ra1npoc
ra1npoc copied to clipboard
Published
20 hours ago •
dora2-iOS
dora2-iOS
A tool for re-jailbreak devices jailbroken by checkra1n/odysseyra1n on iOS/iPadOS/macOS platforms. (opensource pongo loader)
ra1npoc
checkra1n dump and poc for iOS
A tool for re-jailbreak devices jailbroken by checkra1n/odysseyra1n on iOS/iPadOS/macOS platforms.
Notes
This is the demonstration code for running checkra1n on iOS, based on the Payload dumped from checkra1n 0.1337.x.
Please do not run on normal devices.
Support
iOS device you want to Jailbreak
| chip | name |
|---|---|
| S5L8960 | Apple A7 |
| T7000 | Apple A8 |
| T7001 | Apple A8X |
| S8000 | Apple A9 |
| S8003 | Apple A9 |
| S8001 | Apple A9X |
| T8010 | Apple A10 |
| T8011 | Apple A10X |
| T8012 | Apple T2 |
| T8015 | Apple A11 |
Host-side device (device to run this software)
-
iOS 12 - 17
- via lightning to USB camera adapter
-
iOS 9 - 17
- via lightning to USB camera adapter + power supply
Build
git submodule update --init --recursive
make
Run
Usage: ./ra1npoc15 [-r] [-hcyEsv] [-e <boot-args>] [-k <override_pongo>]
mode:
-r, --ra1npoc : start with legacy ra1npoc mode
options:
-c, --cleandfu : use clean dfu
-y, --yolodfu : use download mode (yoloDFU)
-E, --early-exit : exit after uploading Pongo
-k, --override-pongo <path> : override Pongo image
-e, --extra-bootargs <args> : replace bootargs
-s, --safemode : enable safe mode
-v, --verbose-boot : enable verbose boot
help:
-h, --help : show usage
-
--ra1npocmode is compatible with the old build. - iOS 15+ only support boot pongoOS. Plase be sure to add the
-Eflag.
Example
- Boot pongoOS from DFU mode
./ra1npoc15 -rE
- Boot any
pongoOS.binfrom DFU mode
./ra1npoc15 -rEk <Pongo.bin>
- Jailbreak iOS 12 - 14 devices already jailbroken with checkra1n from Recovery mode
./ra1npoc15 -rc
How to use
Credit
checkra1n team: checkra1n
axi0mX: checkm8 exploit
license: MIT
dora2-iOS