The unc0ver jailbreak for starters

Yesterday, unc0ver by @Pwn20wnd got bumped to version 3.7.0b1, adding support to A12 (= 2018 models) devices on iOS 12.4. You're interested, so you want to try it on your iPhone XS Max, but you don't know where to start. I've got you covered! In this post, we'll take a look at the basics of jailbreaking.

Ok, cool, but what's a jailbreak?

A jailbreak is the act of evading from Apple's limits (a "jail"), thus allowing us to do stuff that couldn't simply be possible on a jailed (= non jailbroken) device.

Nowadays, the main jailbreaking utilities are two: unc0ver by Pwn20wnd and Chimera by coolstar. In this post we'll take a look at the former.

Jailbreaks can be divided in 4 categories:

• Tethered: The device cannot boot unless it's connected and turned on by a computer
• Semi-tethered: The device boots normally, but to enter jailbroken mode, you must connect it to a computer and made it load the jailbreak from there.
• Semi-untethered (this one is relatively newer than the others): The device boots normally, but to enter jailbroken mode you must run it through an app installed on your device.
• Untethered: The device boots in jailbroken mode without the need of a computer

Both the unc0ver jailbreak and the Chimera jailbreak are semi-untethered types of jailbreak.

What does jailbreaking allow me to do?

Jailbreaking allows you to do things such as installing themes, modifying system appearance and behavior and even installing apps not present on the App Store (like emulators).

What's unc0ver?

unc0ver is Pwn20wnd's jailbreaking utility. It supports all devices on a version between 11.0 and 12.4 (two major versions – that's a lot, really) with the exception of 12.3 - 12.3.2 not being supported*, it features Cydia by Saurik (the main "jailbreaking app store", it's been around since 2008) and Substrate as the tweak loader. It's so stable it's like a stock (= non modified) OS, it's blazingly fast and it rarely misses a shot (well, on some devices, we'll talk about that later).

*: as listed on unc0ver's official website.

I want to try it; how?

You essentially have two methods of sideloading (installing the app on your device) unc0ver on your device. No, you won't find it on the App Store. That's because Apple strictly forbids the usage of jailbreaks (although most Apple Store employees don't really care). You essentially have to use two methods:

1. Sideloading through Cydia Impactor
   Your best bet is to download the latest .ipa from the unc0ver website and Cydia Impactor from here. Install iTunes from Apple's website (not from the Microsoft store) if you haven't done so already. Now, you'll want to open Cydia Impactor (do not run as administrator if you're on Windows) and drag the .ipa over the main window. It'll ask you for your Apple ID email. Enter that, and now it will ask you for your password (don't worry, it's secure).
   Now, the password you're gonna enter will differ based on whether you've enabed 2 factor authorization on your Apple ID or not (if when you login it asks you for a code from other devices, it's enabled). If it's not enabled, just enter your usual password. If it's enabled, instead, follow the section below ("How do I obtain an App-specific password?"). Then, back to Cydia Impactor, paste the password and watch it intall unc0ver on your device in a matter of seconds. This method is the most reliable, as it not only can be done whenever, but it also doesn't rely on someone else's servers being up. The only downside is that you'll need to repeat this process every 7 days, which you can automate with a method we'll discuss later on. If you see an error, refer to the next section for help.
2. Sideloading through a signing service
   If you don't have access to a computer, or you're tired of running method #1 every week, you can use a signing service, like Jailbreaks.fun (they have the authorization to host every app, so it's 100% ok with r/Jailbreak's rules). To install unc0ver, you'll have to visit the website, then tap on unc0ver 3.7.0b1 (or whatever the latest version is) and, when the installation popup appears, press Install. When it's done, you'll see unc0ver's icon next to your other apps, in the home screen.

If you try to open unc0ver right now, it'll say the app is not authorized. Take a note of who is the "developer", because we'll need it soon. The next step, common to both, is verifying that the "developer" (you in case you used Cydia Impactor or some Chinese company in case you used a signing service) is trustworthy. It may sound incredibly complicated, but it's just a matter of seconds. To authorize the developer, just go to the Settings, then General, tap on Profile and Device Management, and lastly, tap on the "developer" from before and tap on Authorize. If all goes well, you'll be able to open unc0ver and proceed to the next section. If you see something weird, refer to the next sections for help.

