Jailbreak an iOS Device

Jailbreak an iOS 8 - 9.3.3 Device

This method is intended for use on 8.0-9.3.3 devices and utilizes the Pangu/Taig jailbreak method.  Ensure your device is running a compatible version before continuing.

Before jailbreaking, for best results, Disable “Find My iPhone” (if necessary) on your iOS device. Navigate to Settings > iCloud > Find My iPhone and turn off the ‘Find My iPhone’ toggle.  Apple ID password is required to confirm.  Disable Passcode and Touch ID unlock.  You can achieve this by going to Settings > Touch ID & Passcode and then tapping on the ‘Turn Passcode Off’ option.

Requirements:

iOS Device running a jailbreakable version of iOS

iOS 9.2-9.3.3

Additional Requirements:

A 64 bit device running iOS 9.2-9.3.3 which include:

  • iPhone 5s

  • iPhone 6

  • iPhone 6+

  • iPhone 6s

  • iPhone 6s+

  • iPhone SE

  • iPad Mini 2

  • iPad Mini 3

  • iPad Mini 4

  • iPad Air

  • iPad Air 2

  • iPad Pro (both sizes)

  • iPod Touch 6G

A valid Apple ID.

  • The Apple ID can be one that was recently made.

  • WiFi connection for the iOS device.

Restrictions:

The Pangu iOS 9.3.3 jailbreak has several restrictions relating to its persistence on devices, and the requirement of a cert for the app itself.

A device will only remain in jailbreak until it is rebooted.  A soft reboot will not cause the jailbreak to dismiss, but a hard reboot will.  For however long a jailbreak device remains turned on without a hard reboot, that device will remain in jailbreak.

An Apple ID is required to sign the ipa file so it may run on the device. If you need to create an Apple ID, one can be created at https://appleid.apple.com/account.  Due to the signing requirement, there are some limitations to consider:

  • The certificate will expire in 7 days if you use a regular user Apple ID to sign the certificate.

  • There is a limitation on the number of certificates that a regular user Apple ID can sign.

If you have access to a developer membership, it is recommended to sign the ipa file with your own developer certification, which will prevent the certificate from expiring for up to 1 year.

If you do not have a developer membership, there is a workaround.  The Pangu app allows you to use their embedded certificate to sign the application until April 2017.  The directions Pangu provides, referenced in Initial Jailbreak, show how this is performed. Before peforming the jailbreak, the app will have a check box option that. Select that check box if you wish to use their cert.  We recommend using this option if a developer membership is not available.

It should be noted, even if the certificate expires, the device will not lose it’s jailbreak unless it is rebooted.  This means that as long as the device remains powered on and a hard reboot is not performed, the phone will remain in jailbreak.

Initial Jailbreak

We recommend following the directions located on http://en.pangu.io/help.html.  Make sure you are able to connect your iOS device to your computer.

Re-jailbreaking

Due to the nature of this jailbreak, if an iOS device is rebooted, it loses its jailbreak.  To re-jailbreak the device, open the Pangu app , select Start, lock the device, and allow the device to perform a soft reboot.  Once the device comes back on, the jailbreak will be in effect.

Jailbreak an iOS 10 - 10.2 Device

This method is intended for use on 10.0-10.2 devices and utilizes the Yalu102 jailbreak method.  Ensure your device is running a compatible version before continuing._

Requirements:

iOS Device running a jailbreakable version of iOS

iOS 10.0-10.2

Additional Requirements:

A 64 bit device running iOS 10.0-10 which include:

  • iPhone 5s

  • iPhone 6

  • iPhone 6+

  • iPhone 6s

  • iPhone 6s+

  • iPhone SE

  • iPad Mini 2

  • iPad Mini 3

  • iPad Mini 4

  • iPad Air

  • iPad Air 2

  • iPad Pro (both sizes)

  • iPod Touch 6G

A valid Apple ID.

  • The Apple ID can be one that was recently made. It does not need to meet any special criteria

  • WiFi connection for the iOS device.

Restrictions

An Apple ID is required to sign the ipa file so it may run on the device. If you need to create and Apple ID, one can be created at https://appleid.apple.com/account. Due to the signing requirement and tethered jailbreak requirements, there are some limitations to consider:

  • The certificate will expire in 7 days if you use a regular user Apple ID to sign the app

  • A reboot will cause the device to lose it’s jailbreak.

  • openSSH should not be used on your iOS 10 device, as it will break the device. An alternate SSH daemon is used, called Dropbear.

    DO NOT INSTALL OpenSSH.

iOS 10 Jailbreak Tutorial

These directions are intended to be used from within the MacBook. Not the Santoku VM. Please turn off VMWare before you begin this process.

  1. Create an iTunes Backup of your iOS device
  2. Turn off Siri, Find My iPhone, TouchID, and pin code login. Also logout of iCloud/iTunes if you had an account..
  3. Download Cydia Impactor from http://www.cydiaimpactor.com/
  4. Download the NowSecure Yalu102 Jailbreak from: http://downloads.nowsecure.com/direct/ns-yalu102.ipa

    • SHA256: 48e21c0112b442cf77ef552101dcba65aa06ab86fef054d3a44eed31c8408ceb

    • We have modified the Yalu102 jailbreak for testing devices. If you plan to download the Yalu102 Jailbreak for personal use, please download from the official release.

  5. Create an Apple ID: https://appleid.apple.com/account#!&page=create

    • Make sure you have DISABLED 2-Factor Authentication on your Apple ID.
  6. With your iOS device connected to your computer and iTunes closed out, launch Cydia Impactor

  7. With Cydia Impactor launched, you will see the device name in top field of the window. Impactor

  8. Drag the ns-yalu102.IPA on to the Impactor window.

  9. You will be prompted to enter an Apple ID. Enter your Apple ID Username and Password. Impactor

    Impactor

  10. Impactor will sign and sideload the IPA automatically to your device.

  11. On the iOS device go to Settings>General> Device Management. Select the ns-yalu102 app. Select ‘Trust’ on the screen. A message asking to verify the trust will pop up. Select ‘Trust’. Trust App

  12. Launch the yalu102 app. Yalu Jailbreak

  13. When the app has been launched, you will see a prompt stating “May Slow Down Your iPhone”. Press OK. Yalu Jailbreak

  14. Press ‘Go’. Your device will begin performing a reboot. Yalu Jailbreak

  15. Once your device is back on, confirm you have access to the Cydia app. Launch the Cydia app the confirm your device is jailbroken. Cydia

    Yalu Jailbreak

Re-jailbreaking

Due to the nature of this jailbreak, if an iOS device is rebooted, it loses it’s jailbreak. To re-jailbreak the device, open the yalu102 app, select Go, lock the device, and allow the device to perform a soft reboot. Once the device comes back on, the jailbreak will be in effect. If the app opens and does not have the Go option available, this means the jailbreak is already in effect.

If the app does not open, and notifies you that it is not available, you will have to follow the steps in in Jailbreak Instructions. Make sure to remove the yalu102 app from your homescreen before Jailbreaking your device again.