Hack

Countdown to release of unc0ver v5.0.0 with support for iOS 13.5 begins

Anthony Bouchard ∙ May 23, 2020

On Wednesday, team unc0ver teased an upcoming v5.0.0 of its jailbreak tool with support for all iPhones and iPads that can run Apple’s latest and greatest iOS 13.5 firmware (iPadOS 13.5 included) by way of a brand-new 0-day kernel vulnerability from project lead developer Pwn20wnd.

At the time, the official unc0ver.dev website displayed a progress bar with the text “Performing Final Stability Tests 90%,” but things seem to be moving right along. The progress bar has now surpassed 95%, and several high-profile Tweets now indicate that unc0ver v5.0.0 will be released this weekend, sometime within the next 24 hours.

Unc0ver jailbreak v5.0.0 teased with support for every device running iOS 13.5

Anthony Bouchard ∙ Updated May 27, 2020

It’s been a while since we’ve heard anything new from the unc0ver Team; in fact, the last time the tool was even updated was at the beginning of March. But that silence was broken Wednesday evening when the unc0ver Team teased the imminent release of unc0ver v5.0.0, which purportedly adds support for all devices running Apple’s freshly released iOS 13.5.

The particularly exciting announcement was shared via by the unc0ver Team on Twitter at approximately 8:08 P.M. Eastern time, and was quickly Retweeted by unc0ver lead developer Pwn20wnd:

Checkra1n team teases pwned Mac Pro, ‘the most expensive device ever jailbroken’

Anthony Bouchard ∙ May 7, 2020

Most associate the term jailbreaking with devices like the iPhone, iPad, and in some cases, even the Apple TV. But when gifted hackers began experimenting with the powerful checkm8 hardware-based bootrom exploit earlier this year, things got more interesting. In March, for example, checkra1n team member Luca Todesco demonstrated nifty hacks on the OLED Touch Bar of a T2 chip-equipped MacBook Pro.

But the MacBook Pro isn’t the only Apple computer that sports a T2 chip. As a matter of fact, many do, and with that in mind, it may not come as much of a surprise that the checkra1n team has taken things a step further by jailbreaking yet another T2-equipped Mac – the elaborate and expensive Mac Pro:

Another kernel-level jailbreak detection bypass released, better than the last?

Anthony Bouchard ∙ May 3, 2020

It was only a few days ago that a kernel-level jailbreak detection bypass had been released to the general public. Dubbed FlyJB by @XsF1re, the project was quickly taken down after the developer lost confidence in his work. But much of his efforts remained open source, permitting future projects to draw inspiration from it.

Now, a second kernel-level jailbreak detection bypass called KernBypass by has been released, this time by Twitter user @akusio_RR. The project credits @XsF1re for vnodebypass, hacker Jake James for jelbrekLib, and @0x7ff for maphys. But what does all this mean?

Alleged kernel-level jailbreak bypass may let jailbreakers evade detection in apps [U]

Anthony Bouchard ∙ April 29, 2020

Anyone using a jailbroken iPhone or iPad as their daily driver has likely experienced the aching inconvenience of something called jailbreak detection. This is essentially where an app developer implements some kind of trap in their app that detects if your handset is jailbroken and then responds one of two ways: 1) by denying the user access to the app on the jailbroken handset; or 2) banning the user for the use of potential third-party hacks.

Jailbreak detection has been a pain (to say the least) for users who enjoy the freedoms made possible by liberating their handset from Apple’s control, and the feeling is made worse when you find out that an account for one of your favorite games was banned for accessing said game on a jailbroken device. These issues have raised community-driven demands for jailbreak bypasses, especially one at the kernel level that would be far more robust than the traditional variety.

Checkra1n v0.10.1 released with support for iOS 13.4 & 13.4.1, bug fixes

Anthony Bouchard ∙ Updated May 27, 2020

Apple released iOS 13.4.1 to the general public yesterday, and as you might come to expect, this has a few implications for the jailbreak community. Obviously, the unc0ver jailbreak doesn’t support the new firmware, as it can only jailbreak iOS 13.0-13.3. Checkra1n users, on the other hand, should be in the clear following a new update to the jailbreak tool on Wednesday.

