7 replies to this topic

[user_hidden]

What’s new
Highlighted changes

Official support for iOS 12.0 - 13.7
Official support for iOS/tvOS 14.0 (A8(X)-A9(X) running iOS and iPadOS; all tvOS devices are supported)
Official support for Apple TV 4K breakout boards (Standard and Advanced)

Bug fixes

Fix an issue with userland kernel patch finder that prevented checkra1n flags from being saved as well as exporting kernel information used by developers to tfp0, affecting devices running iOS 13.6 and up.
App can now be launched from DMG on macOS
Demotion is now working on Linux
Fixes the -20 error for Apple TV 4K by enabling USB on v1.x standard breakouts

Other changes

Partial bridgeOS support (CLI only, see ‘Known issues’)
PongoOS was switched to Darwin ABI
Improved kernel patch finder patchsets
Improved boot strategy/hooking
NVRAM unlock patch (for root)
dyld patch
Removes Mach-o platform restrictions (iOS binaries can now run on tvOS/bridgeOS and vice versa)
Significantly reduces checkra1n build size
Removed macOS bug reporter

Known issues

The exploit may not work as reliably on some devices, such as the Raspberry Pi Zero and Raspberry Pi 3.
Linux GUI build when using CLI mode doesn’t support auto assertion of DFU mode on advanced Apple TV 4k breakout boards.
bridgeOS:
May need to reconnect the device after exploitation for bootstrap upload
As soon as macOS boots it’ll take over the USB connection and disallow communication

The state of checkra1n on iOS 14

Today we're releasing checkra1n 0.11.0 with support for iOS 14 on A9(X) devices and lower. For newer devices, we need more time to work around a new security mitigation.

In iOS 14, Apple added a new mitigation to SEPOS on A10 and above (except on Apple TVs and iBridge): if the device was booted from DFU mode and the Secure Enclave receives a request to decrypt user data, it will panic the device. Since checkm8 does not give us control over the Secure Enclave, this is not trivial to workaround. However, with the recently published blackbird vulnerability, we are able to get control of the Secure Enclave on A10 and A10X and disable this mitigation. Support for A10 and A10X devices is being worked on and is expected to be ready in the coming weeks.

We are not yet sure whether the same can be done for devices with the A11 chip with this vulnerability, but we will release another statement once we know more.

These are the devices that we will initially support on iOS 14:

iPhone 6s, 6s Plus, and SE
iPad 5th generation
iPad Air 2
iPad mini 4
iPad Pro 1st generation
Apple TV 4 and 4K
iBridge T2

Devices that we hope will be supported in the coming weeks:

iPhone 7 and 7 Plus
iPad 6th and 7th generation
iPod touch 7
iPad Pro 2nd generation

Devices that will be addressed in a future statement:

iPhone 8, 8 Plus, and X

[user_hidden]

well blew up one of my devices updating to iOS 14

 

THANKS Apple !

[zachary@cracks]

i updated one of mine  6s to ios  14 as well 

[user_hidden]

well blew up one of my devices updating to iOS 14

 

 

let the battery completely die, during the bootloop fiasco.

used ReiBoot, then iTunes to redo firmware.

Device is backup and running.

[zachary@cracks]

what is  bootloop fiasco... when iphone showing empty battery you cant turn it on 

[user_hidden]

what is  bootloop fiasco... when iphone showing empty battery you cant turn it on 

updated to iOS14 through itunes and then reboot and just Apple logo flashing over and over.

i let it happen for 23 hours until battery died.

[zachary@cracks]

i havent made backup on that ios 14 device so isnt clear whst firmware will push, ios 13.5 or latest 14.0
will leave as it is now.
Have another one on 13.5 so that one will do the yob until this fixed somehow to Cracker xi be updated to work

[Emplate]

ty