1
00:00:00,720 --> 00:00:01,650
‫-: Hi.

2
00:00:01,650 --> 00:00:04,710
‫Within this lecture we are going to have a look

3
00:00:04,710 --> 00:00:08,040
‫at how to jail break an iPhone or iPad,

4
00:00:08,040 --> 00:00:10,290
‫generally iOS device.

5
00:00:10,290 --> 00:00:15,290
‫Okay, so since my iPad is already connected over here,

6
00:00:15,450 --> 00:00:17,730
‫and since we are gonna need it

7
00:00:17,730 --> 00:00:20,370
‫in the iOS reverse engineering section

8
00:00:20,370 --> 00:00:22,740
‫we are going to start with iOS

9
00:00:22,740 --> 00:00:25,680
‫and then we will move on to under rate as well.

10
00:00:25,680 --> 00:00:28,590
‫So first of all, the first step

11
00:00:28,590 --> 00:00:32,880
‫of jail breaking is Googling it.

12
00:00:32,880 --> 00:00:33,960
‫Because why?

13
00:00:33,960 --> 00:00:36,900
‫Because there are actually a lot of tools

14
00:00:36,900 --> 00:00:41,850
‫on market and you need to find the tool that is suitable

15
00:00:41,850 --> 00:00:44,340
‫for your own version.

16
00:00:44,340 --> 00:00:47,130
‫So how does this even work?

17
00:00:47,130 --> 00:00:50,490
‫So let me go into theory a little bit.

18
00:00:50,490 --> 00:00:53,850
‫So if you bought any iOS device

19
00:00:53,850 --> 00:00:57,870
‫there are a couple of steps that iOS actually follow

20
00:00:57,870 --> 00:01:02,280
‫in order to make sure this is a real iOS device

21
00:01:02,280 --> 00:01:06,570
‫like Bootrom, Boot Loader, iBoot, Kernal

22
00:01:06,570 --> 00:01:08,730
‫and then iOS.

23
00:01:08,730 --> 00:01:12,420
‫So these are steps in order to start, in order to fire

24
00:01:12,420 --> 00:01:17,400
‫up iOS applications or actual iOS operating system.

25
00:01:17,400 --> 00:01:22,108
‫And in each step between those steps, like when

26
00:01:22,108 --> 00:01:27,090
‫the arrows are here, when the arrows located over here

27
00:01:27,090 --> 00:01:29,310
‫there is a signature process as well.

28
00:01:29,310 --> 00:01:32,670
‫So that's how iOS understands.

29
00:01:32,670 --> 00:01:37,380
‫They check the signature to see if this is real,

30
00:01:37,380 --> 00:01:39,720
‫this is authentic or not.

31
00:01:39,720 --> 00:01:43,290
‫So by hacking or manipulating the signatures,

32
00:01:43,290 --> 00:01:46,170
‫hackers or mobile application security analysts

33
00:01:46,170 --> 00:01:51,170
‫try to actually jail break these devices.

34
00:01:51,720 --> 00:01:55,020
‫And there are a lot of tools in the market,

35
00:01:55,020 --> 00:01:56,520
‫as I said before,

36
00:01:56,520 --> 00:02:01,380
‫but they're actually aimed for different versions.

37
00:02:01,380 --> 00:02:05,820
‫So for example, you have seen my version of iPad, right?

38
00:02:05,820 --> 00:02:10,820
‫It was 9.3.5, so there is a tool for that.

39
00:02:10,890 --> 00:02:12,780
‫But if you're looking for

40
00:02:12,780 --> 00:02:15,690
‫jail breaking iOS version 10

41
00:02:15,690 --> 00:02:18,150
‫then there is a completely different tool.

42
00:02:18,150 --> 00:02:22,380
‫They all try to manipulate the signatures or some kind

43
00:02:22,380 --> 00:02:25,230
‫of breaking the process over here

44
00:02:25,230 --> 00:02:27,000
‫in order to jail break it.

