Can we download Mavericks directly from Apple's servers?

[WaterOtter78]

It allows me to press install but now I get "This copy of the Install OS X Mavericks application can't be verified. It may have been corrupted or tampered with during downloading." Time to investigate...

EDIT: I tried to change the date but no dice, I also tried a different USB and an internal partition for createinstallmedia but no dice still.

 

[startergo]

It allows me to press install but now I get "This copy of the Install OS X Mavericks application can't be verified. It may have been corrupted or tampered with during downloading." Time to investigate...

EDIT: I tried to change the date but no dice, I also tried a different USB and an internal partition for createinstallmedia but no dice still.

hdiutil attach InstallESD.dmg
cd /Volumes/OS\ X\ Install\ ESD && cp BaseSystem.dmg ~/Downloads/tmp
asr imagescan --source ~/Downloads/tmp/BaseSystem.dmg
# Find your USB device and the Apple_HFS partition on it:
diskutil list
sudo asr restore --source ~/Downloads/tmp/BaseSystem.dmg --target /dev/disk19s2 --erase
sudo unlink /Volumes/OS\ X\ Base\ System/System/Installation/Packages
cp -Rpv /Volumes/OS\ X\ Install\ ESD/Packages  /Volumes/OS\ X\ Base\ System/System/Installation
diskutil rename OS\ X\ Base\ System Install\ Mavericks
sudo bless --folder /Volumes/Install\ Mavericks/System/Library/CoreServices --label Install\ Mavericks
cp /Volumes/Install\ Mavericks/Install\ OS\ X\ Mavericks.app/Contents/Resources/InstallAssistant.icns /Volumes/Install\ Mavericks/.VolumeIcon.icns
cp -Rpv /Volumes/OS\ X\ Install\ ESD/BaseSystem.dmg  /Volumes/Install\ Mavericks
cp -Rpv /Volumes/OS\ X\ Install\ ESD/BaseSystem.chunklist  /Volumes/Install\ Mavericks
diskutil eject Install\ Mavericks

 

[WaterOtter78]

hdiutil attach InstallESD.dmg
cd /Volumes/OS\ X\ Install\ ESD && cp BaseSystem.dmg ~/Downloads/tmp
asr imagescan --source ~/Downloads/tmp/BaseSystem.dmg
# Find your USB device and the Apple_HFS partition on it:
diskutil list
sudo asr restore --source ~/Downloads/tmp/BaseSystem.dmg --target /dev/disk19s2 --erase
sudo unlink /Volumes/OS\ X\ Base\ System/System/Installation/Packages
cp -Rpv /Volumes/OS\ X\ Install\ ESD/Packages  /Volumes/OS\ X\ Base\ System/System/Installation
diskutil rename OS\ X\ Base\ System Install\ Mavericks
sudo bless --folder /Volumes/Install\ Mavericks/System/Library/CoreServices --label Install\ Mavericks
cp /Volumes/Install\ Mavericks/Install\ OS\ X\ Mavericks.app/Contents/Resources/InstallAssistant.icns /Volumes/Install\ Mavericks/.VolumeIcon.icns
cp -Rpv /Volumes/OS\ X\ Install\ ESD/BaseSystem.dmg  /Volumes/Install\ Mavericks
cp -Rpv /Volumes/OS\ X\ Install\ ESD/BaseSystem.chunklist  /Volumes/Install\ Mavericks
diskutil eject Install\ Mavericks

While this does work, my goal is to have a .app with a functional createinstallmedia. This can already be done with the download script I believe.

UPDATE: I tried a .app from archive.org and it also does not work, even with changing the date to fix the certificate. Now I'm confused lol.

 

[Jazzzny]

While this does work, my goal is to have a .app with a functional createinstallmedia. This can already be done with the download script I believe.

This is not possible, see post 159.

 

[WaterOtter78]

This is not possible, see post 159.

Would there be a way to just strip the signature from a MAS version and add it to the InstallESD.dmg?

 

[Jazzzny]

Did you read the post? It gives a full explanation as to why it doesn't and will never work.

Signature "grafting" will not work, as you cannot just put a signature from one thing onto another and expect it to be valid.

 

[WaterOtter78]

Did you read the post? It gives a full explanation as to why it doesn't and will never work.

