Skip to content

dhinakg/aeota

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

24 Commits
.github/workflows
.github/workflows
 
 
include
include
 
 
lib
lib
 
 
src
src
 
 
.clang-format
.clang-format
 
 
.gitignore
.gitignore
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
get_key.py
get_key.py
 
 
read_headers.py
read_headers.py
 
 
requirements.txt
requirements.txt
 
 
test_extract.sh
test_extract.sh
 
 
test_get_key.sh
test_get_key.sh
 
 

Repository files navigation

aeota

AEA OTA/IPSW decryption

Grabbing keys with get_key.py

Gets a key from an AEA (non OTA; for OTAs, use the key that is provided with your response, as they generally do not have embedded auth data).

pip3 install -r requirements.txt
python3 get_key.py <path to AEA>

Note: it is highly recommended to use a virtual environment:

python3 -m venv .env  # only needed once
source .env/bin/activate
pip3 install -r requirements.txt  # only needed once
python3 get_key.py <path to AEA>

Decrypting an AEA

aea decrypt -i <path to AEA> -o <decrypted output file> -key-value 'base64:<key in base64>'

For IPSWs, you will get the unwrapped file (ie. 090-34187-052.dmg.aea will decrypt to 090-34187-052.dmg).

For assets, you will get specially crafted AppleArchives (see next section).

Extracting assets

Assets (including OTA updates) are constructed specially and cannot be extracted with standard (aa) tooling. They can be decrypted normally, which will result in an AppleArchive that is not extractable with aa (we will call these "asset archives"). aastuff must be used to extract them.

# Decrypt if necessary
aea decrypt -i <path to AEA> -o <decrypted asset archive> -key-value 'base64:<key in base64>'
./aastuff -i <decrypted asset archive> -o <output folder>

aastuff can also handle asset archives that are not already decrypted:

./aastuff -i <path to AEA> -o <output folder> -k <key in base64>

Run ./aastuff -h for full usage information.

Note

aastuff_standalone has more features, including file listings and selective extraction. Run ./aastuff_standalone -h for full usage information.

Notes

aastuff uses AAAssetExtractor, functions from libAppleArchive in order to extract asset archives. However, it is a pretty barren API and does not offer things like selective extraction.

aastuff_standalone uses (mostly) standard libAppleArchive functions to extract asset archives. It offers things such as file listings and selective extraction, but is not fully validated against all possible asset archives.

For now, both are built and used in the same way. Once aastuff_standalone is fully functional and validated, aastuff will be deprecated.

Related Projects

Credits

  • Siguza - auth data parsing strategy, AppleArchive extraction sample code
  • Nicolas - original HPKE code
  • Snoolie - auth data parsing strategy
  • Flagers - AppleArchive assistance

About

AEA OTA/IPSW decryption

Resources

Readme
Activity

Stars

211 stars

Watchers

8 watching

Forks

18 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages