└── README.md


/README.md:
--------------------------------------------------------------------------------
 1 | # shsh2-blobsaver-for-a12
 2 | how to save shsh2 blobs for an a12 device
 3 | 
 4 | You only need to do the parts 1-4 once. Make sure to save your generated nonce somewhere safe for further use.
 5 | Blobs saved without a nonce (on A12) are INVALID.
 6 | Requirements
 7 | iPhone XS, XS Max, XR or iPad Pro 2018 on iOS 12.0-12.1.2.
 8 | A computer with Windows, macOS or Linux. If you're on Windows you need to have iTunes installed as well.
 9 | USB cable
10 | Cydia Impactor
11 | Latest version of unc0ver or Chimera.
12 | libimobiledevice tools - Installation instructions available below.
13 | 1. Installing libimobiledevice.
14 | GNU/Linux: You can use the package manager of choice and install libimobiledevice or imobiledevice.
15 | MacOS: Read this comment., if it doesn't work: use Homebrew or similar. For Homebrew: brew install libimobiledevice (in Terminal).
16 | Windows: You can get the binaries from here (updated link, courtesy of /u/tateu). iTunes is required.
17 | You can use Chimera to set the nonce instead of unc0ver; for steps 2; 3.
18 | Use Chimera's default nonce instead of 0x1111111111111111, though.
19 | 2. Installing unc0ver.
20 | Use Cydia Impactor as usual to install the Unc0ver IPA. Download latest beta build of Unc0ver 3.x.x from here.
21 | 3. Setting the nonce generator.
22 | If unc0ver/Chimera don't work you can use stek29's voucher_nonce Xcode project. Tutorial
23 | unc0ver:
24 | ~ Open unc0ver. (You may get a popup about an untrusted certificate, go to Settings > General > Device Management and Trust your certificate)
25 | ~ Go to the Settings tab in unc0ver.
26 | ~  Make sure "Overwrite Boot Nonce" is enabled and that "Boot Nonce" is set to 0x1111111111111111.
27 | ~  Go to the Jailbreak tab and press Jailbreak.
28 | ~ You're done with this part of the tutorial.
29 | ~ Chimera:
30 | ~ Open Chimera. (You may get a popup about an untrusted certificate, go to Settings > General > Device Management and Trust your certificate)
31 | ~  Scroll down.
32 | ~ Click on "Set Nonce".
33 | ~ Jailbreak.
34 | ~ Done!
35 | 4. Getting the nonce from your device.
36 | ~ Open your Terminal app. (Windows: navigate with it to where your downloaded binaries are).
37 | ~ Run the following commands. If any of these commands fail, run them with sudo (on Linux and macOS).
38 | * ideviceinfo - Look for "UniqueDeviceID" in the output. Text after ": " is your UDID. You may need to trust your PC on your iPhone for this to work. If you don't know your ECID it's the "UniqueChipID", your model is "ProductType".
39 | * ideviceenterrecovery UDID - Replace UDID with your UDID from above.
40 | 
41 | # Important install https://github.com/libimobiledevice/libirecovery… then cd into the folder in terminal and run these commands:
42 | # ./autogen.sh
43 | # make
44 | # sudo make install
45 | # After that you will be able to run the command no problem
46 | 
47 | * irecovery -q - Look for "NONC" in the input, this is your APNonce (the text after "NONC: "). You can use irecovery -q | grep NONC on GNU/Linux and macOS.
48 | * irecovery -n - This will reboot you back to the non-recovery mode.
49 | 5. Saving your blobs.
50 | Save your generated nonce, ECID and model in a file somewhere, it shouldn't change in the future so you only need to do the above steps once.
51 | ~ Go to https://tsssaver.1conan.com/ with a browser of your choice.
52 | ~ Change the drop down field that says "Hex (iTunes)" to "Dec (UDID Calculator/ideviceinfo)", input your ECID in the "Type ECID Here..." field, select your model in "Identifier:" and make sure it matches the ProductType from above.
53 | ~ Check the "Manually specify an apnonce (ADVANCED USERS ONLY)" checkbox, and type your APNonce from above (NONC) here.
54 | ~ Fill in the CAPTCHA and press "Submit".
55 | ~ That's it your blobs will be saved.
56 | 
57 | # NOTE: If you are having problems with libimobiledevice on Mojave try this:
58 | # brew update
59 | # brew uninstall --ignore-dependencies libimobiledevice
60 | # brew uninstall --ignore-dependencies usbmuxd
61 | # brew install --HEAD usbmuxd
62 | # brew install --HEAD libimobiledevice
63 | 


--------------------------------------------------------------------------------