Ever since FutureRestore received an update, jailbreakers are willing to jump the gun and go to iOS 11.1.2. Here’s a step by step tutorial on how you can upgrade from iOS 10.3-10.3.3 to 11.1.2 firmware.
Table of Contents
Why is updating to iOS 11.1.2 important?
As you already know, developers have made a lot of progress on Ian Beer’s kernel exploit. The async_wake exploit is pretty much ready and all we need now is an update for Cydia.
Some developers are also proudly showing off their devices running Cydia on Twitter. Therefore, upgrading to iOS 11.1.2 will ensure you will get the latest iOS 11 jailbreak.
Thankfully, iOS 11.2 SEP firmware is compatible with iOS 11.1.2 and hence updating won’t be an issue whatsoever. However, you will need to make it quick because Apple will stop signing this version anytime soon.
Here’s an in-depth tutorial by the Twitter user, iloveapple1999, that will guide you through the update process.
But before you move onto it, make sure you have a compatible firmware and device.
Which devices are compatible?
Device
iPhone
- iPhone SE
- iPhone 5s
- iPhone 6/6 plus
- iPhone 6s/6s plus
- iPhone 7/7 Plus
iPad
- iPad Air
- iPad Air 2
- iPad Pro
- iPad mini 2
- iPad mini 3
- iPad mini 4
iPod
- iPod touch 6
If your model is not on this list, you must add the required offsets yourself. You can find a detailed list of offsets for many models here. Remember, you must add them to v0rtexNonce yourself and developers are yet to test them out.
Firmware
You can perform the upgrade on the following iOS versions only –
- 10.2.1 (untested)
- 10.3
- 10.3.1
- 10.3.2
- 10.3.3
Requirements
- A 64 Bit iPhone, iPad, or iPod touch
- Mac or a computer running macOS Virtual Machine
- SHSH Blobs for iOS 11.1.2 firmware
- Internet connection
How to upgrade from iOS 10-10.3.3 to 11.1.2 with FutureRestore
1. Preparation
This is a really complicated process and you must sort everything out before moving onto the upgrade part. Preparation is key here.
- Firstly, download the iOS 11.1.2 IPSW firmware file for your device from ipsw.me.
- If you are on iOS 10-10.3Download v0rtexNonce from here and install it if you are using iOS 10.3.x.
- If you are on iOS 10-10.2 or 9.3.3, install the SetNonce tweak from repo.xarold.com.
- Download FutureRestore for iOS 11.
- Keep your SHSH2 blob file at the ready.
2. Setup
Step 1 Make a new folder on the desktop called Upgrade and copy the iOS 11.1.2 IPSW firmware file to it.
Step 2 Open the futurerestore_macos ZIP package and send the futurerestore_macos file into the Upgrade folder. Remember, ZIP package and the file share the same name and you only need to copy the file.
Step 3 Send your SHSH Blob to the Upgrade folder and rename it to blob.plist.
Step 4 Click on use .plist and open your blob file.
Step 5 You will now get a wall of text. Scroll down to the end until you get a hexadecimal string starting from “0x”.
Step 6 Enter that string in the v0rtexNonce application. If you are on iOS 10-10.2, you must repeat this step in the SetNonce tweak.
Step 7 Once it succeeds, you will get a popup notifying you about that the nonce is in place.
Step 8 Rename your blob file to blob.shsh2 and click on use .shsh2.
Step 9 Ensure you have the following files present in the Upgrade folder on your desktop –
- SHSH2 Blob file
- futurerestore_macos file
- iOS 11.1.2 IPSW firmware file
That’s all there’s to it! You are all set now and just need to kick off the restore process.
3. Restore
Step 1 Open the Applications folder, go to Utilities and then open the Terminal.
Step 2 Enter this command and press return/enter to navigate to the Upgrade folder.
cd (drag your Downgrade folder into Terminal)
Step 3 Type this command and press return to list the content of the aforementioned folder.
ls
Step 4 Enter this command in the Terminal.
