Jake James
@Jakeashacks
Followers
82,746
Following
185
Media
887
Statuses
40,978
Someone who likes Apple products and cybersecurity
/var/rootfsmnt
Joined August 2016
Don't wanna be here?
Send us removal request.
Explore trending content on Musk Viewer
jungkook
• 890346 Tweets
Arsenal
• 589713 Tweets
#خلصوا_صفقات_الهلال2
• 328271 Tweets
#HAPPYJKDAY
• 308195 Tweets
#StandingNextToJK
• 238079 Tweets
#NeverLetJKGo
• 233315 Tweets
#GlobalPopStarJKDay
• 228980 Tweets
#พรชีวันตอนจบ
• 191439 Tweets
Rice
• 157563 Tweets
Brighton
• 105382 Tweets
Ticketmaster
• 102270 Tweets
#SixTONESANN
• 83738 Tweets
ポムの樹
• 40039 Tweets
Joao Pedro
• 36413 Tweets
#상병_전정국_생일축하해
• 36237 Tweets
#Venue101
• 28451 Tweets
McLaren
• 24408 Tweets
すいちゃん
• 21406 Tweets
ALL ROUNDER YUJIN DAY
• 20322 Tweets
Veltman
• 16708 Tweets
エネルギー補給
• 15183 Tweets
Joe Root
• 12748 Tweets
Chris Kavanagh
• 12642 Tweets
Cubarsi
• 11810 Tweets
Clemson
• 11478 Tweets
ブライトン
• 11095 Tweets
バトルシップ
• 11003 Tweets
#SHUNTO_HBD_21st
• 10311 Tweets
飛び降り
• 10039 Tweets
Pinned Tweet
To anyone wondering about my repo, the domain expired. I don't really need a fancy website anymore, so I'm moving my repo to Github Pages.
16
30
217
Every time a new jailbreak releases for a new version, people be like: "jailbreaking is only useful for changing UI and piracy". wrong.
I made a list of some things that are neither UI based nor piracy:
121
415
2K
More you spam about A12 less likely it'll come sooner. Shut up please and let me do stuff whenever I feel like it.
202
116
2K
iOS 14 is a bunch of tweaks stacked together with style
45
116
939
New repo:
give it some time if it doesn't work yet. sorry that i had to change domain
65
335
898
FYI a full exploit got released. Yes, I'm also working on my own, like usual I'll try to make it clean and usable for a public jailbreak. In the meanwhile, that should be enough to get jailbreak developers going!
67
138
923
bruh you got a free iPhone XS just to work on it then you do this.
Don't worry though, unc0ver will keep its promise
90
88
801
kernel r/w on 15.0 iPad Air 2 (A8X)
Currently works only up to A9.
Newer devices can be supported using
@b1n4r1b01
's method of guessing the data buffer address.
Lastly, I still gotta do the cleanup.
40
125
775
whoo whoo, i think it's time to test rootlessJB on A12
83
84
689
I think it's time to work on rootlessJB for A12 again
Ultrasound on an iPhone X-
...
...XR?!?
(Ignore my weird-ass thumb 😉)
43
62
514
52
62
692
We suspect all those bugs (gps, face id etc) are caused by the same core issue, something that messes up system services. Please wait for fix.
New problem with A12 12.4 unc0ver
Apple Smart Battery Case
@Pwn20wnd
@Jakeashacks
@iBSparkes
@iFenixx
@FCE365
@MidnightChip
@unc0verTeam
@PoomSmart
@opa334dev
@sbingner
@benjweaverdev
@iCrackUriDevice
@s1guza
@_Matchstic
14
4
25
151
59
686
RELEASE: time_waste - a tfp0 exploit for iOS 13.0-13.3 on all devices based on oob_timestamp, but cleaner in code, with no hardcoded addresses, with no memory leaks.
