[Tutorial] How to run Checkm8 on Windows 10
EDIT: Checkra1n has been released, but it doesn't have Windows compatability yet. The Checkra1n team is working on it.
First things first. I, nor the developers of this exploit are responsible for any damage done to your device. Continue at your own risk.
This is still a very untested method. Please note that while I did get the exploit to run, I don't have any eligible devices to exploit, so I still don't know if this is truly working or not.
NOTE THAT THIS IS NOT A JAILBREAK. READ THROUGH THE ENTIRE POST BEFORE CONTINUING.
I am going to make a few assumptions. That:
- You know how to use CMD.
- You have an archive extractor (such as WinRar or 7Zip).
- You know how to put your device into DFU mode.
- You have Python 3.7.x in your system environment variables.
- Your PC has a 64-bit installation of Windows 10.
- You have administrative privileges on your PC.
If you don't know how to do any of this, it's probably for the best that you don't do this. Again, I have not fully tested this yet.
- To begin, you'll want to download this version of the checkm8 exploit (huge thanks to Geohot for rewriting the script to run on Windows). Extract the .zip and make a note of the extracted location.
- Next, you'll need to grab the latest version of libusb-win32. Extract the .zip.
- Plug your Apple device into your PC and put it into DFU mode. Make sure your PC recognises your device.
- Because we're using a Python script to communicate with your device, we need to install a dependency that will let our script send data to and from our device. Navigate to where you extracted libusb-win32. Open up /bin/amd64/. Go ahead and run the install-filter-win.exe file. Select "Install a device filter" and click next. In the list, find your device in DFU mode. It should say "Apple Mobile Device (DFU Mode). If it does not say DFU mode, do not continue. Click on it and then press install. After it completes, close the window.
- To check if it successfully installed the filter, open testlibusb-win.exe. It should show your device's information. Close this window.
- Go back to /bin/ and open up inf-wizard.exe. On the window that opens, click next. Select "Apple Mobile Device (DFU Mode) and then click next. Check that you've chosen the right device, then click next. On the new window that opens, choose your desktop to save this .inf file. (Note that for whatever reason, the default save location 'Documents' didn't work on future steps for me.) After saving it, a new window will open. Do not click "Install now". Simply click done and the window will close automatically.
- Now here comes the most tedious part. Due to Windows not allowing unsigned third party drivers to be installed while not in safe mode, we'll have to boot into it. Bring up your power down options, and while holding shift, click restart. Keep holding shift until a blue screen comes up. Click "Troubleshoot", then click "Advanced options". Click "Startup Settings", then click restart. When a list of options comes up, press '7' and let your PC boot. Sign in as normal.
- Open up Device Manager, and find your Apple device (it's usually down the bottom in one of the USB categories). Right click on it, and choose "Update Driver". Choose "Browse my computer for driver software". Click "Let me choose from a list of available drives on my computer". On the bottom right, click "Have Disk...". In the new window, click "Browse". Navigate to your desktop, and select the .inf file you made earlier. Click "Open", then "Okay". Click "Next". On the window that pops up, simply confirm your choice. Once it's done, go back to Device Manager.
- You may have to reconnect your Apple device here. Do so if necessary. Once done, look for "libusb-win32 devices", and open the category. If you see "Apple Mobile Device (DFU Mode), then you were successful.
- With that completed, we can now finally test the script. Navigate to where you extracted Geohot's version of checkm8. Open up a CMD with administrative privileges, and run the following commands:
cd C:/"path-to-where-you-extracted"/ python ./ipwndfu -p
If done correctly, it should run the checkm8 exploit on your device.
PS: Proof it 'worked' for me is here
. (I own an A8 device, which isn't ready for the exploit yet.)
Be sure to follow @Axi0mX on Twitter and @georgehotz on Instagram. Show your love.
submitted by NeoBassMakesWafflez
[Tip] Respring IPhone over USB with SSH
First of all, I'm from Germany. So maybe here and there you will see some grammatical errors, I will try my best to be as good as I can. If someone dont understand something I'm very happy to help.
Second and most important one, you will need to have OpenSSh installed and activated. You will need a PC because you will need to install software.
This Tutorial is for Windows but also should work for Mac and Linux.
- Download Python 2.6 and install it to c:\python26 folder.
- Download usbmuxd file and extract it to C drive using winrar.
- Connect the iPhone to windows machine over USB cable.
- Open command prompt and type the below commands.
C:\> cd usbmuxd-1.0.8 C:\usbmuxd-1.0.8>cd python-client C:\usbmuxd-1.0.8\python-client>\Python26\python.exe tcprelay.py -t 22:2222
- Download putty and open it.
- On putty, enter Host Name as 127.0.0.1 and Port as 2222. Select connection type as SSH and click Open.
- Now you are connected to iPhone over SSH. Type the username as root and the password as alpine (if you didn't changed it) to log into the iPhone.
To Repsring use: killall backboardd
To Reboot: reboot
Now you done! Hope it helped someone who needs it.
submitted by WeiserFuge56