What is Blizzard Jailbreak?
Blizzard Jailbreak is a jailbreak tool developed by iOS security enthusiast GeoSn0w (me), which was initially designed, completed, and released for iOS 9.0 – 9.3.6. It is now being updated to work on iOS 15.0 all the way up to iOS 16 on checkm8 compatible devices.
The iOS 15 fork and the iOS 9 fork are entirely different, and similar only in name. While the iOS 9 is a userland jailbreak powered by a kernel exploit with patches done from the userland Blizzard application, the iOS 15 fork exploits and patches the Boot Chain in order to achieve the jailbreak.
Will this jailbreak come with Cydia?
Cydia is massively broken on iOS 15 / 16 and the developer who wanted to fix it decided to quit their project, as such, IF finished, Blizzard Jailbreak will give you the option to choose between:
- Installer 5
Pick whatever you like best, or all of them. I am a strong believer people should have a choice.
Why develop Blizzard jailbreak for iOS 15?
Because nobody else would. It’s been a year and we still do not have a jailbreak for iOS 15, so I decided to experiment a bit with checkm8 and see what I can do. CheckRa1n isn’t updated for iOS 15, Unc0ver isn’t updated for iOS 15, and Cheyote is currently postponed indefinitely by Coolstar, leaving us with no choices.
Having released Blizzard Jailbreak in the past for other iOS versions, I do have jailbreak development experience. Whether that will be enough to complete this project we will see.
Blizzard Jailbreak Current Status:
October 4th, 2022 – Latest Updates
- ✅ Sileo is now working! Refer to the Twitter post below for a demo 😛
- ✅ Procursus Rootless Bootstrap now working fine. The Rootless Bootstrap is used as Blizzard Jailbreak on iOS 15 and 16 and will not be doing ROOT FS remounting / union mounts. This is actually much better and cleaner, and it is a huge step towards making jailbreak detection impossible for apps.
- ✅ Filza working fine.
- ✅ SSH working fine!
October 3rd, 2022
- ✅ Sandbox patches are now allowing fork() operations, reading, and writing outside app containers, and most SBOPS hooks are patched.
- ✅ Unjailbreak function is now complete, allowing you to nuke Blizzard Jailbreak out if needed. It’s not perfect, it relies on tweak developers to write their files ONLY in the jb folder. It’s somehow of a consensus by now on rootless jailbreaks, but I am sure there will be some tweak developers who will write across /var which sucks because it’s very hard to clean up. Standard ROOT FS restore is effectively dead on iOS 15 and 16 because we don’t mess with the ROOT FS anymore (rootless means all files are written to the /var / user partition.
- ⏳ setuid(0) is currently broken on some versions, patching is in progress.
September 26th, 2022
- ✅ Preliminary tests of the iOS 15 bootstrap are good. Working as intended.
- ✅ Fixed a major issue with SBOPS hooks causing a userspace hang.
- ⏳ Working on other important kernel patches.
- ✅ Userland application for handling package manager installation is now complete.
- ❌ On iPhone 8, 8 Plus, and iPhone X (A11), you will have to restore the device if you ever had a passcode. Apple changed SEP even more. All checkm8 jailbreaks are affected by this on iOS 16.
September 19th, 2022
- ✅ Successfully tested SSH using Blizzard Jailbreak.
- ✅ Successfully built and tested Sandbox Escape patches on iOS 15.7 and iOS 15.6.1.
September 15th, 2022
- ✅ Finished all AMFI / CodeSign patches!
- ✅ Successfully tested launched patches.
- ✅ Fixed a patch that was preventing SEP from properly decrypting the data partition.
September 10th and earlier
- ✅ AMFI / Codesign successfully patched at the kernel level. Executing arbitrary binaries with custom entitlements works.
- ✅ Successfully built an SSH-capable ramdisk for iOS 15 and 16 Beta for initial testing. SSH Ramdisks won’t be used in the end, they are used just for testing the other boot chain patches.
- ✅ Successfully mounted the Root File System (jailbreak will be rootless for now).
- ✅ Developed Blizzard Jailbreak Booter tool which boots the patched boot chain to the device automatically after patching the BootROM signature checks.
- ✅ Patch iBoot to load the patched kernel without the aid of Ramdisks or iBEC (ideal).
- ✅ The Custom Apple logo for booting the jailbreak is now working!
- ✅ Successfully booted the patched boot chain components and loaded my custom ramdisk.
- ✅ Successfully patched iBSS, iBEC, DeviceTree, Ramdisk, and Kernel to disable checks, enable verbose boot, enable serial debugging via DCSD cable, and load modified binaries.
- ✅ Successfully got checkm8 working on my test iOS 15 and 16 devices, and PWNED DFU Mode works.
- ✅ Configured the development environment.
Currently still in development, but necessary:
- ⏳ I am working on developing a patchfinder bare-metal program to tack it to the end of iBoot and jump to it at boot (apply patches on the fly).
- ⏳ Tweaks aren’t working/haven’t been tested yet.
- ⏳ The process of patching the boot chain is currently manually done, I need to write an app that does this.
- ⏳ @Yalujb (fake Yalu Twitter account) should probably stop stealing content from this page and not even crediting me.
- ⏳ LibHooker not yet tested.
- ⏳ Work has begun towards the post-boot application which controls installing Sileo, uninstalling the jailbreak, enabling SSH, etc.⏳
- ⏳ Other stuff I don’t even know about yet. Jailbreaking is NOT easy.
The latest posted news about Blizzard Jailbreak
— GeoSn0w (@FCE365) October 3, 2022
Will Blizzard Jailbreak for iOS 15 be free?
Yes. Blizzard Jailbreak will be free and open-source, and the links will be available on my Jailbreak Downloads page. The source code will be made available on GitHub, so in the eventuality, I can’t complete it myself for any reason, other people can step in and continue it.
What type of jailbreak is Blizzard on iOS 15 / 16?
It’s a semi-tethered jailbreak, just like CheckRa1n. I am planning to get tweaks running, and will very likely come with working tweaking platforms, nonce setter, etc.
Can I donate to you for development?
Nah, bro. This website is ad-supported. It’s enough. If you can turn off the ad blocker on my channel too, it’s even better. I do have a Patreon account, but it’s by NO MEANS necessary. I don’t have the best equipment. I develop on an iMac 2015 and mostly on iPod Touch 7 which doesn’t support iOS 16, so all iOS 16 testing is done by a third-party person online, however I won’t ask for donations.
Mostly because it backfires badly. This community has no patience, they want the gilbrick / glacial or something. 😃
By the way, DO THIS NOW:
What iOS devices will be supported by Blizzard Jailbreak?
The following devices are all supported by Blizzard Jailbreak on all iOS versions between iOS 15.0 to iOS 16.0 Beta (and newer). The Blizzard Jailbreak compatibility is as follows:
- iPhone X
- iPhone 8 Plus and iPhone 8
- iPhone 7 Plus and iPhone 7
- iPhone 6S Plus and iPhone 6S
- iPod Touch 7th Generation
- iPad (2019, 7th Generation)
- iPad (2018, 6th Generation)
- iPad Pro 10.5″ (2017)
- iPad Pro 12.9″ 2nd Generation (2017)
- iPad (2017) 5th Generation
- iPad (4th Generation)
- iPad Mini 4
Where can I follow the latest jailbreak news?
I am an iOS Jailbreak YouTuber (iDevice Central), so you can follow the latest news:
When are you gonna release it?
When it’s done. Please don’t bug me with “wen eta” questions, unless you want me to pull a Coolstar on you and say fuck it. NO PROMISES!