Open Source iOS 15 Jailbreak Project

Related tags

Utilities Fugu15
Overview

Fugu

Fugu is the first open source jailbreak tool based on the checkm8 exploit.

UPDATE: Fugu will now install Sileo, SSH and Substitute automatically! Additionally, all changes to the root file system are now persistent. Put your iDevice into DFU mode, run Fugu iStrap, unlock your iDevice and follow the on-screen prompts.
IMPORTANT: This jailbreak is currently in development and only meant to be used by developers.

WARNING

!!! ONLY DOWNLOAD FUGU 15 (iOS 15 - iOS 15.2 Jailbreak) FROM https://github.com/epeth0mus/Fugu15/ AS IT IS VERY EASY TO CREATE A VERSION OF FUGU THAT CONTAINS MALWARE !!!

Supported Devices

Currently, the iPad Pro (2017, every size) and iPhone 7 are the only officially supported devices (on iOS 13 - 13.5.1).
All devices with the A10/A10X CPU should be supported.

Building

Note that you can also download a precompiled version from the releases tab.
To build Fugu, make sure you have Xcode and Homebrew installed.
Using Homebrew, install llvm and binutils:

brew install llvm binutils

Afterwards, open the Fugu Xcode Project, select Fugu as target (if it's not already selected) and build it.
This should generate Fugu and a shellcode folder in the build folder. You're now ready to go!

Usage

I recommend you to just launch Fugu without any parameters to see all the options.
If you would just like to jailbreak your iDevice, run the following:

Fugu iStrap

You may need to run this command multiple times. If it won't work after the 4th try, enter DFU mode again.

This will send iStrap (the kernel bootstrapper) to your iDevice together with iDownload (small application that can be used to upload files to the iDevice or execute commands). See Components for more information.

Installing Sileo, SSH and Substitute

Fugu will now install Sileo, SSH and Substitute automatically! Unlock your iDevice and follow the on-screen prompts. Make sure your iDevice is connected to the internet!

Components

Fugu consists of the following components:

  • Fugu: The macOS Application that exploits your iDevice using checkm8 and uploads iStrap, iStrap loader and iDownload.
  • iStrap loader: Small shellcode that patches iBoot and loads iStrap after iBoot is done.
  • iStrap: The kernel bootstrapper. This is what you see on your iDevice during boot. Patches the kernel, injects boot arguments (if needed) and injects shellcode into the kernel.
  • iDownload: Small application running on your iDevice. Will be installed during boot and launched instead of launchd. Forks itself and runs launchd. The forked copy will listen on Port 1337 (only on 127.0.0.1, use iproxy to connect) and provide a simple bash-like interface.

Credits

  • @axi0mX for the checkm8 exploit. This jailbreak wouldn't have been possible without it.
  • miniz developers for the miniz library

License

All code in this repository, except for third party code (see 3rdParty.txt), is released under the GPL v3.

Fugu15 - iOS 15 Jailbreaking tool
Copyright (C) 2019/2020 Linus Henze

This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program. If not, see https://www.gnu.org/licenses/.

The full license text can be found in the LICENSE file.

Comments
  • This is a real jailbreak.

    This is a real jailbreak.

    This is a real jailbreak, it's not released yet. There has been a public conference already about the jailbreak. Ignore the salty user "baggette". They're upset it's not released yet. No issues.

    opened by R31GNDEV 2
  • Bullshit this is a malware

    Bullshit this is a malware

    Bruh wtf is this goffy ahh warning this is not your jailbreak and I'm 100% sure you placed malware inside of it so do yourself a favor and go get some [email protected]