Signature "grafting" will not work, as you cannot just put a signature from one thing onto another and expect it to be valid.

Apologies, I didn't mean to be ignorant, I did not understand it very well. On a different note, I feel that this might be the key to decrypting the app store package, but without an official mzbuy.woa from a mavericks download I can't confirm.

 

[Wowfunhappy]

Well, we could try to use the key to decrypt the package and see if the result is valid, right? Do we actually know what encryption scheme is used?

 

[WaterOtter78]

Well, we could try to use the key to decrypt the package and see if the result is valid, right? Do we actually know what encryption scheme is used?

No, but we don't need to. The current issue is that we don't have the MAS Maverick's MZBuy.woa and therefore Maverick's decryption key. This key is just the key of a random app that I was trying to modify the MAS page of to get the MAS to download and decrypt a locally hosted encrypted Mavericks pkg. I initially though the key was in the appstoreagent binary, but it seems to be unique to the app. The only way to get this, however, is by intercepting a MAS Mavericks download with a proxy or mitm. I never purchased Mavericks, so I can't get it.

Side note: Why is it not possible to just recreate the XAR InstallESD.dmg? Sure, the XAR's other files would not be able to be downloaded from Apple but the actual disk image InstallESD.dmg inside the XAR InstallESD.dmg could be downloaded from Apple.

 

[startergo]

No, but we don't need to. The current issue is that we don't have the MAS Maverick's MZBuy.woa and therefore Maverick's decryption key. This key is just the key of a random app that I was trying to modify the MAS page of to get the MAS to download and decrypt a locally hosted encrypted Mavericks pkg. I initially though the key was in the appstoreagent binary, but it seems to be unique to the app. The only way to get this, however, is by intercepting a MAS Mavericks download with a proxy or mitm. I never purchased Mavericks, so I can't get it.

Side note: Why is it not possible to just recreate the XAR InstallESD.dmg? Sure, the XAR's other files would not be able to be downloaded from Apple but the actual disk image InstallESD.dmg inside the XAR InstallESD.dmg could be downloaded from Apple.

I don’t think you will have great success with the MAS download. You can’t boot it anyway. Maybe in the past, but not anymore without modification.

 

[WaterOtter78]

I don’t think you will have great success with the MAS download. You can’t boot it anyway. Maybe in the past, but not anymore without modification.

I mean, if we can get it downloaded and decrypted I don't see why it wouldn't boot using createinstallmedia. The only "modification" required would be changing the date to get around the certificate. Correct me if I'm wrong, though. Even so, I would like to keep exploring this if possible, even if it's just for fun lol.

 

[startergo]

I mean, if we can get it downloaded and decrypted I don't see why it wouldn't boot using createinstallmedia. The only "modification" required would be changing the date to get around the certificate. Correct me if I'm wrong, though. Even so, I would like to keep exploring this if possible, even if it's just for fun lol.

Date modification was a fix on an early downloads back in 2013-2014. This is not the case anymore for any MAS downloaded installer before HS. These MAS downloads now come with the InstallESD.dmg wrapped in a XAR archive. I am not sure that an installer created after unwrapping the XAR with createinstallmedua will boot with the date change only or even will the createinstallmedia work.

 

[WaterOtter78]

Date modification was a fix on an early downloads back in 2013-2014. This is not the case anymore for any MAS downloaded installer before HS. These MAS downloads now come with the InstallESD.dmg wrapped in a XAR archive. I am not sure that an installer created after unwrapping the XAR with createinstallmedua will boot with the date change only or even will the createinstallmedia work.

But the pkg is downloaded from apple today and could be decrypted on any OS newer than HS. It would decrypt just like a mavericks download from someone who owned it.

 

[startergo]

But the pkg is downloaded from apple today and could be decrypted on any OS newer than HS. It would decrypt just like a mavericks download from someone who owned it.

I can download that MAS APP directly from my account and it is not good without heavy modifications. The one being downloaded with the script is similar to what you can get from the recovery partition which is a different animal.

 

[Wowfunhappy]

Side note: Why is it not possible to just recreate the XAR InstallESD.dmg? Sure, the XAR's other files would not be able to be downloaded from Apple but the actual disk image InstallESD.dmg inside the XAR InstallESD.dmg could be downloaded from Apple.

