For iPhone6s 13.3.1.

1. On MacOS
   1. $ bash create.sh iPhone8,1 13.3.1
   2. Put your iPhone in DFU mode.
   3. $ sudo bash pwndfu.sh
   4. $ sudo bash load.sh
   5. Once the ramdisk has loaded and you see the apple logo with a gray bar, run ./resources/tcprelay.py -t 22:2222 to start the SSH proxy.
   6. If no python, download and open Sliver from appletech752 website and install python when it asks.
   7. $ ssh root@localhost -p 2222 # password is alpine.
2. Remote command on iPhone ramddisk.
   1. $ bash /usr/bin/mount_root # to mount the root filesystem on /mnt1
   2. $ bash /usr/bin/mount_data # to mount the data partition on /mnt2
3. You can rescue data on your iPhone via any sftp clients.

Reference:

• ramdisk tool v0.17.1
• https://www.reddit.com/r/setupapp/comments/w1irgx/how_to_boot_a_ssh_ramdisk_on_64bit_devices/