    opened by TomerGamerTV 1
  • ViP-C.YML

    ViP-C.YML

    𝐁𝐢𝗴𝐁𝗼𝘀𝘀 𝐁𝐢𝐭𝐂𝗵𝗲 𝐌𝗲 𝗛𝗮𝗿𝗱 🎭

    Setting up local APIC 0x0 CPU #0 initialized All AP CPUs stopped (0 loops) CPU_CLUSTER: 0 init finished in 1 msecs PCI: 00:00.0 init Assigning IRQ 10 to PCI: 00:01.3 Assigning IRQ 11 to PCI: 00:03.0 PCI: 00:00.0 init finished in 2 msecs PCI: 00:01.0 init RTC Init IOAPIC: Initializing IOAPIC at 0xfec00000 IOAPIC: ID = 0x02 IOAPIC: 24 interrupts IOAPIC: Clearing IOAPIC at 0xfec00000 IOAPIC: Bootstrap Processor Local APIC = 0x00 PCI: 00:01.0 init finished in 1 msecs PCI: 00:01.1 init IDE: Primary IDE interface: on IDE: Secondary IDE interface: on IDE: Access to legacy IDE ports: off PCI: 00:01.1 init finished in 0 msecs PCI: 00:02.0 init QEMU VGA: Using legacy VGA QEMU VGA: bochs dispi interface found, 16 MiB video memory QEMU VGA: framebuffer @ 8000000 (pci bar 0) framebuffer_info: bytes_per_line: 3200, bits_per_pixel: 32 x_res x y_res: 800 x 600, size: 1920000 at 0x8000000 PCI: 00:02.0 init finished in 2 msecs PCI: 00:03.0 init PCI: 00:03.0 init finished in 0 msecs Devices initialized BS: BS_DEV_INIT run times (exec / console): 5 / 6 ms Finalize devices... Devices finalized Copying Interrupt Routing Table to 0x000f0000... done. Copying Interrupt Routing Table to 0x07f9c000... done. PIRQ table: 128 bytes. QEMU: firmware config: Found 'etc/table-loader' QEMU: found ACPI tables in fw_cfg. QEMU: firmware config: Found 'etc/acpi/rsdp' QEMU: loading "etc/acpi/rsdp" to 0x7f78000 (len 20) QEMU: firmware config: Found 'etc/acpi/tables' QEMU: loading "etc/acpi/tables" to 0x7f78040 (len 131072) QEMU: loaded ACPI tables from fw_cfg. Looking on 0x07f78000 for valid checksum Checksum 1 passed Checksum 2 passed all OK ACPI: * SSDT Found 1 CPU(s). ACPI: added table 5/32, length now 56 ACPI tables: 131136 bytes. smbios_write_tables: 07f77000 SMBIOS firmware version is set to coreboot_version: '4.15-77-gfb9d1b9aef' SMBIOS: Unknown CPU or CPU doesn't support Deterministic Cache CPUID leaf DOMAIN: 0000 (QEMU Northbridge i440fx) QEMU: firmware config: Found 'etc/smbios/smbios-tables' QEMU: found smbios tables in fw_cfg (len 321). QEMU: coreboot type0 table found at 0x7f77040. QEMU: loading smbios tables to 0x7f77083 SMBIOS tables: 452 bytes. Writing table forward entry at 0x00000500 Wrote coreboot table at: 0x00000500, 0x10 bytes, checksum 27e5 Writing coreboot table at 0x07f9d000 0. 0000000000000000-0000000000000fff: CONFIGURATION TABLES

    1. 0000000000001000-000000000009ffff: RAM
    2. 00000000000a0000-00000000000fffff: RESERVED
    3. 0000000000100000-0000000007f76fff: RAM
    4. 0000000007f77000-0000000007fa5fff: CONFIGURATION TABLES
    5. 0000000007fa6000-0000000007fd1fff: RAMSTAGE
    6. 0000000007fd2000-0000000007ffffff: CONFIGURATION TABLES
    7. 00000000fec00000-00000000fec00fff: RESERVED
    8. 00000000ff800000-00000000ffffffff: RESERVED FMAP: area COREBOOT found @ 200 (1048064 bytes) Wrote coreboot table at: 0x07f9d000, 0x310 bytes, checksum 3a60 coreboot table: 808 bytes. IMD ROOT 0. 0x07fff000 0x00001000 IMD SMALL 1. 0x07ffe000 0x00001000 CONSOLE 2. 0x07fde000 0x00020000 TIME STAMP 3. 0x07fdd000 0x00000910 ROMSTG STCK 4. 0x07fdc000 0x00001000 AFTER CAR 5. 0x07fd2000 0x0000a000 RAMSTAGE 6. 0x07fa5000 0x0002d000 COREBOOT 7. 0x07f9d000 0x00008000 IRQ TABLE 8. 0x07f9c000 0x00001000 ACPI 9. 0x07f78000 0x00024000 SMBIOS 10. 0x07f77000 0x00001000 IMD small region: IMD ROOT 0. 0x07ffec00 0x00000400 RO MCACHE 1. 0x07ffe980 0x00000270 FMAP 2. 0x07ffe8c0 0x000000b6 BS: BS_WRITE_TABLES run times (exec / console): 11 / 11 ms CBFS: Found 'fallback/payload' @0x17080 size 0x40f74 in mcache @0x07ffeb80 Checking segment from ROM address 0xfff172ac Checking segment from ROM address 0xfff172c8 Loading segment from ROM address 0xfff172ac code (compression=1) New segment dstaddr 0x01110000 memsize 0x93ed0 srcaddr 0xfff172e4 filesize 0x40f3c Loading Segment: addr: 0x01110000 memsz: 0x0000000000093ed0 filesz: 0x0000000000040f3c using LZMA Loading segment from ROM address 0xfff172c8 Entry Point 0x01110000 BS: BS_PAYLOAD_LOAD run times (exec / console): 119 / 2 ms Jumping to boot code at 0x01110000(0x07f9d000)

