Jun162020June 16, 2020June 16, 2020by Appletvjailbreak

Forensic Acquisition of Apple TV with checkra1n Jailbreak – AppleTV 4 Jailbreak (appletv4jailbreak.com)

Posted in 4K, Apple TV 4K, Cable Cutting, Jailbreak, Jailbreaking, Tips and Tricks, TVOS

Are you excited about the new checkm8 exploit? If you haven’t heard of this major development in the world of iOS jailbreaks, I would recommend to read the Technical analysis of the checkm8 exploit aricle, as well as Developer of Checkm8 explains why iDevice jailbreak exploit is a game changer. The good news is that a jailbreak based on this exploit is already available, look at the checkra1n web site.

The jailbreak based on checkm8 supports iPhone devices based on Apple’s 64-bit platform ranging from the iPhone 5s all the way up to the iPhone 8 and iPhone X. Unlike previous jailbreaks, this one supports most iOS versions, up to and including iOS 13.2.2 at the time of  this writing. Support for future versions of iOS is also possible due to the nature of this exploit. Most iPads are also supported. Currently, there is no support for the Apple Watch, though theoretically it is possible for Series 1, 2 and 3. The Apple TV series 4 and 4K are supported by the exploit, and a jailbreak for series 4 is already available.

What does that mean for the forensic crowd? Most importantly, the jailbreak can be installed even on locked devices, as it works through DFU mode. That does not mean that you will be able to break the passcode. While you can extract some data from a locked device / unknown passcode, it won’t be much. From the other side, the jailbreak allows to dump the complete image of the file system if the passcode is known. This works for all devices from the iPhone 5s to X, many iPads, and Apple TV 4.

In this article, we will briefly describe how to install the jailbreak on Apple TV and what you can expect out of it.

Installation

First, connect the Apple TV to the power source and establish connection with the computer (using a USB Type-C cable). Then put the Apple TV into DFU mode. It is simple: press and hold both Menu and Play/Pause buttons on the Apple TV remote for about 7 seconds, until the light on Apple TV starts blinking rapidly.

Then, start checkra1n jailbreak on the computer (note that it is available for macOS only for now):

Press Start and follow the instructions; the jailbreak installation starts:

The whole process takes just a few minutes:

Once the jailbreak is installed, the main screen of the Apple TV magically changes. And yes, SSH is there:

That’s it, you can start extracting the data.

Data extraction

Launch Elcomsoft iOS Forensic Toolkit:

https://blog.elcomsoft.com/2019/11/forensic-acquisition-of-apple-tv-checkra1n-jailbreak/
AppleTV 4 Jailbreak (appletv4jailbreak.com)