checkra1n Installation Tips & Tricks

July 14th, 2020 by Vladimir Katalov
Category: «General», «Tips & Tricks»
  • 6
  • 8
  •  
  •  
  •  
  •  
  •  
  •  
    14
    Shares

Having trouble installing the checkra1n jailbreak? If you do it right, you achieve a nearly 100% success rate. We have collected the most important information on how to install and troubleshoot the checkra1n jailbreak. By following these advises, you will be able to jailbreak like a pro, whether you just want to research your own device or perform the file system and keychain acquisition.

Why checkra1n

Whether to install a jailbreak or not is always your decision. If you are about to extract the device, there might be multiple options at your disposal. There might be other jailbreaks available such as the unc0ver jailbreak; yet another one (Odyssey) is coming.  The checkra1n & unc0ver: How Would You Like to Jailbreak Today can help you decide. The main advantage of checkra1n is the support for the latest versions of iOS that no other jailbreaks are available for. For the forensic community, checkra1n is the only jailbreak allowing the BFU (Before First Unlock) acquisition of locked devices with an unknown passcode. Finally, checkra1n does not require you to sign the jailbreak IPA file (using AltStore or the Developer Account at Apple).

Compatibility & CLI mode

checkr1n is compatible with the iPhone 5s through iPhone X, as well many iPad models and even Apple TV 4 (Apple TV HD) and Apple TV 4K. Supported iOS versions range from iOS 12.3 to 13.5.

To use checkra1n with iOS versions that are not officially supported, enable the “Allow untested versions” option. We tried checkra1n on iOS 13.5.1 and 13.6 beta 4 (which is actually the “Gold Master” release) and it works just fine. What about the older versions (12.3 and below)? Do not ever bother trying.

We also recommend using CLI mode over GUI, it is found to be more reliable. Also, if you perform BFU acquisition of the device that is locked in USB restricted mode, this is the only way to go.

Platform

If you have Windows and macOS computers at your disposal, we recommend using macOS for installing checkra1n. If you don’t, there is a version for Linux. You may be able to use an emulator or a bootable flash (e.g. with Ra1nUSB/Bootrain/ra1nstorm) if a Windows computer is all that you have.

There is also a Raspberry Pi port, but here is what developers say:

The exploit may not work as reliably on some devices, such as the Raspberry Pi Zero and Raspberry Pi 3.

So again, to save the time, use the native macOS version on any Mac computer. We have not tested it on Big Sur yet, but it works just fine on Catalina.

Cables & connection

First of all, always use the standard Lightning to USB Cable (the Type-A cable), but not the USB-C one. Here is why (from the checkra1n Web site):

Lightning-to-USB-C cables are trouble: specifically, some of them cannot be used to enter DFU mode and there is nothing we can do about that. This includes Apple’s own USB-C cables, as well as some 3rd party ones – other 3rd party ones have shown to do work though. If your cable turns out to not work, we recommend using a USB-A cable instead, if necessary in combination with a USB-A-to-C adapter.

Technical explanation:

The BootROM will only enter DFU if it detects USB voltage, which boils down to checking whether a certain pin is asserted from the Tristar chip. The Tristar does this based on the cable’s accessory ID, and apparently USB-A and USB-C cables have different accessory IDs, and the one of the USB-C cables makes the Tristar not assert the USB voltage pin.

Also, do not use any USB hubs (only USB-C to USB-A adapter if needed).

Other tips

The other thing that dramatically affects the checkra1n success rate is the battery charge level. Make sure that the device is not in the Low Power Mode, and charge your device well over 20%.

Another important thing recommended by checkra1n developers is:

When trying to jailbreak multiple devices, only the first attempt will succeed. Workaround: relaunch checkra1n after every jailbreak attempt.

In fact you may also need to restart your Mac computer. Looks like the USB driver (or some other system component on the computer) has a problem with checkra1n, and restarting the computer does help. Also, re-connect the device and enter it into the DFU mode again.

If you still have a problem, submit it to the checkra1n issue tracker (providing as much details as possible, but please search if a solution already exists to avoid duplicates.

The future

Will checkra1n work with future versions of iOS (including iOS 14)? In case if you are curious, we have tested the latest version (0.20.2) with iOS 14 beta 2 on several devices from the iPhone 6s to iPhone X, and it does not work yet (though we have a report from one partner saying that he was able to install it on one device).

Most probably, it can be adapted to work with future versions of iOS, but the devil is in the detail. Rumors say that Apple had made some improvements targeting BFU acquisition of iPhone 7, iPhone 8 and iPhone X devices (the iPhone 6s is not affected for some reason). However, if you know the screen lock passcode, you will be able to install checkra1n on these devices, but only after removing the passcode. Note that removing the screen lock passcode has many negative consequences regarding the device contents and iCloud access.


  • 6
  • 8
  •  
  •  
  •  
  •  
  •  
  •  
    14
    Shares