./futurerestore_macos -t (drag blob) –latest-sep –latest-baseband (drag 11.1.2.ipsw)
Step 5 Connect your iPhone or iPad to the computer, unlock it, and press return.
Step 6 The update process will now kick off assuming you did every step everything correctly. Wait for a few minutes and let the tool do its thing.
Step 7 Now, once your device restarts, start setting it up.
Did you upgrade?
This should hopefully get your device to the latest exploit-compatible version. Once a jailbreak drops, you will be fully prepared for it. Things are already moving quite fast so it won’t take long to finish the tool up.
You can also repeat the exact same procedure on older versions such as iOS 10-10.2 or even iOS 9.3.3. Just replace the nonce setter tool with nonceEnabler and you will be good to go.
If you run into some issues while restoring, simply leave a comment below.
For more firmware updates and tutorials, give us a thumbs up on Twitter and Facebook.
Hello,
I have an iPhone 7 Plus on 10.1.1, already jailbroken, it is possible to upgrade to any “jailbreakable” version? i have save blobs
Yes, you can update using the latest iOS 12 SEP.
I am currently on iPhone 6s jailbroken IOS 9.02. I have blobs for 11.3.1. Is it possible to upgrade to 11.3.1 now? If not, is it possible to upgrade to 10.2?
I also have another on iPhone 6s at 10.2 jailbroken. Is it possible to upgrade to 11.3.1 now?
No, it’s not possible anymore due to SEP incompatibility.
I am jb w ip6s on 9.0.1 w blobs from 10.2 11.1.2 and 11.4.1. Can I upgrade to what and w future restore and nonce enable or set. !???
You can’t upgrade to a jailbroken version on iOS 11 since iOS 11.4.1 SEP is incompatible with iOS 11.1.2. The same goes for iOS 10.2.
i have an i6 on 10.3.2 jailbreaked with doubleh3lix. i want
to update to ios 11.3.1 i have blobs saved. vOrtex nonce gives an error message “Failed to validate generator”. why is this happening?
You can nonce manually using Meridian jailbreak as well by SSH.
I am newbie. Friend, сan you describe this process in detail?
Just came to know that iOS 11.4.1 SEP is incompatible with iOS 11.3.1 so you can’t upgrade.
Can I do this process to update from iOS 9.3.2 to io 10.x?
No, that’s no longer possible.
i have an i6s on 10.3.1 jailbreaked with doubleh3lix will i be able to update to ios 11.3.1 if i have blobs saved?
Yes, you will be able to do that.
Are you sure iPad Air 2 is working? v0rtexNonce not available for iPad Air 2.
Yes, you can try. Some users did report that it worked for them.
Thanak for this awesome process to upgrade. But I can’t install SetNonce tweak because the it can be only install on 10.2 or higher. Is there any way to install?
Restores will no longer work since Apple has stopped signing iOS 11.2.6.
Thanks for the help!
I was wondering for the answer 🙂
Can i downgrade my ios 11.3 beta 4 to ios 11.1.2 ? i have an iphone 6
No.
I have an Iphone 6 at ios 11.3 beta4 can i downgrade to ios 11.1.2?
Will tools like Cydia eraser work with a futurerestore upgrade?
Yes, they will. Coolstar also plans to release SemiRestore11 soon.
Ok, thanks. Want to use Electra, but I want a clean install if Saurik ever decides to release a jailbreak/Cydia update.
You can use SemiRestore for that.
Awesome! It worked perfectly. Thank you so much for your help, and for this tutorial.
One thing i had to change to get it to work that is different from the tutorial is adding a double dash instead of single dash in front of latest-sep & latest-baseband..
so, it should be:
./futurerestore_macos -t (drag blob) –latest-sep –latest-baseband (drag 11.1.2.ipsw)
and not:
./futurerestore_macos -t (drag blob) -latest-sep -latest-baseband (drag 11.1.2.ipsw)
Probably just a typo, but if someone does a copy and paste it will bring up a command list, like so:
-t, –apticket PATH Apticket used for restoring
-b, –baseband PATH Baseband to be flashed
-p, –baseband-manifest PATH Buildmanifest for requesting baseband ticket
-s, –sep PATH Sep to be flashed
-m, –sep-manifest PATH Buildmanifest for requesting sep ticket
-w, –wait keep rebooting until nonce matches APTicket
-u, –update update instead of erase install
–latest-sep use latest signed sep instead of manually specifying one(may cause bad restore)
–latest-baseband use latest signed baseband instead of manually specifying one(may cause bad restore)
–no-baseband skip checks and don’t flash baseband.
WARNING: only use this for device without baseband (eg iPod or some wifi only iPads)
Regardless.. THANK YOU SO MUCH!!!
Welcome, Nick. Enjoy your jailbreak!
After reading all the above, here is a simple question I have
iPhone 7 Plus – 10.3.1 (nonjailbreak), how can I upgrade this to 11.1.2, I only have blobs of i7+ 10.3.1, don’t have blobs for 11.1.2, as it says in requirements “blobs for 11.1.2)
You can’t do that since you don’t blobs for your target version.
thanks a bunch for answering, saved my time to research all over web.
Welcome, zindagi.
Do I need 11.2.5 ispw for this upgrade? I’m upgrading from 10.2 to 11.1.2 on iPhone 6+.
No, you don’t need to do that.
So I just need to upgrade before they release 11.3 because of the SEP and baseband?
No, that depends on Apple and whether or not they will change the SEP structure in iOS 11.3. I would recommend doing it as fast as you can.
Have side loaded (v0rtexNonce IPA) on my iPad Pro 10.5 A10x version (10.3.2) was able to set hexadecimal string from (11.1.2) shsh2 blob, will not go into recovery mode after sending command
./futurerestore_macos -t blob.shsh2 –latest-sep –latest-baseband -w iPad_Pro_HFR_11.1.2_15B202_Restore.ipsw
Are you dragging the necessary files?
Same problem here but with the i7+ same ios.
but damn its a pain in the ass to get the vortex exploit working then this problem happens… didnt the dev try and fix this yet?
Yes, they have fixed it. Meridian will now support all devices on iOS 10-10.3.3.
what does this mean:
Odysseus Support: no
futurerestore_macos: invalid option — l
Usage: futurerestore [OPTIONS] IPSW
Allows restoring nonmatching iOS/Sep/Baseband
-t, –apticket PATH Apticket used for restoring
-b, –baseband PATH Baseband to be flashed
-p, –baseband-manifest PATH Buildmanifest for requesting baseband ticket
-s, –sep PATH Sep to be flashed
-m, –sep-manifest PATH Buildmanifest for requesting sep ticket
-w, –wait keep rebooting until nonce matches APTicket
-u, –update update instead of erase install
–latest-sep use latest signed sep instead of manually specifying one(may cause bad restore)
–latest-baseband use latest signed baseband instead of manually specifying one(may cause bad restore)
–no-baseband skip checks and don’t flash baseband.
WARNING: only use this for device without baseband (eg iPod or some wifi only iPads)
This is only the command list of the tool. There’s nothing you need to worry about it.
With -latest-sep -latest-baseband what do you mean? sep and baseband of 11.1.2 or 11.2.5?
i have a7 device and I’m going from 10.3.1 to 11.1.2 with blobs
The SEP of iOS 11.2.5.
Downgrading to iOS 10.2 is not possible
[ERROR CODE]
Request URL set to https://gs.apple.com/TSS/controller?action=2
TSS server returned: STATUS=94&MESSAGE=This device isn’t eligible for the requested build.
ERROR: TSS request failed (status=94, message=This device isn’t eligible for the requested build.)
Sending TSS request attempt 1… [Error] sep firmware isn’t signed
Failed with errorcode=-3
My blobs are valid (just checked)
Downgrading is obviously not possible anymore.