Because the package seemingly needs to be codesigned:

I have attempted the low hanging fruit of prepending a few bytes of data to InstallESD.dmg and updating its footer metadata so the offset would not start at 0 (as well as updating the offset of the XML property list to match). This made the install process progress past the "pkgdmg is missing a footer" step, however it now fails with "pkgdmg is not signed or altered".

I can download that MAS APP directly from my account and it is not good without heavy modifications. The one being downloaded with the script is similar to what you can get from the recovery partition which is a different animal.

...are you saying if I redownload Mavericks from my purchase history today, I'm not getting the same app I would have gotten if I'd downloaded it in 2014? I wasn't aware that Mavericks downloads from purchase history were broken. I have access on my account but I admittedly haven't tried in a long time.

Isn't it just downloading http://osxapps.itunes.apple.com/app...2194ba4d688a/encrypted5063122388219779779.pkg, the same as it always has? If we could just find the encryption key, which I believe is what WatterOtter78 is trying to get, we'd have a download that would work for everyone.

---

All of this said: to be entirely honest, I don't understand the purpose of this line in inquiry. We are now able to download Mavericks installer images from Apple's official OS recovery server, which anyone can use to install Mavericks on a compatible computer. The installer itself is not bit-for-bit identical with what you would get from the app store, but it is an official Mavericks installer, just for the recovery boot pathway rather than the app store pathway.

I guess the only annoying thing is that if you currently have a Mac with e.g. Lion installed, you can't do a live upgrade to Mavericks, you need to create a USB installer and reboot into the installer. How many people are really in this situation?

I am a little concerned that Apple could eventually ban the donated Mac identifiers the script relies on, but they haven't yet and I don't think they care about this at all.

(I would still like to get WatterOtter78 an mitm app store capture if/when I can, I just have a lot of open projects right now and relatively little time to focus on them.)

 

[startergo]

...are you saying if I redownload Mavericks from my purchase history today, I'm not getting the same app I would have gotten if I'd downloaded it in 2014?

Yes all MAS downloads now have their InstallESD.dmg as XAR (legacy downloads) whereas the original were pure compressed images. This is the reason Apple came up with repackaged installers and the only one missing is for Mavericks.

 

[WaterOtter78]

Because the package seemingly needs to be codesigned:




...are you saying if I redownload Mavericks from my purchase history today, I'm not getting the same app I would have gotten if I'd downloaded it in 2014? I wasn't aware that Mavericks downloads from purchase history were broken. I have access on my account but I admittedly haven't tried in a long time.

Isn't it just downloading http://osxapps.itunes.apple.com/app...2194ba4d688a/encrypted5063122388219779779.pkg, the same as it always has? If we could just find the encryption key, which I believe is what WatterOtter78 is trying to get, we'd have a download that would work for everyone.

---

All of this said: to be entirely honest, I don't understand the purpose of this line in inquiry. We are now able to download Mavericks installer images from Apple's official OS recovery server, which anyone can use to install Mavericks on a compatible computer. The installer itself is not bit-for-bit identical with what you would get from the app store, but it is an official Mavericks installer, just for the recovery boot pathway rather than the app store pathway.

I guess the only annoying thing is that if you currently have a Mac with e.g. Lion installed, you can't do a live upgrade to Mavericks, you need to create a USB installer and reboot into the installer. How many people are really in this situation?

I am a little concerned that Apple could eventually ban the donated Mac identifiers the script relies on, but they haven't yet and I don't think they care about this at all.

(I would still like to get WatterOtter78 an mitm app store capture if/when I can, I just have a lot of open projects right now and relatively little time to focus on them.)

The mac identifiers are what I am worried about, and I also just think it would be cool to have an official .app 🙃

 

[Patrice Brousseau]

The downloader script will now save the following additional script (as Create Bootable Installer.command) in the same directory as InstallMacOSXMavericks.dmg:

