11月10日晚Checkra1n越狱工具正式发布,Checkra1n越狱工具是基于大神axi0mX发现的永久性不可修复bootroom漏洞开发的支持A5-A11所有IOS设备的越狱工具,目前仅支持Mac系统上运行(目前为测试版,不建议主力机器尝试)

A5-A11中,目前暂时不支持的设备如下(后续会添加支持):

  • iPad Air 2
  • iPad 5th Gen
  • iPad Pro 1st Gen

并且,由于稳定性问题,以下系列设备需要以命令行的形式运行工具

  • iPhone 5S
  • iPad Mini 2
  • iPad Mini 3
  • iPad Air

越狱教程

  1. Mac部分

在官网下载好DMG安装包后,打开它,将它拖入应用程序中
checkra1n-1.jpg
在应用程序中打开Checkra1n,如果无法打开,请去设置中允许未知来源应用
checkra1n-2.jpg
开启后连接好自己的设备后,确认工具识别你的设备,点击Start
checkra1n-3.jpg
第二步是提醒你要DFU模式的,工具为了方便的引导你进入DFU模式,会先进入恢复模式,确认没问题直接NEXT,此时设备会自动进入恢复模式
checkra1n-4.jpg
进入恢复模式后,这步可以直接点击Start,根据指引手动进入DFU模式,检测到你进入DFU模式后,会则自动执行越狱
checkra1n-5.jpg
接下来就是引导启动和利用漏洞的过程
checkra1n-6.jpg
引导页面,等待完成
checkra1n-7.jpg
直到越狱工具提示完成,如下图
checkra1n-8.jpg

  1. 手机部分
    等待手机开机完成,找到Checkra1n

checkra1n-9.jpg
点击安装Cydia
checkra1n-10.jpg
等待下载安装Cydia,根据网络环境而定
checkra1n-11.jpg

常见问题(官网)

问:什么是Checkra1n?
答:Checkra1n是一个社区项目,基于checkm8 bootrom漏洞向所有人提供高质量的引导式越狱。

问:它是如何运作的?
答:魔法。

问:为什么beta版本的发布被延迟了?
答:我们不希望发行质量像iOS13.2那样结束,您应该可以得到更好的体验。

问:什么时候发布?
答:已经发了啊。

问:如何使用?
答:打开Checkra1n应用程序,然后按照说明将你的设备进入DFU模式。从那时起,神奇的事情就发生了,设备将启动进入越狱模式。如果不使用Checkra1n来启动设备,它将恢复为传统的iOS,并且在输入DFU并再次检查设备之前,您将无法使用已安装的任何第三方软件/插件。

问:嗯,我不喜欢GUI图形界面?
答:好的,你可以用命令行来执行"./checkra1n.app/Contents/MacOS/checkra1n_gui -".

问:越狱安全吗?会伤害我的设备/抹除我的数据吗?
答:我们认为越狱是安全的,请采取预防措施以避免数据丢失。但是,与任何软件一样,可能会发生错误,并且不提供任何保修。我们建议您在运行Checkra1n之前备份设备。

问:我有任何问题要报告。
答:请在此处检查(超链接)并遵循错误报告模板。

问:我丢失了密码。Checkra1n可以解密我的数据或访问锁定的设备吗?
答:不可以。

问:我可以用SSH连接设备吗?
答:必须!SSH服务器仅部署在本地主机上的端口44上。您也可以通过USB使用iproxy在本地计算机上使用。

问:我喜欢这个项目!我可以捐赠吗?
答:谢谢,我们也喜欢它!该项目目前没有任何捐款。如果有人要求捐款,那就是骗局。

问:项目开源节流在哪里?我想写一个黑暗模式的主题,并以自己的名义发布越狱。
答:Checkra1n仅在此阶段以二进制形式发布。我们计划在2020年晚些时候开源。

问:为什么我在Checkra1n应用程序中使用“还原系统”选项并重新启动后仍然存在越狱应用程序?
答:这是有关此功能的已知问题。这些应用程序不再安装,但它们的图标可能会保留在主屏幕上,直到iOS重建其图标缓存(在非越狱模式下我们无法控制)。

