Posts tagged OS

iFaith 1.4 Released – Downgrade From iOS 5.0.1 to iOS 5.0 (Requires iOS 5.0 APticket)

0
5 months ago
by Shay in , , , , , , , , , , , , ,

First and foremost, for those of you who are on iOS 5.0.1 already, you are out of luck. Now those of you who are still on iOS 5.0, you can now save not only your SHSH blobs but also your APtickets, which are used in Apple’s new firmware verification process. What exactly does this mean? It means that if you are on iOS 5.0 right now, and for some reason you need to restore (it updates to iOS 5.0.1) then you can have the option to downgrade back to iOS 5.0 granted you have used iFaith to save your APticket before you restored.

It should be noted that if you are on iOS 5.0.1 already, you CANNOT downgrade to iOS 5.0.

This is mainly for people who have saved their APtickets on iOS 5.0 as they will be the only ones who can downgrade back from iOS 5.0.1 to iOS 5.0.

Detailed Information

An APticket is a piece of information, almost like a screenshot. When you use Apple’s iOS 5.0 firmware, your device has an APticket saved for iOS 5.0. When you update to iOS 5.0.1, our APticket changes to an iOS 5.0.1 APticket. This is how Apple keeps you from downgrading.

By using iFaith, you can not only save your SHSH blobs, but also your current iOS 5.0 APticket. This allows you to use the APticket you had for iOS 5.0 to downgrade back to iOS 5.0 from iOS 5.0.1 since your iOS 5.0 APticket is still valid. Now if you don’t save your APticket when you are on iOS 5.0, ten your new APticket is the one given to you by iOS 5.0.1, which means that you don’t have an APticket for iOS 5.0. Since you don’t have one, you cannot downgrade back to iOS 5.0 from iOS 5.0.1. In this case, iOS 5.0.1 would be the lowest you could go.

Currently, iFaith only supports Windows, as iH8sn0w is a Windows user himself. He is also the famous developer behind Sn0wbreeze, which is the Windows-only jailbreak tool. At this point in time, there isn’t any information regarding a Mac version and its release.

Download iFaith 1.4 for Windows

iFaith release notes:

iFaith v1.4 Release notes:
======================================
* Now dumps iOS 4.4.x (Apple TV 2)/5.0.x apticket + SHSH blobs!
* Dumping is MUCH faster.
* Full Windows XP support.
* Major code improvements.
* Bug fixes.

**************************************
** DOES NOT SUPPORT A5 DEVICES YET! **
**************************************

======================================
Now available at: http://iH8sn0w.com
======================================
// iH8sn0w

“You gotta believe in the voltage that lives inside us,
So lets buckle up and break our walls down. (Whooooaahhoo)”
– @Skrillex

We recommend dumping your SHSH and APtickets if you’re on iOS 5.0. It will give you the option to downgrade back to iOS 5.0 anytime after you have used the software utility.

Sources: iH8sn0w

Bypass Jailbreak Detection Found in Apps With xCon

0
5 months ago
by Shay in , , , , , , , , , , , , , , ,

Since Apple introduced an API in iOS that detects jailbroken iOS devices, developers have been using it to prevent users who have jailbroken their iOS devices, developers have been using it to prevent users who have jailbroken their iOS devices from using their apps. Typically these users are greeted with the following error message: “Jailbreak detected. App cannot run on a jailbroken device” when they launch such apps.

The jailbreak detection has been found in apps such as Bloomberg Anywhere, Cablevision, Cisco M-Learning, DirecTV for iPad, Grimm’s Fairy Tales, Time Warner Cable, Verizon On Demand /FlexView etc. Cable companies such as Cablevision and Time Warner that allow their apps to be used only over home Wi-Fi network are paranoid that users who have jailbroken their iOS device could use their jailbreak tweaks such as My3G that enable 3G for “Wi-Fi Only” apps and use their apps while on the go. This is what has lead them to have taken the extreme step of preventing jailbroken iOS device users from using their apps.

This is going to be harder though since the iOS hacker, n00neimp0rtant recently created a jailbreak tweak called xCon which bypasses jailbreak detection in apps. It allows you to use the apps that currently prevent jailbroken iOS device users from using. The tweak apparently works by sandboxing the apps into its own memory space allowing you to use them without a jailbreak being detected.

