfully received
Did set SEP+baseband path and firmware
[TSSC] opening resources/restoreFiles/BuildManifest_iPhone6,1.plist
[TSSR] User specified to request only a baseband ticket.

[TSSR] Found undocumented baseband

Request URL set to https://gs.apple.com/TSS/controller?action=2
Sending TSS request attempt 1... [Error] baseband firmware isn't signed
Failed with errorcode=-3

ERROR..
Return code: 253
Restore Failed.
Please try again and report the error/send me the full logs and the 'errorlogrestore.txt' file if it persists
Exiting...

iPhone 5s 6.1 A1533
High Sierra 10.13.6
@madmax-russia
Copy link
Author

Please tell me what's wrong

@MatthewPierson
Copy link
Owner

Please delete all files in /tmp ("rm -rf /tmp/*"), ignore ones that don't delete, and try again. That's usually an error with tsschecker

@madmax-russia
Copy link
Author

madmax-russia commented Dec 17, 2019
edited
Loading

Hello, Matty! I did, as you said, and also downloaded and tried in the fixed version from 12/17/19. But it still swears at the baseband ...

MacBook-Pro-Maksim:~ maksim$ rm -rf /tmp/*
MacBook-Pro-Maksim:~ maksim$ pip3 install -r /Users/maksim/Desktop/Vieux-master/requirements.txt
Requirement already satisfied: bcrypt==3.1.7 in /usr/local/lib/python3.7/site-packages (from -r /Users/maksim/Desktop/Vieux-master/requirements.txt (line 1)) (3.1.7)
Requirement already satisfied: bsdiff4==1.1.9 in /usr/local/lib/python3.7/site-packages (from -r /Users/maksim/Desktop/Vieux-master/requirements.txt (line 2)) (1.1.9)
Requirement already satisfied: cffi==1.13.2 in /usr/local/lib/python3.7/site-packages (from -r /Users/maksim/Desktop/Vieux-master/requirements.txt (line 3)) (1.13.2)
Requirement already satisfied: cryptography==2.8 in /usr/local/lib/python3.7/site-packages (from -r /Users/maksim/Desktop/Vieux-master/requirements.txt (line 4)) (2.8)
Requirement already satisfied: paramiko==2.7.0 in /usr/local/lib/python3.7/site-packages (from -r /Users/maksim/Desktop/Vieux-master/requirements.txt (line 5)) (2.7.0)
Requirement already satisfied: pycparser==2.19 in /usr/local/lib/python3.7/site-packages (from -r /Users/maksim/Desktop/Vieux-master/requirements.txt (line 6)) (2.19)
Requirement already satisfied: PyNaCl==1.3.0 in /usr/local/lib/python3.7/site-packages (from -r /Users/maksim/Desktop/Vieux-master/requirements.txt (line 7)) (1.3.0)
Requirement already satisfied: pyusb==1.0.2 in /usr/local/lib/python3.7/site-packages (from -r /Users/maksim/Desktop/Vieux-master/requirements.txt (line 8)) (1.0.2)
Requirement already satisfied: scp==0.13.2 in /usr/local/lib/python3.7/site-packages (from -r /Users/maksim/Desktop/Vieux-master/requirements.txt (line 9)) (0.13.2)
Requirement already satisfied: six==1.13.0 in /usr/local/lib/python3.7/site-packages (from -r /Users/maksim/Desktop/Vieux-master/requirements.txt (line 10)) (1.13.0)
MacBook-Pro-Maksim:~ maksim$ cd /Users/maksim/Desktop/Vieux-master
MacBook-Pro-Maksim:Vieux-master maksim$ ./vieux -i /Users/maksim/Desktop/Vieux-master/iPhone_4.0_64bit_10.3.3_14G60_Restore.ipsw
Vieux - A tool for 32/64 Bit OTA downgrades
Still in BETA so expect issues/broken things
If you are using a 64 Bit device then connect it in DFU Mode
If you are using a 32 Bit device then just have it connected in normal mode
Files cleaned.
/Users/maksim/Desktop/Vieux-master/iPhone_4.0_64bit_10.3.3_14G60_Restore.ipsw is a zip archive!
Starting IPSW unzipping
Continuing...
IPSW found at given path...
Cleaning up old files...
Files cleaned.
Unzipping..
Found: CPID:8960 CPRV:11 CPFM:03 SCEP:01 BDID:00 ECID:000005F7C8C73030 IBFL:1C SRTG:[iBoot-1704.10] PWND:[checkm8]
Device is already in pwned DFU Mode. Not executing exploit.
Exploit worked!

  • SecureROM Signature check remover by Linus Henze *
    Applying patches...
    Patches have already been applied. Exiting.

