Tihmstar has done the impossible by developing an Apple Watch jailbreak for watchOS 4.1. Here’s how this jailbreak works and how you can use it on your Apple Watch.
jelbrekTime is v0rtex-based watchOS 4.0-4.1 firmware jailbreak for Apple Watch series 3. It is developed by the eminent German security researcher Tihmstar.
It’s quite rightly the first jailbreak to be ever developed for the Apple Watch. Although Ben Sparkes was the first developer to develop a watchOS jailbreak, he never released a fully functional app.
With that being said, jelbrekTime can’t run Substrate-based jailbreak tweaks as of yet. However, that could change in the future provided a developer ports Comex’s Substitute successfully to watchOS.
Here’s a quick rundown of jailbrekTime’s features –
- Exploits kernel using v0rtex
- Remounts root filesystem as read/write
- Root access (tfp0 patch)
- Extracts bootstrap.tar package
- h3lix kernel patches
Important – Remember, this is not a user-facing jailbreak. Please DO NOT install and jailbreak your Apple Watch unless you know what you’re doing.
Table of Contents
Which Apple Watch models are compatible with jelbrekTime?
watchOS 3 is incompatible. However, you can modify the project by implementing v0rtex exploit and adding kernel patches manually.
jelbrekTime only supports Apple Watch series 3 on watchOS 4.1 out-of-the-box.
If you own a different model, you must add more offsets to offsetfinder.c. You can access offsets for your particular model using the offset finder utility.
Since jelbrekTime utilizes v0rtex exploit, any version above watchOS 4.1 is incompatible. Apple patched v0rtex exploit in watchOS 4.2, thus rendering it useless for 4.2 and newer versions.
- Clone git repo.
- Open in XCode > select certificate for the main app, watch app, and watch extension.
- Build and run the iOS app on Phone.
- Open the stock Settings app, go to General > Profiles & Device Management trust your certificate.
- Run the iOS app on our iPhone via XCode again.
- Open jailbreak.m and set a breakpoint.
- Build and run Watchkit App on your Apple Watch.
- Launch the app again on your watch and accept the trust certificate therein.
- Run the Watchkit app via XCode and wait for it to install.
- Tap the jelbrekTime button in Watchkit App and wait Wait for the breakpoint to hit in XCode.
- You can now execute terminal commands by entering the following commands one after the other –
p mysystem(“ls /”)
p mysystem(“ps aux”)
Future development and support
Although the developer hates watchOS development, he intends to release a new version somewhere down the line. The new version will include the following features –
- BYOB (Bring Your Own Bootstrap)
- BYOO (Bring Your Own Offsets for non-watchOS 4.1 users)
- BYOS (Bring Your Own Shell)
You can expect some great stuff coming out for the Apple Watch ecosystem as it becomes more mature and enough developers jump on the watchOS bandwagon. iOS-style modifications like custom watch faces, new user interface, and other features could become possible in the future.
Check out our Facebook and Twitter pages for more jailbreak news and updates.