Checkra1n co-developer Jamie Bishop took to Twitter this evening to share that checkra1n v0.10.1 had been released. This new update incorporates support for iOS/iPadOS 13.4 & 13.4.1, enabling handsets susceptible to the checkm8 bootrom exploit (A7-A11) to be jailbroken even on Apple’s latest and greatest software updates:

CoolStar to release open-source Chimera13 jailbreak in memory of @s0uthwes

Anthony Bouchard ∙ Updated April 21, 2020

Just over two weeks ago, Electra Team lead developer CoolStar announced that the Chimera13 jailbreak wouldn’t be released to the general public. But due to some rather unfortunate circumstances that transpired this past week, that mindset appears to be changing.

From what we can gather, @s0uthwes a respected and talented developer of the jailbreak community and a maintainer of the popular TSSChecker and futurerestore utilities, has passed away. He was fighting incurable aggressive leukemia, and unfortunately, succumbed to the ailment.

Checkra1n experimental pre-release adds preliminary support for iOS 13.4, Mac T2 chip

Anthony Bouchard ∙ March 18, 2020

The checkra1n team launched an experimental pre-release build of the checkra1n jailbreak tool Wednesday afternoon with preliminary support for Apple’s upcoming iOS and iPadOS 13.4 release, which Apple intends to release to the public next week. Developers got their hands on the iOS and iPadOS 13.4 Golden Master earlier this afternoon just after Apple finished announcing its 2020 iPad Pro and brand-new Magic Keyboard.

The experimental checkra1n build, dubbed v0.9.9 experimental isn’t available from the official checkra1n website, but rather from a link that was included in one of checkra1n team member Luca Todesco’s Tweets.

Ra1nbox is a NanoPi Neo2-powered box that can deploy checkra1n without a computer

Anthony Bouchard ∙ March 15, 2020

The checkra1n jailbreak is driven by a powerful bootrom exploit that can’t be patched with a software update from Apple, and with that in mind, it’s easy to see why some people may opt to use checkra1n over some of the other jailbreaks available, such as unc0ver for example.

While it’s a great jailbreak, Windows users have relentlessly expressed dissatisfaction about having to borrow friends’ Macs or run Linux on their machines. With no certain ETA for a Windows-based checkra1n release, third parties are now cooking up interesting solutions. One is Ra1nbox, a small and portable box powered by a NanoPi Neo2 that can be used to deploy the checkra1n jailbreak from anywhere without the need for a computer.

How to side-load the unc0ver jailbreak with Xcode on macOS

Anthony Bouchard ∙ Updated May 27, 2020

If you rely side-loadable jailbreak tools such as Chimera, Electra, or unc0ver, then it’s important to understand the plethora of ways you can install them on your iPhone or iPad. While methods such as AltStore, Cydia Impactor, and third-party signing services like Ignition and iOS Ninja are some of the most popular, many tend to forget that you can use Apple’s own Xcode development platform on the Mac to accomplish this task.

The Xcode method came in clutch for me countless times when Cydia Impactor stopped working for an extended period and when all the best signing services had been revoked; to make matters worse, my handset's iOS version was too old to run AltStore. With that in mind, we’ll be sharing the Xcode method in this tutorial for fellow jailbreakers that find themselves in similar predicaments down the road.

Luca Todesco teases checkra1n hacks on a T2-equipped MacBook Pro’s Touch Bar

Anthony Bouchard ∙ March 10, 2020

The checkra1n team is best known for its checkm8 bootrom exploit-based jailbreak tool for A9-A11 devices. But those closely following outspoken members of the team on Twitter, namely Luca Todesco (@qwertyoruiopz), likely took note of some particularly interesting teasers Tweeted Tuesday morning and afternoon.

A series of images shared by Todesco himself appear to depict checkra1n-centric hacks being deployed and displayed on a MacBook Pro’s OLED Touch Bar:

Chimera13 jailbreak release cancelled despite recent hype

Anthony Bouchard ∙ March 10, 2020

It was only last month that Pwn20wnd released an updated version of the unc0ver jailbreak with official support for iOS 13.0-13.3 on a plethora of different device types. Unsurprisingly, it wasn’t long before CoolStar began hyping Chimera13 – a project that was expected to add similar device and firmware support to the Electra Team’s competing jailbreak solution.

But citing a series of Tweets shared by Electra Team lead developer CoolStar on Tuesday, it seems that Chimera13 won’t be released to the general public after all: