In this video I will introduce the prometheus / futurerestore tool created by @thimstar. This tool was released yesterday after being discussed on 33c3 conference. It basically allows you to downgrade your iPhone to practically any iOS version for which you saved the SHSH2 tickets. (Remember when I made two videos about how to save these and I told you it is pretty important?).
This can be done in two ways, both require you to have saved the new SHSH2 tickets.
First method: NONCE attack is basically extremely close to the iCloud Bypass CFWs we make (use the same principles) but this one is for downgrade. You basically combine an older firmware like iOS 10.1.1 (which does have a Jailbreak now) with iOS 10.2 that is currently signed. You take the baseband and the SEP of the iOS 10.2 as these can't be downgraded and you apply them to the iOS 10.1.1 IPSW making a CFW, you will need the BuildManifest.Plist as well.
This approach, like the NAND attack does NOT work on all devices as it works by attempting multiple times (automatically) until a specific NONCE matching the one in the APTicket you saved is generated by the phone (NONCE collision).
The second approach involves having a Jailbreak and installing NONCE enabler, this works on all Jailbroken devices.
If you had any doubts about CFWs on any x64 device, here is the living example that Apple devices DO perform mistakes in their encryption algorithm sometimes.
futurerestore: http://bit.ly/2ivwjpc