30
136
680
when you're happy such a thing happens as it's a good sign
22
49
637
According to my local weather, it's predicted to rain in about 20 minutes
29
37
644
This works so good, not a single bug so far & already installed a lot of things
46
38
590
In case you're wondering, unc0ver will automatically remove rootlessJB due to dpkg conflicts. You won't need to uninstall it manually
2
2
53
39
63
553
Priority list:
- fix A7 & A8
- implement limneos's dpkg
- package manager on top of it
- see what can I do about A12
43
41
541
For the first time, you can now fully use cycript with substitute, thanks to the latest substitute update (which is fixed now)
44
51
528
RELEASE: rootlessJB 3.0.
- Add initial support for iOS 12.
- Now for now works on A9-A11
- No tweaks or code injection yet
- Spawns SSH via dropbear
- dev-only?
- Read README
- Enjoy!
52
139
525
iOS 13 mitigated a technique that could be used (and was used) to disable sandbox operations system-wide (without any dynamic patches/daemon). As such I am open-sourcing my implementation of this patch (which was also used in unc0ver)
16
101
522
If I'm right this bug:
- affects < 15.5
- allows app to be signed forever
- arbitrary entitlements
If you're on < 15.5 stay there
New blog post:
Get root on macOS 12.3.1: proof-of-concepts for
@LinusHenze
's CoreTrust and DriverKit bugs
My proof-of-concepts for:
CVE-2022-26766: CoreTrust allows any root certificate
CVE-2022-26763: IOPCIDevice::_MemoryAccess not checking bounds at all
8
119
386
42
97
503
Look who's playing with checkm8.
29
69
492
if ya want i can get cydia + dpkg + tweaks working in just a few hours but do you really want a hacked up jailbreak? unc0ver's getting updated with more proper techniques, just wait for that
98
41
482
Can confirm. This is way worse than iOS 11 was. I'm literally staying on a non-jailbroken state until I finish testing & switch back to Substrate.
I have done several internal tests and the Substitute implementation still involves freezing and stability issues.
Cydia Substrate is considerably better, on all counts.
127
60
761
24
22
485
Patchfinders for offsets used in bazad's PAC bypass.
- Only tested on XS 12.0 kernel for now
- I might have gotten something wrong even on that device
- Needs my changes to patchfinder64 to work
15
56
483
Now that a remount is coming, a normal jailbreak with Cydia can be made. The only issue would be CoreTrust but if you go crazy you can use the same techniques I used in rootlessJB. It wouldn't need patching anymore, but it would still need resigning & injecting to trustcache.
45
61
470
Got an iPhone 7 Plus. Time to now work on iOS 13 stuff. (Will keep my iPad on 12.4)
26
33
477
@rohannahor2
@TryIgnition
@appleveg
why are people complicating it
tethered = can't boot without PC
semi-tethered = need PC to reactivate jailbreak
semi-untethered = need app to reactivate jailbreak
untethered = jailbreak always active
14
82
473
Dear, stop asking about 12.1.3, you can literally downgrade NOW! Don't lose your time, get to 12.1.1 beta 3 NOW.
36
28
458
To all people who lost hope, there's something I'll try today (if Sam is available), which then can also be applied to unc0ver more easily, so you'll get something, maybe not the most stable thing but something. You definitely will be having more trouble if you update.
46
41
450
Anemone 3.0 Installer with unc0ver support is now out at ! No file is rehosted on my server!
113
92
449
can everyone stop making useless checkm8 GUIs and forks, if you've got nothing useful to add, kindly asking you to not do it
20
37
441
Important note:
- unc0ver will reboot the first time *on purpose*, it's done to remount rootFS
- it'll reboot the second time *on purpose*, it's done to prevent a failed jailbreak
- the third time it'll work as normal
52
68
428
Apologies to
@AldeabAhmed
for calling him fake, he's the one that discovered sock_port was working on 12.4. Apple really went drunk
30
50
428
Anemone for unc0ver was updated to support substitute (hopefully I didn't break Substrate support). Next will be ClassicFolders 2 and Ventana.
