linusyang92/ipsw

Download and parse ipsw(s) from ipsw.me or theiphonewiki.com

ipsw

Download and parse ipsw(s) from ipsw.me or theiphonewiki.com

---

Install

macOS

$ brew install blacktop/tap/ipsw

linux/windows

Download from releases

Getting Started

$ ipsw --help

Usage: ipsw [OPTIONS] COMMAND [arg...]

IPSW Downloader

Version: 18.12.1, BuildTime: 2018-12-04T01:10:58Z
Author:
  blacktop - <https://github.com/blacktop>

Options:
  --verbose, -V  verbose output
  --help, -h     show help
  --version, -v  print the version

Commands:
  diff        diff kernelcache (using assert strings)
  extract     extract and decompress a kernelcache
  decompress  decompress a kernelcache
  download    download and parse ipsw from the internet
  help        Shows a list of commands or help for one command

Run 'ipsw COMMAND --help' for more information on a command.

download

Download an ipsw and extract/decompress the kernelcache

$ ipsw download --device iPhone11,2 --build 16A366 --dec

   • Getting IPSW              build=16A366 device=iPhone11,2 signed=true version=12.0
      3.4 GiB / 3.4 GiB [==========================================================| 00:00 ] 79.08 MiB/s
      • verifying md5sum...
   • Extracting Kernelcache from IPSW
   • Parsing Compressed Kernelcache
      • compressed size: 17842843, uncompressed: 35727352. unknown: 0x3f9543fd, unknown 1: 0x1
   • Decompressing Kernelcache

Notice that the kernelcache was extracted from the ipsw and decompressed 😈

$ file kernelcache.release.iphone11.decompressed

kernelcache.release.iphone11.decompressed: "Mach-O 64-bit executable arm64"

Download all the iOS 12.0 ipsws

$ ipsw download --iversion 12.0 --dec

? You are about to download 17 ipsw files. Continue? Yes
   • Getting IPSW              build=16A366 device=iPhone11,4 signed=true version=12.0
    3.3 GiB / 3.3 GiB [==========================================================| 00:00 ] 59.03 MiB/s
      • verifying md5sum...
   • Extracting Kernelcache from IPSW
   • Parsing Compressed Kernelcache
      • compressed size: 17842843, uncompressed: 35727352. unknown: 0x3f9543fd, unknown 1: 0x1
   • Decompressing Kernelcache
   • Getting IPSW              build=16A366 device=iPod7,1 signed=true version=12.0
    734.7 MiB / 2.6 GiB [===============>------------------------------------------| 00:57 ] 44.84 MiB/s
  ...

Only download and decompress the kernelcaches (which is CRAZY fast)

Single kernelcache

ipsw download --device iPhone11,2 --build 16B92 --kernel --dec

All of dem!!!

$ time ipsw download --iversion 12.0.1 --kernel --dec

"8.40s user 1.19s system 53% cpu 17.784 total"

That's 14 decompressed kernelcaches in under 9 seconds 😏

$ ls -1

kernelcache.release.ipad4b.decompressed
kernelcache.release.ipad5b.decompressed
kernelcache.release.ipad6b.decompressed
kernelcache.release.ipad6d.decompressed
kernelcache.release.ipad6f.decompressed
kernelcache.release.ipad7.decompressed
kernelcache.release.iphone10b.decompressed
kernelcache.release.iphone11.decompressed
kernelcache.release.iphone11b.decompressed
kernelcache.release.iphone7.decompressed
kernelcache.release.iphone8b.decompressed
kernelcache.release.iphone9.decompressed
kernelcache.release.j42d.decompressed
kernelcache.release.n102.decompressed

But, how does it work?? 🤔 With the POWER 💪 of partialzip !!

Download with a Proxy 🆕

This will download and decompress the kernelcache for an iPhone XS running iOS 12.1 behind a corporate proxy

$ ipsw download --proxy http://proxy.org:[PORT] --device iPhone11,2 --build 16B92 --kernel --dec

To disable cert verification

$ ipsw download --insecure --device iPhone11,2 --build 16B92 --kernel --dec

extract

Extract kernelcache from a previously downloaded ipsw

$ ipsw extract iPhone11,2_12.0_16A366_Restore.ipsw

Extract dyld_shared_cache from a previously downloaded ipsw (only on macOS) 🆕

$ ipsw extract --dyld iPhone11,2_12.0_16A366_Restore.ipsw
   • Extracting dyld_shared_cache from IPSW
   • Mounting DMG
   • Extracting /tmp/ios/System/Library/Caches/com.apple.dyld/dyld_shared_cache_arm64e to dyld_shared_cache
   • Unmounting DMG

decompress

Decompress a previously extracted kernelcache

$ ipsw decompress kernelcache.release.iphone11

diff [WIP] 🚧

I am playing with the idea of diffing kernelcaches by creating directory structures of Apple's src from assert strings.

Then you could use git diff or something to get a quick high level view of what Apple has changed by seeing new files being added or removed as well as seeing the line numbers of the assert strings move around.

$ ipsw diff kernelcache.release.iphone11

You can see an example of what this outputs HERE

TODO

• use https://github.com/gocolly/colly
• create offline copy of ipsw.me API
• download simultaniously to decrease total time (need to limit concurrent downloads and 17+ at a time could be bad)

Issues

Find a bug? Want more features? Find something missing in the documentation? Let me know! Please don't hesitate to file an issue

License

MIT Copyright (c) 2018 blacktop