Electra Development Team just released the A12-compatible Chimera jailbreak for iOS 12.0-12.4. Here’s how you can download and install it on your iPhone, iPad, and iPod touch.
Table of Contents
What is Chimera?
Chimera is a semi-untethered jailbreak tool for iOS 12.0-12.5 firmware. It is developed and designed by Coolstar, Nullpixel, Alessandro Chiarlitti, and AppleBetas.
Written from the ground up, Chimera is the first “true” jailbreak tool developed for iOS 12.
Unlike unc0ver and other primitive alternatives, it offers full compatibility with devices having the A12/A12X processor (iPhone XS/XS Max, XR, and the new iPad models).
Chimera is based on Brandon Azad’s voucher_swap exploit for iOS 12 and features a full-blown CoreTrust bypass that ensures the user doesn’t have to resign binaries over and over again.
Up until now, all major developers have shipped Cydia as the default package manager with their tools.
What sets it apart from other alternatives is the inclusion of Sileo, a modern Cydia replacement designed for the latest Apple devices, as the default package manager.
You can grab this tool using the link below. But before you do that, make sure that your device is present in the compatibility list below.
Which devices are supported?
- iPhone XS
- iPhone XS Max
- iPhone XR
- iPhone X
- iPhone 8 and 8 Plus
- iPhone 7 and 7 Plus
- iPhone SE
- iPhone 6S and 6S Plus
- iPhone 6 and 6 Plus
- iPhone 5S
- iPad Mini 2
- iPad Mini 3
- iPad Mini 4
- iPad Air
- iPad Air 2
- iPad (2017) 5th Generation
- iPad (2018)
- iPad Pro (11-inch)
- Third-generation iPad Pro (12.9-inch)
- iPod touch (6th generation)
All in all, A7 -A11 devices are fully compatible with iOS 12.0-12.4 while A12 devices running iOS 12.0 -12.1.2 are good to go. Unfortunately, Chimera does not support iOS 12.1.3 and later operating systems on A12 devices.
Download Chimera jailbreak
- v1.6 – (12.0-12.1.4/12.2-12.5)
- v1.5.1 (fat/slim)
- v1.5.0 Beta 1 (fat/slim)
- v1.6 – Officially verified to work on iOS 12.5 (Chimera v1.5.1 already worked on 12.5).
- Backports more of Odyssey’s changes to Chimera.
- the platform-application entitlement is now no longer required for binaries to run.
- skip-library-validation entitlement is now no longer required for libraries to load into binaries.
- improves the efficiency and reliability of Chimera.
- Note: These backported changes were adapted to use kexec [pac bypass], as such Chimera still only supports A12 devices up to iOS 12.1.2.
- Fixes potential app black screen issue during the jailbreak process.
- Fixes reliability issues with injecting into launchd during the jailbreak process.
- Fixes potential post-jailbreak kernel panics on 4K devices (A7/A8) improving the reliability of the jailbreak.
- jailbreakd plist has been moved to improve compatibility with odysseyra1n (jailbreakd no longer runs or crashes when booted with odysseyra1n).
- Fixes memory leak and slow performance if jailbreakd is restarted.
- Experimental support for full userspace reboot.
- To test userspace reboot you can run
launchctl reboot userspace.
- Userspace reboot should complete in about 15 seconds.
- Userspace reboot works about 50% of the time (hence the jailbreak itself is still using ldrestart as it’s more reliable).
- To test userspace reboot you can run
- Backports more of Odyssey’s changes to Chimera.
- v1.5.1 – This fixes some compatibility issues between Chimera and Odysseyra1n:
- Rejailbreaking an existing Odysseyra1n installation with Chimera will no longer wipe packages database
- Rejailbreaking an existing Chimera installation with checkra1n (for Odysseyra1n) will have a working read/write filesystem
- RocketBootstrap from the Odyssey repo will now work correctly on Chimera
- This also fixes the following additional issues:
- Exploit selector on iOS 12.2 & 12.4 now works correctly (to allow switching between sockpuppet and life_waste)
- v1.5.0 Beta 1 – Adds Procursus/libhooker support to Chimera. The v1.5.0b1 IPA file does not have migration support, so existing users will still have to rely on the stock Chimera bootstrap. New users (and those who perform a rootfs restore) will get Procursus bootstrap and libhooker support.
- v1.3.9 – Improves success rate of SockPuppet 3.0 exploit, especially on 4K devices.
- v1.3.8 – Fixes error handling of nonce setter on A12 devices on iOS 12.1.3 and above. Fixes an issue with nonce setter on models that haven’t used igetnonce.
- v1.3.7 – Supports setting nonce generator on A12 devices running iOS 12.1.3-12.2 and 12.4.
- v1.3.5 – Improves reliability of SockPuppet exploit, fixes a crash issue.
- v1.3.4 – Fixes random reboots on iOS 12.2 as well as 12.4, fixes Sileo not installing properly on iOS 12.0-12.1.4, adds tvOS 12.2 and 12.4 compatibility to Apple TV.
- v1.3.3 – Replaces SockPuppet and SockPuppet2 with SockPuppet3 exploit, adds support for A7 and A8X devices, all A7-A11 devices (iOS 12.0-12.4) and A12 devices (iOS 12.0-12.1.2) are now compatible.
- v1.3.0 – Adds support for iOS 12.4 on A8 devices.
- v1.2.9 – Adds bug fixes and usability improvements to the application.
- v1.2.8 – Adds support for A9-A11 devices running iOS 12.4.
