This is the complete guide for beginners to understand what is the Jailbreak, Types Of Jailbreak, Latest Jailbreak Tools, Jailbreak History, Package managers & Jailbreak Solutions.
Table of contents:
- Latest Jailbreak Tools
- Packdge managers & Jailberak Solutions.
- Jailbreak History
- Common FAQ’S
- Video Guide
What is Jailbreak?
Jailbreak is a process that helps us to elevate privileges in iOS systems, It’s giving us the possibility of breaking a lot of security mechanisms.
Definitely, Jailbreak can be compared with the process of rooting in devices that run Android, although it is important to note with respect to jailbreak that it refers only to the process of breaking the security mechanisms imposed by Apple in order to elevate privileges over it.
Continue To – History Of Jailbreak
Types Of Jailbreak
Although when it comes to jailbreaking a device we talk about “types” of jailbreak, we could rather say that each of these refers to the virtues and limitations offered by the different tools and exploits available to achieve jailbreak on a device.
Next, we can see the different characteristics and “types” of jailbreak available. As we said, they depend on the type of tools and/or exploits that are used, the latter being of the software type (also known as userland ) or of the hardware type (that operate on the firmware), such as those that affect iBoot or the DFU.
Untethered
Normally, when a device is jailbroken, it is lost when the system is restarted.
Process of untethered: you do not lose the Jailbreak when you restart the phone.
This means that the kernel is patched without the help of a computer or application.
Once you have restarted or shut down your iDevice, the device remains jailbroken, it is no matter the device status. That is the advantage of this kind of jailbreak. But the disadvantage is needing good knowledge of reverse engineering to create untethered Jailbreak.
List of untethered Jailbreak tools:
- Spirit
- JailbreakMe 2.0 (star)/JailbreakMe 3.0 (saffron)
- limera1n
- greenpois0n
- Absinthe
- unthredera1n
- evasi0n
- p0sixspwn
- evasi0n7
- Pangu
- Pangu8
- TaiG
- etasonJB
- UntetherHomeDepot
- Pangu9
NOTE:
Latest untethered jailbrek was acihved by @LinusHenze, Demoded of CVE-2021-30740, CVE-2021-30768, CVE-2021-30769, CVE-2021-30770 and CVE-2021-30773 on iOS 14.5.1, iPhone 12 Pro Max
Tethered
It is a type of temporary jailbreak that is lost automatically when the device is restarted, leaving it in a boot loop that requires the device to be connected to a computer to jailbreak each time it is restarted.
Semi-Tethered
The Jailbreak is lost automatically when the device is restarted, but the equipment will turn on normally (phone calls, text messages, and/or use of applications and AppStore are working), it will only be enough to run the jailbreak again, although with the device connected to a computer.
Checkra1n jailbreak only uses a semi-tethered approach (Jailbreak tool for iOS 12 – iOS 14.8)
Semi-Untethered
This type of jailbreak is similar to the semi-tethered jailbreak in that when the device reboots the jailbreak is lost, but the key difference is that the kernel can be patched without using a computer.
It is usually patched using an application installed on the device. Sometimes this type of jailbreak does not require connecting the device to a PC.
- unc0ver – iOS 11 – iOS 14.3
- Taurine – iOS 14 – iOS 14.3
- Odyssey – iOS 13 and all beta versions
- Chimera – iOS 12 and all beta versions
- Electra – iOS 11 Jailbrak tool
- Rootless Jailbreak – iOS 12
Latest Jailbreak Tools
Here we have listed the latest Jailbreak tools according to their popularity.
unc0ver Jailbreak tool
unc0ver is a semi Semi-Untethered Jailbreak tool, it’s mean once you are restarted your device, you need to jailbreak again to got jailbroken state.
Initially, unc0ver was supported for iOS 11 to iOS 13.5, but with Mordnpowner’s kernel exploit the unc0ver team updated their tool to iOS 14 – 14.3 support.
Checkra1n Jailrbeak Tool
Checkra1n jailbreak based on a hardware bug, checkra1n jailbreak use checkm8 jailbreak exploit to run the Jailbreak. This is also called the Lifetime jailbreak tool.
Checkra1n is compatible with iOS 12 to apple’s latest updated iOS version of iOS 14.8. But the checkra1n tool works on only iPhone 5S to iPhone X.
Taurine Jailbreak
This is also a Semi-Untethered Jailbreak tool, this tool is based on Libhooker and Powner’s Exploit.
This tool is also support for iOS 14 – iOS 14.3, a tool compatible with all iPhones and iPads.
Packdge managers & Jailberak Solutions.
The final expectation of jailbreaking is installing a package manager on the device. The package managers are alternative to the Apple AppStore because package managers have a lot of tweaks, themes, and ++ games things.
The different Jailbreak tools are installed vary from Package manager to device. Basically, there has a 5 popular jailbreak tools.
- Cydia,
- Sileo,
- Installaer 5
- Zebra
History of Jailbreak
The first method of Jailbreak had been launched in July 2007 and initially allowed users to set any music file recorded on the device as a ringtone for incoming calls and messages.
Then, in August 2007, the first non-Apple-approved game for the iPhone and iPod Touch was released. And in October of the same year, another method of jailbreak was discovered.
It is worth clarifying that jailbreak should not be confused with the tools or exploits which are used to execute the jailbreak process itself.
Normally, after a successful jailbreak, the device’s FileSystem is no longer mounted as ReadOnly (write only) to Read-Write (read/write), which allows manipulating files on the system and interacting with it as a user root.
As you can imagine, the jailbreak becomes, from the point of view of pentesting, a fundamental tool when carrying out security audits.
Since once the jailbreak is carried out we will be able to:
- Access the internal directories, the keychain,
- Install third-party tools,
- Access the process memory,
- Perform Bypass TLS and perform debugging in real time, Etc…
FAQ’s
Can jailbreak remove the activation lock?
According to our research details, some jailbreak tools can remove the iCloud activation lock, but due to Apple’s legal issues, Jailbreak developers are not officially allowed to do so.
So you cant directly unlock your activation lock, but there has a possibility to do that.
With a Modified jailbreak tool You can:
- Remove Activation Lock / Remove MDM
- Unlock carrier
- Remove iCloud lock, Remove passcode, Ect…
What does Jailbreak do?
With jailbroken iPhone/iPad you can install custom applications, games, tweaks, repos, themes, these help to customize and enhance the user experience.
Is jailbreaking legal?
In 2010, the US Copyright Office declared jailbreaking to be an exception to the Digital Millennium Copyright Act.
According to that Jailbreak is Legal and free to use.