iOS Application Security Lab Setup [Part 1]

Ch Srinivas
May 13 · 4 min read

Hello Everyone! This is Srinivas.

Here is my 1st blog post on iOS Application Security.

Recently due to COVID-19 lockdown, I got a chance to test an iOS Application. During testing, I don’t have any proper iOS Testing Lab, so then I started exploring various blogs online to revise my knowledge, at that time I found most of tools and procedures are outdated. So I spent more time on this to collect working methodologies, then I decided to share my knowledge with all of you on this blog post.

Preface:

After completion of this post, you will understand how to jailbreak an iPhone device in easy steps.

Tools Required:

  1. iPhone SE (i.e. iOS 13.4.1)
  2. MacBook Air (i.e. macOS High Sierra 10.13.6)

To start testing the iOS applications, we need to jailbreak our iPhone. As of now, we have two types of Jailbreaks which are trending.

  1. Tethered Jailbreak -> The iOS mobile device to be connected with a computer when it turned on.
  2. Untethered Jailbreak -> The iOS mobile device need not be connected with a computer when it turned on.

So here I’m jailbreaking iPhone 5s with Tethered Jailbreak. So to achieve this one, here I’m using checkra1n (https://checkra.in).

How to jailbreak iOS by checkra1n?

Checkra1n (alias checkrain)is the ultimate jailbreaking tool that uses a permanent jailbreak exploit to jailbreak your iPhone. it is extremely reliable and robust, particularly for a tool that’s still running in beta mode. It jailbreaks a variety of older iDevices quickly and reliably. It also installs an SSH server and other utilities, a bonus that makes the tool ideal for researchers and hobbyists who want to dig into the internals of their devices.

Visit the https://checkra.in website and download the latest checkra1n application. After downloading the application, install it. Later the interface looks like below.

Image for post
Image for postImage for post

Connect the device to computer. It shows as “iPhone SE (iOS 13.4.1) connected in Normal mode.” although the mobile device needs to put in DFU mode to install the jailbreak.

How to enable safe mode on an iPhone?

Step 1: Turn your iPhone off.

Step 2: Once the device is completely turn off, turn it on by holding down the power button.

Step 3: Once your iOS device lights up, hold down the Volume down button until you see the Apple logo.

Step 4: When the iOS device has booted, it will be in safe mode.

So my device is in safe mode now. by looking at the checkra1n status you can understand.

Image for post
Image for postImage for post

Follow the below steps to apply the jailbreak.

step 1: after enabling DFU mode then click start button on checkra1n application.

step 2: then your device will restart, then hold the centre button and power button together for 4 seconds.

step 3: then release the power button, keep holdling the home button for 3 more seconds then release it.

Image for post
Image for postImage for post
Image for post
Image for postImage for post

Once the above steps are completed, the remaining installation process will be done automatically. After completion of this procedure, your device is jailbroken and ready to install Cydia.

Now you can find the Checkra1n application in your device. if you open that application you can observe that Cydia is ready to install.

Image for post
Image for postImage for post

What is Cydia?

Cydia is a package manager mobile app for iOS that enables a user to find and install software not authorized by Apple on jailbroken iPhones, iPads and iPod touch devices. It also refers to a digital distribution platform for software on iOS accessed through Cydia software.

Image for post
Image for postImage for post

Finally, we have successfully jailbroken with checkra1n. 👏

In my next post, I will detail how to connect your device with SSH, SFTP and installing unsigned IPA.

Thank you for reading.

If you have any doubts on this, feel free to connect me.

Twitter: https://twitter.com/srinivasch09

My Special Thanks to Azhar and Harsha Vardhan for corrections. :)

InfoSec Write-ups

A collection of write-ups from the best hackers in the…

Ch Srinivas

Written by

Web & Mobile Application security Engineer

InfoSec Write-ups

A collection of write-ups from the best hackers in the world on topics ranging from bug bounties and CTFs to vulnhub machines, hardware challenges and real life encounters. In a nutshell, we are the largest InfoSec publication on Medium. Maintained by Hackrew

Ch Srinivas

Written by

Web & Mobile Application security Engineer

InfoSec Write-ups

A collection of write-ups from the best hackers in the world on topics ranging from bug bounties and CTFs to vulnhub machines, hardware challenges and real life encounters. In a nutshell, we are the largest InfoSec publication on Medium. Maintained by Hackrew

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store