Your rooted Android phone can jailbreak an iPhone with checkra1n

Your rooted Android phone can jailbreak an iPhone with checkra1n

A lot of us here at XDA-Developers.com actually chanced upon the forums for the first time when we were looking to root our Android devices. After all, our forums are over 17 years old at this point, and currently, boast of over 10 million members who have created more than 3.4 million threads and 77 million posts over the years — creating an invaluable community resource for helping enthusiasts root their devices and get the most out of it. A rooted Android phone opens up a plethora of opportunities for the enthusiast community, unlocking the door for all sorts of crazy stuff — like jailbreaking your iPhone, for instance.

Jailbreaking an iPhone is similar to rooting an Android device in its core concept — you are essentially granting yourself escalated permissions and disabling a lot of protections that are built into the OS, iOS and Android respectively. While rooting several popular Android phones has largely become a trivial matter thanks to cooperative OEMs, jailbreaking an iPhone remains a moving challenge because of Apple and its walled-garden approach. Every time a jailbreak is released, Apple works on patching the vulnerabilities that allowed it to happen, closing the door for the same solutions to be viable for future devices and future software updates. Jailbreaks thus tend to be very specific on the phone and iOS version they work on, and also require very specific and very particular steps to achieve success.

Checkra1n is one jailbreak solution, credited for being the first jailbreak for Apple devices running iOS 13. It also works on a wide variety of Apple hardware. And because it utilizes an exploit that targets a flaw in the Boot ROM on Apple hardware instead of a vulnerability within iOS, it is also being credited as being one of the only solutions that will work across software updates on vulnerable phones. However, as drawbacks, Checkra1n is a semi-tethered jailbreak, meaning that you need to re-jailbreak every time you reboot the device. Adding on to this inconvenience is the fact that the jailbreak was initially only possible through MacOS v10.10+ — vastly limiting your options if your phone ever rebooted out of schedule.

Recently though, Checkra1n gained support for Linux, making it possible to jailbreak iOS 13 devices using a Linux computer. Obviously, this expands the possible platforms you can use, but as Reddit user /u/stblr found out, this can also tackle the inconvenience aspect of a semi-tethered jailbreak by letting you jailbreak using a rooted Android smartphone!

[News] It is possible to run checkra1n from an Android device! from jailbreak

Reddit user /u/stblr notes a few pre-requisites:

  1. Of course, first, you need an iPhone or iPad which is compatible with Checkra1n (iPhone 5s to iPhone X, iOS 12.3 and up).
  2. An Android device with root access, preferably with newer Linux and Android versions. The video demo uses a Sony Xperia XZ1 Compact on Android 10 with Linux kernel 4.14, and was rooted with Magisk.
  3. A terminal app on your Android phone.
  4. A way to connect the two phones. Some of Apple’s USB-C to Lightning cables do not work as they lack pins to put the iDevice into DFU mode.

And the steps for jailbreaking are surprisingly simple, compared to some of the more complicated methods the iOS community has seen in the past:

  1. Download the Checkra1n binary for Linux, noting the correct µarch of your Android device:
    1. You can check for your phone’s architecture by running this ADB command on your computer while your phone is connected:
      adb shell getprop ro.product.cpu.abi

      The output would be your phone’s architecture.

  2. Place the downloaded binary into /data on your rooted Android phone. You can search for your device in our subforums to know the best method to root it.
  3. Connect your iDevice to your Android phone.
  4. Open the terminal app, and gain root access by typing the “su” command.
  5. Type “lsusb” to check if your iDevice is recognized. The USB ID displayed should be “05ac:12a8“.
  6. Put your iDevice into DFU (Device Firmware Upgrade) mode. You can find device-specific instructions over here.
  7. Check whether your iDevice is still recognized with “lsusb“. The USB ID displayed should now be “05ac:1227“.
  8. Run checkra1n in CLI mode using the command “./checkra1n -c“.
  9. Your iDevice should now be jailbroken. However, the method is not entirely reliable, so you may need to retry the steps to achieve success.

The steps may appear to be daunting, but they are not really. If you have a rooted device, we can presume you are comfortable with following instructions and typing in a few commands. Nonetheless, keep in mind that jailbreaking and rooting devices come with their own risks, so do not attempt either without fully understanding what you are doing.

Want more posts like this delivered to your inbox? Enter your email to be subscribed to our newsletter.

READ THIS NEXT