The latest SEP/BB as of right now is iOS 15.1, and is partially or fully compatible with iOS 14 depending on your device. See the appropriate section for exact compatibility info.
- SHSH blobs for the version you want to downgrade to (e.g. from https://tsssaver.1conan.com/, https://shsh.host/)
- macOS or Linux (Ubuntu 20.04 or newer recommended). Windows or a VM will NOT work.
- If the exploit fails even after multiple attempts or your device reboots out of DFU mode, you'll have to start over from the beginning and be quicker next time. (You don't have to redownload anything though.) You may have to force restart your device if it's stuck in DFU.
| Table of Contents |
|---|
| A12 and newer |
| A11 |
| A10(X) |
| A9X |
| A9 |
| A8(X) |
Nope, you can't. At least not until a jailbreak for iOS 15 comes out, but SEP/BB will probably be fully incompatible by then.
IMPORTANT: On the iPhone X, downgrading to iOS 14 will break Face ID and cause other issues (broken RootFS snapshot and OTA updates). The only way to fix it is by restoring to iOS 15.
This very likely also affects A12 and above, but you can't downgrade those devices from iOS 15 currently anyway. It does also apply to upgrading from an earlier version with FutureRestore, though.
There are no issues with iPhone 8(+), Touch ID will work fine.
Compatible versions: 14.3-14.8
- Put your device in DFU mode.
- Download and extract Cryptic's fork of ipwndfu for A11.
- Open the extracted folder in a terminal.
- Run
python2 ipwndfu -p --patch. (On newer Linux distros, you may have to explicitly install Python 2 from your package manager, e.g.sudo apt install python2.)
- Download and open FutureRestore GUI.
- Click "Settings", enable "FutureRestore Beta", then click "Save".
- Click "Download FutureRestore".
- Download the desired version's IPSW from https://ipsw.me/ and select it along with your blobs.
- Click "Next", enable "Pwned Restore" and "Set Nonce", and leave SEP and Baseband on latest. (If you see a "64 Bit Checkm8" option, update FRGUI. You should not use that option.)
- Click "Next", and then "Start FutureRestore".
- Put your device in recovery mode.
- Go back to the previous tab in FutureRestore GUI and uncheck both "Pwned Restore" and "Set Nonce".
- Click "Next", and "Start FutureRestore" again.
- Once the restore starts looping at "No data to read (timeout)", force restart your device.
- When you see the recovery mode screen, press "Exit Recovery".
- Go through with setup as usual.
- Jailbreak your device with checkra1n.
- Open the checkra1n loader app and press "Install Cydia". If it complains about a missing RootFS snapshot, tap "Create".
- If you want to use Odysseyra1n, after this finishes tap "Restore System" in the loader (or just force close it when it says "Downloading Base System").
Note that this is not a complete fix, as Face ID will still be broken. Taurine may also have issues jailbreaking with the manually fixed up snapshot, but hopefully that will be fixed in the future.
Compatible versions: 14.0-14.8
- Put your device in DFU mode.
- Download and extract ipwndfu.
- Open the extracted folder in a terminal.
- Run
./ipwndfu -p. - Download and extract Fugu.
- Open the extracted folder in a terminal.
- Run
./Fugu rmsigchks.
- Put your device in DFU mode.
- Download and extract Cryptic's patched ipwndfu for A10.
- Open the extracted folder in a terminal.
- Run
python2 ipwndfu -p. - Run
python2 rmsigchks.py.
- Download and open FutureRestore GUI.
- Click "Settings", enable "FutureRestore Beta", then click "Save".
- Click "Download FutureRestore".
- Download the desired version's IPSW from https://ipsw.me/ and select it along with your blobs.
- Click "Next", enable "Pwned Restore" and "Set Nonce", and leave SEP and Baseband on latest. (If you see a "64 Bit Checkm8" option, update FRGUI. You should not use that option.)
- Click "Next", and then "Start FutureRestore".
- Put your device in recovery mode.
- Go back to the previous tab in FutureRestore GUI and uncheck both "Pwned Restore" and "Set Nonce".
- Click "Next", and "Start FutureRestore" again.
Coming soon...
Requires macOS.
Compatible versions: 14.0-14.8
- Put your device in DFU mode.
- Download Eclipsa.
- Open the folder in a terminal.
- Run
killall -STOP AMPDevicesAgent AMPDeviceDiscoveryAgent MobileDeviceUpdater. - Run
makeand wait for it to compile. (You need to have Xcode installed.) If you cannot compile Eclipsa for some reason, download and extract this zip instead (only compatible with Intel Macs). - If compiled manually, run
./eclipsa. Otherwise, you will need to run the appropriate version for your SoC:- A8:
./eclipsa7000 - A8X:
./eclipsa7001 - A9:
./eclipsa8000or./eclipsa8003
- A8:
- Run
killall -CONT AMPDevicesAgent AMPDeviceDiscoveryAgent MobileDeviceUpdater.
- Download and open FutureRestore GUI.
- Click "Settings", enable "FutureRestore Beta", then click "Save".
- Click "Download FutureRestore".
- Download the desired version's IPSW from https://ipsw.me/ and select it along with your blobs.
- Click "Next", enable "Pwned Restore" and "Set Nonce", and leave SEP and Baseband on latest. (If you see a "64 Bit Checkm8" option, update FRGUI. You should not use that option.)
- Click "Next", and then "Start FutureRestore".
- Put your device in recovery mode.
- Go back to the previous tab in FutureRestore GUI and uncheck both "Pwned Restore" and "Set Nonce".
- Click "Next", and "Start FutureRestore" again.
Can someone create a video tutorial for this