45
00:02:27,000 --> 00:02:30,990
‫But the names, the developers, the hackers,

46
00:02:30,990 --> 00:02:35,070
‫vary from one tool to another.

47
00:02:35,070 --> 00:02:40,070
‫So first step is to find your suitable tool

48
00:02:40,080 --> 00:02:42,360
‫and then you're going to have to install it

49
00:02:42,360 --> 00:02:44,550
‫on your iPad or iPhone.

50
00:02:44,550 --> 00:02:48,150
‫And then you are just going to open the app

51
00:02:48,150 --> 00:02:49,590
‫and just hit one button.

52
00:02:49,590 --> 00:02:51,810
‫That's very simple,

53
00:02:51,810 --> 00:02:54,330
‫and it will do all the steps

54
00:02:54,330 --> 00:02:59,250
‫for you and it will jail break your iPad or iPhone.

55
00:02:59,250 --> 00:03:03,000
‫So I'm gonna do this, I'm going to open Google

56
00:03:03,000 --> 00:03:06,720
‫and let me show you my version one more time.

57
00:03:06,720 --> 00:03:10,260
‫So go into the settings and go into the general.

58
00:03:10,260 --> 00:03:13,440
‫And if you click on about over here

59
00:03:13,440 --> 00:03:16,590
‫you can find your own version as well.

60
00:03:16,590 --> 00:03:18,003
‫In my case, it's 9.3.5.

61
00:03:20,160 --> 00:03:22,950
‫It's an old version because it's an old device.

62
00:03:22,950 --> 00:03:25,290
‫So I got to spare this

63
00:03:25,290 --> 00:03:29,130
‫for jail breaking and I'm very happy about it.

64
00:03:29,130 --> 00:03:33,029
‫Okay, so as you can see there like a thousands,

65
00:03:33,029 --> 00:03:37,830
‫hundreds of thousands results over here show all showing how

66
00:03:37,830 --> 00:03:42,423
‫to jailbreak iOS devices with related version.

67
00:03:43,380 --> 00:03:45,710
‫So make sure you do that.

68
00:03:45,710 --> 00:03:50,220
‫I'm sure you will find a suitable tool for you.

69
00:03:50,220 --> 00:03:54,750
‫But there are some minor things to consider over here,

70
00:03:54,750 --> 00:03:58,800
‫which maybe you cannot find in tutorials online.

71
00:03:58,800 --> 00:04:01,830
‫Because most of the time these tutorials actually

72
00:04:01,830 --> 00:04:06,813
‫suggest having one of these application stores

73
00:04:07,770 --> 00:04:12,770
‫like Tweak Box or IPA Box or iOS Ninja in your iOS device

74
00:04:14,730 --> 00:04:19,170
‫and then downloading the related tool in order

75
00:04:19,170 --> 00:04:23,100
‫to jail break your device from this,

76
00:04:23,100 --> 00:04:27,330
‫from those actually applications.

77
00:04:27,330 --> 00:04:31,410
‫And most of the time this doesn't even work.

78
00:04:31,410 --> 00:04:33,600
‫So let me show you what I mean.

79
00:04:33,600 --> 00:04:36,570
‫You can actually install this Tweak Box,

80
00:04:36,570 --> 00:04:41,570
‫IPA Box or iOS Ninja to your iOS device easily, okay?

81
00:04:42,870 --> 00:04:45,690
‫By going into their website.

82
00:04:45,690 --> 00:04:49,890
‫But then if we just open it,

83
00:04:49,890 --> 00:04:50,820
‫then it won't work.

84
00:04:50,820 --> 00:04:52,860
‫Let me show you what I mean.

85
00:04:52,860 --> 00:04:57,603
‫So I opened one of the applications,

86
00:04:58,751 --> 00:04:59,584
‫and yeah,

87
00:04:59,584 --> 00:05:03,840
‫we have some kind of different advertisements over here

88
00:05:03,840 --> 00:05:07,800
‫but if you come over here to jail break section

89
00:05:07,800 --> 00:05:10,140
‫you will see a lot of tools.

