iOS | iPhone Jailbreak – How to Jailbreak Apple Devices

iPhone Jailbreak

iOS jailbeaking is the privilege escalation that is the act of utilizing bug, design flow or configuration errors in an operating system or software application to obtain raised  ingress  to resources which are  mostly secured  from user or an application. It is an application with additional prerogatives than the application developer or system administrator intend can perform unauthorized actions. Majority numbers of computer systems are designed to manipulate with many user accounts. This capability called as privileges. There are some common features in it. They are viewing, modifying system files or editing files. Privilege escalation is users have given privileges which they are not authorized to. These privileges are able view private information, delete files or install unwanted programs. It normally happens when system has a bug which lets security to be alternatively or bypassed. It has flawed design hypothesis about how it will be worked. They transpire in two forms which are vertical privilege escalation (privilege elevation) and horizontal privilege escalation. Vertical privilege escalation uses in a application accesses functions or content reserved for higher privilege users or applications such as internet banking users have ability to access site administrative functions or the password for a smartphone can be dodged or lower privilege users.  Horizontal privilege escalation uses in content reserved for other normal users which is internet banking user 1 accesses the internet bank account of user 2 or normal user accesses functions.

iOS jailbreaking  uses for removing software limitations which are forced Apple devices on iOS ,watchOS and tvOS operating systems.  It has usually done by using a series of kernel patches. It authorizes root access in iOS which is letting the installation of software that is unavailable through the official Apple App store.  Jailbreaks prevent allowing unsigned code, reading and writing to the root file. Unfettered app installation and the increased privileges permit customization are not available in stock devices.  

Generally, it adds an unofficial application installer to user’s device and it allow to user download 3rd party applications, extensions (unavailable in App store) and tweaks. These features give countless feasibility which non-jailbroken iOS device cannot be reached. There is a largest and famous of these applications which are called as “Cydia”. 

Cydia

Cydia is a package manager mobile app. it is only for iOS operating system. Cydia allows to user install and find software which are unauthorized by Apple on jailbroken iPhones,iPads and iPod touch devices. Jay Freeman (saurik) developed it. On 28th February 2008, it has been initially released. Then it has been officially released on 16th February 2017. Cydia is accessible in several languages. They are English, Italian, Chinese, Greek, German, Dutch, and polish, Arabic, Vietnamese and Spanish etc.  a large number of software packages accessible through Cydia are free of charge.  Even though some require has taken. Cydia gives GUI (Graphical User Interface) to jailbroken users using APT (Advanced Packaging Tool) supplies to install software where unavailable on the App store. It is based on APT (Advanced Packaging Tool) which is port to iOS as part of developer’s Telesphoreo project.

Apps are installed to the same location where Apple’s own application that” /Applications” directory. Software packages are downloaded directly to the iOS. It can also download and buy apps normally from the official App store. A lot of jailbreaking tools automatically install cydia. Jail breaking tools support a specific set of iOS versions and devices. 

Most of standard applications are available in Cydia. Most packages are modifications and extensions for the iOS interface and for apps in the iOS ecosystem. Cydia accesses users to find and install open source packages and buy modification for jailbroken iPhones. These modifications are based on a “Cydia Substrate” framework. Formally it is called as MobileSubstrate. It makes comparatively easy to install and update modifications. Unix command line tools are available on Cydia which are including OpenSSH,coreutils and bash. Without many development tools device could possibly be used as a Full-fledged UNIX workstation.

iOS “signature ” exploit

Cydia cashes the digital signatures. It is called a SHSH blob which is used by Apple to verify restores of iOS. Its storage implementations access user to downgrade a device to a prior version of iOS. That is an advantageous of replay attack. As an example, if someone has a jailbroken device who upgrade to a non-jailbreakable version iOS,it can choose to downgrade back to a jailbreakable version.

Advantages of Jailbreak

  • To install third party applications and powerful jailbreak tweaks

It tweaks that apple would not or could not approve in the App Store. Almost Tweaks do not exist on the App store at all and they are not applications. It will be extensions, adjustments or additions to already installed applications.  As well as it will be to the operating system itself.

As an example Apple doesn’t authorize you to customize general user interface of user’s device. But user can customize through using one of these jailbreak tweak. There are many tweaks which van completely change user iPhone’s looks. They can change icons, adding more than four applications to the dock, hiding icon names, adding dark modes and applying an entire theme and sound and all.

Functionality tweaks are popular one and it brings subtle improvements. They are swiping across the keyboard to move the text cursor than magnifying glass, installing apps from unknown sources, displaying Wi-Fi and strength information and further details, connecting wirelessly devices via SSH, turning off read receipt I  third party messenger applications and setting device to perform complex events in response to certain button combinations etc. 

  • Lock Apps

It focuses on security and privacy. iOS 12 looks a native app locking functionality which means user will not able to protect installed apps on user’s phone from being launched by usin TouchID, FaceID or  passcode. Therefore it was added BioProtectX jailbreak tweak. Therefore user can lock almost system functionality and any app on user’s iPhone device usin TouchID or faceID.

  • Themes

After jailbreaking user’s iPhone is that user obtain access to themes. User can completely change look. Based on user’s choices, user can change system icons and system UI accents, give the dock a new look and further.

  • Fliza

It is a native files app as a part of iOS 11 and improved it more in iOS 12.  Contradictory its name, files is not a full blown file manager. It does not give one access to the system files or internal storage. It is difficult to manage user’s files manually. Therefore it becomes a piesce of cake on a jailBroken iPhone. It is easier to manage user’s files using  Fliza than manage them using manually.  There is a main reason for many users to jailbreak their iPhone, it is getting access to a full-blown file manager in itself.

  • Aperturize

Apple’s A-series chip has being extremely powerful. It gives features like portrait blur adjustment feature. The jailbreak tweak only works on iPhones with a dual camera.

  • System – wide Dark Mode

Apple ended up attaching a dark mode to macOS Mojave first.  Eclipse Dark Mode for iOS 12 was updated for iOS 12 and even comes with a dark mode for websites. There are plenty of other customization options in it.

Disadvantages of Jailbreak

  • User will become susceptible to many threats
  • Downloading tweaks from any harmful repo

Legitimacy of jailbreaking

                              It is completely in US. In 2010, jailbreaking was implicated to be illegal by the US government, due to relevance in violation of copyright litigation. Although for many years now the government has periodically verify the status of jailbreaking as explicit legal and free it from broader issues of copyright law.

               But the act of jailbreaking is not illegal. If any crimes user commit on the device remain illegal. If user it to illegally download paid apps for illegally free or torrent movies. Then user is still breaking the law.  Stick to user‘s jailbreak to set up user’s device the way you need it, not to steal.

How to jailbreak to device?

  • iOS 12.1.3

There are presently no public uses for iOS 12.1.3 or higher and all jailbreakable firmware are unsigned. Therefore cannot downgrade to them. There are block updates, stay on the lowest firmware possible and wait for the next jailbreak to come along.

  • iOS 12.0-12.1.2
    • unc0ver: for iPhone X and older, all devices excluding A12 and A12X
    • Chimera: all devices including A12 and A12X. For iPhone XR, 11” iPad Pro (2018), 3rd generation 12.9” iPad Pro (2018) users.
  • iOS 11.0-11.4.1
    • unc0ver: all devices
    • Electra1141: all devices
  • iOS 10.0-10.3.3
    • TotallynotSpyware
    • Doubleh3lix
    • Meridian
    • H3lix
  • iOS 9.3.5
    • Phoenix:
    • 64- bit devices:
  • iOS 9.3.4
    • home Depot
    • 64- bit devices:
  • iOS 9.2-9.3.3
    • Pangu for Mac and windows and Linux:
    • Home Depot:
  • iOS 9.1
    • Pangu for Mac and Windows:
    • Home Depot:
  • iOS 9.0-9.0.2
    • Pangu for Mac-Windows
  • iOS 8.4.1
    • EtasonJB: 32- bit device only
    • 64-bit devices: no jailbreak available
  • iOS 8.3-8.4
    • TaiG for Mac- windows
  • iOS 8.0- 8.1.2
    • TaiG for windows
    • PP for Mac
  • iOS 8.0-8.1
    • Pangu for Mac- windows
  • iOS 7.1-7.1.2
    • Pangu for Mac- windows
  • iOS 7.0-7.0.6
    • evasi0n7 for Mac- Windows
  • iOS 6.1.3-6.1.5
    • RedSn0w+ p0sixpwn: iPhone 4,iPhone 3GS and iPod touch 4G only
  • iOS 6.0- 6.1.2
    • evasi0n: for all devices
  • iOS 5.1.1
    • Absinthe : for all devices
  • iOS 5.1
    • RedSn0w: all other iOS devices
    • Seas0nPass: Apple TV 2
  • iOS 5.0.1
    • iPhone 4S: Absinthe( Mac- windows), CLI(Windows and Mac), RedSn0w
    • iPhone 4: RedSn0w(Mac- Windows), PwnageTool
    • iPhone 3GS: RedSn0w( Mac- Windows), PwnageTool
    • iPad 2: Absinthe ( mac- Windows), CLI(Windows and Mac)
    • iPad 1: RedSn0w( Mac- Windows),PwnageTool
    • iPod touch 4G: RedSn0w (Mac – Windows), PwnageTool
    • ipod touch 3G: RedSn0w(Mac – Windows), PwnageTool
  • iOS 5.0
    • iPhone 4S: Absinthe (Mac – Windows), CLI(Windows and Mac), RedSn0w
    • iPhone 4: RedSn0w
    • iPhone 3GS: RedSn0w
    • iPad 2: no jailbreak available
    • iPad 1: RedSn0w
    • iPod touch 4G: RedSn0w
    • iPod touch 3G: RedSn0w
  • tvOS 4.4.4
    • Apple TV 2 : Seas0nPass
  • iOS 4.3.5
    • iPhone 4 : RedSn0w
    • iPhone 3GS: RedSn0w
    • iPad 2: no jailbreak available
    • iPad 1: RedSn0w
    • iPod touch 4G: RedSn0w
    • iPod touch 3G: RedSn0w
  • iOS 4.3.4
    • iPhone 4: RedSn0w
    • iphone 3GS: RedSn0w
    • iPad 2: no jailbreak available
    • iPad 1: RedSn0w
    • iPod touch 4G: RedSn0w
    • iPod touch 3G: RedSn0w
  • iOS 4.3.3
    • iPhone 4: JailbreakMe –RedSn0w- PwnageTool- Sn0wBreeze
    • iPhone 3GS: JailbreakMe –RedSn0w- PwnageTool- Sn0wBreeze
    • iPad 2: JailbreakMe
    • iPad 1: jailbreakMe- RedSn0w-pwnageTool-Sn0wBreeze
    • Apple TV 2: Seas0nPass
  • iOS 4.3.2
    • iPhone 4: JailbreakMe- RedSnow-PwnageTool- Sn0wBreeze
    • iPhone 3GS: JailbreakMe- RedSnow-PwnageTool- Sn0wBreeze
    • iPad 1: JailbreakMe- RedSnow-PwnageTool
    • iPod touch 4G: JailbreakMe- RedSnow-PwnageTool- Sn0wBreeze
    • iPod touch 3G: JailbreakMe- RedSnow-PwnageTool- Sn0wBreeze
  • iOS 4.3.1
    • iPhone 4, iPhone 3GS: JailbreakMe- RedSnow-PwnageTool
    • iPad 1: JailbreakMe
    • iPod touch 4G,3G : JailbreakMe- RedSnow-PwnageTool- Sn0wBreeze
  • iOS 4.2.8
    • iPhone 4: Jailbreakme – Sn0wBreeze
  • iOS 4.2.1
    • iPhone 4, iPhone 3GS, iPhone 3G: RedSn0w – GreenPois0n – PwnageTool
    • iPod touch 4G, iPod touch 3G, iPod touch 2G: RedSn0w – GreenPois0n – PwnageTool
  • iOS 4.1
    • iPhone 4: PwnageTool- GreenPois0n(Recommended) – LimeRa1n
    • iPhone 3GS: PwnageTool – GreenPois0n(Recommended) –  LimeRa1n
    • iPhone 3G: RedSn0w – PwnageTool
  • iOS 4.0.2
    • Jailbreak iPhone 4 iOS 4.0.2 with LimeRa1n
    • Jailbreak iPhone 3GS  iOS 4.0.2 with LimeRa1n
    • Jailbreak iPhone 3G  iOS 4.0.2 with RedSn0w
  • iOS 4.0.1
    • Jailbreak iPhone 4 iOS 4.0.1 with JailbreakMe.
    • Jailbreak iPhone 3GS iOS 4.0.1 with JailbreakMe.
    • Jailbreak iPhone 3G iOS 4.0.1 with JailbreakMe.
  • iOS 4.0
    • Jailbreak iPhone 4 iOS 4.0 with JailbreakMe.
    • Jailbreak iPhone 3GS iOS 4.0 with JailbreakMe.
    • Jailbreak iPhone 3G iOS 4.0 with JailbreakMe.
    • Jailbreak iPhone 3GS iOS 4 with PwnageTool.
    • Jailbreak iPhone 3GS  iOS 4  with PwnageTool.
  • iPhoneOS 3.2.1
    • Jailbreak iPad 1 with JailbreakMe
  • iPhoneOS 3.2
    • Jailbreak iPad 1 with Spirit
  • iPhoneOS 3.1.3
    • iPhone 3GS: Spirit (Recommended) – PwnageTool (upgrading)
    • iPhone 3G: Spirit (Recommended) – RedSn0w – PwnageTool
    • iPhone 2G: Spirit (Recommended) – RedSn0w – PwnageTool
  • iPhoneOS 3.1.2
    • iPhone 3GS: RedSn0w – PwnageTool – BlackRa1nRC3
    • iPhone 3G: RedSn0w – PwnageTool – BlackRa1nRC3
    • iPhone 2G: RedSn0w – PwnageTool – BlackRa1nRC3
  • iPhoneOS 3.1
    • iPhone 3GS: BlackRa1n – PwnageTool (macOS) – windows
    • iPhone 3G: BlackRa1n – PwnageTool(macOS)
    • iPhone 2G: BlackRa1n – PwnageTool (macOS)
  • iPhoneOS 3.0.1
    • iPhone 3GS : RedSn0w
    • iPhone 3G : RedSn0w
    • iPhone 2G : RedSn0w
  • iPhoneOS 3.0
    • iPhone 3GS: RedSn0w – PurpleRa1n
    • iPhone 3G: PwnageTool(Mac) – RedSn0w( PC and Mac)
    • iPhone 2G: PwnageTool – RedSn0w
    • iPod touch 2G: RedSn0w
  • tvOS
    • Apple TV 3
      • Downgrade now to tvOS 8.4.2, build(12H606) specifically
    • tvOS 12.1.2
      • Apple TV 4 only
      • For a jailbreak on an older firmware, downgrade to tvOS 10.2.2 and use backr00m.
    • tvOS 12.0 – 12.1.1
      • Chimera TV and all eligible devices
    • tvOS 11.4 – 11.4.1
      • for an older firmware
      • downgrade to tvOS 10.2.2
      • use backt00m
      • Apple TV 4 only
    • tvOS 11.2 -11.3
      • ElectraTV
      • For eligible devices
    • tvOS 11.0 – 11.1
      • backr00m
      • for all eligible devices
    • tvOS 10.2.2
      • backr00m
      • all eligible devices
    • tvOS 9.0 – 10.2.1
      • upgrade to tvOS 10.2.2
      • use backr00m
    • tvOS 9.1 – 10.1
      • upgrade to tvOS 10.2.2
      • use backr00m
      • for a jailbreak without upgrading to tvOS 10.2.2
      • use LiberTV
    • tvOS 9.0 – 9.1
      • upgrade to tvOS 10.2.2
      • use backr00m
      • For a jailbreak without upgrading to tvOS 10.2.2
      • Use Pangu
    • tvOS 6.2.1
      • Seas0nPass
      • Apple TV 2 only
      • TETHERED
    • tvOS 4.3 – 5.3
      • Seas0nPass
      • Apple TV 2 only
      • UNTETHERED

