PwnHub Guides
John Crane
Welcome to PwnHub Guides
Here you will find all of the guides that we use and recommend.
I made it so that all of the guides you might ever need are available in one place so you won’t need to look anywhere else, just select the topic in mind in the table of content and enjoy.
Disclaimer: This guide is not a one-time thing, it will be updated once there is an update on a guide or there is something new or better, the link will remain the same as well.
Contact Us
You Can Contact us Here
You Can Find all of our Groups & Channels Here
NEW: iOS 14 Tweaks Compatibility
REGULARLY UPDATED: Latest Jailbreak News
How to Use Access iPhone's/iPad's Files Remotely on Windows using SSHFS-Win
Cydia/Sileo/Zebra/Installer FAQ & Troubleshooting
Firmware Guide | Troubleshooting
DFU & Restore mode Instructions
Troubleshooting & Fixing Common Issues
Signing Services (Paid & Free)
Force Reboots & Rebooting without having to ReJailbreak
Inquiries (Contact US)
- For any questions or request you can submit one here: Click Here
- Contact me directly over these social links:
Telegram: john_crane_69
Twitter: @john_crane_69
Reddit: u/john_crane_69
Email: john_crane_69@outlook.com
Jailbreaking for Noobs
You are new to iOS/iPadOS, want to jailbreak, but don't understand what it is and if you even need it or not, well if that's the case then check this detailed guide explaining everything: Click Here Or Click Here
Explination of common jailbreak terms can be found Here
Future Restore
- To save your SHSH Blobs use both of these websites, Get your device ECID and add them in This Website And This Website
- Gist Link: Click Here
- Google Drive: Click Here
- FutureRestore Download: Click Here
- Check SEP Current Compatibility: Click Here
Here’s the command for futurerestore and what each argument should be:
./futurerestore -t blob.shsh2 -s sep.im4p -m BuildManifest.plist -b baseband.bbfw -p BuildManifest.plist -d target.ipsw
-t blob.shsh2 is your blob for your device for the target iOS version
-s sep.im4p is the SEP firmware as a .im4p file from the latest firmware
-m BuildManifest.plist is the BuildManifest.plist from the same firmware you got sep.im4p from
-b baseband.bbfw is the baseband firmware as a .bbfw file from the latest firmware
-m BuildManifest.plist is the BuildManifest.plist from the same firmware you got baseband.bbfw from
-d stands for “debug” and will show extra text output on the Terminal screen as futurerestore runs. Think of this as verbose mode
target.ipsw is the .ipsw for your target iOS version
Note: you’ll see that I wrote BuildManifest.plist twice. This is intentional - you need to specify it for *both* the SEP *and* the baseband.
For the vast majority of people, sep.im4p, baseband.bbfw, and BuildManifest.plist will all come from the latest iOS version. blob.shsh2 and target.ipsw are the target iOS version
How to set your nonce generator: (this must be done *before* running futurerestore)
For Odyssey and unc0ver:
1. Use the “Set generator” feature that is built-in to both apps
For checkra1n:
1. Add this repo: https://halo-michael.github.io/repo
2. Install the tweak named [[dimentio]]
3. Go to Terminal on your phone and type this:
dimentio 0x1111111111111111
4. Your nonce generator has now been set to 0x1111111111111111. If you used a different generator when you saved your blob, adjust the Terminal command accordingly
After setting your generator, put your device into DFU mode and immediately start futurerestore. The generator is reset every time you boot, so if you boot more than once (or enter recovery/DFU mode more than once), you have to redo nonce setting
SSH Into Device
Windows 10
⑴ Open the Settings app, click Apps, click Manage optional features, click Add a feature and install both OpenSSH Server and Client. If you can't install one or the other, as long as you can install one, that should do.
⑵ Open Command Prompt by typing in cmd to the Start Menu or the Run box and open it.
⑶ Get the IP Address of your iDevice by going into the Wi-fi settings and ensuring the computer and the device are on the same network, then click the i. You will see a box labeled IP Address.
⑷ Go back to your computer in command prompt and type ssh root@ip.address.of.phone (e.g. ssh root@192.168.1.234). The client may ask about authentication. Type yes and hit enter. The client will ask for a password. Type alpine then click enter.
⑸ Congrats! You have now successfully SSHed into your phone and can execute commands remotely.
macOS
1.) First off, congrats! You have it easy.
