iPhone 7 Won't Jailbreak in Rootful Mode
I have tried Rootless jailbreak, but most tweaks don’t work properly. Also, when I reboot the device, the jailbreak disappears and I have to re-jailbreak using my computer every time. I want a persistent (rootful) jailbreak, so I tried rootful mode with Palera1n, but it fails.
After the "booting kernel" message appears, some lines of code start scrolling, then the process gets stuck. The text on the device screen is very small, making it impossible to take screenshots or photos. Is there any workaround or solution for this?
By "gets stuck," I mean this: on the computer, it shows "press enter to quit", and on the device screen, it shows something like "waiting for root device." It waits for some time, then the device boots normally without jailbreaking.
I’m running iOS 15.8.4 on an iPhone 7, and using Palera1n version 1.1.9 on my PC.
This is my first post on Reddit, so please forgive me if I made any mistakes.
https://redd.it/1lvf6g5
@r_jailbreak
I have tried Rootless jailbreak, but most tweaks don’t work properly. Also, when I reboot the device, the jailbreak disappears and I have to re-jailbreak using my computer every time. I want a persistent (rootful) jailbreak, so I tried rootful mode with Palera1n, but it fails.
After the "booting kernel" message appears, some lines of code start scrolling, then the process gets stuck. The text on the device screen is very small, making it impossible to take screenshots or photos. Is there any workaround or solution for this?
By "gets stuck," I mean this: on the computer, it shows "press enter to quit", and on the device screen, it shows something like "waiting for root device." It waits for some time, then the device boots normally without jailbreaking.
I’m running iOS 15.8.4 on an iPhone 7, and using Palera1n version 1.1.9 on my PC.
This is my first post on Reddit, so please forgive me if I made any mistakes.
https://redd.it/1lvf6g5
@r_jailbreak
Reddit
From the jailbreak community on Reddit
Explore this post and more from the jailbreak community
is Dophamine jail support iPhone 14 pro max on 16.6?
is Dophamine jail support iPhone 14 pro max on 16.6? Help please
https://redd.it/1lvj3lo
@r_jailbreak
is Dophamine jail support iPhone 14 pro max on 16.6? Help please
https://redd.it/1lvj3lo
@r_jailbreak
Reddit
From the jailbreak community on Reddit
Explore this post and more from the jailbreak community
ios 6 old dock jailbreak tweak
hi does anybody know where to get the old classic ios 6 dock for ios 16? i’m using dopamine on a iphone se 2
https://redd.it/1lvixja
@r_jailbreak
hi does anybody know where to get the old classic ios 6 dock for ios 16? i’m using dopamine on a iphone se 2
https://redd.it/1lvixja
@r_jailbreak
Reddit
From the jailbreak community on Reddit
Explore this post and more from the jailbreak community
Free Release ImmortalizerTS - TrollStore version of the tweak Immortalizer
Hey guys, it's been a while. I was on hiatus, though I still receive lots of request from people asking if it is possible to create a TrollStore version of the tweak I released several months ago, which is Immortalizer.
And now, it's here :)
**Download**
Features:
This offers the main key feature of the tweak, which to let apps run in the background \[foreground\].
Still works even if the device is locked
Toast indicator that shows over springboard without jailbreak
Limitations:
There's no option to force the app to show notifications when the app is foregrounded (I think it's possible to fix this by having a jailed tweak that forces an app's notification directly, I'll probably look into it)
The way it keeps an app running in the foreground depends on the app itself (single scene apps vs multi scene apps)
If ImmortalizerTS is terminated (like due to out of memory etc.), all immortalized apps will return to its normal state (except for multi scene apps).
Of course, just like the original tweak, this one is open source as well.
**Source code**
**Support the project**
Thanks to khanhduytran0 for his FrontBoardAppLauncher and for helping me understand FrontBoard better.
https://redd.it/1lvkjre
@r_jailbreak
Hey guys, it's been a while. I was on hiatus, though I still receive lots of request from people asking if it is possible to create a TrollStore version of the tweak I released several months ago, which is Immortalizer.
And now, it's here :)
**Download**
Features:
This offers the main key feature of the tweak, which to let apps run in the background \[foreground\].
