idevicerestore 应用程序完全重新实现了将固件恢复到设备过程中执行的所有精细步骤。通常情况下，可以进行iOS设备的升级和降级，但前提是有Apple 提供用于对固件文件进行签名的 SHSH blob。该软件自 2010 年开发，是目前公认可行的IOS设备固件非官方恢复方式。该软件包也隶属于libimobiledevice，拥有一系列的开发者维护。

idevicerestore部分主要功能如下：

• 恢复：更新 iOS 设备上的固件
• 固件：使用官方 IPSW 固件存档文件或目录作为源
• 更新：允许默认更新设备或清除所有数据
• 下载：按需下载设备的最新可用固件
• 缓存：下载的固件文件将缓存在本地
• 自定义固件：恢复自定义固件文件（需要 bootrom 漏洞）
• 基带：允许您跳过 NOR/基带升级
• SHSH：获取 TSS 记录并将其保存为“.shsh”文件
• DFU：将设备置于破解的 DFU 模式（仅限 limera1n 设备）
• AP 票证：使用文件中的自定义 AP 票证
• 跨平台：已在 Linux、macOS、Windows 和 Android 平台上测试

更多可以查看github介绍。

Ubuntu下安装idevicerestore。
libimobiledevice官方只将usbmuxd、libimobiledevice6、libimobiledevice-utils等几个包打包发布，所以idevicerestore得安装需要自己编译。
第一步：安装usbmuxd等一些官方打包好的包。

sudo apt install usbmuxd libimobiledevice6 libimobiledevice-utils

第二步：采用git的方式安装所有其它包。
安装顺序分别是：

• 1）libtatsu

首先git下载（确保机器已安装git，sudo apt install git）：

https://github.com/libimobiledevice/libtatsu.git

接着安装依赖包：

sudo apt-get install \
      build-essential \
      pkg-config \
      checkinstall \
      git \
      autoconf \
      automake \
      libtool-bin \
      libplist-dev \
    libcurl4-openssl-dev

在git下来的libtatsu文件夹中打开终端，输入：

./autogen.sh
make
sudo make install

编译安装完成
需要注意的是：
./autogen.sh步骤提示会缺哪些包 ，如果是libimobiledevice.org中的包可以采用类似的git方法先安装，其它包可以先升级更新系统（sudo apt update&upgrade）或网上搜索解决。

• 2）libplist

首先git下载：
git clone https://github.com/libimobiledevice/libplist.git
其余步骤类似1），不同的依赖包可以从git下载的文件夹（比如本步骤是libplist文件夹）下的README.md文件中对应寻找。
其余步骤重复：

./autogen.sh
make
sudo make install

完成编译安装。

• 3）libimobiledevice-glue

步骤重复上，git地址：

git clone https://github.com/libimobiledevice/libimobiledevice-glue.git

同上步骤完成编译安装。

• 4）libirecovery

步骤重复上，git地址：

git clone https://github.com/libimobiledevice/libirecovery.git

同上步骤完成编译安装。

• 5）idevicerestore

步骤重复上，git地址：

git clone https://github.com/libimobiledevice/idevicerestore.git

同上步骤完成编译安装。
最后输入：

idevicerestore -help

查看是否正常，如果提示：

idevicerestore: error while loading shared libraries:
libirecovery-1.0.so.5: cannot open shared object file: No such file or
directory

可能是由于没有更新配置共享库缓存，输入

sudo ldconfig 

即可解决。正常输入idevicerestore -help，显示如下：

Usage: idevicerestore [OPTIONS] PATH

Restore IPSW firmware at PATH to an iOS device.

PATH can be a compressed .ipsw file or a directory containing all files
extracted from an IPSW.

OPTIONS:
  -i, --ecid ECID       Target specific device by its ECID
                        e.g. 0xaabb123456 (hex) or 1234567890 (decimal)
  -u, --udid UDID       Target specific device by its device UDID
                        NOTE: only works with devices in normal mode.
  -l, --latest          Use latest available firmware (with download on demand).
                        Before performing any action it will interactively ask
                        to select one of the currently signed firmware versions,
                        unless -y has been given too.
                        The PATH argument is ignored when using this option.
                        DO NOT USE if you need to preserve the baseband/unlock!
                        USE WITH CARE if you want to keep a jailbreakable
                        firmware!
  -e, --erase           Perform full restore instead of update, erasing all data
                        DO NOT USE if you want to preserve user data on the device!
  -y, --no-input        Non-interactive mode, do not ask for any input.
                        WARNING: This will disable certain checks/prompts that
                        are supposed to prevent DATA LOSS. Use with caution.
  -n, --no-action       Do not perform any restore action. If combined with -l
                        option the on-demand ipsw download is performed before
                        exiting.
  --ipsw-info           Print information about the IPSW at PATH and exit.
  -h, --help            Prints this usage information
  -C, --cache-path DIR  Use specified directory for caching extracted or other
                        reused files.
  --logfile=PATH        Write logging output to file at PATH. If PATH equals
                        'NULL' or 'NONE', no log file will be written.
  -d, --debug           Print additional debug output
  -v, --version         Print version information

Advanced/experimental options:
  -c, --custom          Restore with a custom firmware (requires bootrom exploit)
  -s, --server URL      Override default signing server request URL
  -x, --exclude         Exclude nor/baseband upgrade (legacy devices)
  -t, --shsh            Fetch TSS record and save to .shsh file, then exit
  -z, --no-restore      Do not restore and end after booting to the ramdisk
  -k, --keep-pers       Write personalized components to files for debugging
  -p, --pwn             Put device in pwned DFU mode and exit (limera1n devices)
  -P, --plain-progress  Print progress as plain step and progress
  -R, --restore-mode    Allow restoring from Restore mode
  -T, --ticket PATH     Use file at PATH to send as AP ticket
  --variant VARIANT     Use given VARIANT to match the build identity to use,
                        e.g. 'Customer Erase Install (IPSW)'
  --ignore-errors       Try to continue the restore process after certain
                        errors (like a failed baseband update)
                        WARNING: This might render the device unable to boot
                        or only partially functioning. Use with caution.

Homepage:    <https://libimobiledevice.org>
Bug Reports: <https://github.com/libimobiledevice/idevicerestore/issues>