2.) Open Terminal.
3.) Get the IP Address of your iDevice by going into the Wi-fi settings and ensuring the computer and the device are on the same network, then click the i. You will see a box labeled IP Address.
4.) Go back to your computer in Terminal and type ssh root@ip.address.of.phone (e.g. ssh root@192.168.1.234). The client may ask about authentication. Type yes and hit enter. The client will ask for a password. Type alpine and click enter.
5.) Congrats! You have now successfully SSHed into your phone and can execute commands remotely.
Linux
1.) Most Linux distros come with SSH installed, so open a Terminal and type ssh. If the command succeeds, go to step 3. If it doesn't, go to step 2.
2.) Run sudo apt install ssh It may ask for your password, just type your password. If apt isn't your package manager, use apt-get or pacman. 3.) Get the IP Address of your iDevice by going into the Wi-fi settings and ensuring the computer and the device are on the same network, then click the i. You will see a box labeled IP Address.
4.) Go back to your computer in Terminal and type ssh root@ip.address.of.phone (e.g. ssh root@192.168.1.234). The client may ask about authentication. Type yes and hit enter. The client will ask for a password. Type alpine then click enter.
5.) Congrats! You have now successfully SSHed into your phone and can execute commands remotely.
Note:
It is advised you change your root password to keep your phone secure. To do this, type passwd root and it will ask for your new password. Don't forget this!
You need OpenSSH installed on your iDevice for this to function properly.
MAKE KEYS! If you are gonna keep OpenSSH, it is advised you have keys to secure your device.
Disabling OTA updates
For unc0ver & checkra1n users:
1.) Add the https://cydia.ichitaso.com repo to your package manager
2.) search for OTADisabler and install it
3.) Reboot the device and Rejailbreak OR Run launchctl userspace reboot in terminal
For unc0ver users:
1.) turn on the Disable Auto Updates ticker in the settings (Should be enabled by default) and re-jailbreak.
2.) If that doesn't work, add https://ib-soft.net/cydia/ to your sources in Cydia|Sileo|Zebra|Installer and install iCleaner Pro.
3.) Go to the iCleaner Pro app, click the + on the bottom left, click Launch Daemons, and turn off the OTA update daemon.
4.) Press apply. If your settings app hangs when pressing the software update button, you have successfully disabled OTA updates.
For checkra1n users:
1.) Add https://ib-soft.net/cydia/ to your sources in Cydia|Sileo|Zebra|Installer and install iCleaner Pro.
2.) Go to the iCleaner Pro app, click the + on the bottom left, click Launch Daemons, and turn off the OTA update daemon.
3.) Press Apply. If your settings app hangs when pressing the software update button, you have successfully disabled OTA updates.
Jailbreaking Legacy Devices
Checkra1n For Non-Mac Devices
if you don't own/can't access a mac to run checkra1n you still have other options:
1- Checkra1n on Linux: there is a version of checkra1n that is made for the Linux distros. There are several ways to install it on your device, pick the one that suits you best.
Method 1 - Repository to Debian based systems (apparently only works for x64 systems right now)
- Open terminal
- Add the repo to the system:
deb https://assets.checkra.in/debian /" | sudo tee -a /etc/apt/sources.list - Add the public key to make the repo work:
sudo apt-key adv --fetch-keys https://assets.checkra.in/debian/archive.key - Update the package list from all the repos on your system
sudo apt update - Install the checkra1n using the repo:
sudo apt install checkra1n - And finally to run the checkra1n:
sudo checkra1n
To run it again later, just run sudo checkra1n from any folder.
If a new version is released, you just need to run sudo apt update and sudo apt install checkra1n to install the new version.
Method 2 - Using the binaries
- Go to the checkra1n website and download the build to your system https://checkra.in/releases/#all-downloads
- Go to the folder where you downloaded and open the terminal (or open the terminal and cd to the folder where you downloaded it)
- Give executable permissions to the file:
chmod +x checkra1n - Run the binary from the current folder:
sudo ./checkra1n
If you got any error, it may be due to dependencies that you will have to install.
Every time you want to run it again, you have to go to the folder where you saved it and run sudo ./checkra1n
In order to update, you have to redo all the steps above.