Starting iBSS/iBEC patching
Looks like you are downgrading an iPhone 5s to 10.3.3!
Patched iBSS/iBEC
About to re-build IPSW
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.5/Frameworks/Python.framework/Versions/3.7/lib/python3.7/shutil.py", line 566, in move
os.rename(src, real_dst)
FileNotFoundError: [Errno 2] No such file or directory: 'IPSW/Firmware/Mav7Mav8-7.60.00.Release.bbfw' -> 'resources/other/baseband.bbfw'

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "./vieux", line 75, in
ipsw.unzipIPSW(argv[2])
File "/Users/maksim/Desktop/Vieux-master/ipsw.py", line 147, in unzipIPSW
createCustomIPSW64(fname, devicemodel)
File "/Users/maksim/Desktop/Vieux-master/ipsw.py", line 286, in createCustomIPSW64
shutil.move("IPSW/Firmware/Mav7Mav8-7.60.00.Release.bbfw", "resources/other/baseband.bbfw")
File "/usr/local/Cellar/python/3.7.5/Frameworks/Python.framework/Versions/3.7/lib/python3.7/shutil.py", line 580, in move
copy_function(src, real_dst)
File "/usr/local/Cellar/python/3.7.5/Frameworks/Python.framework/Versions/3.7/lib/python3.7/shutil.py", line 266, in copy2
copyfile(src, dst, follow_symlinks=follow_symlinks)
File "/usr/local/Cellar/python/3.7.5/Frameworks/Python.framework/Versions/3.7/lib/python3.7/shutil.py", line 121, in copyfile
with open(dst, 'wb') as fdst:
FileNotFoundError: [Errno 2] No such file or directory: 'resources/other/baseband.bbfw'

@nb713
Copy link

nb713 commented Dec 19, 2019

have the error of his outcome

@MatthewPierson
Copy link
Owner

I have fixed the "FileNotFoundError: [Errno 2] No such file or directory: 'resources/other/baseband.bbfw'" error in the latest commit. Please download the latest update and try again @nb713 @madmax-russia

@madmax-russia
Copy link
Author

Thanks Matty! I’ll try to do it after 9 hours when I’m at home :)

@madmax-russia
Copy link
Author

Matty, I tried again and again failed ... What is wrong with this baseband ??
The iPhone currently has iOS 12.4.4 installed without jailbreak. Installing clean firmware can solve this problem?

Found: CPID:8960 CPRV:11 CPFM:03 SCEP:01 BDID:00 ECID:000005F7C8C73030 IBFL:1C SRTG:[iBoot-1704.10]
Device is now in pwned DFU Mode.
(15.29 seconds)
Exploit worked!

  • SecureROM Signature check remover by Linus Henze *
    Applying patches...
    Successfully applied patches

Starting iBSS/iBEC patching
Looks like you are downgrading an iPhone 5s to 10.3.3!
Patched iBSS/iBEC
About to re-build IPSW
Entering PWNREC mode...
Getting SHSH...
Restoring...
Note that errors about 'BbSkeyId', 'FDR Client' and 'BasebandFirmware Node' are not important, just ignore them and only report errors that actually stop the restore.
TSS server returned: STATUS=94&MESSAGE=This device isn't eligible for the requested build.
ERROR: TSS request failed (status=94, message=This device isn't eligible for the requested build.)
Version: 81b98e0425e17250cc83d5badaf9a8cc6399f481 - 245
Libipatcher version: 3159a387584e352f690cca859e013c3a4683f3e8 - 69
Odysseus support: yes
INFO: device serial number is F17MCB10FF9R
[INFO] 64-bit device detected
futurerestore init done
reading signing ticket resources/other/apnonce.shsh is done
Found device iPhone6,1 n51ap
[TSSC] opening resources/manifests/BuildManifest_iPhone6,1.plist
[TSSR] User specified not to request a baseband ticket.
Request URL set to https://gs.apple.com/TSS/controller?action=2
Sending TSS request attempt 1... response successfully received
Did set SEP+baseband path and firmware
[TSSC] opening resources/manifests/BuildManifest_iPhone6,1.plist
[TSSR] User specified to request only a baseband ticket.

[TSSR] Found undocumented baseband

Request URL set to https://gs.apple.com/TSS/controller?action=2
Sending TSS request attempt 1... [Error] baseband firmware isn't signed
Failed with errorcode=-3

ERROR..
Return code: 253
Restore Failed.
Please try again and report the error/send me the full logs and the 'errorlogrestore.txt' file if it persists
Exiting...
MacBook-Pro-Maksim:Vieux-master maksim$

@MatthewPierson
Copy link
Owner

Try "rm -rf /tmp/futurerestore/*" to delete temporary files, futurerestore sometimes downloads the wrong files to /tmp/futurerestore causing it to think the baseband isn't signed.

@madmax-russia
Copy link
Author

Hi Matty!
I tried again by downloading the latest exploit last Saturday. Everything worked out!
I used Hackintosh, where there are no drivers for the network card, so I connected two phones at the same time: iPhone 6s to share the Internet in normal mode and iPhone 5s in DFU mode.
Maybe this was the reason for the baseband error? But when I installed kext for the Ethernet port and connected only ONE phone - the exploit worked, maybe it's just a coincidence.
Anyway, thank you so much for bringing life back to my old 5s. Maybe this information will be useful for solving future problems.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@MatthewPierson @madmax-russia @nb713