Intermediate and advanced jailbreakers often do more with their devices than merely download and install jailbreak tweaks — many will SSH into their devices to carry out deeper device customization in the file system itself.
SSH connections require knowledge of the handset’s local IP address, which can be found in the Wi-Fi preference pane in the Settings app. But those who use SSH often, especially on networks besides their own, might be interested in a faster way to access their handset’s local IP address, and we have the solution.
Much of today’s jailbreak-centric news revolves around iOS & iPadOS 13 or 14, with one of the only lone exceptions being the iOS 12-based Chimera jailbreak, which recently received one of its final updates. Still, it’s not completely unheard of to see jailbreak developers work on or release projects related to legacy versions of iOS.
The latest example would be a new jailbreak tool dubbed kok3shi by SakuRα Development, which was only released just this evening. This jailbreak appears to be semi-untethered just like the tried-and-true Odyssey and unc0ver tools are, however unlike those tools, it supports only 64-bit devices running iOS 9.3.2-9.3.5.
Earlier in the month, security researcher @pattern_F_ from the Ant Security Lab Tweeted a demo video of what appeared to be a successful jailbreak attempt on an iPhone 11 running iOS 14.0. It was later revealed that the exploit used would potentially work on iOS & iPadOS firmware versions up to and including 14.3.
While it was unclear whether @pattern_F_ would release the aforementioned work to the general public, the news was quickly drowned out by the subsequent release of the cicuta_virosa kernel exploit for iOS & iPadOS 12.0-14.3 by @ModernPwner.
Shortly after the unveiling of the brand-new cicuta_verosa kernel exploit for all devices running up to and including iOS 14.3, renowned jailbreak developers and hackers began investigating its viability.
While much of the initial spotlight shined on Odyssey lead developer CoolStar to create an iOS 14-compatible jailbreak with the novel cicuta_verosa exploit, it seems that even Brandon Plank, another name that resonates positively with the jailbreak community, will be going hands-on with it.
One of the small things I appreciate the most about being a Mac user is that I can easily AirDrop files from my iPhone to my computer and vice versa in some instances. Unfortunately, this process isn’t so cut and dry if you’re a Linux or Windows user, as both of these operating systems lack AirDrop support.
For the reason mentioned above, I would highly recommend a newly released and free jailbreak tweak called SendToDesktop by iOS developer Sudhip for both Linux and Windows users, as it can make sharing files from your iPhone or iPad to your personal computer a breeze.
When most people think of a jailbreak tool like checkra1n, among the first things that come to mind are iPhones, iPod touches, iPads, and Apple TVs. Interestingly enough, the checkra1n team has shown time and time again that the checkm8 bootrom exploit that powers this particular jailbreak is commanding enough to hack even some of the most arbitrary of things, including Apple’s T2 chip, which resides in a variety of Macs.
On Thursday, we learned that even Apple’s HomePod Smart Speaker devices are susceptible to the checkra1n jailbreak. The news, first shared this afternoon by Twitter user @_L1ngL1ng_, took many avid jailbreakers by surprise:
Pwn20wnd’s unc0ver jailbreak has received lots of updates recently, mostly pertaining to bug fixes and stability improvements centric to the newfangled iOS 12.4 support that came by way of an updated Sock Puppet exploit under a week ago. But as you might’ve noticed, this didn’t initially include support for Apple’s latest handsets, such as the A12(X) variety.
Pwn20wnd changed that Thursday afternoon, at least partially, with the launch of unc0ver versions 3.5.4 and 3.5.5. Both updates were announced via Twitter:
iPhones and iPads have been jailbreakable for more than a decade, but the Apple Watch doesn’t quite seem to receive as much attention as those handsets in the pwnage department. For that reason, a work-in-progress Apple Watch-centric jailbreak dubbed ‘Brenbreak’ by @ethanpepro has been particularly intriguing, to say the least.
The mastermind behind the Brenbreak Apple Watch jailbreak has been sharing regular updates via Twitter since April, and with one of the most recent updates indicating a Q4 2019 public release, it should come as no surprise to anyone that @ethanpepro shared yet another momentous milestone just last night:
If you’ve been keeping up with the latest jailbreak trends, then you might have heard about CoolStar’s Electra jailbreak tool for iOS 11.0-11.1.2. It doesn’t install Cydia or Mobile Substrate like a typical jailbreak tool would, but you could still use this jailbreak to install third-party extensions on your device via SSH.
A constant flow of updates since Electra’s initial release has provided the tool with necessary bug fixes. This week, users can take advantage of beta 7, which makes the jailbreak more stable and offers additional bells and whistles out of the box.
SSH is a powerful tool that lets you access your jailbroken handset’s filesystem on the fly, but one of the things I don’t like about it is how there’s no indication when an SSH connection is initiated.
A new free jailbreak tweak called SSHIcon by iOS developer Sticktron solves this problem by putting an icon in your Status Bar any time you or someone else uses SSH to access your device.
For security reasons, the Yalu and extra_recipe jailbreaks have confined SSH connections to USB only. This is sufficient for most, but power users may wish to enable wireless SSH connections for convenience. Additionally, the Dropbear client that these jailbreaks use to manage SSH does not bundle SCP or SFTP, the commands most often used for pushing files to and from your iOS device over SSH.
In this guide, we'll set about fixing up both these issues, to leave you with a more fully-configured SSH client.
If you've been tinkering around with your Apple TV 4 jailbroken on tvOS 10 with liberTV, you may have noticed that its built-in SSH client, Dropbear, has a tendency to be purged every so often, requiring it be re-spawned and set up again. This is due to the developer's (admirable) desire to retain all jailbreak-related files in temporary folders on the filesystem, reducing the risk of bricking your device while fiddling with it to near-zero. If you are confident enough to move a few files out of their temporary folder however, you can easily get your SSH client up and running persistently, avoiding those tedious reconfigurations which otherwise occur.