How does one get a 11.1.2 SHSH blob? I’m on 10.3.3 jailbroken on g0blin
You need to save them beforehand when Apple is still signing that version.
Guy -YOU’RE CRAZY- very thanks you for this tutorial, now I’m downgrading from 11.1.2 to 10.2 and I Will cry when this happen. 🙏
I have an a7 device on 10.2.1 can I upgrade to 10.3.3? If yes can you help? thanks!
Yes, you can do that. Follow this tutorial – https://yalujailbreak.net/downgrade-ios-1112-to-1033-a7/
I have 10.2.1 not 11.1.2 I could follow this but I don’t have the nonce setter since my device is not jailbroken. Any advice?
You can use nonce setter without jailbreak.
I cant find one for 10.2.1. Thanks
Which device do you own?
ipad mini 2 cellular
any suggestion?
Yes, you can use nonce enabler if you have a jailbreak. Why do you want to update to iOS 10.3.3? Just asking.
to jailbreak! saigon is not supported on my device so i wanted to do it with g0blin.
Alright but don’t update yet. You will be able to jailbreak it with Meridian once Saurik updates Cydia.
Let’s wait 😀
Hi! I finally jailbreak it with meridian, but when running the nonceenabler script with ssh i get stuck on this:
root@YOUR_DEVICE_IP_ADDRESS_HERE:
because meridian is using 2222 port instead of the standard already tried to insert “-p 2222” without luck do you know how do I change the port for this command?
Why don’t you use iTerminal? It’s better and works on-device.
how to transfer the nonceenabler on the device? I don’t know the commands from mobile. tutorials are only from computer… any help? thanks!
It doesn’t work on-device, you have to have a computer for it.
so how to change the port from the default (22) to 2222
Just enter 2222 in the port field.
With the new G0blin jailbreak, I can downgrade or upgrade the IOS?
I’m on 10.3.2, Which IOS is better?
No, you can’t restore.
On iP7 10.2, is there any way to set the nonce on any of my saved blobs?
No, there’s no way to do that. Wait for a jailbreak update for that version.
Please verify my situation if you can. I have an iPhone 6 and iPad mini 3 both on the Yalu JB for iOS 10.2. I have the shsh2 blobs saved for 10.2 and 10.2.1 only. I’d like to update to 11.1.2. But from what I’ve read, This will not work because I do not have the 11.1.2 blobs saved and it’s too late to do so as apple has stopped signing for 11.1.2. Is this correct?
Yes, that’s correct. You can no longer save SHSH blobs for older versions.
Will it work for my 6S 10.2.1? It’s non-jailbroken (no luck with Saigon) but I have 11.1.2 blobs saved.
Unfortunately, it will not work on your device as there’s no nonce setter for it.
Hi, finally my 6s 10.2.1 is jailbroken with Saigon beta 3!
Can I upgrade to 11.1.2 with this tutorial? I have the blobs saved.
Yes, you can but you need to use nonceEnabler since there’s no nonce setter for your version.
Where can I get the nonceEnabler? Do you have a separate tutorial for how to use it?
Also, I wanna ask your advice please. For a 6S, do you think it’s better to stay at 10.2.1 or upgrade to 11.1.2? Considering the performance and battery life, but also all the iOS 11 features (including AR). Thank you so much.
I recommend upgrading to iOS 11.1.2 for better features but performance will surely take a hit.
Same situation with 6s plus ? I’m on 10.2 with jailbreak and have sash blobs for 11.1.2. Is it possible for me upgrade to 11.2, while it still signed and then downgrade to 11.1.2 ?
No, you must go to 11.1.2 with FutureRestore only.
But iPhone 6s plus is not compatible, or I’m misunderstanding something ?
Which firmware are you on?
iPhone 6s Plus
iOS 10.2, with Yalu jailbreak
Have shsh2 blobs for 11.1.2
Use setnonce tweak and set your nonce first.
I have a jailbroken iPhone SE which is on iOS 9.3.2
Minimum requirements for this tutorial is 9.3.3… does that mean I’ve lucked out?
