Skip to main content

You can actually jailbreak an iPhone w/ a rooted Android and checkra1n [Video]

Rooting your Android phone might be reasonably easy but jailbreaking an iPhone is still more of a cat and mouse affair. Tools like QuickpPwn made it easier to jailbreak back in the day, but more recent options like checkra1n make it possible for iPhone users to get root access on their iOS 13 devices.

The limitations of checkra1n mean that you have to re-jailbreak each time you reset your device — which is a bit of a pain plugging into a PC or Mac each time you need to. However, someone has managed to use their rooted Android phone to jailbreak an iPhone running iOS with checkra1n.

Over on the /r/jailbreak subreddit, user /u/stblr used the recent Linux support for the software means that so long as you have a rooted Android phone, you can create a portable kit for a portable jailbreak solution (via XDA-developers). You still need to carry around two smartphones, as one is needed to boot the other.

In the short video, you can see that an old (and rooted) Sony Xperia XZ1 is connected to an iPhone SE running iOS 13.3, before being jailbroken using this method. Not to leave us in the dark, /u/stblr even created a mini-guide if you really want to have a go at it for yourself.

[News] It is possible to run checkra1n from an Android device! from jailbreak

Prerequisites

  • An iDevice compatible with checkra1n.
  • An Android device with root access. Newer Linux and Android versions are more likely to work. I used a Sony Xperia XZ1 Compact on Android 10 with kernel 4.14, rooted with Magisk 20.3.
  • A terminal app on your Android device, for instance Termux.
  • A way to connect your two devices. In particular some of the Apple USB-C to Lightning cables cannot be used to put iDevices in DFU mode due to missing pins. I used the Exsys EX-47990 USB-C to USB-A adapter and the Apple USB-A to Lightning cable.

Tutorial

  1. Download the checkra1n binary for Linux and the correct µarch of your Android device.
  2. Put it in a directory where execution is allowed, I used /data but the Termux virtual storage may be a cleaner solution.
  3. Connect your iDevice to it.
  4. Open the terminal app and gain root access.
    su
  5. Check that your iDevice is recognized.
    lsusb
    The USB ID should be 05ac:12a8.
  6. Put your iDevice in DFU mode, see https://www.theiphonewiki.com/wiki/DFU_Mode for instructions.
  7. Check that your iDevice is still recognized.
    lsusb
    Now the USB ID should be 05ac:1227. If it’s no longer listed try to unplug the USB-C cable from the Android device and plug it again.
  8. Run checkra1n in CLI mode.
    ./checkra1n -c
  9. Profit! (or probably, try again since it’s not very reliable)

It’s worth noting that we don’t recommend jailbreaking your iPhone as it will invalidate your device warranty, but recent updates have made it less necessary than it once was. If you do attempt to try running checkra1n on your rooted device and have an iPhone lying around, then you do so at your own risk.

More on Android:

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Google — experts who break news about Google and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Google on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Comments

Author

Avatar for Damien Wilde Damien Wilde

Damien is a UK-based video producer for 9to5Google. Find him on Twitter: @iamdamienwilde. Email: damien@9to5mac.com