If a device is stuck in a boot loop due to a corrupted filesystem, standard DFU will force a restore (erasing data). However, using ipwndfu, researchers can boot a custom ramdisk to mount the partition read-only and extract user data before a full wipe.
Researchers use python ipwndfu --dump-rom to extract the entire bootROM (typically 32KB to 64KB). Analyzing this ROM helps find new vulnerabilities (or verify that Apple didn’t silently update the mask ROM – which they can’t). ipro pwndfu