tihmstar

Prometheus Guide: Introduction

This is an introductory article which explains how to follow our two-part guide on using the Prometheus downgrade tool.

Before attempting either Part 1 or Part 2 of the guide, everyone should read this article. It explains whether the guides apply to you, and if they do, which ones you should follow, as well as making sure that you fulfil the requirements for them to work.

Prometheus Guide Part 1: How to set a nonce with nonceEnabler

This is Part 1 of a two-part guide on how to use Prometheus.

Before attempting this guide, everyone should read the introductory article, Prometheus Guide: Introduction. This will explain whether the guides apply to you, and if they do, which ones you should follow, as well as making sure that you fulfil the requirements for it to work.

If you currently have a jailbreak and you want to move to a different firmware with Prometheus’ nonceEnabler method, you must follow Parts 1 & 2 of the guide.

If you currently have no jailbreak, and you want to move to a different firmware with Prometheus’ nonce collision method, skip Part 1 and do only Part 2 of the guide.

Prometheus Guide Part 2: How to use futurerestore to restore to unsigned firmwares

This is Part 2 of a two-part guide on how to use Prometheus.

Before attempting this guide, everyone should read the introductory article, Prometheus Guide: Introduction. This will explain whether the guides apply to you, and if they do, which ones you should follow, as well as making sure that you fulfil the requirements for it to work.

If you currently have a jailbreak and you want to move to a different firmware with Prometheus’ nonceEnabler method, you must follow Part 1 of the guide before following Part 2 here.

If you currently have no jailbreak, and you want to move to a different firmware with Prometheus’ nonce collision method, do only this part (Part 2) of the guide.

Possible downgrade to iOS 10.2 from iOS 10.2.1 for some users

Are you are stuck on iOS 10.2.1 or higher, having missed the iOS 10.2 signing window and therefore the Yalu jailbreak? If so, you may be in luck today, provided you have the correct setup. Early reports have come in that some devices are creating nonce collisions on iOS 10.3 b1, providing an indirect route back to iOS 10.2 through Prometheus.

For this clever workaround to come off, you must have a device which produces collisions, namely the iPhone 5s or (possibly, though not confirmed on iOS 10.3 b1), an iPad Air. If you do, you may be able to downgrade from iOS 10.2.1 to iOS 10.2 and jailbreak, by first downloading and installing iOS 10.3 beta 1, and then downgrading to iOS 10.2 using futurerestore.

How to verify your .shsh2 blobs with img4tool

We recently reported how some of the .shsh2 blobs saved with previous versions of tihmstar’s TSSChecker were faulty. One problem affected all iPhone 7 and iPhone 7 Plus blobs, rendering them useless. This issue has now been fixed going forward, though past blobs are invalid.

The other problem was more complex and affected only certain models of certain devices. It is also fixed for blobs saved from now on, but given these occurrences, it is important to be able to check whether the blobs you saved in the past are in fact valid and fit for use with Prometheus.

In this article, we’ll go through how to use another tool from tihmstar’s Prometheus suite, img4tool, to verify that your .shsh2 files are good. This method will clarify whether you are affected by the second problem mentioned above, but will also work in general, when checking the validity of your blobs in future.

TSSChecker now correctly supports iPhone 7 and iPhone 7 Plus

It seems tihmstar has been busy putting right the flaws in his suite of tools; just one week after he revealed that a bug in his .shsh2 saving tool TSSChecker had led to all iPhone 7(+) blobs saved with it being invalid, a new update restores the ability to correctly save blobs on Apple’s most recent flagship device.