问:Windows支持何时发布?
答:我们需要编写内核驱动程序来支持Windows(这是一段非常复杂的代码!),这将需要一些时间。不过请放心,我们正在为此努力。

问:DMG里打不开Checkra1n应用!
答:按照DMG文件中的说明进行操作,然后将应用程序拖到“应用程序”文件夹中。

官网常见问题原文

Frequently Asked Questions
Q: What is checkra1n?
A: checkra1n is a community project to provide a high-quality semi-tethered jailbreak to all, based on the ‘checkm8’ bootrom exploit.

Q: How does it work?
A: Magic hax.

Q: Why was the beta release delayed?
A: We didn't want the release quality to end up like iOS 13.2, you deserve better.

Q: wen eta?
A: bruh we're past that.

Q: How do I use it?
A: Open the checkra1n app, and follow the instructions to put your device into DFU mode. Hax happens auto-magically from that point and the device will boot into jailbroken mode. If you reboot the device without checkra1n, it will revert to stock iOS, and you will not be able to use any 3rd party software installed until you enter DFU and checkra1n the device again.

Q: ugh, I don't like GUI?
A: ok, you can use "./checkra1n.app/Contents/MacOS/checkra1n_gui -" from the console.

Q: Is it safe to jailbreak? Can it harm my device / wipe my data?
A: We believe jailbreaking is safe and take precautions to avoid data loss. However, as with any software, bugs can happen and no warranty is provided. We do recommend you backup your device before running checkra1n.

Q: I have a problem or issue to report after jailbreaking.
A: Many problems and bootloops can be caused by buggy or incompatible tweaks. Remember many tweaks never saw iOS 13 in the pre-checkra1n era. If you suspect a recently installed tweak, you may attempt to enter no-substrate mode by holding vol-up during boot (starting with Apple logo until boot completes). If the issue goes away, a bad tweak is very likely the culprit, and you should contact the tweak developers.

Q: I have a problem or issue to report and I don't think it's related to a bad tweak.
A: Please check here and follow the bug report template.

Q: I lost my passcode. Can checkra1n decrypt my data or get access to a locked device?
A: No.

Q: Can I ssh into my device?
A: Yes! An SSH server is deployed on port 44 on localhost only. You can expose it on your local machine using iproxy via USB.

Q: I love the project! Can I donate?
A: Thanks, we love it too! The project does not currently take any donations. If anyone asks for donations, it's a scam.

Q: Where are the sources? I want to write a dark-mode theme and publish the jailbreak as my own.
A: checkra1n is released in binary form only at this stage. We plan to open-source later in 2020.

Q: Why do I still have jailbreak apps present after I used the 'Restore System' option in the checkra1n app and rebooted?
A: This is a known issue with how this functionality works. The apps are not installed anymore, but their icons may stay on the homescreen until iOS rebuilds its icon cache (which we have no control over in non-jailbroken mode).

Q: When is Windows support coming?
A: We need to write a kernel driver to support Windows (which is a very complex piece of code!) which will take time. Rest assured however, we are working hard on it.

Q: The checkra1n app doesn't open inside the DMG!
A: Follow the instructions in the DMG file and drag the app to the Applications folder.

补充链接

Checkra1n官网:https://checkra.in

Checkra1n工具下载(官网):Checkra1n 0.9.8beta Download for macOS

Checkra1n工具下载:Checkra1n

补充说明

如手机端Checkra1n打开闪退可自行在APPSTORE上下载iCareFone并开启全局广告拦截即可

DFU模式进入方法(iPhone7+↑):快速依次点击音量上键已经音量下键并,再点击开机键不放等待设备关机黑屏后按住音量下键5s松开开机键,5s后再松开音量下键

说明

该文部分素材收集整理自网络

Last modification:March 9th, 2020 at 04:05 pm
给鱼丸买瓶饮料