Hello Everyone! This is Srinivas.
Here is my 1st blog post on iOS Application Security.
Recently due to COVID-19 lockdown, I got a chance to test an iOS Application. During testing, I don’t have any proper iOS Testing Lab, so then I started exploring various blogs online to revise my knowledge, at that time I found most of tools and procedures are outdated. So I spent more time on this to collect working methodologies, then I decided to share my knowledge with all of you on this blog post.
After completion of this post, you will understand how to jailbreak an iPhone device in easy steps.
- iPhone SE (i.e. iOS 13.4.1)
- MacBook Air (i.e. macOS High Sierra 10.13.6)
To start testing the iOS applications, we need to jailbreak our iPhone. As of now, we have two types of Jailbreaks which are trending.
- Tethered Jailbreak -> The iOS mobile device to be connected with a computer when it turned on.
- Untethered Jailbreak -> The iOS mobile device need not be connected with a computer when it turned on.
So here I’m jailbreaking iPhone 5s with Tethered Jailbreak. So to achieve this one, here I’m using checkra1n (https://checkra.in).
How to jailbreak iOS by checkra1n?
Checkra1n (alias checkrain)is the ultimate jailbreaking tool that uses a permanent jailbreak exploit to jailbreak your iPhone. it is extremely reliable and robust, particularly for a tool that’s still running in beta mode. It jailbreaks a variety of older iDevices quickly and reliably. It also installs an SSH server and other utilities, a bonus that makes the tool ideal for researchers and hobbyists who want to dig into the internals of their devices.
Visit the https://checkra.in website and download the latest checkra1n application. After downloading the application, install it. Later the interface looks like below.
Connect the device to computer. It shows as “iPhone SE (iOS 13.4.1) connected in Normal mode.” although the mobile device needs to put in DFU mode to install the jailbreak.
How to enable safe mode on an iPhone?
Step 1: Turn your iPhone off.
Step 2: Once the device is completely turn off, turn it on by holding down the power button.
Step 3: Once your iOS device lights up, hold down the Volume down button until you see the Apple logo.
Step 4: When the iOS device has booted, it will be in safe mode.
So my device is in safe mode now. by looking at the checkra1n status you can understand.
Follow the below steps to apply the jailbreak.
step 1: after enabling DFU mode then click start button on checkra1n application.
step 2: then your device will restart, then hold the centre button and power button together for 4 seconds.
step 3: then release the power button, keep holdling the home button for 3 more seconds then release it.
Once the above steps are completed, the remaining installation process will be done automatically. After completion of this procedure, your device is jailbroken and ready to install Cydia.
Now you can find the Checkra1n application in your device. if you open that application you can observe that Cydia is ready to install.
What is Cydia?
Cydia is a package manager mobile app for iOS that enables a user to find and install software not authorized by Apple on jailbroken iPhones, iPads and iPod touch devices. It also refers to a digital distribution platform for software on iOS accessed through Cydia software.
Finally, we have successfully jailbroken with checkra1n. 👏
In my next post, I will detail how to connect your device with SSH, SFTP and installing unsigned IPA.
Thank you for reading.
If you have any doubts on this, feel free to connect me.