    U-Boot 2023.01-rc1 (Nov 08 2022 - 17:23:04 +0000)

    CPU: x86, vendor Intel, device 663h DRAM: 127.1 MiB Core: 14 devices, 12 uclasses, devicetree: separate MMC:
    Loading Environment from nowhere... OK Video: 800x600x32 Vendor: QEMU Model: Standard PC (i440FX + PIIX, 1996) BIOS Version: 4.15-77-gfb9d1b9aef BIOS date: 11/14/2021 Net: No ethernet found. No working controllers found Finalizing coreboot Hit any key to stop autoboot: 2 %08%08%08 0

    opened by VIP-sa 0
  • IMPORTANT: READ BEFOREHAND

    IMPORTANT: READ BEFOREHAND

    It's a fake project. If you want to jailbreak your iOS 15/16 device, wait for the blizzard jailbreak to be released. Don't look through malware-infested GitHub pages like this.

    opened by AceBeaker2 0
  • Bruh who do you think we are this is a malware

    Bruh who do you think we are this is a malware

    Bruh wtf is this goffy ahh warning this is not your jailbreak and I'm 100% sure you placed malware inside of it so do yourself a favor and go get some bit[email protected]

    opened by TomerGamerTV 0
  • Look at the creator. It is malware. Do not use.

    Look at the creator. It is malware. Do not use.

    This repository violates article 5 (a) of the GPL v3 license, under which the original Fugu (of which this repository is a fork) is licensed. Original code: https://github.com/LinusHenze/Fugu

    Real Fugu15 link: https://github.com/pinauten/Fugu15 (LinusHenze in the commits)

    opened by iFlxy 0
  • License violation

    License violation

    This repository violates article 5 (a) of the GPL v3 license, under which the original Fugu (of which this repository is a fork) is licensed. Original code: https://github.com/LinusHenze/Fugu All violations result in an immediate termination of the GPLV v3 license. Therefore, this repository infringes my copyright and I request it to be deleted.

    Additionally, it links to scam jailbreak websites.

    opened by LinusHenze 1
Owner
epeth0mus
I love Jailbreaking
epeth0mus
PANDA open source project

PANDA (Protocol And Network Datapath Acceleration) Protocol and Network Datapath Acceleration, or PANDA, is a software programming model, framework, s

null 40 Sep 7, 2022
A cross-platform protocol library to communicate with iOS devices

libimobiledevice A library to communicate with services on iOS devices using native protocols. Features libimobiledevice is a cross-platform software

libimobiledevice 5.3k Nov 19, 2022
The lightweight and modern Map SDK for Android and iOS

Open Mobile Maps The lightweight and modern Map SDK for Android (6.0+) and iOS (10+) openmobilemaps.io Getting started Readme Android Readme iOS Featu

Open Mobile Maps 93 Nov 13, 2022
A WIP "Vulnerable by Design" kext for iOS/macOS to play & learn *OS kernel exploitation

Vulnerable Kext A WIP (work-in progress) "Vulnerable by Design" kext for iOS/macOS to play/learn with *OS kernel exploitation Usage Documentation can

Chaithu 220 Oct 26, 2022
Random stuff about lower level iOS

Lower Level iOS Random stuff about lower level iOS Topics Macho Parser - study note of Mach-O format Dynamic Linking Exported Symbol - details of how

Qing Yang 108 Nov 8, 2022
WinMerge is an Open Source differencing and merging tool for Windows.

