checkm8

Inferius permits creating & restoring from custom IPSWs via checkm8 exploit

Upon refreshing the /r/jailbreak subreddit Wednesday evening, many jailbreakers were pleasantly surprised to learn about the release of a novel jailbreak-centric utility dubbed Inferius by @marijuanARM.

After a quick scan of the release notes on the project’s official GitHub page, it becomes apparent that Inferius was created to aid users in the process of creating and restoring from custom IPSW files. Quite the attention-grabbing feat indeed, but you’ll definitely want to read more about Inferius before you start jumping right in.

Pangu Team teases unpatchable SEP vulnerability at Mosec 2020

It was a pleasant surprise waking up this morning to learn that the Pangu Team had successfully pwned iOS 14 using their own proprietary exploits and demoed it at the Mosec 2020 conference. Although this jailbreak in particular isn’t likely to be released, it shows that there’s a light at the end of the tunnel despite Apple’s ongoing efforts to snuff out jailbreaking once and for all.

But an iOS 14 jailbreak wasn’t the only thing that the Pangu Team shared during their presentation. Team member @windknown also discussed details encompassing security research with Apple’s proprietary SEP (Secure Enclave Processor) chips, which are used for storing valuable data including Face ID & Touch ID information and passcode data, among other things of utmost confidentiality.

Checkra1n team gets jailbreak working on iOS 14 beta

It was only a couple of days ago that Apple unveiled iOS and iPadOS 14 during the company’s WWDC 2020 keynote. Shortly after that, Apple launched its first developer beta of the updated mobile operating systems, allowing developers to go hands-on with the new features and prepare their apps for the update before it launches sometime this Fall.

While iOS and iPadOS 14 snagged a ton of features from the jailbreak community as Apple does every year with each substantial release, it doesn’t seem like jailbreaking will be going anywhere any time soon. In a Tweet shared late last night, checkra1n team co-developer Dany Lisiansky shared a teaser screenshot of the checkra1n jailbreak on the first iOS 14 beta:

Checkra1n updated to v0.10.2 with support for iOS 13.5, additional bug fixes

The unc0ver jailbreak is about to be updated to version 5.0.0 with official support for all devices that can run iOS and iPadOS 13.5, and in a silent and rather unexpected undercut, the checkra1n team released v0.10.2 beta of its bootrom exploit-based jailbreak tool for macOS Saturday evening with official support for iOS and iPadOS 13.5.

According to the release notes for the updated version of the checkra1n jailbreak, v0.10.2 not only adds support for Apple’s latest mobile firmware versions, but also incorporates a few different bug fixes at that:

Checkra1n v0.10.1 released with support for iOS 13.4 & 13.4.1, bug fixes

Apple released iOS 13.4.1 to the general public yesterday, and as you might come to expect, this has a few implications for the jailbreak community. Obviously, the unc0ver jailbreak doesn’t support the new firmware, as it can only jailbreak iOS 13.0-13.3. Checkra1n users, on the other hand, should be in the clear following a new update to the jailbreak tool on Wednesday.

Checkra1n co-developer Jamie Bishop took to Twitter this evening to share that checkra1n v0.10.1 had been released. This new update incorporates support for iOS/iPadOS 13.4 & 13.4.1, enabling handsets susceptible to the checkm8 bootrom exploit (A7-A11) to be jailbroken even on Apple’s latest and greatest software updates:

Ra1nbox is a NanoPi Neo2-powered box that can deploy checkra1n without a computer

The checkra1n jailbreak is driven by a powerful bootrom exploit that can’t be patched with a software update from Apple, and with that in mind, it’s easy to see why some people may opt to use checkra1n over some of the other jailbreaks available, such as unc0ver for example.

While it’s a great jailbreak, Windows users have relentlessly expressed dissatisfaction about having to borrow friends’ Macs or run Linux on their machines. With no certain ETA for a Windows-based checkra1n release, third parties are now cooking up interesting solutions. One is Ra1nbox, a small and portable box powered by a NanoPi Neo2 that can be used to deploy the checkra1n jailbreak from anywhere without the need for a computer.

Checkra1n v0.9.8.1 introduces Project Sandcastle, enabling Android to run on iPhones

We’ve witnessed a plethora of teasers from Pwn20wnd and the rest of team unc0ver throughout the past week. That said, it might come off as somewhat of a surprise that the checkra1n team launched an updated public beta version of the checkra1n jailbreak Wednesday afternoon, seemingly out of the blue.

The announcement, shared first by checkra1n team member Luca Todesco, denoted that the latest version of the checkra1n jailbreak tool would be v0.9.8.1 and that it would incorporate substantial changes:

Checkra1n team launches PongoKit for checkm8-vulnerable iOS devices

The checkra1n team is best known for their checkm8 bootrom exploit-based checkra1n jailbreak tool, which just yesterday picked up support for Linux after being macOS-only for several months. We’ve known for quite some time that the checkra1n team intended to delve into more than just jailbreaking with the checkm8 bootrom exploit, and the fruits of such research are finally starting to surface.

The checkra1n team took to Twitter early Thursday morning to announce the initial release of PongoKit, a highly experimental and developer-only SDK that should help permit the deployment of other platforms on checkm8 vulnerable iOS devices:

Fugu: An early concept open source jailbreak project based on checkm8

Checkra1n has long enjoyed its prestigious status of being the first and only jailbreak tool to take advantage of the checkm8 bootrom exploit, but could that change in the near future?

A curious new posting shared just this evening on /r/jailbreak appears to detail a new jailbreak tool dubbed Fugu that is being dubbed the “first open-source jailbreak tool based on the checkm8 exploit” by its creator Linus Henze. This eye-popping development certainly grabbed our attention, but a closer look at the project's GitHub page reveals the fine print:

Checkra1n for Linux is purportedly almost complete

The checkra1n jailbreak has earned quite the impressive reputation over the past several months as it became both the first iOS 13-supported jailbreak and the first un-patchable bootrom exploit-based jailbreak to be released since the infamous limera1n days almost one full decade ago. But there’s also a certain stigma surrounding the checkra1n jailbreak as it only runs on macOS at the time of this writing.

Fortunately, that’s set to change sooner rather than later. While a Windows version of the jailbreak tool is still probably rather far off due to the complexities of its development, the good news is that the Linux version of checkra1n is nearing completion and could be released very soon. Checkra1n co-developer Nikias Bassen (@pimskeks) shared the exciting announcement via Twitter this Tuesday afternoon:

New solder-on cable allegedly permits DFU mode entry on Apple TV 4K

One of the most substantial things to happen in the jailbreak community in the past decade was the release of @axi0mX’s hardware-based checkm8 bootrom exploit. This exploit can’t be patched by Apple in a software update, and it essentially guarantees the jailbreakability of several of Apple’s devices using the A5-A11 SoC for life.

While checkm8 is already being used in the checkra1n jailbreak for handsets ranging from the iPhone 5s to the iPhone X, it’s also true that the same exploit can be used to jailbreak compatible Apple TV units. The newest Apple TV, on the other hand, purportedly sports a hidden Lightning port that would necessitate a special adapter to utilize for such an exploit.