If you want any other app to be supported then send an email to the developer at the following email address: n00neimp0rtant@me.com. The jailbreak tweak is available in Cydia for free.

iPhone Dev Team Working on Promising Unlock For iPhone 4S

0
5 months ago
by Shay in , , , , , , ,

The Chronic Dev Team recently sought out help in identifying iOS 5 vulnerabilities with their C-Dev Reporter tool. The news disappointed many people which had been waiting for the release of a jailbreak for their iPhone 4S. MuscleNerd of the dependable iPhone Dev Team did recently tweet some good news for iPhone 4S users though. He said the following:

Crazy Thanksgiving weekend! Very promising 4S unlock (http://twitpic.com/7kku4t) is in the works (Not i4, just 4S..that’s crazy part)

What this means that they have discovered an exploit in the A5 processor that powers the iPhone 4S and iPad 2, allowing them to unlock an iPhon 4S so that they can use it with any other GSM carrier. MuscleNerd even ported the following image to confirm the unlock for the iPhone 4S:

The other thing to think about is the fact that you need to jailbreak the iPhone to be able to unlock it, so this means that the iPhone Dev Team must be gearing up for the launch of a jailbreak as well. Let’s hope that the jailbreak is untethered and possibly available for the iPhoen 4, iPhone 3GS, alongside with the iPhone 4S where the unlock will be exclusive.

The iPhone Dev Team has NOT provided an ETA for when it will be releasing the jailbreak and unlock, but we’ll keep you posted regarding any released information as usual!

Source: @MuscleNerd

The Chronic Dev Team Releases C-Dev Reporter to Help Discover iOS 5 Vulnerabilities

0
5 months ago
by Shay in , , , , , , , , , , ,

The Chronic Dev Team has recently published a blog post titled “Weapons of Mass Exploitation” where they provide an update on the untethered jailbreak for iOS 5. It was more of a call to action, asking the jailbreak community to help send in device crash reports via a tool they released called the C-Dev Reporter. The crash reports would help the Chronic Dev Team discover a vulnerability in iOS, which they could use to help release a jailbreak.

In the past, the Chronic Dev Team released GreenPois0n, which was a popular jailbreak tool for iOS 4.2.1. A few months back, they announced that they had discovered 5 new vulnerabilities in the iOS 5 beta and recently a bug in iOS 5 that could possibly help in developing an untethered jailbreak on iOS 5.

The Chronic Dev team has given the following update on the untethered jailbreak for iOS 5:

During my JailbreakCon talk in September, I was excited to announce that the Chronic Dev team had already discovered 5 different exploits for use in our upcoming jailbreak. Unfortunately, that announcement was a bit premature, because in the subsequent weeks, Apple found & patched a (critical) few of those exploits, between the beta versions we used for testing and the final release of iOS5 on October 12.

Sadly (and trust us, we are much more sad about this than any of you could possibly be), this has prevented us from being able to release a new jailbreak as quickly as we wanted to. As I hinted at earlier this week on Twitter, I was initially disheartened to think that so many of the countless hours we’ve worked on this jailbreak seemingly went right down the drain.

Not to mention, these are by no means the first exploits that have been “lost” by Chronic Dev (or any other iOS hacking teams) in this manner. In fact, these are just a few in a long-running series of exploits that were patched by Apple before we hackers could make use of them in a free jailbreak for you, our loyal fans.

They then went on to explain the method Apple uses to find vulnerabilities:

One of the primary challenges in working with userland exploits is that, every time any program crashes on your iPhone, a “crash report” is generated and instantly sent back to Apple. As you can imagine, while we’re working out all the kinks in the exploitation of a vulnerability, we may need to crash any particular program thousands & thousands of times.

It’s possible to change your iTunes settings to stop sending this diagnostic information back to Apple, and of course everyone in Chronic Dev has made this change on all our development machines. However, even this is not always 100% effective at preventing Apple from obtaining our data. For instance, if one of us is at a friend’s house and plugs our iPhone up to his or her computer (even just to charge it), it’s very likely that computer is set up to send all our valuable data & crash reports right back to Apple.

Chronic Dev team have released a new tool called C-Dev Reporter, which uses a similar method to help find the vulnerabilities:

All this program requires from you is to attach your iOS device to your computer and click a single button!

At this point, the program copies all the crash reports off your device (which, under normal circumstances, would be sent right back to Apple), and instead sends this data to a secure, private server hosted by your friendly Chronic Dev team. Next, our program proceeds to neuter your copy of iTunes, simply by changing your settings to prevent your computer from sending any further diagnostic information from your device to Apple.

Using this agglomeration of your crash reports and our ninja skills, Chronic Dev will be able to quickly pinpoint vulnerabilities in various programs by using the same techniques Apple currently employs. At the very least, your data will help point us in the direction of which applications are the most vulnerable, so we can focus our time & energy on these with laser-like intensity. And, of course, this will also prevent Apple from accessing all your valuable data, just so they can then turn around and use it against you.

