Security researcher Brandon Plank has released rootlessJB4 – a rootless jailbreak for iOS 12.4.7 and below. Here’s how you can jailbreak your iPhone, iPad, or iPod using this new tool.
Table of Contents
What is rootlessJB4?
rootlessJB4 is a “rootless” jailbreak designed for iPhone, iPad, and iPod devices running iOS 12.0-12.4.7 firmware. It is developed by security researcher Brandon Plank.
Just like unc0ver and Chimera, rootlessJB4 is a “semi-untethered” jailbreak, meaning the jailbreak does not persist after a reboot. Once the jailbreak “expires”, you will have to re-jailbreak your device with the rootlessJB4 app.
The main difference between traditional tools and rootless jailbreak is that it does not modify the root directory of your device.
Since the root directory is unmodified, it becomes harder for App Store applications to detect jailbreak on your device.
The “rootless” approach has its upsides, but it also has a few major downsides that can completely ruin your jailbreak experience.
For instance, most Cydia tweaks do not work properly on a rootless jailbreak due to the aforementioned restrictions. Furthermore, traditional package managers such as Cydia, Sileo, or Installer require access to the root directory, and, hence, do not work with a “rootless” tool.
Warning – Remember, rootless jailbreak tools are meant for advanced users and researchers. If you are a regular user, we highly recommend you go with Chimera, checkra1n, or unc0ver.
Which devices/firmware are compatible with rootlessJB4?
- iPhone 5/5S
- iPhone 6/6S
- iPhone 6/6S Plus
- iPhone SE
- iPhone 7/7 Plus
- iPhone 8/8 Plus
- iPhone X
- iPad Pro (10.5-inch)
- iPad Pro (12.9-inch) (1st/2nd-generation)
- iPad (9.7-inch)
- iPad Mini 2
- iPad Mini 3
- iPad Mini 4
- iPad Pro (1st-Generation)
- iPad Air (1st-Generation)
- iPad Air (2nd-generation)
- iPad (5th-generation)
- iPad (2018, 6th generation)
- iPod touch (6th-generation)
- iPod touch (2019, 7th-generation)
Download rootlessJB4 IPA
- RC.2.1 – Adds iOS 12.4.8 compatibility. Improved user interface.
Download SailySandBoxed IPA
- A compatible iPhone, iPad or iPod Touch
- A compatible iOS operating system
- A computer running macOS or Windows
- A stable internet connection
- AltStore signing utility
How to jailbreak iOS 12.0-12.4.8 with rootlessJB4
Setup and Install AltStore
Step 1 Install iTunes on your computer. If you have it installed on your computer, skip this step.
Step 2 Download and install iCloud for Windows. Log into your Apple account using your Apple ID and password.
Step 3 Download AltStore for Windows or macOS. We will use Windows for the sake of this tutorial.
Step 4 Open the AltStore archive you downloaded above. Extract AltInstaller and Setup files to a folder called AltStore on your desktop (or any other directory).
Step 5 Launch Setup, click Next, select the installation folder, and click Next again.
Step 6 Go to the installation location – C:\Program Files (x86)\AltServer.
Step 7 Right-click on AltServer and select Run as Administrator.
Step 8 Connect your Apple device to your computer.
Step 9 Click on Install AltStore and select your device from the dropdown menu.
Step 10 Enter your Apple ID username and password again to authenticate the installation.
Step 11 If you have two-factor authentication enabled, enter the verification code sent to your device as shown below.
Step 12 Wait for the installation to finish.
Step 13 Once the AltStore app appears on your home screen, go to Settings > General > Device Management and select the email associated with your Apple ID.
Step 14 Select Trust <your Apple ID email> to authenticate AltStore.
Sideload rootlessJB4 IPA
Step 15 Launch Safari.
Step 16 Download the rootlessJB4 IPA file using the link given above. The file size is 38.2 MB and it will take 10-15 minutes for the download to finish.
Step 17 Once the download finishes, select the required IPA file from the downloads manager.
Step 18 Select the “open with” icon in the top-right corner of the display and tap Copy to AltStore.
Step 19 Wait for AltStore to sign the jailbreak application. Remember, your device must stay connected to your computer during the sideloading. Once it successfully sideloads the app onto your device, the app will appear on your home screen.
Step 20 Launch rootlessJB4 from your home screen. Ensure the following options are enabled –
- Install Saily Daemon
- Load Tweaks
- Install Filza
- Install ReProvision
Step 21 Press Jailbreak to start the exploitation process. According to the developer, the success rate of the exploit is a measly 5%. So, if you get the “Exploit Failed” error message, keep retrying until the exploit succeeds and your device is jailbroken.
Install Saily Package Manager
As mentioned above, traditional package managers like Cydia and Sileo do not work with rootless jailbreaks. To fix this issue, Brandon Plank has bundled a sandboxed version of Saily with rootlessJB4.
Here’s how you can install it on your Apple device.
Step 22 Launch Safari again and download the SailySandBoxed IPA file using the link given above.
Step 23 Copy the file to ReProvision.
Step 24 ReProvision will now prompt you to install the app using your Apple ID.
Step 25 Tap Install and wait for the installation to finish. Once the sideloading process is over, the package manager will appear on your home screen.
Known Issues and Bugs
As of the time of publishing, rootlessJB4 is riddled with bugs and glitches. Here’s the list of all known bugs and issues present in the RC.2.0 version.
- Saily package manager can’t install several tweaks at the moment.
- Developers will need to update their packages for “rootless” compatibility.
- The device goes in a respring loop on the very first install.
- The device kernel-panic when installing a tweak.
- Reboot required to complete the installation of several tweaks.
- Rebooting using the slider throws the device into a respring loop. A hard reset fixes that issue.
Future Development and Updates
- fixmMap to be released for App Store applications.
- Add support for user filesystem remount but nothing will be written to the root directory.
- New tweak injection system because the current system makes the device kernel-panic while installing tweaks.
- Support for Apple devices having the A12 Bionic system-on-chip.
That’s all there’s to it! If you run into issues while jailbreaking, just leave a comment below.
Hey Gian, is there anyway I can please contact you directly? I’ve been trying to have my name/comment removed from an older post by yours for over a year but I had no luck, I used the “contact feature” on this site, but never got a response back.
The link is https://yalujailbreak.net/snapchat-10-30-blocks-third-party-apps/?unapproved=16647&moderation-hash=e0ab8a612396832b2f8f3de6298843de#comment-10941
my name is “Sevada”.
I got a response from you on July 8 when I accidentally posted on that URL (thinking it was the personal contact of the site). I was happy that I got a reply from you, and you said that you’d remove my name, but my comment still showed.
Just for clarity, I created a link through imgur (trustable site) of both the original comment, and the accidental comment here https://i.imgur.com/z7cH1BE.png . If you could please remove both, that would relieve me so much of my concern, thanks man and sorry for such a long post, i’ve just been tackling this for a while now.