50
36
429
Guys iApps4YOU got terminated. But that's not the end. It will be soon up again
310
60
427
WIP cheap (no settings, no customization, no in-app support blah blah) Noctis alternative. Idk if I'll ever finish/release this.
40
24
400
Looks like 15.2 beta 1 is vulnerable
59
63
416
Yes! Apple patched the bug in 12.3 and unpatched it in 12.4.
Apologies to
@AldeabAhmed
for calling him fake, he's the one that discovered sock_port was working on 12.4. Apple really went drunk
30
50
428
37
87
399
How to make tweaks (proper guide)
- learn what a tweak is
- learn programming and OOP
- learn Objective C
- learn the Cydia Substrate API or learn logos
- if the latter install theos and learn how to use it
- profit??
19
59
390
rootlessJB now supports iPad Air 2 on iOS 12.1.2.
48
37
396
time_waste now supports iOS 12. Also I just verified the exploit works fine on A8X.
26
47
399
Got rootlessJB working on an iPhone 5S (should also apply to 6). Now I need to fix a panic when launching uicache (i suspect jailbreakd is messing something when installd is launched)
35
37
393
Initial A7 & A8 support will be added to rootlessJB tomorrow, however, notes:
- I won't bother with libgrabkernel or whatever, because:
1) the idea sucks
2) I couldn't even get it to work (although I probably can if i want to). I will hardcode offsets the good old way
- patch...
54
38
385
Jake James maintains a public fork of substitute that is updated for A12. Enjoy.
The Electra team maintains a private fork of substitute that is updated for iOS 12 and A12. We have made sure not to rely on 3rd-party closed source software in our jailbreak to make sure updates are sustainable.
More details soon.
89
90
822
40
39
389
If you're having "versions mismatch" on unc0ver, try these steps and tell me if it works:
- delete ota updates if any
- jb with "disable updates" turned OFF
- let it fail
- reboot
- open settings and start downloading OTA
- when it starts, enter AIRPLANE MODE!
- (next tweet)
27
47
393
rootlessJB now has an amfid patch and can tweak all apps, including App Store apps. HOWEVER, PLEASE read README, you'll have to change a few things before being able to tweak App Store apps!
66
60
379
If you're looking to jailbreak iOS 12, open Settings -> Software Update.
If you get an error like "Unable to request" or whatever, unc0ver might put you in a bootloop. Do NOT jailbreak and DM me ASAP.
83
48
381
RIP untethered downgrades to iOS 12, any iOS 12 downgrade now is gonna be tethered
29
25
384
A PAC bypass does not make a jailbreak more reliable or stable. In fact it makes us mess less with the kernel potentially increasing stability.
@Jakeashacks
But Unc0ver has no PAC bypass and Chimera if they will! That will make it more reliable.
5
0
5
20
36
368
- This is iOS 15
- It supports all devices (A12+ probably needs a PAC bypass but jailbreaking in general requires a PAC bypass since 15.2)
- semi-untethered (edits don't persist stock, but are restored on jailbreak)
- I didn't have to waste 4 GB of storage
23
51
379
Currently planned for the future:
- SSH from device
- Better patcher
- Proper tutorial
- Fix app installation
- A12
- Sandbox patches
32
42
366
looks like this kext is accessible from sandbox, stay away from 13.3.1
15
44
367
The thing that is cooler than a CoreTrust bypass, is a CoreTrust bypass when no one cares about platform-application. Heya!
15
32
356
I successfully bypassed the amfid integrity checks (so now I can use the same method I used with xpcproxy to load a fake amfid), however *for some WEIRD reason*, the payload is IGNORED when I execute from /usr/libexec/amfid but it works from /var/libexec/amfid
22
32
364
Since you've probably seen this already, I'm releasing the PoC:
40
83
376
So, there are a few minor issues on A12 due to the new architecture, but code injection works fine! (And thus, rootlessJB will be ready after that). Pretty nice to see multiple people updating my stuff when I'm busy with other things :)
18
33
365
sock_port and sock_port 2 now work on iOS 10.0-10.3.3 as well:
27
49
359
am i dreaming
EPIC JAILBREAK: Introducing checkm8 (read "checkmate"), a permanent unpatchable bootrom exploit for hundreds of millions of iOS devices.
