iPhone How to get the 1-year enterprise certificate on your iOS 9.3.3 jailbreak right now

Discussion in 'Jailbreaks and iOS Hacks' started by ipos, Jul 30, 2016.

  1. bandofbrothers macrumors 601

    bandofbrothers

    Joined:
    Oct 14, 2007
    Location:
    Uk
    #2
    I gave that a read when idownloadblog released that piece.

    Pretty good workaround. :)
     
  2. kalirob99 macrumors 68000

    kalirob99

    Joined:
    Dec 24, 2008
    Location:
    California
    #3
    Isn't this using the certificate that Apple just revoked?
     
  3. bandofbrothers macrumors 601

    bandofbrothers

    Joined:
    Oct 14, 2007
    Location:
    Uk
    #4

    As far as I can tell they revoked the method / certificate via JB through Safari directly on the iPhone / iPad.
     
  4. kalirob99 macrumors 68000

    kalirob99

    Joined:
    Dec 24, 2008
    Location:
    California
    #5
    So only the method to gain it was revoked or the certificate altogether? Lol I'm on medication right now, so I'm easily mixed up.
     
  5. Snide, Jul 30, 2016
    Last edited: Jul 31, 2016

    Snide macrumors 6502a

    Snide

    Joined:
    Apr 12, 2005
    #6
    I missed getting the Beijing certificate by a couple days, so this is a godsend. Keeping fingers crossed.
     
  6. bandofbrothers macrumors 601

    bandofbrothers

    Joined:
    Oct 14, 2007
    Location:
    Uk
    #7

    The safari method has been killed.

    A person needs to JB via their computer now.

    i.e. http://www.idownloadblog.com/2016/07/29/jailbreak-ios-9-2-9-3-3-with-pangu-english/

    Then they can add the 1 year certificate.

    i.e. http://www.idownloadblog.com/2016/0...ficate-on-your-ios-9-3-3-jailbreak-right-now/


    A good write up http://www.idownloadblog.com/2016/07/30/ios-9-3-3-jailbreak-faq/
     
  7. kalirob99 macrumors 68000

    kalirob99

    Joined:
    Dec 24, 2008
    Location:
    California
    #8
  8. bandofbrothers macrumors 601

    bandofbrothers

    Joined:
    Oct 14, 2007
    Location:
    Uk
    #9

    You're welcome.

    Simple is how I like it too. ;)
     
  9. Will22 macrumors 65816

    Will22

    Joined:
    Dec 4, 2011
    #10
    Simple is how I am:D
     
  10. sawah macrumors 6502a

    sawah

    Joined:
    Sep 13, 2010
    #11
    Is it recommended to rejailbreak if you used the Windows Chinese tool? I didn't have to put in my Apple ID, I didn't install the App Store and I have a Beijing certificate already.
     
  11. gotluck, Jul 31, 2016
    Last edited: Jul 31, 2016

    gotluck macrumors 603

    gotluck

    Joined:
    Dec 8, 2011
    Location:
    East Central Florida
    #12
    So I am using pangu English version installed via impactor with my own fresh appleid because I can't wrap my head around how the pulled enterprise certificate on Chinese version works.

    So the certificate was definitely legitimate and this airplane mode workaround allows you to approve it after it was pulled.

    Can whoever controls that cert continue to push to your device via the cert?

    I understand they can change aspects of the jailbreaking app, like if anything is serverside. (I don't believe it is, I believe you can rejailbreak your device while in airplane mode). This would also apply to the English version applied via your own cert too yes.

    Trying to understand if the door to your device is more open due to the enterprise cert, my hunch is no and that apple has actually protected (in a sense) jailbreakers by revoking the cert. At least protecting in the sense that whoever controlled that cert can't continue to push to our devices.

    I'm wondering if saurik avoids this method because it is abusing the apple developer program or if it actually is more vulnerable. In other words, personally I am okay with abusing the dev program, but may not be okay with additional security concerns over the self signed certificate method
     
  12. kalirob99 macrumors 68000

    kalirob99

    Joined:
    Dec 24, 2008
    Location:
    California
    #13
    Little curious if they can continue to push data myself.
     
