Checkra1n 0.12.2 Patched Windows
Nancy Benigar
There is no online method or mobile based method to install Checkra1n yet. Also this jailbreak cannot be patched by a firmware update. The only limitation in Checkra1n is that it does not support the latest devices like iPhone 11, 11 Pro and 11 Pro Max and the latest iPhone 12 models. Unc0ver Jailbreak supports these latest devices but there is a limitation that it only supports upto iOS 14.3. Find Jailbreak Tools which support latest devices. If you have a iPhone 5S - iPhone X device, lets see how to jailbreak using Checkra1n.
Checkra1n Downloder is a Checkra1n Compatibility Checker Tool. You can simply check the compatibility of Checkra1n for your device using Checkra1n Downloader. Also you are able to find the best available Checkra1n Download for 100% Free or with $4.99 Premium Support
Checkra1n Jailbreak is only available for Mac and Linux users for now. But the Checkra1n team says Checkra1n will support Windows, till then you can download checkra1n windows through another way mentioned, check it out.
Ra1nstorm Jailbreak is the Checkra1n Jailbreak tool for Windows and Linux. This is now available in computer method. This was a tool developed by @realra1nstorm. Ra1nstorm will work on iPads and iPods also other than iPhones.
Ra1nUSB is not a new jailbreak tool but a USB bootable version of Checkra1n Jailbreak. If you own a Mac OS, you can use checkra1n. If you are a windows user or a linux user, you may use Ra1nstorm helper or the newly introduced Ra1nUSB Jailbreak.
After disabling the above features enable the Virtualization options in BIOS. Most of the systems come with Virtualization options enabled by default. If it is already enabled, just keep it as it is and do not change it. Save the settings by and exit.
Webra1n is a web based interface to run Checkra1n Jailbreak on devices like Raspberry Pi. It supports all the versions which checkra1n supports and works only in MacOSX like the original Checkra1n Jailbreak. Then it enables the web interface to run and execute commands using Checkra1n.
Step 2: if you have already set up a device password, it will ask the password. If not checkra1n Linux jailbreak will open your computer screen. Now you can click the start button and proceed to the jailbreak. (Same as Mac method).
If your latest iOS 14.8 running iPhone / iPad not supported for the Checkra1n jailbreak tool, you can use online jailbreak solutions listed below to enjoy jailbreak tweaks, hacked game, apps and many more.
Latestly released iOS 14.8 also successfully jailbroken by the Checkra1n jailbreak. iOS 15 is not yet supported the Checkra1n. However, the most recent jailbreak tool introduced for iOS 15.4.1 - iOS 15 jailbreak in the Palera1n jailbreak tool which is semi-untethered and only available in the developer version for the time being.
Unlike classic jailbreaks such as Chimera or unc0ver, this one is based on a bootrom vulnerability and exploit. checkra1n is potentially compatible with all versions of iOS provided that they run on supported hardware. More importantly, it will remain compatible with new and upcoming iOS releases as the bootrom vulnerability cannot be patched by Apple.
The list of supported devices includes the iPhone 5s, iPhone 6, iPhone SE, iPhone 6s, iPhone 7 and 7 Plus, iPhone 8, 8 Plus and iPhone X, as well as most iPads based on similar SoC. Apple TV HD (ATV4) and Apple TV 4K as well as potentially Apple Watch series 1, 2 and 3 are also in the list.
The last time we saw a bootrom exploit of this scale was back in 2010 for the iPhone 4. The limera1n exploit allowed us to be the first who performed a full physical acquisition (true physical, i.e. bit-precise copy of the iPhone storage, passcode cracking, plus the extraction of most of the data without a passcode).
checkra1n is a big departure from the tried and true Cydia Impactor procedure. Which may not be a bad thing since Cydia Impactor has been broken for weeks. The initial version of checkra1n was available for macOS only. Today, there are Windows and Linux versions available. However, the macOS build remains the most reliable, and we still recommend you to use macOS to jailbreak and to perform acquisition, especially if you are doing mobile forensics on a regular basis. If you do not have a Mac yet, it may be a worthy addition to your arsenal. get If you are on a budget, any model that can run macOS Catalina (10.15) will do. While there is a limited set of mobile forensic tools available on the market (apart from our software, we can recommend BlackBag solutions), this is a good investment.
Have I mentioned the list of accounts (/private/var/mobile/Library/Accounts/Accounts3.sqlite)? No passwords there, yet you can access some information about the device owner and all related accounts used on this device.
You will also get a history of Wi-Fi connections, paired Bluetooth devices, write-ahead logs (WAL) for SQLite databases, WhatsApp *.log files, the list of blocked contacts and dozens various plists; the complete list of non-encrypted files is yet to explore and analyse.
The best results, however, can be achieved only if the device is unlocked (the screen lock passcode is not set or is known). Do not overlook the keychain decryption; you will gain access to tons of passwords and authentication tokens, opening the door for cloud acquisition with Elcomsoft Phone Breaker for Apple iCloud and Elcomsoft Cloud eXplorer for Google accounts.
We strongly recommend reading these two articles in order to understand and avoid potential issues (such as the computer connecting to the wrong iOS device). Most importantly (not just for this jailbreak, but in general): before acquisition, disable all Wi-Fi and Ethernet (!) connections on the computer where EIFT is running, and put the iOS device into airplane mode. I cannot stress this enough; if you fail to do this simple thing on BOTH the computer AND the iOS device, all kinds of weird issues may (and probably will) happen.
The answer is yes, it does. In DFU mode, the device is still accessible even if DFU restricted mode has been activated; checkra1n can be installed and no passcode is needed. Once the jailbreak is installed, partial (BFU) acquisition is possible, and it is worth going after. However, you will still need the screen lock passcode in order to unlock the device and extract the full file system and the keychain.
Yes and no. If you work with a device with an unknown passcode, and cannot establish a trusted relationship with the computer, then file system acquisition still works in limited mode. Keychain extraction does not work. We cannot even upload the keychain decryption utility to the device; in order to decrypt the keychain, the device must be unlocked. If the device is unlocked (the passcode is known or not set), you will have to establish a trusted relationship in order to extract and decrypt the keychain.
And last but not least, big thanks to Mattia Epifani, a SANS FOR 585 instructor, co-author of Learning iOS Forensics and our good friend. Check his twitter account for up to date information on this topic! Mattia, this work would not be possible without your research, your support and your ideas.
Learn what Google knows about you! Download information directly from the Google Account with or without a password. Elcomsoft Cloud Explorer enables over-the-air acquisition for a wide range of Google services including Contacts, Hangouts Messages, Google Keep, Chrome browsing history, search history and page transitions, Calendars, images, location and a lot more.
Extract critical evidence from Apple iOS devices in real time. Gain access to phone secrets including passwords and encryption keys, and decrypt the file system image with or without the original passcode. Physical and logical acquisition options for all 64-bit devices running all versions of iOS.
Gain full access to information stored in FileVault 2 containers, iOS, Apple iCloud, Windows Phone and BlackBerry 10 devices! Download device backups from Apple iCloud, Microsoft OneDrive and BlackBerry 10 servers. Use Apple ID and password or extract binary authentication tokens from computers, hard drives and forensic disk images to download iCloud data without a password. Decrypt iOS backups with GPU-accelerated password recovery.
Elcomsoft Phone Viewer is a fast, lightweight forensic viewer for quickly accessing information extracted from mobile backups. Supporting a variety of platforms and data formats, the tool can display information extracted from local and cloud iOS backups and Microsoft Accounts. Password-protected iTunes backups can be automatically decrypted and analyzed without using third-party tools.
Ok, logical acquisition is easy, safe and it always works: however, this kind of acquisition mostly gives you the same data you can get via iTunes: a simple backup (sometimes encrypted), media files and some logs.
Obviously there are much more data stored in the iPhone that can be accessed only with a more deeper acquisition process.
Before First Unlock (BFU) is the worst case that a forensic analyst may face off: the iDevice is turned off, and once booted it will ask for the unlock code.
Mission impossible? Not really (currently)!
Jailbreaks always had limited compatibility through the iOS releases, but the new checkra1n jailbreak [1] supports a wide list of devices and versions of iOS and is also a jailbreak (the first since the iPhone 4) that can be installed on a locked device in BFU mode with an unknown password and then used to extract forensic data.
checkra1n exploits a bootrom vulnerability (dubbed checkm8 [4]) and is potentially compatible with all versions of iOS.
Furthermore, the exploited vulnerability is related to hardware and can be patched by Apple only on new devices, so it will remain compatible with new and upcoming iOS releases.