JailbreakMe
JailbreakMe is a series of jailbreaks for Apple's iOS mobile operating system that take advantage of flaws in the Safari browser on the device, providing an immediate one-step jailbreak unlike more common jailbreaks, such as Blackra1n and redsn0w, that require plugging the device into a computer and running the jailbreaking software from the desktop. Jailbreaking allows users to install software that is not approved by Apple on their iPod Touch, iPhone, and iPad; JailbreakMe automatically includes Cydia, a package management interface that serves as an alternative to the App Store.
JailbreakMe's first version in 2007 worked on iPhone and iPod Touch firmware 1.1.1, the second version was released in August 2010 for firmware 4.0.1 and earlier, and the third and final version was released in July 2011 for iOS versions 4.3 to 4.3.3. JailbreakMe 3.0 has been used to jailbreak at least two million devices.
Versions
JailbreakMe 1.0 (iOS 1.1.1)
JailbreakMe, started in 2007, was originally used to jailbreak the iPhone and iPod Touch running the 1.1.1 version of iOS, then named iPhone OS. Using a TIFF exploit against Safari, this installed Installer.app. The vulnerability used in this exploit was patched by Apple in the 1.1.2 firmware.This tool, also called "AppSnapp", was created by a group of nine developers.
JailbreakMe 2.0 (iOS 3.1.2–4.0.1)
JailbreakMe 2.0 "Star", released by comex on August 1, 2010, exploits a vulnerability in the FreeType library used while rendering PDF files. This was the first publicly available jailbreak for the iPhone 4, able to jailbreak iOS 3.1.2 through 4.0.1 on the iPhone, iPod Touch, and iPad models then current. This jailbreak was activated by visiting the jailbreakme.com web page on the device's Safari web browser.The vulnerability used by JailbreakMe 2.0 was patched by Apple in iOS 4.0.2.
JailbreakMe 3.0 (iOS 4.3–4.3.3)
JailbreakMe 3.0 "Saffron", released on July 6, 2011, will jailbreak most iOS devices on iOS 4.3-4.3.3 and iPad 2 on 4.3.3. It is the first publicly available jailbreak for iPad 2. JailbreakMe 3.0 exploits a FreeType parser security flaw, using the form of a PDF file rendered by Mobile Safari, which then uses a kernel vulnerability to complete the untethered jailbreak. Comex also released a patch for this FreeType flaw, called "PDF Patcher 2", which is available as a free package installable via Cydia.A few days before initial release, a beta tester leaked JailbreakMe 3.0 to the public. Comex said on Twitter, that this put him on a "time limit" to release the final version quickly.
The JailbreakMe website looks similar to downloading an App Store app. It includes a blue button saying "FREE", which turns into a green button with the word "INSTALL" when pressed once, much like any application on the App Store. After tapping "INSTALL", Safari closes, Cydia loads as a new app, and the device is now fully jailbroken with no reboot necessary.
On July 15, 2011, Apple released iOS 4.3.4 and 4.2.9 to patch the flaws used by JailbreakMe.
Comex received a Pwnie Award at the Black Hat Conference in 2011 for "Best Client-Side Bug" for this work.
Comex was hired by Apple as an intern in August, 2011.
JailbreakMe 4.0 (iOS 9.1–9.3.4)
JailbreakMe 4.0, released by tihmstar on December 12, 2017, exploits three serious vulnerabilities, already exploited by a spyware named Pegasus. It's mainly based on HomeDepot, a semi untethered jailbreak released by jk9357. As for HomeDepot, it targets all the 32 bit devices between iOS 9.1 and iOS 9.3.4.The vulnerabilities used by HomeDepot and JailbreakMe 4.0 were patched by Apple in iOS 9.3.5
The jailbreak is hosted by Chris Wade at . Whilst technically semi-untethered, the jailbreak can be made fully untethered with the use of tihmstar's UntetherHomeDepot package.
TotallyNotSpyware (iOS 10)
TotallyNotSpyware by the team "JakeBlair420", released on 7 September 2018, is a JailBreakMe-style exploit that works on any 64-bit device running iOS 10. As with jailbreakme 4.0, the web browser is induced to sideload Cydia using a payload, either Meridian or the doubleH3lix. It is hosted at , and is semi-untethered.Domain name transfer
On October 7, 2011, Conceited Apps, which had been allowing Comex to use the domain name for hosting sold the domain name jailbreakme.com to an allegedly "unknown" party. SaurikIT acquired the domain the next day.Domain redirection
was redirecting to if you were on an incompatible device.Later, it redirects to
Compatible iOS versions
| Device | iOS versions vulnerable to JailbreakMe |
| iPhone | 1.1.1, 3.1.2 to 3.1.3 |
| iPhone 3G | 3.1.2 to 4.0.1 |
| iPhone 3GS | 3.1.2 to 4.0.1, 4.3 to 4.3.3 |
| iPhone 4 | 4.0 to 4.0.1, 4.3 to 4.3.3 |
| iPhone 4 | 4.2.6 to 4.2.8 |
| iPhone 4S and later | - |
| iPod Touch | 1.1.1, 3.1.2 to 3.1.3 |
| iPod Touch | 3.1.2 to 4.0.1 |
| iPod Touch | 3.1.2 to 4.0.1, 4.3 to 4.3.3 |
| iPod Touch | 4.3 to 4.3.3 |
| iPod Touch and later | - |
| iPad | 3.2 to 3.2.1, 4.3 to 4.3.3 |
| iPad 2 | 4.3.3 |
| iPad and later | - |
| iPad Mini | - |