90
00:05:10,140 --> 00:05:10,973
‫Okay?

91
00:05:10,973 --> 00:05:12,780
‫As you can see there are a lot of applications

92
00:05:12,780 --> 00:05:14,220
‫over here as well.

93
00:05:14,220 --> 00:05:18,150
‫But we are interested in the jail breaks particularly.

94
00:05:18,150 --> 00:05:20,850
‫And as you can see, we have this Electra,

95
00:05:20,850 --> 00:05:23,910
‫we have this Physics, we have this Houdini,

96
00:05:23,910 --> 00:05:28,680
‫and these are all aimed for different iOS versions.

97
00:05:28,680 --> 00:05:30,150
‫For example, this one

98
00:05:30,150 --> 00:05:34,337
‫is for jail breaking iOS 12 or iOS 12.1.2.

99
00:05:36,000 --> 00:05:36,833
‫Okay?

100
00:05:36,833 --> 00:05:39,690
‫So if you're iOS 11, then you should look

101
00:05:39,690 --> 00:05:44,370
‫for another device, another tool actually, not device.

102
00:05:44,370 --> 00:05:46,404
‫And in my case this

103
00:05:46,404 --> 00:05:51,404
‫the tool that I was in need was a Phoenix.

104
00:05:51,540 --> 00:05:55,980
‫So I Googled iOS 9.3.5 jailbreak

105
00:05:55,980 --> 00:05:58,830
‫and I came up with this Phoenix tool.

106
00:05:58,830 --> 00:06:01,080
‫It actually works.

107
00:06:01,080 --> 00:06:04,320
‫It actually jail breaks, you can see Phoenix

108
00:06:04,320 --> 00:06:06,150
‫in my iPad over here.

109
00:06:06,150 --> 00:06:09,090
‫I installed it, but I didn't install it

110
00:06:09,090 --> 00:06:12,930
‫from IPA Box or iOS Ninja or any other app.

111
00:06:12,930 --> 00:06:15,270
‫I'm going to show you how to install it

112
00:06:15,270 --> 00:06:17,010
‫in a much better way.

113
00:06:17,010 --> 00:06:19,080
‫As you can see now, it says that, yeah

114
00:06:19,080 --> 00:06:22,170
‫your iPad is just already jail broken.

115
00:06:22,170 --> 00:06:24,930
‫There isn't much to do over here.

116
00:06:24,930 --> 00:06:29,610
‫But if it wasn't, I would have seen just a button over here.

117
00:06:29,610 --> 00:06:30,753
‫And when I,

118
00:06:31,694 --> 00:06:34,620
‫all I had to do is just click on that button,

119
00:06:34,620 --> 00:06:38,850
‫it took care of the rest process for me.

120
00:06:38,850 --> 00:06:40,320
‫Okay?

121
00:06:40,320 --> 00:06:42,960
‫So it's very easy to jail break

122
00:06:42,960 --> 00:06:46,350
‫once you find the tool on your own.

123
00:06:46,350 --> 00:06:50,340
‫So just try to Google your version,

124
00:06:50,340 --> 00:06:51,173
‫okay?

125
00:06:51,173 --> 00:06:53,400
‫Like this, and try to look for the results.

126
00:06:53,400 --> 00:06:54,233
‫As you can see

127
00:06:54,233 --> 00:06:57,660
‫Phoenix Jail Break is actually one of the first results.

128
00:06:57,660 --> 00:07:00,420
‫So I've downloaded it from here.

129
00:07:00,420 --> 00:07:03,450
‫But in order to make this work, you have to

130
00:07:03,450 --> 00:07:08,190
‫know how to download IPAs, that is the final product

131
00:07:08,190 --> 00:07:11,100
‫of iOS applications and install it

132
00:07:11,100 --> 00:07:14,130
‫on a non jail broken device.

133
00:07:14,130 --> 00:07:17,193
‫We're gonna do that within the next lecture.