Decrypting 7.0 firmware

Posted: September 26, 2013

Decrypting the firmware will give you access to the graphics, applications, audio files and various other system files used on the iPhone. Decryption keys are posted at the iPhone Wiki here. As of the posting of this tutorial, only the iPhone 4 firmware can be decrypted.

Step 1.

If you haven't already downloaded iPhone 4, 7.0 firmware from Apple, then you can download it here:,1_7.0_11A465_Restore.ipsw

Note: Safari likes to open "safe" files by default. You must turn this feature off for this download to work correctly. Click "Safari", select "Preferences", from the "Geneal" tab uncheck the box that says "Open "safe" files after downloading". Otherwise just use Firefox to download this firmware file.

If the file you downloaded says .zip at the end, great. If the file you downloaded says .ipsw at the end then rename it. Double click the .zip file to decompress it. You should now have a folder.


Step 2.

VFDecrypt no longer works for decrypting iOS firmware since 6.0 was released. There is a new tool that @Planetbeing discovered. Your can view the XPwn site here. If you dont' like compiling your own programs, "ethanarb" over at the forums compiled it already. You can download it from the thread at the forum here. I used the download from post #10.

Decompress the zip and you'll have a binary named dmg. This is the program you need.


Now put this program into the folder with your decompressed firmware.


Step 3.

Open a Finder window, click Applications, click Utilities, and launch the

In the Terminal window that opens, enter   cd

Now drag the iPhone Restore folder into the Terminal window. The path to this folder will automatically be pasted in after cd. Press enter.

A break down of the command you will enter into the Terminal from below is:
  • ./dmg is what you need to enter to run the program.
  • Extract is what you want the program to do.
  • 038-3447-395.dmg is the specific file you want to decrypt.
  • decoded.dmg is what I told the dmg program to call the file it decrypts when it saves it.
  • -k is the flag you use to enter the key needed to decrypt the file.
  • 89d4dadced94577508999a1ce2a08b346328d9b25ad4e63b4220ce441cce35cf9e0a108b is the key needed to decrypt the file. You can get these keys here. You can see by visiting this page that there are numerous keys for other files in this specific firmware.
Now enter the following command to decrypt the firmware. You can copy and paste this.

./dmg extract 038-3447-395.dmg decoded.dmg -k 89d4dadced94577508999a1ce2a08b346328d9b25ad4e63b4220ce441cce35cf9e0a108b

Press enter. Lots of text will scroll by and you will be returned to a system prompt when it has finished. Do not interrupt this process. It may take 30 seconds or so.



You will now see the decoded.dmg file in your firmware folder.


Double click the decoded.dmg file and you'll have access to many of the files and programs in this firmware.


Return to top of page