2- Checkra1n on Windows/PC: let's say you don't want to run Linux or having trouble doing so, no problem because for that was created 2 very useful and lightweight tools: Jailm8 and checkn1x
Checkn1x & Jailm8
Checkn1x: for the full guide on how to install and use checkn1x please follow this guide: Click Here
Jailm8: it is similar to checkn1x but it has an irecovery option that will get your device out of recovery mode, to know how to install it and use it please follow this guide: Click Here
Odysseyra1n install tutorial
To access the tutorial: Click Here
Can I Jailbreak?
To see if your device is compatible please open this spreadsheet link and check based on your device type and iOS version: Click Here
Check Tweak Compatibility
To check if a tweak is compatible with your system you can either:
- go to tweak compatibility website: Click Here
- install tweakCompatible from BigBoss Repo
- install TweakReviewsDB from PixelOmer Repo
Cydia/Sileo/Zebra/Installer FAQ and Troubleshooting
New to jailbreaking and have no idea what a package manager you can use? or you are experiencing an issue with one? well look no further just open the guide below and follow the instructions: Click Here
Should I Update?
Do you want to update from "x" version of iOS to a newer version in hopes of a future jailbreak?
Do you want to update but don't know when a jailbreak will be released for your target version?
Updating is your choice and the only answer to the question above is what you think is best for your device. The rule of thumb is to always stay on the lowest version. If you are on a slow, buggy version of iOS and want to update in hopes of a jailbreak, go ahead - but a warning in advance, you could be waiting a few months for a jailbreak to come out for your iOS version.
Choosing what signed version to update to can also be a tough choice. Every new version of iOS that is released contains numerous improvements but with that, numerous bugs are also patched/fixed. With that in mind, if you aren't sure which signed iOS version to upgrade to, it is best practice to always update to the lower version and to continue to save blobs (refer to this on saving blobs) for future versions.
Finally, it is best to always stay on top of the current jailbreaking news. This can help in aiding your decision but it can also give you a possible time map for a new jailbreak (that is very unlikely though). If a developer says to upgrade to a newer version of iOS, take that with a grain of salt as each new version poses new challenges and a jailbreak for those versions will be harder to achieve. It's all up to you, the owner, to decide what is best for your device.
Downgrading and Bypass
To find out how to downgrade? which bypass options are available? and how to use them? please follow this guide: Click Here
Firmware Guide | Troubleshooting
If you need a guide regarding iTunes issues when updating/downgrading, OTA disable, SHSH, and other, then check out this guide: Click Here
WatchOS Requirements
For the latest updates on the watchOS requirements check out this link: Click Here
Monthly Tweak Releases
To get the monthly digest of the latest tweaks released this month or any month before it, use this link: Click Here
Dev Twitter
Accounts of all developers of the jailbreak community: Click Here
Jailbreak Removal Guide
Have no idea how to delete your jailbreak tweaks and files? no problem, just follow this guide: Click Here
DFU and Restore mode Instructions
- For how to enter DFU mode Follow this Guide: Click Here
- For how to enter Recovery mode Follow this Guide: Click Here
Troubleshooting and Fixing Common Issues
try all the options one by one from the following guide: Click Here
Switching Jailbreaks
Switching Between Jailbreaks Guide:
Based on your OS version Follow the guide Shown here: Click Here
Signing/Sideloading
For Anything regarding signing/resigning apps and dealing with revokes and such please follow this guide: Click Here
Signing Services (Paid and Free)
Here is a list of all know signing services known to us:
Paid Services (Sign your own Apps):
- AppDB: https://appdb.to/
- Signulous: https://www.signulous.com/
- Signtunes: https://signtunes.com/
- iPAStore: https://ipastore.me/
Free Services:
Includes Tweaked & Pirated Apps:
- ipaBox: https://www.ipabox.store/
- Ignition: https://ignition.fun/
- CokernutX: https://www.cokernutx.com/
- iOS Haven: https://ioshaven.com/
- iOS Ninja: https://iosninja.io/
- AppValley: https://app-valley.vip/
- iOSGods: https://app.iosgods.com/
- ftOS: https://ftios.vn/
- TopStore: https://topstore.vip/
- BuildStore: https://builds.io/
- AppCake: https://iphonecake.com/
- AppWeleux: https://appweleux.com/
- PandaHelper: https://www.pandahelp.vip/
Disclaimer: Most of these services use the same certification system which means if one gets revoked most will follow through.
