Fugu14 Jailbreak IPA for iOS 14.3 - 14.5

It's been a long time without a release of untethered jailbreak for iOS devices. Linus Henze delivered Fugu14, the jailbreak tool for iOS 14.3 up to iOS 14.5.1 that will install an untether on your device making it work even after 7-days or reboot of the device.

What is Fugu14?

Fugu14 is an (incomplete) iOS 14 Jailbreak, including an untether (persistence), kernel exploits, kernel PAC bypass, and PPL bypass. It was designed to work on all arm64e devices (iPhone XS and later) running on iOS 14.3 up to iOS 14.5.1. This is an untethered iOS 14 Jailbreak.

An untethered jailbreak, such as Fugu14, allows your iPhone or iPad to remain jailbroken even after a shutdown or restart. This means that you don't have to go through the jailbreak process again every time you forget to charge your device or need to sideload the Fugu14 app to re-jailbreak. With an untethered jailbreak, you can enjoy the benefits of jailbreaking your device without having to worry about losing it after each reboot. Only iOS 14 is supported.

Fugu14 is an open-source project and the successor of Fugu, the first open-source jailbreak tool for iOS 13 based on the checkm8 exploit created by @axi0mX. Fugu application exploits your iDevice using checkm8 and uploads iStrap, iStrap loader, and iDownload on your device.

Fugu14 jailbreak tool is incomplete, and it will not install Cydia or any other package manager allowing you to access tweaks and apps from popular repositories. arm64 devices are not supported because the exploit does not work on these devices.

However, the Fugu14 untether can still be used in conjunction with other jailbreak tools, such as unc0ver. This untether is compatible with arm64e devices running iOS 14.3 up to iOS 14.5.1.

While compiling Fugu14 from sources and manually installing it on your device is an option, it may be too complicated for some users. Luckily, there is an easier approach available through AltStore 1.4.8, which enables you to install unc0ver's Fugu14-based untethered jailbreak. With this solution, you won't have to worry about unc0ver expiring after seven days or after a reboot.

AltStore simplifies the jailbreak process by automating the installation of the Fugu14 untether. The app automatically recognizes supported devices and firmware versions, enabling you to quickly and easily install the untethered jailbreak. If your device is supported, AltStore will prompt you to install the untethered jailbreak on your iPhone or iPad.

After installing the Fugu14 untether, the next step is to patch the unc0ver placeholder, which will enable you to jailbreak your device and install Cydia on iOS 14.3 up to iOS 14.5.1. By patching the unc0ver placeholder, you can fully unlock the device's potential and access a wide range of tweaks and apps that are highly sought after by the jailbreak community.

When you install Fugu14 on a supported iDevice, it will automatically install the Fugu14App. After tapping on 'Setup', the tool generates files for the dyld closure exploit, and then creates closure for the Spotlight.app, keybagd, and ReportCrash to enable other apps to be launched as root. In addition, the tool installs a second app to further enhance the jailbreak experience.

The second app has its executables replaced by the one of Spotlight and dyld closure exploit will be triggered, granting code execution in Spotlight. keybagd tool is executed through Spotlight to install installed as root which then executes chmod +x to the exploit.

keybagd lunches RaportCrash to patch amfid and lunches jailbreakd, that will open a copy of itself as a root. In the end, jailbreakd exploits the system with Driverkit exploit to gain read and write, the kernel PAC bypass is set up, and a custom trustcache is injected with PPL bypass.

Finally, the device is rebooted, and you can enjoy a full untethered iOS 14 jailbreak.

Fugu14 jailbreak, along with all of its components, is available as an open-source project on the GitHub Repository. The jailbreak was released under the MIT license and is written in various programming languages, with Swift comprising approximately 67% of the code. The most recent updates were committed on November 3, 2021.

To build the iOS Jailbreak, simply run the ios_install.py script and follow the instructions. If you encounter a code signing error, open the Fugu14App xcodeproj and adjust the code signing options accordingly. Additionally, you'll need to have an IPSW for your device and have Xcode, iproxy, and ideviceinstaller installed on your system.

Supported devices

• iPhone XS, iPhone XS Max.
• iPhone XR.
• iPhone 11, iPhone 11 Pro, iPhone 11 Pro Max.
• iPhone SE (2nd gen).
• iPhone 12 mini, iPhone 12, iPhone 12 Pro, iPhone 12 Pro Max.
• iPhone 13 Pro, iPhone 13 Pro Max, iPhone 13 mini, iPhone 13.
• iPad Pro (11-inch).
• iPad Pro (12.9-inch) (3rd gen).
• iPad Pro (11-inch) (2nd gen).
• iPad Pro (12.9-inch) (4th gen).
• iPad mini (5th gen).
• iPad Air (3rd gen).
• iPad (8th gen).
• iPad (9th gen).
• iPad Air (4th gen).
• iPad Pro (11-inch) (3rd gen).
• iPad Pro (12.9-inch) (5th gen).
• iPad mini (6th gen).

Fugu15 Jailbreak

With the introduction of new mitigations in iOS 15 (and especially 15.2), creating a jailbreak became significantly more difficult. Before, a kernel vulnerability was enough for jailbreaking, but now a PAC or PPL bypass is required as well. Some people even said that iOS 15.1.1 will be the last version to receive a public jailbreak, such as Cheyote Jailbreak.

Linus Hanze proves them wrong and shows how it is possible to jailbreak iOS 15.4.1 even with all the latest mitigations. He will describe the vulnerabilities exploited in the Fugu15 chain and how some mitigations introduced in iOS 15.2 can be bypassed.

A demo of Fugu15 was also shown at Objective-See 5.0 Conference, including an interesting (and uncommon) way to install Fugu15 on a device.

How to install Fugu14

The easiest way to install Fugu14, along with Cydia and unc0ver, is through AltStore. This method allows unc0ver to remain installed and signed on your device, even after a reboot or seven-day period. Instead of providing an untethered jailbreak, AltStore permanently signs the unc0ver app.

Here are the steps you need to follow to install Fugu14 untether:

1. Download the latest version of AltStore for Windows, macOS, or Linux.
2. Install the AltStore app through AltServer.
3. Connect your device to your computer via USB.
4. Download and install the unc0ver IPA file through AltStore.
5. Tap the 'Install Untethered Jailbreak' button.
6. Tap the 'Open Placeholder' button.
7. Tap the blue 'Setup Fugu14' button.
8. Tap the 'OK' button to patch the unc0ver placeholder.
9. Tap the blue 'Install Untether' button.
10. Tap the 'Reboot Now' button when it appears.
11. Tap the 'Install unc0ver' button.
12. Open unc0ver and jailbreak your device.

What's new

• Fix that sleep/wake bug.
• Added support for more iPads.
• Increased PAC bypass reliability.
• Added support for A12-A14 devices.
• Auto-installer for Sileo, SSH, and Substitute.
• Adds experimental MobileSubstrate support.

Written by

Kuba Pawlak

Kuba has over 20 years of experience in journalism, focusing on jailbreak since 2012. He has interviewed professionals from various companies. Besides journalism, Kuba specializes in video editing and drone flying. He studied IT at university before his writing career.

Post a comment