Still works even if the device is locked
Toast indicator that shows over springboard without jailbreak
Limitations:
There's no option to force the app to show notifications when the app is foregrounded (I think it's possible to fix this by having a jailed tweak that forces an app's notification directly, I'll probably look into it)
The way it keeps an app running in the foreground depends on the app itself (single scene apps vs multi scene apps)
If ImmortalizerTS is terminated (like due to out of memory etc.), all immortalized apps will return to its normal state (except for multi scene apps).
Of course, just like the original tweak, this one is open source as well.
**Source code**
**Support the project**
Thanks to khanhduytran0 for his FrontBoardAppLauncher and for helping me understand FrontBoard better.
https://redd.it/1lvkjre
@r_jailbreak
Reddit
From the jailbreak community on Reddit: [Free Release] Immortalizer - a true foregrounding tweak for iOS 14-16!
Explore this post and more from the jailbreak community
RevokeZero project
Hey everyone, Nexus here! I'm a small iOS Shortcut developer focusing on advanced sideloading. I've got an idea I want to propose, and potentially collaborate on, for a new project that I believe could solve a common problem for our community.
This is about an exploit discovered on iOS 18.5 and earlier versions (you can find all the technical details on GitHub: https://github.com/C4ndyF1sh/MCS-Exploit). This vulnerability lies in how iOS's Launch Services Daemon (lsd) manages applications. It allows an app to achieve an anomalous level of persistence that goes beyond normal user control.
The direct capabilities of this exploit are quite significant: an app leveraging it can bypass forced termination (it can't be killed from the app switcher), prevent uninstallation (any attempt is interrupted by the app's automatic restart), ensure indefinite persistence (the app stays active indefinitely, ignoring user actions), and even reliably restart programmatically, a functionality Apple normally prevents.
As many of you know, it's frustrating when a sideloaded app suddenly stops working due to its certificate being revoked. Often, these apps won't launch at all or crash immediately. However, I've noticed that if an app was verified and launched before the revocation and is never fully terminated by the system, it can continue to function even after the certificate is revoked.
This is where the MCS exploit becomes crucial. I believe that by using its ability to keep an app constantly "alive" and running in the background, we can prevent it from ever being completely closed by the operating system. This persistence cycle could allow us to bypass the revocation verification mechanism, which usually only triggers upon a "clean" restart of the application. This way, our sideloaded app, even with a revoked certificate, could continue to function indefinitely, never encountering the "true" stop that would activate the certificate's validity check.
While I'm not a programmer in the traditional sense, I have a solid understanding of iOS architecture and considerable experience finding creative solutions and workarounds.
I believe a tool based on this concept would generate huge interest and be incredibly useful for the community. If you're a developer with experience in exploits or tweak development and find this idea exciting, I'd be thrilled to collaborate.
https://redd.it/1lvoyd0
@r_jailbreak
Hey everyone, Nexus here! I'm a small iOS Shortcut developer focusing on advanced sideloading. I've got an idea I want to propose, and potentially collaborate on, for a new project that I believe could solve a common problem for our community.
This is about an exploit discovered on iOS 18.5 and earlier versions (you can find all the technical details on GitHub: https://github.com/C4ndyF1sh/MCS-Exploit). This vulnerability lies in how iOS's Launch Services Daemon (lsd) manages applications. It allows an app to achieve an anomalous level of persistence that goes beyond normal user control.
The direct capabilities of this exploit are quite significant: an app leveraging it can bypass forced termination (it can't be killed from the app switcher), prevent uninstallation (any attempt is interrupted by the app's automatic restart), ensure indefinite persistence (the app stays active indefinitely, ignoring user actions), and even reliably restart programmatically, a functionality Apple normally prevents.
As many of you know, it's frustrating when a sideloaded app suddenly stops working due to its certificate being revoked. Often, these apps won't launch at all or crash immediately. However, I've noticed that if an app was verified and launched before the revocation and is never fully terminated by the system, it can continue to function even after the certificate is revoked.
This is where the MCS exploit becomes crucial. I believe that by using its ability to keep an app constantly "alive" and running in the background, we can prevent it from ever being completely closed by the operating system. This persistence cycle could allow us to bypass the revocation verification mechanism, which usually only triggers upon a "clean" restart of the application. This way, our sideloaded app, even with a revoked certificate, could continue to function indefinitely, never encountering the "true" stop that would activate the certificate's validity check.
While I'm not a programmer in the traditional sense, I have a solid understanding of iOS architecture and considerable experience finding creative solutions and workarounds.
I believe a tool based on this concept would generate huge interest and be incredibly useful for the community. If you're a developer with experience in exploits or tweak development and find this idea exciting, I'd be thrilled to collaborate.
https://redd.it/1lvoyd0
@r_jailbreak
GitHub
GitHub - C4ndyF1sh/MCS-Exploit: For iOS 18.5 and below
For iOS 18.5 and below. Contribute to C4ndyF1sh/MCS-Exploit development by creating an account on GitHub.
ra1n.libusb doesnt open
I tried to downgrade my iPhone 7 but when I open the file ra1n.libusb it opens but does nothing
I'm on linux
https://redd.it/1lvtiyp
@r_jailbreak
I tried to downgrade my iPhone 7 but when I open the file ra1n.libusb it opens but does nothing
I'm on linux
https://redd.it/1lvtiyp
@r_jailbreak
Reddit
From the jailbreak community on Reddit
Explore this post and more from the jailbreak community
RevokeZero project
Hey everyone, Nexus here! I'm a small iOS Shortcut developer focusing on advanced sideloading. I've got an idea I want to propose, and potentially collaborate on, for a new project that I believe could solve a common problem for our community.
This is about an exploit discovered on iOS 18.5 and earlier versions (you can find all the technical details on GitHub: https://github.com/cr4zyengineer/EvilWorkspace). This vulnerability lies in how iOS's Launch Services Daemon (lsd) manages applications. It allows an app to achieve an anomalous level of persistence that goes beyond normal user control.
The direct capabilities of this exploit are quite significant: an app leveraging it can bypass forced termination (it can't be killed from the app switcher), prevent uninstallation (any attempt is interrupted by the app's automatic restart), ensure indefinite persistence (the app stays active indefinitely, ignoring user actions), and even reliably restart programmatically, a functionality Apple normally prevents.
As many of you know, it's frustrating when a sideloaded app suddenly stops working due to its certificate being revoked. Often, these apps won't launch at all or crash immediately. However, I've noticed that if an app was verified and launched before the revocation and is never fully terminated by the system, it can continue to function even after the certificate is revoked.
This is where the MCS exploit becomes crucial. I believe that by using its ability to keep an app constantly "alive" and running in the background, we can prevent it from ever being completely closed by the operating system. This persistence cycle could allow us to bypass the revocation verification mechanism, which usually only triggers upon a "clean" restart of the application. This way, our sideloaded app, even with a revoked certificate, could continue to function indefinitely, never encountering the "true" stop that would activate the certificate's validity check.
While I'm not a programmer in the traditional sense, I have a solid understanding of iOS architecture and considerable experience finding creative solutions and workarounds.
I believe a tool based on this concept would generate huge interest and be incredibly useful for the community. If you're a developer with experience in exploits or tweak development and find this idea exciting, I'd be thrilled to collaborate.
https://redd.it/1lvusfk
@r_jailbreak
Hey everyone, Nexus here! I'm a small iOS Shortcut developer focusing on advanced sideloading. I've got an idea I want to propose, and potentially collaborate on, for a new project that I believe could solve a common problem for our community.
This is about an exploit discovered on iOS 18.5 and earlier versions (you can find all the technical details on GitHub: https://github.com/cr4zyengineer/EvilWorkspace). This vulnerability lies in how iOS's Launch Services Daemon (lsd) manages applications. It allows an app to achieve an anomalous level of persistence that goes beyond normal user control.
The direct capabilities of this exploit are quite significant: an app leveraging it can bypass forced termination (it can't be killed from the app switcher), prevent uninstallation (any attempt is interrupted by the app's automatic restart), ensure indefinite persistence (the app stays active indefinitely, ignoring user actions), and even reliably restart programmatically, a functionality Apple normally prevents.
As many of you know, it's frustrating when a sideloaded app suddenly stops working due to its certificate being revoked. Often, these apps won't launch at all or crash immediately. However, I've noticed that if an app was verified and launched before the revocation and is never fully terminated by the system, it can continue to function even after the certificate is revoked.
