The team at iDB is as passionate about jailbreaking as many of you are, and that’s the primary reason why we continuously monitor the latest developments in the iPhone hacking and jailbreaking communities.
Since so much can happen at one time, keeping track of everything during the week whether you’re working full time or attending school can be a challenge. Fortunately, your friends at iDB make weekly roundups like this one every Sunday to help consolidate everything into one easily digested post.
In this piece, we’ll show you all the latest jailbreak tweaks and relevant developments in the iPhone hacking and jailbreaking communities spanning the week of Monday, December 25th through Sunday, December 31st.
Important stuff from this week
Kaspersky researchers give talk at 37c3
Security researcher Boris Larin has teased that a jailbreak will be coming soon for arm64e devices (A12-A16) running iOS & iPadOS 16.6 and below.
This will be the first public jailbreak on iOS 16 for such devices, and it appears that it will be based on a powerful KTRR bypass, giving the jailbreak unique and particularly unique capabilities.
The details would later be discussed at a talk at the 37c3 conference on Wednesday.
You can learn more about the announcement in our full news post.
Kaspersky team discusses how they found the KTRR bypass
The Kaspersky GReAT team took the stage at 37c3 on Wednesday to discuss how they happened upon a KTRR bypass for arm64e devices.
The presentation included a full attack chain, which will undoubtedly be useful for anyone wanting to make a jailbreak for future Apple devices.
You can watch the full presentation in our full news post.
KTRR Bypass F.A.Q.
Got questions about the KTRR bypass and what it means for you? We’ve got answers.
Be sure to check out our F.A.Q. post to see if you can find answers to the questions you have about this and the foreseeable future of jailbreaking iPhones & iPads.
Hector Martin comments on KTRR bypass
Security researcher Hector Martin has entered the chat and made comments regarding the Kaspersky team’s KTRR bypass.
As it would seem, the whole thing could just be a PPL bypass. Some developers are also questioning whether it can be used for jailbreaking purposes.
You can learn more about Martin’s comments in our full news post.
How to install TrollStore on A12+ devices on iOS 16.0-16.5 & 16.6 beta 1 with Misaka
We show you how you can use the kfd exploit used by Misaka to install the TrollStore perma-signing utility on arm64e (A12+) devices running iOS & iPadOS 16.0-16.5 & 16.6 beta 1.
Follow the steps in our full tutorial post to learn more.
SpringBoard tweak injection achieved with CoreTrust bug
Developer @eveiyneee successfully achieved SpringBoard tweak injection on Thursday using only the kfd exploit and the CoreTrust bug used by the TrollStore perma-signing app.
This massive leap forward means that it may be possible to run systemwide jailbreak tweaks without a jailbreak, helping to make the wait for one less of a dull experience.
You can learn more about the achievement in our full news post.
Upcoming bootstrap for TrollStore
The RootHide development team is working on a bootstrap that works within the confines of the CoreTrust exploit used by the TrollStore 2 perma-signing utility.
The bootstrap will enable “basic” jailbreak-like functionality on those devices, even if they’re not already jailbroken. This includes app-based tweak injection, package manager usage, command line support, and much more.
You can learn more about the bootstrap and what it means for TrollStore users in our full news post.
CopyLog for TrollStore
The popular CopyLog clipboard manager platform for jailbroken devices is now available for non-jailbroken devices by way of TrollStore, and it works on iPhones running iOS 16 & 17.
With it, you can see a running history of your most recent text copies/cuts and access them on a whim so that you can paste them elsewhere.
You can learn more about CopyLog for TrollStore in our full review post.
nekoJB kfd-based jailbreak for arm64 devices on iOS 15.0-15.7.6 released
The new nekoJB jailbreak tool for arm64 devices (iPhone 6s-iPhone X) has been released with support for iOS 15.0-15.7.6 by way of the kernel file descriptor (kfd) exploit.
This jailbreak is semi-untethered and rootless and can be safely used side-by-side with the semi-tethered palera1n jailbreak if you’re already using that.
You can learn more about this release in our full news post.
Update: The first public beta of the nekoJB project was pulled, but should be coming back soon.
Update 2: A second public beta was released to address all known issues in the first public beta.
Misaka updates
The Misaka package manager app, made to help MacDirtyCow and kfd exploit users install add-ons on their devices more easily, was updated a few times this week with bug fixes and improvements.
You can learn more about what’s new in the pieces linked below:
Everything else from this week
3DAppVersionSpoofer v2.0.3 released: Fixed UI bugs, added latest version of text into the text field (free via YouRepo repository — review post)
Draw iOS v1.3.4 released: Add more than 60 new icons ($1.99 via Havoc repository — review post)
Hammer It v1.4.7 released: Add support for Swiftgram and Vartagram, add window size setting when triggered by Control Center, add search button, add link button (free via Havoc repository — review post)
Lynx 2 v2.4.6 released: Add option to replace dictation key with keyboard dismissal, add option to display cellular data used in settings, add option to show network download/upload speeds in the Status Bar, add option to choose Control Center background blur style ($1.99 via Havoc repository — review post)
PrimeDeck v1.2.2 released: Lock device after pressing “clear all,” add logic fix to recognize music playback (free via YouRepo repository — review post)
Souvenir v1.26 released: Animations now pause when you turn off your display ($1.49 via Havoc repository — review post)
SquidGesture v1.3.2 released: Add volume button gesture, add more gestures, add WeChat QR code, add AudioRecorder XS actions, add Reverie action, add Reachability support, & more… (free via Havoc repository — review post)
TwistNTurn v1.1.2 released: Added app white-listing, fixed a bug with feedback staying on even when turned off ($1.50 via YouRepo repository — review post)
YouMute v1.2.1-3 released: Added new localizations (free via PoomSmart’s repository — review post)
YouQuality v1.1.4-2 released: Added new localizations (free via PoomSmart’s repository)
YTABConfig v1.5.0-3 released: Added new localizations (free via PoomSmart’s repository — review post)
YTVideoOverlay v1.1.1-2 released: Added new localizations (free via PoomSmart’s repository)
The above content concludes this week’s jailbreak news and iPhone hacking roundup, but we’ll be right back again next Sunday with a roundup just like this one, albeit with refreshed content from the upcoming week.
Miss last week’s roundup? DelayOTA to iOS 17.0 ends, iOS 16 PPL bypass shown off, & more…
If you’re new to jailbreaking or you want to get started with hacks and add-ons for the first time, then you might find the following tutorials helpful:
- How to jailbreak A12-A15 devices on iOS & iPadOS 15.0-15.4.1 with Dopamine
- How to jailbreak A9-A11 devices on iOS & iPadOS 15.0-16.x with palera1n
- How to install the RootHide jailbreak detection bypass on Dopamine
- How to install the Misaka package manager with TrollStore
- How to install the Misaka package manager with Sideloadly
- How to install the PureKFD package manager with TrollStore
- How to install the PureKFD package manager with Sideloadly
- How to install TrollStore on iOS 15.0-15.4.1
- How to install TrollStore on A12+ devices on iOS 16.0-16.5 & 16.6 beta 1 with Misaka
Are you running any of the latest jailbreak tweaks or add-ons? Let us know in the comments section down below.