iOS 15.7 Jailbreak, frida and objection setup environment

Hi

Jailbreaking iOS has been really hard as compare to android and then performing the setup of frida installation , objection to find sensitive data is another milestone. So, i have came up with the latest update on how we can perform jailbreak on iOS 15.7 and then install the Sileo package manager and then setup frida and objection for Root detection bypass, SSL pinning bypass and finding sensitive data using them.

Device -iPhone 8, iOS -15.7.6

Steps to follow -

1- To jailbreak iOS with version 15.7.X , first install palera1n-macos-universal palera1n v2.0.0 beta 5 Tumbleweed from here -https://github.com/palera1n/palera1n/releases/tag/v2.0.0-beta.5

2- After downloading it to the system, move the palera1n binary and give permission to run, using terminal -

mv palera1n /usr/local/bin

chmod +x /usr/local/bin/palera1n

3- Connect your system to iphone using USB-A cable and then run

palera1n -fc

in terminal for rootfull jailbreak , the device will get booted into DFU mode , then perform the onscreen instructions to boot into download mode.

You might encounter and error which says unable to go into download mode , so just remove the cable from iphone and then quickly connect again, it will go into download mode.

It will take few minutes to jailbreak the device, it will reboot automatically then.

4- Open palera1n application, follow the onscreen instruction to perform Rootfull jailbreak.

5- After reboot it will install Sileo or Zebra Package manager which are the latest package manager now.

6- Open Sileo package manager and go to sources and add a source —

“build.frida.re” and install

This will install the Frida server on iphone.

Similarly you can add different tweaks by adding their respective sources.

7- Now go back to terminal and perform following commands to bypass SSL pinning, make sure usb cable is connected

frida-ps -iaU

(It will list all the running apps installed, note down the package name of the application you want to bypass SSL)

frida -U -f <app-package-name> -l <ssl-bypass-script.js>

Checkout more scripts here : https://codeshare.frida.re/

8- If you want to bypass SSL pinning using objection then first install it using below commands -

pip3 install objection

objection -g <app-package-name> explore

iOS sslpinning disable

similarly using objection , you can find sensitive data in different file paths or dump memory, dump plist files using commands like

env , ios nsuserdefaults get , ios keychain dump

If you have any queries in this setup, please let me know here-

Twitter Linkedin

Thanks for the read.