Difference between revisions of "Hacktivation"

From The iPhone Wiki
Jump to: navigation, search
m (Methods)
m (Hacktivation: update)
(17 intermediate revisions by 8 users not shown)
Line 1: Line 1:
Hackitivation is the process of circumventing the standard Apple activation process with iTunes. As of now you can hackitivate an iPhone in a variety of ways.
+
'''Hacktivation''' is the process of circumventing the standard Apple [[activation]] process with [[iTunes]]. Hacktivation is a way to using an [[List of iPhones|iPhone]] without an authorized carrier, or when bypassing iCloud Lock.
   
  +
The relevant information about activation is that when an iPhone is booted up for the first time or freshly after a full restore, the phone's serial number and IMEI are checked against a database in Apple to make sure it's allowed to work with that SIM card inserted (this also activates push notifications to the iPhone). Apple intends for locked iPhones to only activate when a SIM card from the providing carrier is inserted or no SIM card is inserted - this doesn't have to be the iPhone's original SIM card and it doesn't have to be a SIM with active service, it just has to be a SIM that is valid for that iPhone. If you didn't insert any SIM card while activating an locked iPhones, You will be able to activate your phone but once you insert an SIM card, It will ask you to activate your iPhone again. Hacktivation bypasses having to insert an eligible SIM card (for example if one is not available).
==Methods==
 
1. By using a valid AT&T sim card and connecting to iTunes. (This method will work on any iPhone)
 
   
  +
Hacktivation can be performed by most jailbreak tools that break the boot chain. [[Userland]] jailbreaks such as [[Spirit]] and [[Star]] cannot hacktivate, as they require interaction with programs that can only be used post-activation.
2. Using redsn0w and not selecting any of the options. (This will work on any iPhone compatible with the redsn0w version)
 
   
  +
Hacktivation can be done on an iPhone 4, iPhone 3GS, iPhone 3G, and original iPhone, because they all have [[bootrom]] exploits available. The iPhone 4s, 5, 5s, 5c, SE, 6s, 7, 8, and X can theoretically be hacktivated thanks to [[checkm8]], however research on these devices is still being done to understand what is needed to properly hacktivate modern iOS versions. There is no way to hacktivate an iPhone Xs, iPhone Xʀ, iPhone 11, or iPhone 11 Pro/Pro Max because they do not have bootrom exploits available.
3. If on 3.1.x you can run blackra1n.
 
   
  +
A hacktivated device could have some downsides: push notifications, iMessage, iCloud, and FaceTime might not work. The device also drains some battery and data while it tries to look for the certificates that allow a normal device to use those services.
4. Restore using sn0wbreeze.(Like redsn0w this will work on any iPhone compatible with the sn0wbreeze version)
 
   
  +
However, a more proper hacktivation could be done via a [[lockdownd]] exploit on some iOS versions, such as on iOS 7.1.1 and below. This activation gives a perfect hacktivtion on wifi devices and no-cellular on cellular models.
5. By using a phonebook sim card and connecting to iTunes and syncing the phone.
 
  +
This exploit is only present on iOS 7.1.1 and below. It can be ported up to iOS 7.1.2 by injecting the 7.1.1 [[lockdownd]].
   
  +
==Hacktivation methods==
[Note that the userland jailbreak Spirit will not hackitivate because it relies on MobileSubstrate for the jailbreak. Also note that Star will never be able to hackitivate because for someone to even use it you have to have Safari access.]
 
  +
# Using [[redsn0w]] and not selecting any of the options. (This will work on any [[List of iPhones|iPhone]] compatible with that version of redsn0w, but not on devices with A5+ chips.)
  +
# If the iPhone is on 3.1 or 3.1.2, you can use [[blackra1n]]. (If you have an [[N88AP|iPhone 3GS]] with the [[Bootrom 359.3.2|new bootrom]] it will be [[tethered jailbreak|tethered]].)
  +
# Restore using a custom [[IPSW File Format|IPSW]].
  +
# Removing Setup.app via various different means.
  +
# [[Lockdownd]] & Activation Server Exploit (iOS ?-7.1.1)
  +
# Downgrading A5 devices to 6.1.3 via OTA and hacktivating with the lockdownd exploit.
   