WinMerge is an Open Source differencing and merging tool for Windows. WinMerge can compare both folders and files, presenting differences in a visual text format that is easy to understand and handle.

null 3.6k Nov 16, 2022
cavi is an open-source library that aims to provide performant utilities for closed hierarchies (i.e. all class types of the hierarchy are known at compile time).

cavi cavi is an open-source library that aims to provide performant utilities for closed hierarchies (i.e. all class types of the hierarchy are known

Baber Nawaz 5 Mar 9, 2022
KeyScan is a C++ open source explanation tool targeting windows operating system.

KeyScan is a C++ open source explanation tool targeting windows operating system. it allows you to send keyboard events, mouse events and capture keystrokes (keylogger).!

null 15 Sep 21, 2022
An open source re-implementation of LEGO Rock Raiders 🪨⛏

OpenLRR An open source re-implementation of LEGO Rock Raiders (PC). This is created by slowly implementing and replacing game functionality, while rel

Robert Jordan 39 Oct 9, 2022
The C++ REST SDK is a Microsoft project for cloud-based client-server communication in native code using a modern asynchronous C++ API design. This project aims to help C++ developers connect to and interact with services.

The C++ REST SDK is a Microsoft project for cloud-based client-server communication in native code using a modern asynchronous C++ API design. This project aims to help C++ developers connect to and interact with services.

Microsoft 7.1k Nov 21, 2022
A C library for parsing/normalizing street addresses around the world. Powered by statistical NLP and open geo data.

libpostal: international street address NLP libpostal is a C library for parsing/normalizing street addresses around the world using statistical NLP a

openvenues 3.6k Nov 23, 2022
Open Data Description Language

Open Data Description Language This is the reference parser for the Open Data Description Language (OpenDDL), version 3.0. The official language speci

Eric Lengyel 41 Nov 8, 2022
Orbit, the Open Runtime Binary Instrumentation Tool, is a standalone C/C++ profiler for Windows and Linux

Orbit, the Open Runtime Binary Instrumentation Tool, is a standalone C/C++ profiler for Windows and Linux. Its main purpose is to help developers visualize the execution flow of a complex application.

Google 2.9k Nov 17, 2022
AlleyWind is an advanced Win32-based and open-sourced utility that helps you to manage system's windows

AlleyWind AlleyWind is an advanced Win32-based and open-sourced utility that helps you to manage system's windows. AlleyWind could: Displays a graphic

KNSoft 22 Oct 20, 2022
Open-CMSIS-Pack development tools - C++

CMSIS-Pack Development Tools and Libraries This repository contains the source code of command line tools and library components for processing meta i

Open-CMSIS-Pack 31 Nov 2, 2022
A Cobalt Strike Beacon Object File (BOF) project which uses direct system calls to enumerate processes for specific loaded modules or process handles.

FindObjects-BOF A Cobalt Strike Beacon Object File (BOF) project which uses direct system calls to enumerate processes for specific modules or process

Outflank B.V. 245 Nov 9, 2022
This project aims to facilitate debugging a kernel driver in windows by adding support for a code change on the fly without reboot/unload, and more!

BSOD Survivor Tired of always telling yourself when you got a BSOD that what if I could just return to the caller function which caused the BSOD, and

Ido Westler 157 Nov 12, 2022
tlRender, or timeline render, is an early stage project for rendering editorial timelines

tlRender tlRender, or timeline render, is an early stage project for rendering editorial timelines. The project includes libraries for rendering timel

Darby Johnston 81 Nov 15, 2022
This project aims to code a C library regrouping usual functions.

42-formation-lvl1-1.libft Project 1 - Libft - First project for the formation of software engineers at school 42 São Paulo This project aims to code a

Vinicius Naziozeno Santoro do Rio 1 Jun 20, 2022