How to Restore to Unsigned Firmwares Like iOS 11.1.2 Using futurerestore

BY Jason

Published 22 Feb 2018

Restore to Unsigned Firmware like iOS 11.1.2

Here’s a step-by-step guide on how to restore to an unsigned iOS firmware like iOS 11.1.2 which can be jailbroken. This guide has been written by Albanus Alain, one of our readers, who has successfully restored his iPhone 5s to iOS 11.1.2 and then back to iOS 11.0.3.

After releasing an iOS software update, Apple usually stops signing the older iOS firmware version in two weeks. Apple has used this strategy to keep jailbreakers at bay. It not only releases new software updates, that fixes the vulnerabilities used by the jailbreaks, it also stops signing the older iOS firmware file, which prevents users from downgrading back to the older iOS version that can be jailbroken. So the ability to upgrade or downgrade to an unsigned iOS firmware version can be very useful if you want to jailbreak your iPhone, iPad or iPod touch. So you could restore (essentially upgrade or downgrade) to iOS 11.1.2 which can be jailbroken using Electra jailbreak or LiberiOS jailbreak using this method.

Warning:

This tutorial is not for the faint-hearted one and there’s a possibility that you may fail and be forced to restore into latest iOS, thus losing your chance of jailbreaking. So please proceed with caution and at your own risk. Read this tutorial thoroughly over and over again until you can make sense of these steps. Upgrading or downgrading unsigned iOS can only be done when you have correct SHSH blobs for your target iOS version and the signing window for public beta iOS is still open regardless the current signed released iOS. For this tutorial, I use iPhone 5s model and will refer to iOS 11.0.3 since this version doesn’t have the terrible gyroscope bug which is present in iOS 11.1.x. To increase your chance of success you should have already jailbroken your iOS device and have 10GB free hard disk space.

Requirements:

How to Upgrade or Downgrade to Unsigned iOS Firmwares Using futurerestore

Step 1: Extract downloaded “futurerestore.zip” in a folder on your hard drive named futurerestore (for example C:\futurerestore\) and copy your target iOS .shsh2 blob there. Also, copy both iOS .ipsw file in this folder. To make it easy to type the command line later, you may rename the .shsh2 file to “my.shsh2”, iOS 11.0.3 .ipsw file to “restoreto.ipsw” and iOS 11.2.6 .ipsw file into “signed.ipsw”.

Step 2: Open your .shsh2 as text using Notepad and find your generator key string, something like 0xab12c34d5ef6ab7d
and type that string in PhoenixNonce app or NonceSet1112 appended with Set or enter. In this process your device may restart on its own—that’s normal. Restart your iOS device then open the app again after to make sure the value has been correctly written in your device—if the value hasn’t been shown yet, repeat this process. Sometimes the value has been correctly written but the app shows nothing. You may repeat then continue with the next steps.

Upgrade/Downgrade to unsigned firmware

PhoenixNonce

Step 3: Connect your iOS device to your Windows PC, make sure iTunes is not running in the background and you have a good internet connection. Open Command Prompt then go to “C:\futurerestore\”. Assuming that all files are within the same folder, type the following command:

futurerestore -t my.shsh2 -i signed.ipsw restoreto.ipsw

if you haven’t changed the filenames, the command may look like this

futurerestore -t 1234567890123_iPhone6,1_n51ap_11.0.3-15A432_a1bcdef234abc567d8e9f012345a6789b01234c5.shsh2 –i iPhone_4.0_64bit_11.0.3_15A432_Restore.ipsw iPhone_4.0_64bit_11.2.5_15D60_Restore.ipsw

futurerestore

You will see a long verbose message after hitting Enter. Do not interrupt this process whatsoever until it’s done.

In this process, futurerestore may fail to put your iOS device into Recovery state. You may have to put your device into Recovery your own. Be aware that every time the device comes out of Recovery before the process finished, the generator key reset and you have to repeat step 1 – 3 again.

You can exit Recovery using the following command:

futurerestore.exe –exit-recovery

Wait and hopefully, nothing goes wrong during the process.

That’s it. This process should have helped you to successfully restore to an unsigned iOS firmware. You can then restore from the backup during the setup process.

Let us know how it goes in the comments below.

Special thanks to Albanus for providing the step-by-step guide. We hope you find it helpful.

Don’t forget to signup for our Daily Newsletter so you don’t miss such articles.