Developer Linus Henze released the Fugu15 open-sourced repo to the general public back on October 31st, 2022. This represents a major release for the iOS Jailbreak community as iOS 15 is yet to be jailbroken after more than one year since the release of iOS 15.0.
The community has been waiting for an iOS 15 jailbreak for many months now and for a long time it seemed the is no hope for a release, however, back at the Objective By The Sea security conference in early October, developer Linus Henze teased Fugu15, the successor of Fugu14 Jailbreak released a year before.
Of course, not a lot was known at that time about the jailbreak’s capabilities, but we did know for sure Linus Henze was using their own kernel exploit and PAC (Pointer Authentication Codes) bypass to achieve said jailbreak.
The Fugu15 Kernel Patchfinder
In jailbreaking a patchfinder is software that finds the location of the things we want to patch. These could be various checks, process structures, offsets, credentials, etc. Since iOS kernels employ KASLR (Kernel Space Layout Randomization), the location of the important functions and data will be randomized every time your phone boots.
The patchfinder is used to locate them in memory so that they can be patched in a way that would benefit a jailbreak (elevating privileges to root, escaping sandbox, remounting file systems, etc).
Back on October 27th, Linus Henze open-sourced the Patchfinder used inside Fugu15. At that time, Fugu wasn’t publicly available yet, but 4 days later it was also open-sourced on the same GitHub account.
Is Fugu15 a complete Jailbreak?
Mostly, yes. While pretty buggy and lacking tweak injection, for now, the demo jailbreak app put together by Linus Henze is extremely powerful. Just as we thought during the Objective By The Sea conference, Linus did in fact use their own kernel exploit and PAC bypass, making tweak injection rather trivial.
A developer like Coolstar, Pwn20wnd, or even me (GeoSn0w) could theoretically take Fugu15 and combine it with a tweak injection library like Substitute or LibHooker which would result in tweaks working.
Fugu15 already comes with Sileo package manager and the Procursus Bootstrap out of the box which is fantastic. This is essentially 95% of a full jailbreak for iPhone XS, XR, iPhone 11, iPhone 12, and so on.
Sure, there are still bugs. This was not released to be used directly. It’s a proof of concept, a very advanced one, but still a proof of concept. It should, however, be quite trivial for an experienced developer to polish this up once we have a tweak injection library updated for iOS 15.
The major issue right now is that we don’t have a tweak injection library we can readily use on iOS 15. CoolStar stopped updating their LibHooker amidst community drama and hate (which is also the reason Cheyote Jailbreak stopped being worked on), and Substitute is developed by Sam Bingner and Pwn20wnd, both of which have been radio silent for more than a year.
What iOS versions and devices are supported by Fugu15 Jailbreak?
While the application posted by Linus Henze on GitHub is a proof of concept with limited support, the jailbreak itself with all its components should work fairly decently on the following iOS versions:
- iOS 15.5 Beta 2
- iOS 15.5 Beta 1
- iOS 15.4.1
- iOS 15.4
- iOS 15.3.1
- iOS 15.3
- iOS 15.2
- iOS 15.1.1
- iOS 15.1
- iOS 15.0.x
- iOS 15.0
The supported devices include the newest models, such as:
- iPhone 13
- iPhone 12
- iPhone 11
- iPhone XS and XS Max
- iPhone XR
iPhone X and older devices (checkm8 devices) are NOT supported by Fugu15, but there are other solutions for those in development, such as PaleRa1n, Blizzard Jailbreak, and ayakurume.
Fugu15 Jailbreak does not require Re-Signing
Unlike other jailbreaks, Fugu15 is a permasigned semi-untethered jailbreak. This means you don’t have to re-sign it every 7 days and you can also install it directly from Safari, a very rare kind of jailbreak these days.
This is possible thanks to a vulnerability found by Linus Henze which allows permasigned applications on iOS up to 15.5 Beta 2 or so.
For the average jailbreak user, this means you don’t have to keep signing it with a computer and you don’t even need a computer at all to install Fugu15.
Download Fugu15 Jailbreak
While it’s not advised to use a proof of concept jailbreak until it is fully ready for the general public, if you want to try it out as it is, the jailbreak is available on Linus Henze’s GitHub. You can directly compile it from the source.
We strongly advise you to wait for it to be polished and for tweaks to be implemented, but if you really can’t wait, you can DOWNLOAD FUGU15 JAILBREAK RIGHT HERE.
Here is the latest news about this Fugu15 Jailbreak release in video format:
Other guides from iDevice Central
- iOS SEP and Baseband Compatibility Chart
- PaleRa1n Developer Jailbreak was Released for iOS 15.0 – 15.3.1 (Tethered)
- How To Run Linux on iPhone / iPad & How They Achieved This
- How to actually extend your iPhone’s Battery Life (Tips and Tricks)
- Unpatchable Apple M1 Chip Vulnerability discovered by MIT
- How to create a bootable Windows 10 USB Flash Drive on Mac
- iOS Jailbreak Downloads – Download Jailbreak Tools for All iOS Versions
Hi I have a Xr iPhone and I try to jailbreak it using Fugu15 and it stops at launching kexpoitd. Then resprings and when it comes back on I’m not jailbroken. Why?
Same problem tap jailbreak resprings to with no jailbreak