News

New Jailbreak for Apple TV 4/4K Running tvOS 11-11.1

2017-12-25 1496 Posted by 3uTools

Jonathan Levin has twittered his new jailbreak tool for Apple tvOS called LiberTV, and now liberating TvOS 11.0 and 11.1 on the ATV 4 and 4K:


New Jailbreak for Apple TV 4/4K Running tvOS 11-11.1

Before you get started:


Make sure to get the only ipa at this link.


Also:


This jailbreak is compatible with TvOS Version 11.0 or 11.1.


1. Sideloading


The LiberTV.ipa is an unsigned binary. This means you have to sign it yourself. You have two options at the moment:

The latter is actually easier to use. Grab the IPA , and then sign it with your AppleID. You are now ready to sideload. Doing so requires XCode, and is performed thus:

XCode "Window" → Devices & Simulators (also accessible by ⇧ ⌘ 2) gets you to here:


New Jailbreak for Apple TV 4/4K Running tvOS 11-11.1


You select the LiberTV.ipa like so:


New Jailbreak for Apple TV 4/4K Running tvOS 11-11.1


And let it load. Congratulations. You're ready to run


2. Running


This is foolproof: only one button, no options.


New Jailbreak for Apple TV 4/4K Running tvOS 11-11.1


If it runs correctly, you will get a note saying you can exit the app. So you can exit the app. (If you experience weird behavior, just background the app rather than exiting - it won't take any CPU anyway but will keep the process lineage intact)


3. SSH


Give LiberTV a couple of seconds AFTER the note to complete and set up the code signing bypass, and you can ssh to yourself - either over USB-C or (in the case of the 4k) over TCP/IP. You have a different IP address than shown here:


New Jailbreak for Apple TV 4/4K Running tvOS 11-11.1



As the screenshot shows, merely setting the path automatically gets you all the binpack (and some fresh binaries at that).


To enable scp , you have to cp /jb/usr/bin/scp /usr/bin because that's done using a server side binary which must be in dropbear's path.


You can run any self signed binary you want, provided you sign it with the latest jtool - jtool --sign platform --ent plat.ent --inplace binary, with plat.ent being the same entitlements you get from jtool --ent on any of the binpack binaries - i.e. <platform-application> set to true.


4. If it works for you, you could choose to donate the developer. If it doesn't, you could visit this forum to report the problem.


Source: newosxbooks


Related Articles

Apple Removes iCloud Activation Lock Status Tool From Website Alibaba Pandora Lab Jailbreaks iOS 11.2 Successfully Qihoo 360 Vulcan Team has Achieved iOS 11.3 Jailbreak Rumor: Apple Blocks Activation on iOS 9.0-9.3.5 Firmware iOS 11.2.2 Jailbreak With Electra Might Be Possible, Here’s What You Need To Know Apple Still Signing iOS 11.3 Beta 5/6, Downgrade to It to Jailbreak Your iPhone iOS 11.1.2 Exploit async_wake ipa is Released iOS 10.3.X 64-Bit Jailbreak is Coming Soon