Has three sections.
defaults: {
“com.apple.MobileBluetooth.debug” = {
ExtraZoningLog = {
EnableZoneLogging = 1;
};
FWStreamLogging = {
Cryptiiiic
/ ios16_downgrading.txt
Created
March 1, 2023 00:10
The unfortunate state of iOS downgrading
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Unfortunately I have some bad news for downgrading. | |
| Before I explain the bad news at the end of this post, I first need to introduce a background of iOS devices. | |
| In iOS 16, Apple introduced a new firmware component known as Cryptex1. Technically, this is a "virtual" co-processor. | |
| It's purpose is to allow Apple to push RSRs (Rapid Security Responses) which are separate from traditional iOS updates and can be installed much faster. | |
| Like other firmwares, it also has a signing ticket locked to a cryptographic nonce (number-used-once). | |
| We commonly refer to the Apple signing tickets as SHSH blobs. | |
| Meaning the firmware can't be installed without a valid signing ticket as well as a matching nonce. | |
| The "big two" components we deal with signing/nonces are AP and SEP. AP is basically the main device chip (Application Processor). | |
| SEP is the security chip (Secure Enclave Processor). | |
| With regards to APNonce, Apple conveniently gave us the com.apple.System.boot-nonce NVRAM property which we use to set the APNonce generator. |
dlevi309
/ profile_defaults.md
Last active
June 27, 2025 16:57
An extensive list of settings written when installing a debugging profile from developer.apple.com
random-robbie-research
/ apple.com-fixed.txt
Created
July 26, 2018 15:47
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 10-courier.push.apple.com | |
| 10-courier.sandbox.push.apple.com | |
| 11-courier.push.apple.com | |
| 12-courier.push.apple.com | |
| 13-courier.push.apple.com | |
| 14-courier.push.apple.com | |
| 15-courier.push.apple.com | |
| 16-courier.push.apple.com | |
| 17-courier.push.apple.com | |
| 18-courier.push.apple.com |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $> brew install openssl | |
| $> brew install swig | |
| $> env LDFLAGS="-L$(brew --prefix openssl)/lib" \ | |
| CFLAGS="-I$(brew --prefix openssl)/include" \ | |
| SWIG_FEATURES="-cpperraswarn -includeall -I$(brew --prefix openssl)/include" \ | |
| pip install m2crypto |