-
Notifications
You must be signed in to change notification settings - Fork 86
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
iCloud backup's is not downloaded #87
Comments
yes, i also facing this issue for ios 11 and its worked with ios 9.3.5 |
Yes,Not work for iOS11. Maybe apple changed something. |
anyone who know why? |
Seems that the recordRetrieveRequest operation is failing to retrieve the file assets. Manifests are still retrieved, but file requests are returning the error "Record not found". Maybe Apple changed the manifest encryption or added a new ProtectionInfo field? |
Too bad this wonderfully invested piece of code is now going the the dumpster of history. Shame on Apple to deny our rights to access our own backup... our own content that they are making money from... as their are most likely standing behind brutally closing this project. Anyhow, IMO The only way we can fix this issue is to gather up. For starter, Please join the effort and don't let the selfish 'bad guys' win and deny our basic rights! "They say jump you say how high..." |
Greeting Guys, |
Does not seem to work with 10.3 also, in my experience! It used to work till few days back. |
@Poseidone Hey! Could you please leave here your contacts to discuss the solution |
Any progress on this issue? |
Anyone hear anything? |
@Blokh Any update so far? |
Oct-test no news so far. trying to reverse engineer a request from icloud for backup. |
Just letting you know that "Tenorshare UltData" is using a modified version of InflatableDonkey that works for ios 12! If you install it then look in the install location folder under iCloud, it has a copy of InflatableDonkey. I noticed that it also uses an extra file called iCloudLib.dll. So for now that can be used. |
When I try to run that version I'm getting AccessDeniedExceptions, you're saying to run Tenorshare instead of that jar? |
No you still run the jar. |
are there any different variables to pass in? |
Run it like you normally would or just use UltData and let it do it for you. |
yeah when I run it via java -jar InflatableDonkey.jar username pass, it throws an AccessDeniedException |
If I move it to another folder it runs, but doesn't download anything |
Try using DsPrsID/mmeAuthToken instead. I didnt directly run it with my email and pass. Use the program and then look through the logs it makes in either program files or appdata and it should say the command it used. Just remove the domain part at the end. |
sweet got it thanks! |
I can't find the logs. Could you point us towards the file or tell us the command you used? Thanks. |
Its in AppData\Local\Temp\ts_download\log.txt. The command I exactly used was... |
Hi guys! |
Patched. Please report any bugs. I'll be around for another week or so after which I'll likely take an indefinite hiatus. 🌵 |
Wow thank you Horrorho! |
Although it looks like an issue that required a large patch, it really isn't. The core of the patch involves using privileged QueryRetrieve instead of RecordRetrieve for manifest and key bag handling. The majority of the patch bulk comes from the fact that I transplanted updated protobuf definitions from an undisclosed tool I maintain. This has had the knock on effect of altering numerous class calls. However, although not complete or the latest version, the updated protobuf definitions are definitely worth checking out for those wanting a closer peek under the hood. 🦁 |
PCSFPCopyDecryptedData is used in CreateWithExportedInternal which is used in many other PCS* methods. Most probably the ford data is used like you say. As for synchronizing with us, send me a mail to persitentlibrary@gmail.com with your Skype :) |
Pretty sure that PCSFP method is used for ProtectionZone stuff only. Time to move on to looking at something else. |
Hey, yeah that's for sure :) Was it you that sent me an email (being paranoid here as many tried to add me and were not you hah) |
@RobLinux no, I set the same clientInfo to all requests. |
just follow up the conversation, everything is explained here |
@RobLinux Yes, that's me. (Snak3y XO, that is). Don't have a lot of time with the holidays, but will try to work on this when I can. Last thing I was looking at was those CSCryptor methods, which looked pretty interesting. Following from the method you were looking at, seems like you can only have V1 or V2 init methods. But the CSCryptor (it's V2, I think) looked like it was pulling fields out at offsets that would be incompatible with our Ford data. |
I added you, I have something to show you if you get time. |
https://patentimages.storage.googleapis.com/3f/8a/d2/f8a31d6cb8f7ca/US8255731.pdf some lecture about backup engine |
yes I already reverse engineered those binaries but are heavily encrypted. By the way we're onto something else than Anisette data having sorted that out. |
@RobLinux Hi, I have solved the problem I post previously, it's the Authorization Header issue in escrowproxyapis. |
@RobLinux Sorry, had much less time than I thought over the holidays. I can spend some time later today on the decryption again. And I'll read that link you posted, thanks for sharing. |
@lisaikeha |
Hello @Dadoum, sorry I have not been able to answer you as I'm on holidays for now. |
@Dadoum wrote you back |
They finally updated their security guide https://support.apple.com/guide/security/cloudkit-sec3d52c0374/1/web/1 XTS is used |
@RobLinux Very interesting. I haven't had much time to work on this but will take a look. Thanks for sharing! |
hey guys are you still on it? |
@ArnoldCell When I have time, yes. I haven't got a device at the moment and we were at the point where one was needed to continue investigating. Not sure where the others are at right now... @RobLinux ? |
I have a working piece of code with macOS methods. More to come very soon |
@RobLinux Looks like you're very close, amazing work. I really hope its not related to the device specifically, as that would be a headache. I was unable to get an iPhone so I can't really debug as you're doing. If you've got it working with the macOS methods, I can likely help with translating them back into code if you need. |
It calls Apple libraries like their implementation. |
Hi all. It seems InflatableDonkey finally stopped working completely a few days ago. Does anyone knows if it is a missing header or is it something more serious? Did anyone managed to get it work with iOS 13? Thanks all for the hard work to keep this project alive. |
@RobLinux If I understood you correctly you generated adi files with valid anisette data, which can be used for further downloading backup. I tried different combinations of input data for machineProvisioning, but all that I get – different errors and account ban from Apple. |
Could you give me a fiddler archieve for refrence?? In advance, Thakns lot! |
For authorization, most of requests to iCloud now require i.e. AnisetteData (X-Apple-I-MD + X-Apple-I-MD-M) Adding that tokens allow requests to be authorized. |
It isn't. It's neither hardware dependent (old macs can generate it too) nor tied to Apple OSes (it's also used on Windows' iCloud, iTunes, and all their new Apple Microsoft Store apps, and it's also used on Android, in Apple Music and Apple TV, and supposedly in Shazam). You can generate it easily on any x86_64, x86, armv7 or arm64 device with my project Provision. It internally uses the Android app to avoid reimplementing the obfuscated algorithm.
It's used to identify device used on the endpoints, most notably for 2FA trust purposes. |
Hello.
Today I wasn't able to download iCloud backup using InflatableDonkey. Does someone else faced similar issue recently?
The text was updated successfully, but these errors were encountered: