User:LeoI07/Drafts/Dumping Firmwares

If you have a device with a preinstalled-only or internal OS installed, it's a good idea to take a dump of it for archival purposes, as it can't simply be downloaded from Apple. This guide will outline the steps to dump both the filesystem(s) and the NOR/iBoot partition.

You will need to have shell access to the device. On macOS and most internal OS's this is included by default, whereas for release versions of iOS and its derivatives, you will need to either boot an SSH ramdisk, or jailbreak the device and install OpenSSH.

= Filesystem = The most complete filesystem dump you can make is a copy of the internal storage to a disk image. This will dump both the root filesystem and any additional partitions (i.e. preboot, recovery). Keep in mind that this also includes any user files and settings, so make sure to reset the device to factory settings if you don't want that to be included.

Macs
1. Connect an external drive to the Mac. The drive must have at least as much free space as the Mac's storage capacity, or else Disk Utility won't let you proceed.

2. Boot into the recoveryOS or from a macOS install USB.

3. Select Disk Utility from the macOS Utilities menu.

4. In the menu bar, select View > Show All Devices.

5. In the sidebar, select the Mac's internal drive (e.g. APPLE SSD ... Media).

6. In the menu bar, select File > New Image > Image from " ".

7. In the save popup, navigate to your external drive. At the bottom of the popup, select the "compressed" option from the Format drop-down menu. Click Save.

Other devices
From a terminal on a computer running macOS or Linux, type the first command if the device is running iOS 4 or earlier, the second command if the device is older than the iPhone 4S and running iOS 5 or later, the fourth command if the device is jailbroken with Dopamine, or the third command if neither of these. ssh root@ "cat /dev/disk0" | dd bs=8192 status=progress of=Dump.dmg

ssh root@ "cat /dev/disk0" | dd bs=8192 skip=3 status=progress of=Dump.dmg

ssh root@ "cat /dev/disk0" | dd bs=4096 skip=6 status=progress of=Dump.dmg

ssh mobile@ "sudo cat /dev/disk0" | dd bs=4096 skip=6 status=progress of=Dump.dmg The disk image resulting from this is not compressed, unlike the one resulting from the steps listed for Macs.

= NOR/iBoot partition =

Devices with IMG4 support
If dumping from an Apple silicon Mac, open Terminal and type this command. cat /dev/disk1 > Firmware.bin If dumping from a different device, type the latter command if the device is jailbroken with Dopamine, otherwise the former command, from a terminal on a computer running macOS or Linux. ssh root@ "cat /dev/disk1" > Firmware.bin

ssh mobile@ "sudo cat /dev/disk1" > Firmware.bin