This is where the MCS exploit becomes crucial. I believe that by using its ability to keep an app constantly "alive" and running in the background, we can prevent it from ever being completely closed by the operating system. This persistence cycle could allow us to bypass the revocation verification mechanism, which usually only triggers upon a "clean" restart of the application. This way, our sideloaded app, even with a revoked certificate, could continue to function indefinitely, never encountering the "true" stop that would activate the certificate's validity check.
While I'm not a programmer in the traditional sense, I have a solid understanding of iOS architecture and considerable experience finding creative solutions and workarounds.
I believe a tool based on this concept would generate huge interest and be incredibly useful for the community. If you're a developer with experience in exploits or tweak development and find this idea exciting, I'd be thrilled to collaborate.
https://redd.it/1lvusfk
@r_jailbreak
GitHub
GitHub - cr4zyengineer/EvilWorkspace: iOS 18.5 Beta 4(and below) MobileCoreService persistence exploit. Discovered by me!
iOS 18.5 Beta 4(and below) MobileCoreService persistence exploit. Discovered by me! - cr4zyengineer/EvilWorkspace
Free Release Reboot Helper
A tweak that allows you to schedule certain reboot actions, now with button sequences support.
This tweak is available at Chariz: https://chariz.com
Direct tweak page: https://chariz.com/get/reboothelper
There might be some issues while it's still at beta as it's not perfect but works stable enough.
https://redd.it/1lvwciv
@r_jailbreak
A tweak that allows you to schedule certain reboot actions, now with button sequences support.
This tweak is available at Chariz: https://chariz.com
Direct tweak page: https://chariz.com/get/reboothelper
There might be some issues while it's still at beta as it's not perfect but works stable enough.
https://redd.it/1lvwciv
@r_jailbreak
Chariz
Chariz helps you find apps and utilities to improve your life, and helps you support the developers that build your favorite apps.
About jailbreaking the Ipad Pro M1
Hey guys!
Uhm, about a few months ago I snatched myself an IPad Pro 11 via ebay and I had to face the fact that I cannot access the IPad due to the seller mentioning that she does not remember her own Apple ID and that the iPad is locked without any possibility to remove that. She did not set the original box aside and lost the receipt, but she did mention that she bought it at a specific hardware store which is about 30 miles away from me.
I tried to call the hardware store she got it from, but I got told that she herself would have to file a request for the receipt, but when I tried to ask her to perhaps do that for me or write up an eligible document that says that I hereby own the product through purchase, but she didn't do either of that or didn't respond to those messages of mine, but she said that she would be willing to pay me back my money when I'd ship her the IPad back.
Meaning, I am currently at an impasse, even the tech support at the hardware store mentioned the possibility to me that the IPad might be stolen, but I was under the impression that it was an assumption by them.
Never the less, I currently possess the most expensive and modern bookmark.
I'm very new to Apple Products and I thought that I'd might be able to jailbreak that IPad even if it is locked.
It would be also the first thing I'd jailbreak, but...
If I can't use it in any way, I might just gonna send the IPad back to Apple Headquarters hoping that they would somehow be able to reach out the owner again by reaching out to her via physical mail about her lost account, idk...
It's just weird, she might be an experienced lady, but maaaan, how can you forget your own apple ID? 🙄
I tried to delete the data on the IPad and I attempted to reset it with the help of a PC, but after a certain percentage it stops downloading the latest version of the IPad.
The guys from the hardware store also offered me to lock it for me, but they said that it would just lock itself again when trying to put in data.
So yeah...
Any help from some experienced Apple users?
Thx for reading, man
https://redd.it/1lvvqts
@r_jailbreak
Hey guys!
Uhm, about a few months ago I snatched myself an IPad Pro 11 via ebay and I had to face the fact that I cannot access the IPad due to the seller mentioning that she does not remember her own Apple ID and that the iPad is locked without any possibility to remove that. She did not set the original box aside and lost the receipt, but she did mention that she bought it at a specific hardware store which is about 30 miles away from me.
I tried to call the hardware store she got it from, but I got told that she herself would have to file a request for the receipt, but when I tried to ask her to perhaps do that for me or write up an eligible document that says that I hereby own the product through purchase, but she didn't do either of that or didn't respond to those messages of mine, but she said that she would be willing to pay me back my money when I'd ship her the IPad back.
Meaning, I am currently at an impasse, even the tech support at the hardware store mentioned the possibility to me that the IPad might be stolen, but I was under the impression that it was an assumption by them.
Never the less, I currently possess the most expensive and modern bookmark.
I'm very new to Apple Products and I thought that I'd might be able to jailbreak that IPad even if it is locked.
It would be also the first thing I'd jailbreak, but...
If I can't use it in any way, I might just gonna send the IPad back to Apple Headquarters hoping that they would somehow be able to reach out the owner again by reaching out to her via physical mail about her lost account, idk...
It's just weird, she might be an experienced lady, but maaaan, how can you forget your own apple ID? 🙄
I tried to delete the data on the IPad and I attempted to reset it with the help of a PC, but after a certain percentage it stops downloading the latest version of the IPad.
The guys from the hardware store also offered me to lock it for me, but they said that it would just lock itself again when trying to put in data.
So yeah...
Any help from some experienced Apple users?
Thx for reading, man
https://redd.it/1lvvqts
@r_jailbreak
Reddit
From the jailbreak community on Reddit
Explore this post and more from the jailbreak community
RevokeZero project news (Devs Wanted!)
Hey everyone, Nexus here! I'm back with a crucial update on my RevokeZero project idea (https://www.reddit.com/r/jailbreak/s/tpqpTYc5p3). The new details are significant and make our goal much more concrete for anyone interested in collaborating.
As you might remember, the core idea is to leverage the MCS exploit (affecting iOS 18.5 and earlier versions, details here: https://github.com/cr4zyengineer/EvilWorkspace) to enable abnormal app persistence. This exploit allows an app to bypass forced termination, prevent uninstallation, remain active indefinitely, and even programmatically restart itself.
The heart of the project remains keeping sideloaded apps active even after certificate revocation. My key observation is that if an app is verified and launched before a revocation and is never fully terminated by the system, it can continue to function.
Now, I've refined the technical request and the mechanism we could use. What I need is for a developer to create a specific payload to enable this interminable app persistence, along with an exploit to activate this payload.
The payload would be placed in a very specific, app-accessible path: /private/var/mobile/Containers/Bundle/<UUID>.
And here's the most exciting part: the key to injecting this payload is the Write to Symlink method (https://github.com/34306/writetosymlinked). Apple doesn't seem to be patching this vulnerability, which makes it an extremely promising and stable path for our purposes. This method would give us the "hook" needed to trigger the MCS exploit from within the app's environment.
Let me know what you think of this more defined approach! Let's open a discussion and see if we can get this project off the ground.
Thanks everyone,
Nexus
https://redd.it/1lvz2py
@r_jailbreak
Hey everyone, Nexus here! I'm back with a crucial update on my RevokeZero project idea (https://www.reddit.com/r/jailbreak/s/tpqpTYc5p3). The new details are significant and make our goal much more concrete for anyone interested in collaborating.
As you might remember, the core idea is to leverage the MCS exploit (affecting iOS 18.5 and earlier versions, details here: https://github.com/cr4zyengineer/EvilWorkspace) to enable abnormal app persistence. This exploit allows an app to bypass forced termination, prevent uninstallation, remain active indefinitely, and even programmatically restart itself.
The heart of the project remains keeping sideloaded apps active even after certificate revocation. My key observation is that if an app is verified and launched before a revocation and is never fully terminated by the system, it can continue to function.
Now, I've refined the technical request and the mechanism we could use. What I need is for a developer to create a specific payload to enable this interminable app persistence, along with an exploit to activate this payload.
The payload would be placed in a very specific, app-accessible path: /private/var/mobile/Containers/Bundle/<UUID>.
And here's the most exciting part: the key to injecting this payload is the Write to Symlink method (https://github.com/34306/writetosymlinked). Apple doesn't seem to be patching this vulnerability, which makes it an extremely promising and stable path for our purposes. This method would give us the "hook" needed to trigger the MCS exploit from within the app's environment.
Let me know what you think of this more defined approach! Let's open a discussion and see if we can get this project off the ground.
Thanks everyone,
Nexus
https://redd.it/1lvz2py
@r_jailbreak
Reddit
From the jailbreak community on Reddit: RevokeZero project
Explore this post and more from the jailbreak community