  13. Knowlege Bomb macrumors 603

    Knowlege Bomb

    Joined:
    Feb 14, 2008
    Location:
    Madison, WI
    #14
    Just so I understand correctly, if I have the "Beijing Hong Yuan Online Technologies..." certificate I'm good for a year, right?
     
  14. kalirob99 macrumors 68000

    kalirob99

    Joined:
    Dec 24, 2008
    Location:
    California
    #15
    Yes. But theres some work that Apple is trying to figure out a way to revoke most certificates. Sounds like one of the teams is already working on a fix though.
     
  15. vertsix macrumors 65816

    vertsix

    Joined:
    Aug 12, 2015
    #16
    Apple can't do this change through their end, they'll have to do it through a software update, because iOS only checks that the certificate is valid once and after getting the green light from Apple, it never checks again for a year.

    On another note, I was able to jailbreak via Safari the day the jailbreak came out and I have the enterprise cert. Happy as ever. :)
     
  16. kalirob99 macrumors 68000

    kalirob99

    Joined:
    Dec 24, 2008
    Location:
    California
    #17
    I heard it mentioned earlier today that Apple is TRYING. I would imagine they couldn't, but you know that when a mouse wants the cheese they'll do anything lol.
     
  17. vertsix macrumors 65816

    vertsix

    Joined:
    Aug 12, 2015
    #18
    I still think they won't be able to, unless they have some tricks up their sleeve, but I doubt it.

    They'll probably change how the distribution of certificates works in the future with a new update to iOS.

    Can you please link a source that says what Apple is doing?
    --- Post Merged, Jul 31, 2016 ---
    Yep. Congrats! :D

    image.jpeg
     
  18. kalirob99 macrumors 68000

    kalirob99

    Joined:
    Dec 24, 2008
    Location:
    California
    #19
    I'll look and see if I can find it. In a bit of a sick fever haze so might get distracted coughing. :eek:
     
  19. bandofbrothers macrumors 601

    bandofbrothers

    Joined:
    Oct 14, 2007
    Location:
    Uk
    #20
    I'm not confident Apple would use much resource to try and revoke the 1 year certificate.

    As they'll be aware that even though some users may drop out of JB if they do but many would simply go down the 7 day option.

    I'd love to be a fly on the wall in Apples offices. I'd bet they are all looking at each other scratching heads, with a wry smile on their face in recognition on how the certificates and JB have been very well handled / supplied by the JB community , and how they can try and employ them. ;)
     
  20. iRetired macrumors 6502a

    iRetired

    Joined:
    Apr 21, 2012
    Location:
    WNY
    #21
    My wife tells me I am very trying at times.
     
  21. CloudAK macrumors newbie

    Joined:
    Aug 3, 2016
    #22
    do u need to use the chinese windows version of the JB for this method to work?

    and does anyone know how much data it takes to reload the jailbreak after every reboot? My cells inet is my only connection and i shut it down maybe daily.

    i guess less important, but how much data it takes to reload the 7-day cert
    --- Post Merged, Aug 3, 2016 ---
    Agree and Wonderin about this too.
     
  22. CloudAK macrumors newbie

    Joined:
    Aug 3, 2016
    #23
    saurik ever add anymore input about this?
     
  23. gotluck macrumors 603

    gotluck

    Joined:
    Dec 8, 2011
    Location:
    East Central Florida
    #24
    not that I'm aware of - I did tweet @qwertyoruiopz and he responded saying there are no security implications utilizing the pulled cert. If the cert was not pulled, I believe there would be implications, but he did not clarify there when I asked.

    personally I'm using the english version with the pulled cert now and feel pretty good about it. apparently, that method makes an entry to the host file to keep apple from pulling the auth after the fact. MHB (minimal hosts blocker) added an entry to accomodate this host entry that pangu utilized too. I feel like all the cert is doing it letting the existing, already installed app continue to run.

    on a non'jbd device apple could normally revoke the cert from your device too, it is the hosts entry that is keeping it from communicating with the apple cert server / pulling it
     
  24. kalirob99 macrumors 68000

    kalirob99

    Joined:
    Dec 24, 2008
    Location:
    California
    #25
    Suppose if you use a hosts file like setup on your router you could block the address there also. Most Dd-wrt firmware devices setups allow for something like that.
     

Share This Page