- v1.2.6 – Adds SockPuppet 2.0 to iOS 12.1-12.2 firmware for increased reliability.
- v1.2.5 – Improves stability on iOS 12.2 firmware, fixes freezing issues on 12.0 – 12.1.x, adds Ned Williamson to in-app credits.
- v1.2.4 – Adds support for A7/A8 devices running iOS 12.1.3-12.2 and some beta versions of iOS 12.3.
- v1.2.3 – Adds support for iOS 12.3 beta versions (except for iOS 12.3 Beta 6).
- v1.2.2 – Fixes an issue where v1.2.1 failed to jailbreak A12 devices with the voucher_swap exploit.
- v1.2.1 – Fixes exploit failure on iOS 12.2 devices.
- v1.2.0 – Adds support for iOS 12.1.3-12.2 for A9-A11 devices.
- v1.1.0 – Updates Sileo to version 1.1.5. Fixes Sileo not showing up on the home screen after jailbreak.
- v1.0.9 – Includes several stability fixes and optimizations, updates Sileo package manager to version 1.1.2.
- v1.0.8 – Fixes Sileo icon not showing up after jailbreaking.
- v1.0.7 – Makes re-jailbreaking quicker (4 seconds as compared to 12 seconds in older versions).
- v1.0.6 – Improves success rate, fixes a bug in v1.0.5 that results in automatic RootFS restore.
- v1.0.5 – Fixes the send bug in Mail, updates Sileo to version 1.0.6, fixes camera bug on A12 devices.
- v1.0.4 – Removes broken SSH toggle in v1.0.3 and replaces it with a working toggle.
- v1.0.3 – Fixes RocketBootstrap on certain models and updates Sileo to version 1.0.5.
- v1.0.2 – Fixes jailbreak issues with A12X iPad devices.
- v1.0.1 – Fixes voucher_swap exploit in the beta firmware as well as several iPad Pro devices. Reduces the size of IPA file by 32%.
- v1.0.0 – Initial release.
- A compatible iPhone, iPad, or iPod touch
- A compatible iOS firmware version
- A computer running Windows, Linux or macOS (optional)
- Cydia Impactor utility (optional)
- Internet connection
How to jailbreak iPhone XS, XS Max, XR and below with Chimera
Step 1 Unlock your Apple device and connect it to your computer.
Step 2 Launch Cydia Impactor and ensure it successfully recognizes your device. If you don’t have it installed on your computer, download it from this link.
Step 3 Download the latest IPA file from the download section above.
Step 4 Drag this IPA file over to Cydia Impactor to start the installation.
Step 5 Cydia Impactor will now prompt you to enter your username and password. Enter your credentials and hit enter.
Step 6 Wait for the installation to complete. Once done, the app should appear on your home screen. You can disconnect your device from your computer at this point.
Step 7 Open the stock Settings app and navigate to General > Profiles & Device Management. Select the developer certificate associated with your email address and tap Trust.
Step 8 Open the Chimera application and hit the Jailbreak button to start the jailbreak process. The spinning wheel
Step 9 Wait for the exploitation to complete. If the app displays “Reboot Required”, the exploit has succeeded and you will now have to restart your device to complete the jailbreak process.
If your iPhone/iPad restarts before it the spinning wheel completes all the three steps, the exploit has failed. Go back to step 8 and keep trying until the exploit succeeds.
Step 10 Launch Sileo Cydia alternative from the home screen and start downloading your favorite tweaks!
Step 1 Open Safari and visit to this website – https://ignition.fun
Step 2 Navigate to the apps section, select Jailbreaks > Chimera.
Step 3 Tap GET and wait for the installation to commence. Once your device displays the installation prompt, press Install to confirm. Wait for the installer to load the app on your device.
Step 4 Go to Settings > General > Profiles & Device Management and trust Ignition’s enterprise certificate. If you are unable to locate the required certificate to trust, simply select the one that’s currently untrusted.
Step 5 Close all open apps from the app switcher and go to your home screen.
Step 6 Open the Chimera app and hit Jailbreak.
Step 7 Wait for the spinning wheel to complete the required steps. At this stage, you would want to reboot your iPhone or iPad as it is a part of the exploitation process.
Step 8 Once the app displays “Jailbroken”, your device will be successfully put in jailbreak mode.
If, for some reason, you are unable to get it working, check out the video given below.
— Yalu Jailbreak (@Yalujb) April 30, 2019
How to re-jailbreak your iPhone, iPad, and iPod
Since Chimera is a semi-untethered tool, your device will eventually run out of jailbreak juice. The reason being that Apple allows free developer certificates to only sign an app for a period of seven days.
You will no longer be able to use the jailbreak application should you not resign it at regular intervals.
Below is a quick tutorial that outlines how to re-jailbreak your Apple device if you reboot it into the no-jailbreak mode and are unable to use the app.
Step 1 Delete the existing Chimera application from your iPhone XS/XS Max/XR or below.
Step 2 Open Cydia Impactor again and drag the latest IPA file over to it.
Step 3 Enter your credentials and wait for the app to get loaded on your device.
Step 4 Run the app and hit the Jailbreak button.
That’s all there’s to it. If you get stuck anywhere or get hung up on unforeseen issues, feel free to leave a comment below.
As of this writing, there are quite a few issues with Chimera, namely –
- Jailbreaking may fail on the iPad Pro with A12X SoC as well as iOS 12.1.1 Beta 3 firmware.
- PreferenceLoader doesn’t work properly.