The Checkra1n utility that is in use to jailbreak certain iPhones can now be used from a rooted Android smartphone. A practice that could have interest in rare cases.
Only a few years ago, root and jailbreak were common. They allow respectively on Android and iOS to gain privileges at the system level in order to open new possibilities on our smartphones. But this manipulation is much less attractive now that most of these functionalities are now available natively.
Some nevertheless still like to engage in this practice and the Checkra1n tool precisely allows jailbreaking many iPhones under iOS 12.3 or higher (from 5 s to X). The big advantage of this tool is that it is based on a flaw in the Boot ROM and not on the OS itself, which prevents Apple from correcting the exploit with a simple update. It is nevertheless a semi-tethered jailbreak, which means that it is necessary to reconnect the iPhone to a computer to restart the jailbreak each time your restart your phone which is disturbing. In addition, the tool was available only on macOS 10.10 or higher.
Jailbreak an iPhone using a rooted Android
But that was before. Since the beginning of February, Checkra1n is also available on Linux. And now, a Reddit user discovered that it was possible to run the tool on Android as long as the Linux kernel is relatively up to date (tested on a kernel in version 4.14) and that the device is rooted.
Checkra1n offers a relatively simple handling which should not be a problem for someone already accustomed to root and jailbreak. Remember, however, that this is a manipulation that can damage your device, so it is advisable to know what you are doing before embarking on the experiment.
The user who discovered the manipulation describes it in 8 steps:
- Download Checkra1n files compatible with the rooted Android smartphone (depending on its architecture)
- Put the directory in the phone memory (in /data for example)
- Connect the two phones to each other with a suitable cable (a USB-C to Lightning cable from Apple works)
- Open a terminal application on the Android smartphone and type ” su ” to obtain super user (root) rights
- Type ” lsusb ” to verify that the iPhone recognition (the ID should be “05ac: 12a8”)
- Put the iPhone in DFU mode with the right key combination
- Check that the iPhone is still recognized (” lsusb “)
- Launch Checkra1n in CLI mode with the command “./checkrain -c”