#!/bin/sh
set -e
cd "`dirname "$0"`"

asr imagescan --source InstallMacOSXMavericks.dmg
[HR][/HR]
[HR][/HR]
did_find_volume="false"
while [ $did_find_volume == "false" ]
do
    printf "Please enter the volume name of your USB flash drive: "
    read target_volname

    if df -l | grep -q "/Volumes/$target_volname"
    then
        did_find_volume=true
    else
        echo
        echo "Could not find a volume named $target_volname. Found these volumes:"
        df -l | awk -F'/Volumes/' '{print \$2}' | grep -v '^$'
        echo
    fi
done

printf "WARNING: All data on $target_volname will be erased. Continue? (yes/no) "
read confirmation
if [ "$confirmation" != "y" ] && [ "$confirmation" != "yes" ]; then
    echo "Exiting. No changes have been made."
    exit 1
fi

disk_identifier=$(diskutil list /Volumes/"$target_volname" | head -n 1)
sudo diskutil partitionDisk $disk_identifier GPT jhfs+ "$target_volname" 100%
sudo asr restore --source InstallMacOSXMavericks.dmg --noprompt --target /Volumes/"$target_volname" --erase

Thanks for your work! I successfully downloaded the script and the installer creation went like magic.

However, when running the script to build an USB bootable key, it throwed an error. Then, I’ve ran the lines separately in Terminal and it worked with a little mod: « sudo diskutil partitionDisk $disk_identifier GPT jhfs+ "$target_volname" - 100% »

(100% preceded by « - »)

The error I got was something like « not possible to create this file system format , see Diskutil man page », when invoking the script.

Just to be precise, in my case, what worked:

sudo asr imagescan --source InstallMacOSXMavericks.dmg

… then

sudo diskutil partitionDisk disk10 GPT jhfs+ UNTITLED - 100%

… then finally

sudo asr restore --source InstallMacOSXMavericks.dmg --noprompt --target /Volumes/UNTITLED

***Disk10 was obviously the number I got with diskutil list.

***Yes, I could have tried the script with the mod but I don’t want to mess with my actual USB installer…

 

[Wowfunhappy]

However, when running the script to build an USB bootable key, it throwed an error. Then, I’ve ran the lines separately in Terminal and it worked with a little mod: « sudo diskutil partitionDisk $disk_identifier GPT jhfs+ "$target_volname" - 100% »

Thank you. Anyone happen to know what - means to diskutil?

 

[splifingate]

Maybe (from % man diskutil [partitionDisk ...]):

In addition to explicitly-requested partitions, space (gaps) might be allocated to satisfy certain filesystems' position and length alignment requirements; space might be allocated for possible future booter partition insertion; and indeed, actual booter partitions might be implicitly created.

diskutil is rather forgiving (in some confusing ways), and it seems the triplet has been satisfied in the aforementioned action, but the " - " may be a gap-fill, or just a code-hack (surely diskutil code is not in its ultimate state?!).

 

[Patrice Brousseau]

Thank you. Anyone happen to know what - means to diskutil?

Has someone reported back that the original complete script worked? Maybe it’s on my side, even though I tried it on two different Mojave computers resulting with the cryptic diskutil failed message.

 

[Patrice Brousseau]

The exact message I get when running the script:
(external, does not appear to be a valid file system format or partition type
Use diskutil listFilesystems to view a list of supported file systems

For reference, I used a few seconds ago, as a test, an USB stick named « MBP » with the following answers in Terminal:

Please enter the volume name of your USB flash drive: MBP

Then, answered « yes » … and resulting cryptic message. Something I did wrong? Should I enter something else in « volume name »?

 

[startergo]

Has someone reported back that the original complete script worked? Maybe it’s on my side, even though I tried it on two different Mojave computers resulting with the cryptic diskutil failed message.

The original script worked for me. I did not have any issues

 

[Patrice Brousseau]

The original script worked for me. I did not have any issues

Probably something on my side then, OS used (Mojave), hardware, dunno?

Anyway, running the lines inside the script one by one worked so all is well.

Thanks for the report!

 

[Wowfunhappy]

Maybe (from % man diskutil [partitionDisk ...]):

In addition to explicitly-requested partitions, space (gaps) might be allocated to satisfy certain filesystems' position and length alignment requirements; space might be allocated for possible future booter partition insertion; and indeed, actual booter partitions might be implicitly created.

I think this is just saying that diskutil will automatically add additional partitions if needed, I don't think it should change the command?

@Patrice Brousseau What made you think to add `-` in the first place? To be clear, I want to add your fix since it made it work for you and it doesn't seem to break anything on my end, but I want to make sure I understand what I'm doing!