Skip to content

Hackt1vator/iFix

Repository files navigation

An iOS 12-16 work-in-progress,
untethered Mobile Device Management bypasser that uses checkra1n and palera1n.

Usage (Tutorial)ContributorsTwitterWebsite

This project is no longer updated. Please use hackt1vator AiO instead: Hackt1vator AiO

If you want a jailbreak, you should read ios.cfw.guide.

For devices that don't fully load Github Releases for some reason, use this link to install the ZIP file: https://github.com/Hackt1vator/iFix/releases/download/v.1.0/iFix.zip

Requirements

  • A checkm8 vulnerable iOS device on iOS 15.x or 16.x (A8 - A11)
  • Palera1n Loader IPA file, which is available at https://nightly.link/palera1n/loader/workflows/build/main/palera1n.zip
  • USB-A cables are recommended to use, USB-C may have issues with palera1n and getting into DFU mode.
    Technical explanationThe BootROM will only enter DFU if it detects USB voltage, which boils down to checking whether a certain pin is asserted from the Tristar chip. The Tristar does this based on the cable's accessory ID, and apparently USB-A and USB-C cables have different accessory IDs, and the one of the USB-C cables makes the Tristar not assert the USB voltage pin.
  • Slive dependencies, available here: https://www.appletech752.com/dependencies.sh

Stolen Requirements

  • A Linux or macOS computer

    • AMD CPUs (not AMD Mobile) have an issue [with (likely) their USB controllers] that causes them to have a very low success rate with checkm8. It is not recommended that you use them with palera1n.
      • If your device does not successfully jailbreak, try a computer with an Intel or other CPU
  • Apple Silicon Macs with USB-C

    • USB-C port on Apple Silicon Macs may require manual unplugging and replugging of the lightning cable after checkm8 exploit.
    • This problem may be solved by connecting via USBHub.

Credits

PatheticlolREADME updates