  +
== Properly activating a hacktivated device ==
---Leobruh
 
  +
  +
Ways to "un-hacktivate" a device, or in other words, properly activate it:
  +
  +
Official activation using redsn0w: Insert a valid SIM card from the phone's official carrier. Then open redsn0w, click "Jailbreak", and click the "deactivate" checkbox that will be presented during the jailbreaking process. Open up iTunes, and it should properly activate the phone. You can then remove that SIM card.
  +
  +
Official activation using SAM: This is similar to the redsn0w method above - obtain a valid SIM from the phone's official carrier, and put that SIM in your phone. Add the repository http://repo.bingner.com/ to Cydia, install [http://www.bingner.com/SAM.html SAM (Subscriber Artificial Module)], choose "Revert Lockdownd to Stock", and choose "deactivate". Then plug the device into your computer, open iTunes, and it should properly activate your phone. You can then remove that SIM card.
  +
  +
Simulated activation using SAM: This method does not require having an official SIM card. You can use [http://www.bingner.com/SAM.html SAM (Subscriber Artificial Module)] to obtain correct activation certificates for a phone, because SAM simulates an official SIM card ID (ICCID) and IMSI. See [http://www.jailbreakqa.com/faq#33270 "How to use SAM to get proper activation of my iPhone?"] for instructions.

Revision as of 14:32, 10 January 2020

Hacktivation is the process of circumventing the standard Apple activation process with iTunes. Hacktivation is a way to using an iPhone without an authorized carrier, or when bypassing iCloud Lock.

The relevant information about activation is that when an iPhone is booted up for the first time or freshly after a full restore, the phone's serial number and IMEI are checked against a database in Apple to make sure it's allowed to work with that SIM card inserted (this also activates push notifications to the iPhone). Apple intends for locked iPhones to only activate when a SIM card from the providing carrier is inserted or no SIM card is inserted - this doesn't have to be the iPhone's original SIM card and it doesn't have to be a SIM with active service, it just has to be a SIM that is valid for that iPhone. If you didn't insert any SIM card while activating an locked iPhones, You will be able to activate your phone but once you insert an SIM card, It will ask you to activate your iPhone again. Hacktivation bypasses having to insert an eligible SIM card (for example if one is not available).

Hacktivation can be performed by most jailbreak tools that break the boot chain. Userland jailbreaks such as Spirit and Star cannot hacktivate, as they require interaction with programs that can only be used post-activation.

Hacktivation can be done on an iPhone 4, iPhone 3GS, iPhone 3G, and original iPhone, because they all have bootrom exploits available. The iPhone 4s, 5, 5s, 5c, SE, 6s, 7, 8, and X can theoretically be hacktivated thanks to checkm8, however research on these devices is still being done to understand what is needed to properly hacktivate modern iOS versions. There is no way to hacktivate an iPhone Xs, iPhone Xʀ, iPhone 11, or iPhone 11 Pro/Pro Max because they do not have bootrom exploits available.

A hacktivated device could have some downsides: push notifications, iMessage, iCloud, and FaceTime might not work. The device also drains some battery and data while it tries to look for the certificates that allow a normal device to use those services.

However, a more proper hacktivation could be done via a lockdownd exploit on some iOS versions, such as on iOS 7.1.1 and below. This activation gives a perfect hacktivtion on wifi devices and no-cellular on cellular models. This exploit is only present on iOS 7.1.1 and below. It can be ported up to iOS 7.1.2 by injecting the 7.1.1 lockdownd.

Hacktivation methods

  1. Using redsn0w and not selecting any of the options. (This will work on any iPhone compatible with that version of redsn0w, but not on devices with A5+ chips.)
  2. If the iPhone is on 3.1 or 3.1.2, you can use blackra1n. (If you have an iPhone 3GS with the new bootrom it will be tethered.)
  3. Restore using a custom IPSW.
  4. Removing Setup.app via various different means.
  5. Lockdownd & Activation Server Exploit (iOS ?-7.1.1)
  6. Downgrading A5 devices to 6.1.3 via OTA and hacktivating with the lockdownd exploit.

Properly activating a hacktivated device

Ways to "un-hacktivate" a device, or in other words, properly activate it:

Official activation using redsn0w: Insert a valid SIM card from the phone's official carrier. Then open redsn0w, click "Jailbreak", and click the "deactivate" checkbox that will be presented during the jailbreaking process. Open up iTunes, and it should properly activate the phone. You can then remove that SIM card.

Official activation using SAM: This is similar to the redsn0w method above - obtain a valid SIM from the phone's official carrier, and put that SIM in your phone. Add the repository http://repo.bingner.com/ to Cydia, install SAM (Subscriber Artificial Module), choose "Revert Lockdownd to Stock", and choose "deactivate". Then plug the device into your computer, open iTunes, and it should properly activate your phone. You can then remove that SIM card.

Simulated activation using SAM: This method does not require having an official SIM card. You can use SAM (Subscriber Artificial Module) to obtain correct activation certificates for a phone, because SAM simulates an official SIM card ID (ICCID) and IMSI. See "How to use SAM to get proper activation of my iPhone?" for instructions.