You can download C-Dev Reporter using this link. As mentioned before, the idea of the new tool is to help in identifying new vulnerabilities and in turn result in a jailbreak for future iOS software updates, but it appears to be a long term solution. The news should come as a disappointment to iOS device users who have been eagerly waiting for an untethered jailbreak and in case of iPhone 4S and iPad 2 users a jailbreak for iOS 5.

As of now, it looks like Dev team who have jailbroken iPhone 4S are the only hope when it comes to releasing to jailbreak for iPhone 4S and iPad 2.

Source: Chronic Dev Team (blog)

TinyUmbrella v5.01.00 Released – Save iOS 5.0.1 SHSH Blobs

0
6 months ago
by Shay in , , , , , , , , , , , , , , , , ,

Even for those of you who aren’t jailbreakers,  TinyUmbrella is a great little app that allows you to save your iPhone, iPod touch or iPads SHSH blob files locally. Some of you may be wondering what SHSH blobs are and what the purpose of saving them might be. It is quite simple, if you have your blob files stored locally, you can downgrade your iDevice to an earlier version of iOS; useful if your iPhone gets hit with a bug in the latest version of iOS, or an app you can’t live without stops working.

If you are running iOS 5.0.1, you might want to head on by TinyUmbrella’s official website and grab the latest version: it’s been updated to save the latest version’s SHSH blob files. @notcom (the developer of Tiny Umbrella) did mention one caveat though: Even though you can store an iPhone 4S’s blob files locally with the new version of Tiny Umbrella, there’s no known way to restore them – so don’t expect to be downgrading your iPhone 4S anytime soon.

Even though there is still no working solution for restoring 5.x on iPhone 4S I have released a 5.01.00 so you can at least save 5.0.1 SHSH. I have added tentative support for at least saving 5.0.1 SHSHs for iPhone 4S but as of now we are unable to use them fully. As soon as more information is available I will update.

Still, we recommend saving them as they might come in handy in the future and they only take a few seconds to save!

For those of you who are not on an iPhone 4S and managed to save your iOS 5.0 SHSH blob, you can downgrade from iOS 5.0.1 to iOS 5.0. To do so, follow the steps here.

Download Tiny Umbrella v5.01.00

  • Download Tiny Umbrella v5.01.00 (Mac)
  • Download Tiny Umbrella v5.01.00 (Windows)

Downgrade iOS 5.0.1 To iOS 5.0 With Saved SHSH

3
6 months ago
by admin in , , , , , , , , , , , , , , , , , , ,

Apple recently released iOS 5.0.1 and the jailbreak community has been advised to not upgrade. Pod2g recently found an exploit that may help to provide an untethered jailbreak and this exploit is patched on iOS 5.0.1. If you like many are seeking to use an untethered jailbreak, it would be wise to stay on iOS 5.0 because thats where the untethered jailbreak will be. For those of you who accidentally upgraded or unknowingly upgraded to iOS 5.0.1 you may be wondering how to downgrade back to iOS 5.0. In this case, you may downgrade if you have an SHSH previously saved. To do so, follow the procedure outlined below:

Required Files and Software

Downgrade iOS 5.0.1 To iOS 5.0 With Saved SHSH

  1. Connect your iPhone to your computer and open TinyUmbrella.
  2. Click on Save SHSH (the iOS 5 SHSH will only show if you have it saved previously). Once saved, close TinyUmbrella.
  3. Open RedSn0w 0.9.9b8 and go to Extras > SHSH Blobs > then click Submit (it will open a window). Here, browse to the Saved SHSH file (which is in the directory C:/User/Acount Name/.shsh folder. (the saved SHSH file for iOS 5.0)
  4. After submitting it, you will see the Blobs Submission Report.
  5. Now click on Stitch, give it the same SHSH file (which you previously submitted) and give the SHSH file, then the iOS 5.0 IPSW file. Wait for it to complete.
  6. Now open TinyUmbrella and go to the Advanced tab. Here, check all the boxes and then close it.
  7. Now restore the Stitched IPSW file with iTunes in DFU mode.

Voila – you’re done! At this point we would recommend staying on iOS 5.0 and waiting for further news from the jailbreak community devs.

For those of you who do NOT have an SHSH file saved, you are currently out of luck. If you are on iOS 5.0.1, your current option is to jailbreak utilizing RedSn0w 0.9.9b8 or Sn0wbreeze 2.8b11. This jailbreak will be a tethered jailbreak, which means that you will have to connect your iOS device to your computer and “just boot” utilizing the software for every time you need to boot. You can download BigBoss’s Semi-Tether package from Cydia to help ease the pain of a tethered jailbreak. The Semi-Tether allows you to boot your iOS device and use all the stock applications until you can “just boot” with your computer as opposed to being stuck on the boot logo. As of right now, it is a decent alternative to allow you to use your iOS device for main functions.

