/palera1n

iOS 15.0-15.3.1 tethered checkm8 "jailbreak" (rootless is 15.0-15.7 semi-tethered, no tweaks)

Primary LanguageShellGNU General Public License v3.0GPL-3.0

palera1n logo

palera1n

An iOS 15.0-15.3.1 work-in-progress, tethered checkm8 jailbreak.

Change LogDiscordTwitter

How does it work?

It boots the device with AMFI patches. On first run, it'll boot a ramdisk which dumps your onboard blob, and installs Sileo and Substitute.

Issues

Linux

  • Linux has some weird usbmuxd issues. We have tried our best to fix them, but there still are issues. We highly recommend to compile and install usbmuxd2.
  • Stop making issues about Linux not being able to connect, we are aware. This includes being stuck on waiting for ramdisk to finish booting.

Warning

  • We are NOT responsible for any data loss. The user of this program accepts responsibility should something happen to their device. While nothing should happen, jailbreaking has risks in itself. If your device is stuck in recovery, please run one of the following:
    • futurerestore --exit-recovery
    • irecovery -n
  • Using this on iOS 16 has a higher chance of bootlooping you.

A10 and A11 devices

  • On A10 and A11, you must disable your passcode while in the jailbroken state.
    • On A10, this can be fixed in the future by implementing blackbird.
    • On A11, we don't have a SEP exploit yet.

Prerequisites

Warning: You must install the Tips app from the App Store before running palera1n.

  • A checkm8 vulnerable iOS device on iOS 15 (A8X-A11)
    • The device must be on iOS 15.0-15.3.1
      • Currently, the best is iOS 15.1.
      • iOS 15.0-15.0.2 and 15.2-15.3.1 have App Store app launching issues.
  • Linux or macOS computer
    • Python 3 must be installed.

How to use?

  1. Clone this repo with git clone -b tweaks --recursive https://github.com/palera1n/palera1n && cd palera1n
  2. Run ./palera1n.sh --tweaks <your current iOS version>
    • [A10 and A11] Before running, you must disable your passcode.
    • Put your device in DFU mode before running.
  3. Follow the steps on your screen.

Reports

  1. Ask in the r/jailbreak Discord #palera1n channel
  2. Ask in the palera1n Discord
  3. Open a GitHub issue

Please, please, please, provide necessary info:

  • iOS version and device (eg. iPhone 7+ 15.1, iPhone 6s 15.3.1)
  • Computer's OS and version (eg. Ubuntu 22.04, macOS 13.0)
  • The command you ran
  • Debug logs with --debug

DO NOT harass tweak devs if tweaks don't work. Refer to here for compatiblity.

Repos

All repos work with the tweaks branch because it uses normal Procursus and not rootless.

Credits

  • Nathan
    • The ramdisk that dumps blobs is a slimmed down version of SSHRD_Script
    • Also helped Mineek getting the kernel up and running and with the patches
    • Helping with adding multiple device support
  • Mineek
    • For the patching and booting commands
    • Adding tweak support
  • Amy for the Pogo app
  • nyuszika7h for the script to help get into DFU
  • the Procursus Team for the amazing bootstrap
  • F121 for helping test
  • tihmstar for pzb/original iBoot64Patcher/img4tool
  • xerub for img4lib and restored_external in the ramdisk
  • Cryptic for iBoot64Patcher fork