I know it sounds like Conspiracy theory but could it be possible that Apple paid money to the checkra1n team so they don’t publish the jailbreak?

As my thread. I wonder if I can jailbreak my device iphone Xs ios 12.1 by Uncover. I’m on chimera now but when I update packages from sileo my device turn into black screen and shutdown 2 times in several hours

In today's video, we're discussing the current status of the iOS 13.0, #iOS 13.1.2, iOS 13.1.3 and also iOS 12.4.1 #Jailbreak, for all the devices including A12 devices and A13 devices. As you probably know, A12 devices are the iPhone XS, iPhone XS Max, and iPhone XR, and A13 devices are the iPhone 11 variants released this year. In the video we're discussing the current iOS kernel exploits available, which ones work on which types of devices and what are the best iOS versions to stay on if you wanna jailbreak your device as soon as possible.

We're also discussing about CheckM8 and its compatible devices, as well as what should people who don't have a device compatible with #CheckM8 / CheckRa1n should do. For those devices, such as the #A12 and A13 ones, #tfp0 kernel exploits are still vital for a successful jailbreak and people should still choose the versions they update to wisely.

For the devices compatible with CheckM8, which are the iPhone X all the way down to iPhone 4S, the iOS version they stay on is completely irrelevant because the exploit is not patchable and thus we can use it to jailbreak iOS 13, iOS 12 and any other iOS version, past present or future. 

Hey,
I want to know if is possible to downgrade IOS 13.1.3 to 12.4/12.4.1 to 12.4

Hello guys when I try to use checkm8 exploit, terminal says that device is not supported , I tried latest iOS of iPhone 6 , and iOS  13.1.3 on iPhone SE , any ideas?

Hello everyone,

I'm trying to compile the last build of tsschecker released by s0uthwes and tihmstar

https://twitter.com/s0uthwes/status/1183418585932279814

https://github.com/tihmstar/tsschecker

I get the following error when trying to compile it.

the configure part is ok:
 

In this video, we're going to start the process of CFW creation for iOS 13.1.3, #iOS 13.0, iOS 12.4.1 or even iOS 11 (any iOS version that works with CheckM8 compatible devices). And as we start, the first logical step is to be able to extract the decryption keys for iBEC, iBSS, and iBoot which need patching for a CFW to work. These files are packed inside an IM4P container which also contains the decryption key and IV, but these keys are encrypted themselves in a KBAG which can only be decrypted by the device's chip. While we cannot get access to the GID key, we can use CheckM8 exploit by @axi0mX to decrypt these.

This step is crucial in the process of CFW creation on iOS because if you cannot decrypt the files, you cannot patch them. The CheckM8 exploit released by @axi0mX is compatible with iPhone 4S all the way up to iPhone X on all iOS versions compatible with these devices, past present or future. So you can do this procedure on any supported iOS version. Keep in mind that the keys you obtain using #CheckM8 are usable for your iPhone model. For example, if you have an iPhone X and you extract the keys for iOS 13.1.3 iBoot, the keys will work on all iPhone X devices on that version. The GID key changes per CPU not per individual device.

Hi, I'd love to see a video like good old times on how to bypass an iCloud lock on iPhone 7 (4s-X) as CheckM8 is out!

In this post, I am going to show you how to decrypt the iOS Boot Chain components such as iBEC, iBSS, iBoot, the Restore Ramdisk and so on by derivating their keys using the CheckM8 SecureROM (BootROM) exploit. We're going to do this for iOS 13.x but you could use literally any version on the supported devices. The supported devices are the iPhone 4S all the way up to iPhone X and everything in between.

For the sake of this post, I will use an iPod Touch 2019 (iPod Touch 7) which has the A10 Chip (compatible with CheckM8). I am also using the latest version of the CheckM8 exploit which is part of the ipwndfu repo on @axi0mX's GitHub.

Now, as you probably know, if you wanna build an iOS CFW you need to patch iBEC, iBSS, iBoot, the Ramdisk and so on. These are part of an IMG4 / IM4P container on 64-Bit iOS devices, and IMG3 containers on 32-Bit devices like iPhone 5, iPhone 5C and 4S. The container is encrypted. The key used to decrypt it is only available on the device's silicon and it cannot be extracted and used outside. However, using CheckM8, we can get access to the AES engine and ask it to derivate the decryption KEY and IV for us by feeding it the KBAG from the firmware component. Of course, normally, iOS turns this engine off ass soon as iBoot finishes doing its job at boot-time, but using this exploit we can just use it how much we want.

Keep in mind that each iOS device has a different key, so the decryption keys for iBEC for example from my iPod 7 will not work on the same iBEC from the same iOS version your iPhone 5S (for example). Each device model has a different GID key. Brute-forcing the key is useless. There way too many possible keys it would take billions of years to brute-force if even possible. While the GID key remains tightly encapsulated and protected, we can still take advantage of it if the iOS device is pwned at iBoot or SecureROM level.

Important note: The Key and IV used to decrypt the iOS components are actually stored inside each component as part of their IMG4 container inside the KBAG. However, the KEY + IV pair is also encrypted with another unique key called a GID key. This is the key we can never extract. Using the open window checkM8 brings to this key through the AES engine, we can decrypt the KBAG which will render the unencrypted plain-text Key and IV used to decrypt the actual data.

1.0 Gathering your tools:

For this operation, you will need a couple of tools. They are all listed here, available for you to download. 
Please do keep in mind that at the time I am writing this write-up, you can only do this on a macOS machine. Either virtual or physical.

> ipwndfu: https://github.com/axi0mX/ipwndfu
> IMG4TOOL: https://github.com/tihmstar/img4tool
> IMG4: https://mega.nz/#!kh9HwALK!z65nLcHWj_Ivu...q3XHe97_Vg

2.0 Obtaining the right iPSW file for your iOS version and device.

Of course, if you wanna decrypt the iOS for your device, you need the proper IPSW you wanna convert into a CFW. I recommend using ipsw.me to get the iPSW file for your iOS version and your device. Once you have it, rename it from ".ipsw" to ".zip" so that you can extract it. Double-click on the archive to extract it and wait until the extraction is complete.

Inside the iPSW you can see that there is a specific directory structure. Inside the DFU folder, you can find the iBEC and iBSS. Apple combines nowadays the firmware for multiple devices with the same screen size into the same IPSW, so make sure you get the files for your model. Usually, they are named after the device identifier.

For the sake of this write-up, I will extract the iBoot and the iBSS for my iPod and place them on my Desktop.

3.0 Obtaining the KBAG from the IM4P / IMG4 firmware component.

As I said, the decryption keys for each component are stored inside the component itself, but they're encrypted. The encrypted chunk is called a KBAG. We can use IMG4TOOL by @tihmstar to extract the KBAG.

In Terminal run the following commands:
 

Hello guys I am new here, I wonder if it is possible to find out  screen time passcode on latest iOS without erasing device? , while phone is encrypted and?  I used Pinfinder for older versions , but now I cannot find the location of this passcode in backups , can anyone help?