Jailbreak with Unc0ver

  1. Download the most newly version of unc0ver from Pwn20wnd’s Github page
  2. Download Cydia Impactor on computer and launch it
  3. Connect iPhone, iPad or iPod touch to your computer with an MFi- certified Lightning cable
  4. Click and drag the unc0ver.
  5. Sign in with Apple ID when prompted.
  6. Cydia impactor will now begin side-loading the unc0ver jailbreak app on device
  7. Once installed, go to Settings -> general -> Profiles and Device Management and tap on Apple ID
  8. Next, tap on blue Trust button, and then tap on the red Trust button inside the pop up that appears
  9. After taking the recommended steps and tap on the rec0ver icon from Home screen.
  10. Next tap on the blue Jailbreak button in the unc0ver app
  11. Once finished, find Cydia on Home screen

Jailbreak with Chimera

  1. Download the recent version of Chimera from the official Chimera website.
  2. Download Cydia Impactor on computer and launch it.
  3. Connect iPhone,iPad or iPod touch to computer with Lightning or USB-C cable(depending on device)
  4. Click and drag the Chimera.
  5.  Enter valid Apple ID when prompted one.
  6. Sign in with your Apple ID password when prompted to
  7. Cydia impactor will begin-side loading Chimera jailbreak app to iOS device
  8. Once installed, go to Settings -> General -> Profiles and Device Management and tap Apple ID
  9. Next tap on the blue Trust button, and then tap on the red Trust button inside the pop up that appears
  10. After following those steps, tap on the Chimera app on device’s home screen.
  11. Next tap on the round jailbreak button in the Chimera app.
  12. Once finished, the Chimera jailbreak app will confirm that you are jailbroken.
  13. Sileo sould be displayed on Home Screen alongside the Chimera jailbreak app.

Jailbreak iOS 11.4-11.4.x with Elevtra1141

  1. Download the Electra1141.ipa from the official website.
  2. Plug device into computer, and launch Cydia Impactor.
  3. Once plugged device is listed in Impactor, drag the Electra application onto Impactor to sideload it.
  4. Enter Apple ID when prompted. Then enter Apple ID password when prompted. If user ha two step authentication active on account user will need and app specific password for this step.
  5. Once the app is on device, head to Setting-> General -> Profiles and Device management -> [Apple _ID] and hit trust.
  6. Launch Electra from Home screen
  7. Now have to do is hit Jailbreak to start the process.
  8. While tool has run, installed Cydia and resprung, back at the Home screen. See Cydia and launch it.
  9. Remove the repo666.ultrasnow.com repo. That may give errors and install an essential upgrade. (user install Sileo , then leave up to user)
  10. Install a package to protect guard everything is working.  It will install substitute and other essential packages too, depend on user’s desire. Then user can see the Cydia homepage and a selection of core packages installed on the device.

Best jailbreak tool

Tools only work on certain set of firmware before being patched. Therefore they are continuously being replaced and updated. Users use one tool to jailbreak iOS 7.1.2 for example and another for iOS 11.3.  Hence it depend on which jailbreaks the firmware, currently on the user device.  Sometimes there are multiple tools for the same firmware.

Different types of jailbreak

There are 4 types of jailbreaks. They are tethered, semi-tethered, semi- untethered and untethered. Tethered, semi-tethered are uncommon.  They are not much use to the average user. All recent jailbreaks have been semi- untethered that after every reboot user should re-run the jail break app on user device. This reactivates jailbreak to allow user to use tweaks. User device will work normally as a stock un-jailbroken until user does this. Untethered jailbreaks have become rare due to difficulty building them. User can reboot device without having to re-jailbreak each time.

Latest jailbreakable iOS

Latest jailbreakable iOS version is iOS 12.1.2. The latest tools are unc0ver and Chimera. Both are supporting iOS 12.0 – 12.1.2.

The recent jailbreak tool support firmwares upto iOS 12.1.2.

The latest jailbreakable tvOS version is tvOS 12.1.1. It with ChimeraTV for the Apple TV  4 and TV 4K.

If user iOS device is jailbroke and user decide to update it to the latest version of iOS. Then user will lose the jailbreak.

Vidura Dananjaya

Admin of Get Basic Idea / Senior Solution Architect.

Leave a Reply

Your email address will not be published. Required fields are marked *