Most generations of iPhones and iPads are vulnerable: from iPhone 4S (A5 chip) to iPhone 8 and iPhone X (A11 chip).
913
6K
15K
10
19
369
why are people still ignorant about this. a tethered exploit is enough for a semi-tethered jailbreak, don't panic people. you'll be able to reboot just fine in stock mode.
16
33
371
couldn't you wait one more day
29
21
370
People are so used to kppless jailbreaks that they are doing stability tests on checkra1n. Don't lose your time, checkra1n is a kind of jailbreak that either works or doesn't, there's no affect in stability, without tweaks the device will be equally stable to stock.
12
34
368
Do me a favor. Stop with all those rootless package managers unless they can:
- extract deb on device
- patch on device by iterating over *every* macho, seeing if the stuff referenced exists or not in the stock filesystem and patching if not
- resigns every macho & trusts
10
20
357
I've never been on a stable jailbreak since unc0ver for iOS 11 (with substrate). Unc0ver 3.1 makes everything wonderful again. On older versions for iOS 12 I've faced panics or freezes. With this been 8 days and counting.
43
23
355
black magic. eta son.
32
72
352
rootlessJB now supports iPhone 5S and iPhone 6 (only tested on 5S though!)
56
44
349
Electra1131 has been the most hyped up jailbreak since I ever jailbroke my devices. Not sure if I like this
32
30
356
Clearing confusion:
- This IS a full CoreTrust bypass
- Completely skips both CoreTrust & AMFI (and thus, amfid)
- This is not a 0day, it's a design flaw
- Apple will likely not do anything about it pre-A12.
- A future release is planned, but "when" depends on how much we need it
17
41
363
If you have an iPhone 5S or 6 and rootlessJB is broken, you must have a Mac with Xcode willing to help me by giving me any kind of logs I want. If you don't, enjoy a broken jailbreak, i don't care.
53
27
350
Soon on unc0ver as well!
32
21
346
Since Apple wants this gone here I am spreading it. Good move Apple, now people will share it just to piss you off.
8
100
336
Removing my rocketbootstrap fix tweet because some people are having issues with it and there's a more proper fix. Instead of changing how saurik did it, let's adapt rocketboostrap to it. Saurik had a reason 🤗
See this fork:
19
39
328
would ya like cydia for chimera? will get rid of sileo until you unjailbreak & rejailbreak since i don't wanna bother with compatibility layers
@Jakeashacks
any chance of porting Cydia over to this jailbreak? Sileo doesn’t feel like home.
4
1
17
75
22
331
it's out: rootlessJB 3.1. -> . Go nuts
50
87
331
Told you getting Cydia working wasn't a big deal.
33
19
314
KTRR bypass (no A12/A13)
Debug registers in production A11 iPhones allow full-featured kernel debugging
11
179
634
10
31
323
This error is caused by the installation method you used. They've somehow corrupted the app. Please use the official methods. For no-computer methods, you're on your own.
Like what do I’ve to do to get this fixed? Most of my apps are not working due to jailbreak detection and restoring rootfs doesn’t work either.I will be glad if someone helped me. I use iPhone 7 plus.
@Pwn20wnd
@unc0verTeam
@thejailbreakhub
@FCE365
@Jakeashacks
14
2
13
59
32
312
smh stop, i won't be bringning cydia, wait for a proper tool, there's no need to mess my (and your) devices
29
10
315
wow nice
@tihmstar
, laughs at me not setting a value at 16K for a *4K device* and says "no idea what they're doing", I reply and get this
37
17
309
wen eta ssh
10
9
314