Does not include piracy and approved by r/jailbreak:
- Jailbreak App: https://jailbreaks.app/
Force Reboots and Rebooting without having to ReJailbreak
To force reboot your device follow this guide: Click Here
LDRestart:
- In terminal: type `su` then `alpine` then type `ldrestart`
- Through a tweak: Install Powerselector from repo: https://cydia.ichitaso.com , open Powerselector and choose LDrestart
UserSpace:
what is better than LDRestart? Reboot UserSpace
- In terminal: type `launchctl reboot userspace`
- Through a tweak: Install Powerselector from repo: https://cydia.ichitaso.com , open Powerselector, and choose Restart UserSpace
Other
If I miss anything then you can check out this link: Click Here
iOS 14 Compatible Tweaks
You can find the updated list of iOS 14 compatible tweaks here: Click Here
Latest Jailbreak News
You can find the latest jailbreak news regarding jailbreak exploits, tools , and more by clicking Here
Important Filza Paths
Here are some of the most important paths on iOS/iPadOS:
🔰 Apps Manager: Shows all of your installed apps. Available in the favorite list as default as well as here:
Path: /var/containers/Bundle/Applications🔰 Music Library: This shows all of your songs that are available on the Music App. Available in the favorite list as default as well as here:
Path: music://🔰 Trash: Everything that you delete in filza doesn't get deleted completely, it goes to the trash first. Available in the favorite list as default as well as here:
Path: /var/mobile/Library/Filza/.Trash🔰 Documents: when you open a file in filza usually it is saved here.
Path: /var/mobile/Documents🔰 Downloads: Usually when you download with safari your file is saved here.
Path: /var/mobile/Downloads🔰 DPKG: this folder has files that can be used to manage and fix packages that are installed and fix issues with Cydia
Path: /Library/dpkg🔰 System & Jailbreak Applications: in this path, all of apple's apps and jailbreak apps are stored.
Path: /Applications🔰 LaunchDaemons: this path has all of the system's daemons.
Path: /System/Library/LaunchDaemons🔰 Ringtones: you can find the system's default ringtones here.
Path: /Library/Ringtones🔰 System Audio: you can find the system's audio files here:
Path: /System/Library/Audio🔰 Tweak Preferences: here you can find the plist files of your tweaks (it is the same files that are shown in icleaner pro preference files), as well as some of apple's programs
Path: /var/mobile/Library/Preferences🔰 Redeb: if you use the tweak redeb to save deb files of your tweaks, this is where you will find them.
Path: /var/mobile/Documents/Redeb/debs🔰 AppCake Downloads: if you download an IPA from appcake app then this is where you will find the files you downloaded.
Path: /var/mobile/Documents/AppCakeIpas/Downloaded🔰 Tweaks Location: here you can find the files of the tweak itself, like localization.
Path: /Library/PreferenceBundle🔰 Themes: all of your applied themes on the system are found here.
Path: /Library/Themes/
🔰 etc: here you can find your hosts file as well as other important folders
Path: /private/etc🔰 Cydia: sometimes Cydia just fucks up and you have to fix it, well you go here to do so.
Path: /var/mobile/Library/Caches/com.saurik.cydia🔰 CyDown: by default, cydown downloads all the deb files before installing tweaks, if you need them or want to bulk delete them you can find them here.
Path: /var/mobile/Documents/CyDown🔰 Application Support: here you will find everything that a tweak uses like icons, translation files(localization), strings, and other.
Path: /Library/Application Support
🔰 Dynamic Libraries (Tweaks): here you can find the files that make the tweaks work, you can disable tweaks from here as well as modify their activator
Path: /Library/MobileSubstrate/DynamicLibraries🔰 Files App: it's a path for Apple's Files app.
Path:/var/mobile/Containers/Shared/AppGroup
It's under the name: group.com.apple.FileProvider.LocalStorage
🔰 Deathrow cache: here is all the apps that you deleted, usually, ios deletes them after a while but if you really need some space to be cleared from others delete the files from here.
Path: /var/mobile/Library/Caches/com.apple.CacheDeleteAppContainerCaches.deathrow🔰 Succession: when you need to restore with succession here is where you will add your ipsw file.
Path: /var/mobile/Media/Succession