Hello Reader,
Kevin Stokes is the mobile forensics champion in our offices at G-C Partners. When we get a copy of the new Elcomsoft IOS toolkit it was Kevin who went to work to test it out and understand what it was capable of. Kevin was nice enough to write up a quick guide to walk you through the process of doing this yourself!
Elcomsoft 5.0 & rootlessJB by Kevin Stokes (02.25.2019)
This process was done on a device running iOS 12.1.
It is part of Elcomsoft’s tested jailbreaks listed in their documentation for iOS Toolkit 5.0.
*NOTE: As always, for a forensic acquisition, document your steps and interactions.
1. Using the Safari mobile browser…
(May work in other browsers? But Safari should exist on phone.)
2. Go to https://ignition.fun, get the app.
3. Select the packages icon (circled in Blue).
4. This will bring up the App categories available.
5. Select Jailbreaks (also circled in Blue).
6. Select the “rootlessJB” from Jake James (again, in blue).
7. “GET” the app (In Red!), to continue
8. Select “Install”, to download and install on the phone.
9. You will now have the “rootlessJB” app installed
10. But wait! No need to select it yet.
11. We need to work on our trust issues…
12. Trust Issues
13. Go to Settings > General > Device Management
14. Select the Khodal Enterprise app
15. Select Trust Khodal Enterprise
17. Once Trusted, the screen will look like the following (Allowing you to Delete the App, but don’t)
18. Jailbreak it!
19. Open the rootless JB app, make sure to turn off “iSuperUS” and “Tweaks” (slide left)
20. No need to add these for an acquisition.
21. Select “Jailbreak” (the button with be greyed out for a moment).
22. A message will appear at the bottom when it is successful. (In testing, this took less than a minute each time)
23. iOS Toolkit Time!
24. Select “F” to perform a File System acquisition.
26. Provide the SSH password … (Hint! It’s “alpine”)
27. Get another cup of coffee, while it downloads.
Also Read: Elcomsoft IOS Toolkit and IOS 12
Post a Comment