Common issues with Cydia Impactor

• "ios/submitDevelopmentCSR"
  This error means you have already used all of your two available certificates for a free developer account. To fix, click on Xcode, then Revoke certificates, re-login (like you did before, you can use the same App-specific password) and retry.
• "Please sign in with an app-specific password. You can create one at appleid.apple.com"
  This, obviously, means you've enabled 2 factor authorization, yet you tried to use your usual password. Generate an App-specific password (follow the section above) and retry.

If you're having any other kind of issue, leave a comment below.

Common issues with signing services

• The application's icon looks dimmed and does nothing when I tap on it
  This means that unfortunately, the signing service's certificate has been revoked. You're gonna have to use Cydia Impactor for now.
• It says that the developer needs to be authorized, but I've already done so
  This also means that the signing service's certificate has been revoked, and you're also gonna have to use Cydia Impactor for now.
• When I tap on Install, there's no popup
  This may happen if you've just booted your phone; give it some time and the popup will show.

Again, if you're having any other kind of issue, leave a comment below.

Ok, now I see unc0ver. What do I do?

If you've gotten to this point, congratulations! You're one, simple step away from jailbreaking: open the app and thap on the big blue button to start the process! If anything goes well, you'll see a popup telling:

Successfully renamed system snapshot

It will reboot your device. To once and for all finalize the jailbreak process, reopen the app and tap the big blue button once again. It'll respring (it's like a reboot, but it's softer, meaning it won't remove the jailbreak unike a real reboot), and then you should find Cydia on your home screen. Open it and you'll have finished the jailbreaking process.

Whatever Cydia says, don't update any essential package unless they're confirmed to work by r/Jailbreak!

Common issues with unc0ver

• "Unable to create system snapshot. Delete OTA file from Settings - Storage if present"
  This means you have the 12.4.1 or 13.0 iOS update downloaded. To fix this, simply go to Settings, General, iPhone/iPad/iPod Free Space and delete the iOS 12.4.1/13.0 update from there. A full reboot should fix the issue and you'll be able to jailbreak.
• Whatever I do, I can't jailbreak (a.k.a. other errors)
  This means you have the exploit set to Sock Port 3.0. Switch to Sock Puppet 3.0 and retry.

If you're having any other kind of issue and/or you couldn't fix these ones with the fix I've provided, leave a comment below.

What about stability? You said it only worked well on some devices

And it's true. On older devices, specifically A7 and A8 devices (iPhone 5s, iPhone 6, iPhone 6 Plus, iPod touch 6th generation, iPad Air, iPad mini 2, iPad mini 3 and iPad mini 4), it does work, however the success rate of the exploits is a bit lower.

Ok, but I'm tired of connecting my iPhone to my computer to resign unc0ver...

There's a trick for you! Open Cydia, switch to the Sources tab, tap Edit, then Add and insert the following URL (don't forget the https://): https://repo.incendo.ws. Then refresh sources (it's done automatically), switch to the Search tab and search for ReProvision. Once installed, it'll ask you for your Apple ID details (see "Sideloading through Cydia Impactor" and "How do I obtain an App-specific password?"). Once you've got the details, you'll see unc0ver's icon (it should be the only icon, but it won't be if you've sideloaded other apps). Tap on it and select Install. This'll enable auto-signing, which means that every 5 days or so the app will be resigned. Note that this only applies in jailbroken mode, ie. if you're unjailbroken (= out of the jailbroken mode) and you stay like that for a week, unc0ver won't be resigned.

How do I obtain an App-specific password?

You'll need to go to the Apple ID homepage and login (enter the 6-digit auth code), then you'll need to select "Generate App-specific password". Give it a name, it can be random (mine is called "cycycycy"), then press ok and copy the password (it's formatted like this: “abcd-1234-efgh-5678“).

I'm all good, but I've seen a lot of wonderful themes! How do I install them?

You'll need to open Cydia once again, go to the Search tab and search for Snowboard (and the theme of your choice, Felicity is a great one and it's also free). Once you install it and respring, go in the Settings, then scroll down to Snowboard and tap on Select theme... then tap on the theme/theme extensions that you want to apply (for example, some themes might have an "Alt icons" extension) and go back. When you go back to the home screen, the theme will be applied.

Final considerations

In this guide, we took a look at the very basics of jailbreaking, plus a couple nifty tricks that'll come in handy for sure.

If you liked this post, don't forget to share it with your friends and with anyone who might be interested. If you have any problem or just want to say hi, don't be scared to write a comment down below. See you in the next post!