Alright, everything is fixed
and we have donor values from a broken Mac courtesy of dosdude1.
curl https://mavericks.wowfunhappy.workers.dev | sh
In PMs,
@Jazzzny figured out that the random errors were due to a combination of my
hex_to_bin
function mangling certain hex sequences, and the
auth_info
variable failing to properly store certain binary data.
On my end, I also removed some error checking in favor of enabling
-e
, which is probably safer overall and makes the code more readable.
I added the code to a
github gist, then set up a Cloudflare worker to serve it with legacy http(s) compatibility. While it can be run via piping to sh, I do encourage reading the code first if you feel so inclined.
Thank you again to everyone who helped with this!!!
And, feel free to continue critiquing:
Bash:
#!/bin/sh
# Download script written by Wowfunhappy.
# Thank you to Krackers, Jazzzny, and others for helping analyze Apple's download process and debug this script.
# Thank you to dosdude1 for donating identifiers from a broken Mac.
# Any mistakes are mine alone.
BOARD_SERIAL_NUMBER="C0243070168G3M91F"
BOARD_ID="Mac-3CBD00234E554E41"
ROM="003EE1E6AC14"
set -e
hex_to_bin() {
echo -n "$1" | xxd -r -p
}
SERVER_ID=$(curl -fs -c - http://osrecovery.apple.com/ | tail -1 | awk '{print $NF}')
CLIENT_ID=$(dd if=/dev/urandom bs=8 count=1 2>/dev/null | od -An -tx1 | tr -d ' \n' | tr '[:lower:]' '[:upper:]')
# Generate K based on the client ID, server ID, ROM, board serial number, and board ID.
{
hex_to_bin "$CLIENT_ID"
hex_to_bin "$(echo $SERVER_ID | awk -F'~' '{print $2}')"
hex_to_bin "$ROM"
printf "%s" "${BOARD_SERIAL_NUMBER}${BOARD_ID}" | iconv -t utf-8 | openssl dgst -sha256 -binary
printf '\xCC\xCC\xCC\xCC\xCC\xCC\xCC\xCC\xCC\xCC'
} > auth_info
# Convert auth_info to an sha256 hash. OpenSSL outputs raw binary which is then converted to uppercase hex.
K=$(openssl dgst -sha256 -binary < auth_info | od -An -tx1 | tr -d ' \n' | tr '[:lower:]' '[:upper:]')
rm auth_info
INSTALL_ESD_INFO=$(curl -fs 'http://osrecovery.apple.com/InstallationPayload/OSInstaller' -X POST \
-H 'Content-Type: text/plain' \
--cookie "session=$SERVER_ID" \
-d "cid=$CLIENT_ID
sn=$BOARD_SERIAL_NUMBER
bid=$BOARD_ID
k=$K
")
INSTALL_ESD_URL=$(echo "$INSTALL_ESD_INFO" | grep AU | awk -F': ' '{print $2}')
INSTALL_ESD_ASSET_TOKEN=$(echo "$INSTALL_ESD_INFO" | grep AT | awk -F': ' '{print $2}')
if [ "$INSTALL_ESD_URL" != "http://oscdn.apple.com/content/downloads/33/62/031-10295/gho4r94w66f5v4ujm0sz7k1m0hua68i6oo/OSInstaller/InstallESD.dmg" ]
then
echo "Error: Server did not provide the Mavericks InstallESD URL." 1>&2
exit 1
fi
echo "Downloading InstallESD.dmg..."
curl "$INSTALL_ESD_URL" -H "Cookie: AssetToken=$INSTALL_ESD_ASSET_TOKEN" > InstallESD.dmg
# Because we downloaded over unencrypted HTTP, it is critical that we verify the checksum.
echo "Verifying file integrity..."
if [ $(openssl dgst -sha256 InstallESD.dmg | awk -F'= ' '{print $2}') != "c861fd59e82bf777496809a0d2a9b58f66691ee56738031f55874a3fe1d7c3ff" ]
then
rm InstallESD.dmg
echo "Error: Download failed (mismatched checksum)" 1>&2
exit 1
fi
if [ "$(uname)" = "Darwin" ]
then
echo "Building InstallMacOSXMavericks.dmg..."
# Ensure no volumes with these names are already mounted.
hdiutil detach "/Volumes/OS X Base System" || true
hdiutil detach "/Volumes/OS X Install ESD" || true
hdiutil convert -ov "InstallESD.dmg" -format UDSP -o "InstallESD.sparseimage"
hdiutil attach InstallESD.sparseimage -nobrowse
hdiutil convert -ov "/Volumes/OS X Install ESD/BaseSystem.dmg" -format UDSP -o "BaseSystem.sparseimage"
hdiutil resize -size 6056660992 "BaseSystem.sparseimage"
hdiutil attach BaseSystem.sparseimage -nobrowse
rm -rf "/Volumes/OS X Base System/System/Installation/Packages"
cp -R "/Volumes/OS X Install ESD/Packages" "/Volumes/OS X Base System/System/Installation/"
hdiutil detach "/Volumes/OS X Base System"
hdiutil detach "/Volumes/OS X Install ESD"
# Pause before converting so hdiutil won't fail with `hdiutil: convert failed - Resource temporarily unavailable`
sleep 2
hdiutil convert -ov "BaseSystem.sparseimage" -format UDZO -o "InstallMacOSXMavericks.dmg"
rm InstallESD.sparseimage BaseSystem.sparseimage
rm InstallESD.dmg
echo "Successfully created InstallMacOSXMavericks.dmg"
else
# The user will need to create the final installable image manually.
echo "InstallESD.dmg successfully downloaded."
fi
Outstanding items:
- I still don't know why I don't have to (and in fact can't) do a byteswap.
- I still wish I could make the final image always have the exact same checksum.
- It would be nice to have an alternate code path for Linux and maybe other UNIX systems.
- I tested the script on Mavericks and Snow Leopard. Please feel free to test both ludicrously old systems (Tiger? Cheetah?) and new systems, as well as other UNIXs. The goal is to work everywhere.
Edit: The script does not work on Tiger because openssh does not support the sha256 algorithm. Oh well, I don't see a way around that! I suppose you could install modern openssh via MacPorts.