No, you can still try on that version.
I can’t use SetNonce as its only compatible with iOS 10.2 and higher, what are the best alternatives?
You can use nonceEnabler then.
I’ve tried everything to get nonceEnabler working but i keep getting bad CPU error through Mac Terminal when trying to install. I’ve also tried the nonceEnabler patch from iPodHacks142’s repo and that gives the System.sep.art error also…
Can you please send me a screenshot?
cant find setnonce under xarold repo, where is it. ios 9.3.3 iphone 6s
Try using these repos – if0x.github.io and julioverne.github.io
It said (drag the downgrade folder into terminal) but I don’t have a ‘downgrade’ folder do I have to create one ?
Yes, of course.
When I rename the blob file to blob.shsh2 I don’t have the message ‘use .shsh2’
Any idea ?
Just rename it, that’s it.
In file also There is no offset for ipad air 2 10.3.3…what to do?
You are out of luck, then
Can you make a video for this ?
Is it possible to do it on iphone 6 with 8.1 and tpf0 installed?
You can try that but it hasn’t been tested yet. You will need to use nonceEnabler or a nonce setter for that.
It worked, I did slightly different things if you want to add them to the guide please tell me (posso anche mandarti una email)
Thanks. You can post your tips/method here.
1) VERIFY SHSH2 BLOB
Download Tihmstar’s Img4Tool
Download and unpack the 11.1.2 IPSW and extract BuildManifest.plist.
run ./img4tool_macos -v BuildManifest.plist -s blob.shsh2 (Must report “File is Valid!”)
Using AppStore BMSSM go to “System” tab and verify Device Model is the same as DeviceClass as reported by Img4tool verify results.
2) APPLY SAURIK TFP0 PATCH
From Cydia add source: http://apt.saurik.com/ and install Pangu8 latest (0.5)
Or manually thru http://apt.saurik.com/beta/pangu8-tfp0/io.pangu.xuanyuansword8_0.5_iphoneos-arm.deb
Install also kdump and run it to to verify succesfull tfp0
3) GET A WORKING NVRAMPATCHER
Compile Chilik nvrampatcher with 8.1 SDK from https://gist.github.com/chilik/89a50a3b0e89da2912751b41de4f3b23 (as it’s not available anymore), I tried other nonce tools but none of them accessed kernel (nonceEnabler, nvram_patcher, nvrampatcher).
To do this I needed to install xcode 9.2 with 8.1 SDK, ldid, and openssl also.
4) MODIFY NVRAM
Run compiled nvrampatcher
Set generator in nvram manually: nvram com.apple.System.boot-nonce={GENERATOR}
Disabled auto-boot: nvram auto-boot=false
6) RESTORE
Run ./futurerestore_macos -t blob.shsh2 –latest-sep –latest-baseband -w iPhone_4.7_11.1.2_15B202_Restore.ipsw
I just added the -w flag and corrected args with double “-”
I’m on iPhone6, IOS was 8.1 with Pangu8 non tfp0.
Thanks a lot, mate.
Hi, is this method (which I don’t fully understand since i’m a noob) possible on a Windows PC? If not, is there any possibility to update to 11.1.2 (I’m on 8.1.2)? I have been looking like crazy but didn’t find anything… I was also wondering if it is possible to update to 11.2 (signed) and then downgrade to 11.1.2… All of this restoring the iPhone… i don’t care deleting everything in it
1. Yes, it is possible on a Windows PC now. Download it from here – https://yalujailbreak.net/futurerestore-windows/ and rest of the process remains the same.
2. I don’t recommend updating an iOS 8 device to iOS 11 because of performance issues and glitches.
3. Updating to iOS 11.2 and then going back is not possible.
I have Win7 32bit could I do with ip6s on iOS 10.2 Jailbreak
No, you can’t do that on Windows.
How about iPhone 6 / plus ???
You can take a look at the offsets but you will need to add them yourself in the app.