(11-11-2019, 01:31 PM)memreb Wrote: [ -> ]@QuadeP or @GeoSnow,
could you post the video which shows how to patch setup.app and probably iBEC, iBSS etc.
I have an iPhone 7 with a broken baseband. I don't want to bypass icloud but the "You need to update your phone to activate" screen. Any help would be appreciated....
i have the same issue also and it asks me to shut down. all because the baseband is not working to activate the phone
so a bypass will help for sure
Did some baisc research on my own since the release of Checkra1n.
Device: iPhone 5s iOS 12.4
What I tried is the following:
Code:
- Enter DFU Mode
- Run Checkra1n
- While booting, I would run two terminals with "iproxy 4444 44" & "ssh root@localhost -p 4444"
- Once I'm connected, I try to remove the application "rm -rf Setup.app" where it says File-System is Read-Only
-- Also tried killing the "Setup.app" process, but it spawns again
Do you have any idea of how to remove it or bypass?
Edit: "mount -o rw,union,update /" worked on the latest version
After removing the Setup.app, the device goes black upon reboot, and a couple reboot, it came back
I think jamiebishop just posted how to mount system as read-write... I will try that but I can't get ssh to work
I just got rid of Setup.app and it disappeared from the Application list but what do I have to do next??
Actually, I don't know what happened to the phone. I exploited with checkra1n again and this time the phone rebooted and stuck at the Apple logo. But indeed this wasn't a boot loop at all ... the phone just went standby and the buttons are still clickable..
(11-11-2019, 05:13 PM)memreb Wrote: [ -> ]I think jamiebishop just posted how to mount system as read-write... I will try that but I can't get ssh to work
I just got rid of Setup.app and it disappeared from the Application list but what do I have to do next??
Actually, I don't know what happened to the phone. I exploited with checkra1n again and this time the phone rebooted and stuck at the Apple logo. But indeed this wasn't a boot loop at all ... the phone just went standby and the buttons are still clickable..
Can you please tell me how did you get rid of the setup.app ? any step by step guide to try ?
First of all you need to jailbreak with checkra1n.
After that, you open two windows of terminal.
In the first type:
In the second:
Code:
ssh root@localhost -p 4444
Proceed with yes and type alpine
Next, you need to mount the system as read-write:
Code:
mount -o rw,union,update /
Code:
echo "" >> /.mount_rw
Then use snappy to rename the snapshot:
Code:
snappy -f / -r NAME_OF_YOUR_SNAPSHOT --to orig-fs
Now you are rw
And I don't know what to do next
(11-12-2019, 06:08 AM)memreb Wrote: [ -> ]First of all you need to jailbreak with checkra1n.
After that, you open two windows of terminal.
In the first type:
In the second:
Code:
ssh root@localhost -p 4444
Next, you need to mount the system as read-write:
Code:
mount -o rw,union,update /
Code:
echo "" >> /.mount_rw
Then use snappy to rename the snapshot:
Code:
snappy -f / -r NAME_OF_YOUR_SNAPSHOT --to orig-fs
Now you are rw
And I don't know what to do next
Thank you so much for your guide , will try this .
now you are stuck on apple logo ? so we need to find a way for this
(11-12-2019, 09:41 AM)geekyxpert Wrote: [ -> ] (11-12-2019, 06:08 AM)memreb Wrote: [ -> ]First of all you need to jailbreak with checkra1n.
After that, you open two windows of terminal.
In the first type:
In the second:
Code:
ssh root@localhost -p 4444
Next, you need to mount the system as read-write:
Code:
mount -o rw,union,update /
Code:
echo "" >> /.mount_rw
Then use snappy to rename the snapshot:
Code:
snappy -f / -r NAME_OF_YOUR_SNAPSHOT --to orig-fs
Now you are rw
And I don't know what to do next
Thank you so much for your guide , will try this .
now you are stuck on apple logo ? so we need to find a way for this
After a couple of reboot, setup.app will be back
(11-12-2019, 09:41 AM)geekyxpert Wrote: [ -> ] (11-12-2019, 06:08 AM)memreb Wrote: [ -> ]First of all you need to jailbreak with checkra1n.
After that, you open two windows of terminal.
In the first type:
In the second:
Code:
ssh root@localhost -p 4444
Next, you need to mount the system as read-write:
Code:
mount -o rw,union,update /
Code:
echo "" >> /.mount_rw
Then use snappy to rename the snapshot:
Code:
snappy -f / -r NAME_OF_YOUR_SNAPSHOT --to orig-fs
Now you are rw
And I don't know what to do next
Thank you so much for your guide , will try this .
now you are stuck on apple logo ? so we need to find a way for this
@memreb
after the steps above that you sent me, try and type this and all is done
uicache -a
killall backboardd
@memreb and everyone interested in this to bypass activation and icloud, i'm a newbie and that's why i'm gonna make it as simple as i can.
This tutorial is for MAC only
first make sure libimobiledevice is installed on your mac
Connect your phone and jailbreak with checkra1n
Now here are the steps to follow after you have jailbroken your phone
1- open 2 terminal windows
2- in terminal 1 type: iproxy 4444 44
3- in terminal 2 type: ssh root@localhost -p 4444
answer with YES and use alpine as password
type: mount -o rw,union,update /
then: echo "" >> /.mount_rw
then: snappy -f / -l
it will show your snapshot name, copy it then paste it here:
snappy -f / -r NAME_OF_YOUR_SNAPSHOT --to orig-fs
then: cd /
then: cd Applications
then: rm -rf Setup.app
then: uicache -a
then: killall backboardd
ENJOY
Special thanks to @memreb for guiding me through the most part of this.
and ofcourse @
GeoSn0w for all what he is providing.
It worked...
I wasn't expecting that but still i can't login to iCloud. Were you able to login.. my iPhone 7 doesn't have any iCloud Lock or something like that.