We can jailbreak iPhone using a rooted Android, because why not?
The Checkra1n utility used to jailbreak certain iPhones can now be used from a rooted Android smartphone. A funnier practice than practice in itself, but which could have its interest in rare cases.
Only a few years ago, root and jailbreak were common. They allow respectively on Android and iOS to gain privileges at the system level in order to open new possibilities on our smartphones, but the pain of the manipulation is much less attractive now that most of these functionalities sought at the time are available natively.
Some nevertheless still like to engage in this practice and the Checkra1n tool precisely allows jailbreaking any iPhones with iOS 12.3 or more (from 5 s to X). The big advantage of this tool is that it is based on a flaw in the Boot ROM and not on the OS itself, which prevents Apple from correcting the exploit with a simple update. It is nevertheless a semi-tethered jailbreak, which means that it is necessary to reconnect the iPhone to a computer to restart the jailbreak each time the phone is restarted. A more disturbing point that the tool was only available on macOS 10.10 or higher.
Android = Linux
But that was before. Since the beginning of February, Checkra1n is also available on Linux, allowing to jailbreak an iPhone from free distribution. And by extension, a Reddit user discovered that it was possible to run the tool on Android as long as the Linux kernel is relatively up to date (tested on a kernel in version 4.14) and that the device is rooted.
Relatively simple handling
Checkra1n offers relatively simple handling which should not be a problem for someone already familiar with root and jailbreak. Remember, however, that this is a manipulation that can irreversibly damage a device, so it is advisable to know what to do before embarking on the experiment.
The user who discovered the manipulation describes it in 8 steps:
- Download Checkra1n files compatible with the rooted Android smartphone (depending on its architecture)
- Put the directory in the phone memory in a place where its execution is allowed (in / data for example)
- Connect the two phones to each other with a suitable cable (a USB-C to Apple Lightning cable works)
- Open a terminal application on the Android smartphone and type “su” to obtain superuser (root) rights
- Type “lsusb” to verify that the iPhone is recognized (the ID should be “05ac: 12a8”)
- Put the iPhone in DFU mode with the right key combination
- Check that the iPhone is still recognized (“lsusb”)
- Launch Checkra1n in CLI mode with the command “./checkrain -c”
This makes the experience relatively easy to access and accessible from anywhere as long as you have a rooted Android smartphone on hand. What troubleshoots those who restarted their jailbroken iPhone by mistake.