Stay tuned for more jailbreak news and info by following us on Facebook, Twitter, and subscribing to our RSS feed.

Jailbreak iOS 5.0.1 On An iPad, iPhone, or iPod Touch via RedSn0w

2
6 months ago
by Shay in , , , , , , , , , , , , , , , ,

Apple released iOS 5.0.1 this week and there’s already a way to jailbreak it. But there are a few things to keep in mind before you jailbreak your iPhone, iPod touch, or iPad.

Some Quick Notes before jailbreaking:

  • This is a tethered jailbreak, which means you’ll need to connect your device to a computer and run the software again anytime you need to reboot.
  • You might not want to update to iOS 5.0.1 at all if you’re holding out hope for an untethered jailbreak. An exploit was discovered in iOS 5.0 which may be used in a future untethered jailbreak tool, but if you update now there’s no good way to roll back to iOS 5.0 so you may not be able to use the new tools once their available.
  • There’s currently no public jailbreak for an iPhone 4S or iPad 2. MuscleNerd revealed that he has successfully jailbroken the devices but needs to work to package the jailbreak for a public release.
  • The process is a bit more complex if you have a carrier unlocked device. You may want to wait to make sure that ultrasn0w is updated to support iOS 5.0.1 and you’ll need to preserve your older baseband before upgrading to iOS 5.0.1.

Finally, for now performing a tethered jailbreak requires you to manually select an older IPSW file. If you used iTunes to update your device to iOS 5 you should still have the correct IPSW on your computer. If not, you can download the iOS 5.0 IPSW for your device from the following links:

Alright, if you’ve read the notes carefully and you would still like to jailbreak, here’s how you can do so after updating it to iOS 5.0.1.

  1. Make sure you’re running iTunes 10.5 or higher for Windows or Mac. ( It’s probably a good idea to use iTunes to backup your device before you get started as well)
  2. Make sure you’re running iOS 5.0.1 on your device. You can do this by connecting to iTunes and following the prompts to update your software, or by going into the settings on a iOS 5.0 device, choosing General, and then tapping the Software Update option to check for updates.
  3. Download Redsn0w 0.9.9b8 or higher for Windows or Mac from the iPhone Dev Team.
  4. Unzip redsn0w to a folder on your computer, open that folder, and run redsn0w. In Windows you do this by double-clicking the redsn0w.exe file.
  5. Choose the “Extras” option from the main menu.
  6. From the following screen hit the “Select IPSW” option and navigate to the folder where you’ve stored your iOS 5.0 IPSW file. Future versions of redsn0w may make this step unnecessary.
  7. Click OK to dismiss the message.
  8. Click Back to return to the main menu.
  9. Make sure your iPhone, iPod touch, or iPad is turned of (press and hold the power button until the “slide to power off” image appears on the screen, and then slide your finger across to turn off your device).
  10. Select the Jailbreak button to start the jailbreak process.
  11. A message will appear letting you know that the kernel is being patch.
  12. Select your options from the following screen. At the very least you’ll probably want to install the Cydia store.
  13. Hit the Next button.
  14. Hit the Next button again and then follow the on-screen instructions to enter DFU mode. In case you miss them, here’s what you need to do. While your device is turned off and connected to your computer:
    • Press and hold the power button for 3 seconds.
    • Without lifting your finger from the power button, press and hold the home button for 10 seconds.
    • Release the power button, but not the home button. Continue to hold that one for another 15 seconds.
  15. That’s almost it. Redsn0w should do the rest for you and apply the jailbreak. But you’re not quite done yet, because you still need to perform your first tethered boot.
  16. Go back to the Redsn0w main screen, select the Extras option, and click “Just boot” and follow the on-screen instructions.” (You may also want to select “Choose IPSW” again first and select your iOS 5.0 IPSW file. Redsn0w didn’t recognize my build the first time I tried booting without taking that step).

Voila! Now you’re done! You should see the Cydia icon on your home screen.

If you ever need to reboot your device, you’ll need to connect your device to your computer and run Redsn0w’s “just boot” utility again. Otherwise you will be unable to boot at all. Alternately, you could install a jailbreak tweak called SemiTether from the Cydia Store. It will allow you to reboot your device and use your phone without tethering — but you will not have access to most of the device’s functions, so it’s a temporary fix at best.

If you have any questions or comments, share them below and remember to follow us on Facebook, Twitter, and subscribe to our RSS feed for the latest jailbreak news and info.

Go to Top