Advertisement

Thread Rating:
  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
How to use the Checkm8 BootROM Exploit (iPwnDFU) on iOS 8 up to iOS 13.1.1
#1
Star 
Hello everyone, GeoSn0w here.

As you probably are aware, on September 27, hacker @axi0mX released his checkm8 SecureROM (BootROM) exploit which is compatible with iPhone 4S, iPhone 5, iPhone 5C, iPhone 5S, iPhone 6 / 6 Plus, iPhone 6S / 6S Plus, iPhone 7 / 7 Plus, iPhone 8 / 8 Plus and iPhone X, as well as all iPods from iPod Touch 5 to iPod Touch 7th Generation, and all iPads that are not A12. 

Checkm8 exploit doesn't support the A12 and A13 devices (iPhone XS, iPhone XR, iPhone XS Max, iPhone 11, iPhone 11 Pro, iPhone 11 Pro MAX).

All the rest of the devices are supported from the first iOS version they run (iOS 7, iOS 8, iOS 9, etc.) all the way to the latest that is available (currently iOS 13.1.1).

Here's how to use iPwnDFU to put a newer iOS device running iOS 13.1.1 (or any iOS for that matter) in Pwned DFU mode to be able to restore a CFW for CFW iCloud Bypass, Jailbreak or Downgrades.

Follow the steps below on a Mac or on Linux. No Windows tool for now.

1) Download iPwnDFU from here:
https://github.com/axi0mX/ipwndfu
3) Unpack the ZIP file on your Desktop.
4) Open Terminal and run "cd /PathToYourExtractedFile" (change PathToYourExtractedFile to the actual path).
5) Connect your iDevice to the computer using a USB cable.
6) Put the device in DFU Mode. Before iPhone 7, you do it by pressing and holding Power + Home until the screen is off, wait a few seconds, release the POWER button but keep pressing the HOME button for another 10 seconds. the screen should remain black. For iPhone 7 and newer, you need to press and hold POWER + VOLUME DOWN until the screen is off, wait a few seconds, release the POWER button and keep pressing the VOLUME DOWN button for another 10 seconds. The screen should remain black. Do not disconnect the device.
7) In the Terminal, run "./ipwndfu -p". If you get an error, run it again until you get a message telling you the iDevice is now in Pwned DFU mode.
8) The Pwned DFU mode will remain until the phone reboots. You should not see anything on the screen (black screen).

This basically it. You can now DUMP the ScureROM, demote the device to enable JTAG, and soon you'll be able to restore CFWs, do downgrades, etc.

[Image: 1.png]
Reply
#2
Thank you for this. Do you plan on doing a cfw tutorial for the icloud locked devices?
Reply
#3
(09-28-2019, 11:13 PM)dukeofdream Wrote: Thank you for this. Do you plan on doing a cfw tutorial for the icloud locked devices?

Yes.
Reply
#4
Is it possible to do this on a Windows PC? If not, then is it possible to do it in Linux?
Reply
#5
Windows no. Planning to do a tool soon.
Linux kind of. Some linuxes don't seem to work (probably dependency issues).
Reply
#6
It doesn't seem that iPhone 4S is supported.

# ./ipwndfu -p
Found: CPID:8940 CPRV:21 CPFM:03 SCEP:01 BDID:08 ECID:00000036C003CD4E IBFL:00 SRTG:[iBoot-838.3]
ERROR: This device is not supported.

From the github page:
Quote:Currently supported devices are as below: (Credits to Cryptiiiic for the list in another thread)

S5L8947
S5L8950
S5L8955
T8002
T8004
T8010
T8011
T8015

None of the above are chips in iPhone 4S
Reply
#7
Can I do it in Ubuntu? Or I should use other Linux distribution kit?(I never used Linux)
Reply
#8
will cfw method support phone call this time  Tongue  ? Or may be it can let us enter , so that we can remove the apple id  Big Grin
Reply
#9
Just to make it clear...
now we should be able to install on our iDevice any older FW... right..? having' iOS 13 now, makes possible to install 12.4 on my iDevice.. correct?
but still we have to wait for devs, to create tool that will tel us make that step.. right?? Smile 

thx in advance for answers... Smile m8's
Reply
#10
(09-29-2019, 01:14 AM)Phoenixcoder Wrote: It doesn't seem that iPhone 4S is supported.

# ./ipwndfu -p
Found: CPID:8940 CPRV:21 CPFM:03 SCEP:01 BDID:08 ECID:00000036C003CD4E IBFL:00 SRTG:[iBoot-838.3]
ERROR: This device is not supported.

From the github page:
Quote:Currently supported devices are as below: (Credits to Cryptiiiic for the list in another thread)

S5L8947
S5L8950
S5L8955
T8002
T8004
T8010
T8011
T8015

None of the above are chips in iPhone 4S

Worked fine on my iPhone 4s.
Reply


Forum Jump:


Users browsing this thread: 2 Guest(s)

About Us
    Welcome to the Jailbreak Central Forum! Here you can get the latest iOS Jailbreak News from iDevice Central, ask your jailbreak questions and request help, and find the best iOS modding tools for downgrade, CFW iCloud Bypass, Jailbreak and so on. :-)