Oscar Mederos

How to jailbreak iOS 7.x completely offline

Reproducing evasi0n's remote package flow so jailbreaking can run with no internet access.

I’m usually on a very slow internet connection. How slow? 56k modem slow.

When evad3rs released the jailbreak for iOS 7.x, I noticed something different from the iOS 6.x process: it required internet connectivity. After watching what happened behind the scenes, I was able to reproduce it locally.

What does evasi0n 1.0.x do when it says Retrieving Remote Package?

  1. It asks evasi0n.com for a .plist file which contains:
    • A URL that points to an .ipa file (WWDC)
    • The cookies needed to download the app, similar to iTunes
  2. Then it performs a request to that URL with those cookies.

A simplified example of the plist payload:

<?xml version="1.0" encoding="UTF-8"?>
<plist version="1.0">
  <array>
    <dict>
      <key>URL</key>
      <string>http://a906.phobos.apple.com/.../mzps6036043982514941651.D2.pd.ipa</string>
      <key>Headers</key>
      <array>
        <string>Cookie: downloadKey=expires=1388710803~access=/us/r1000/098/Purple/...</string>
        <string>User-Agent: iTunes/11.1.3 (Macintosh; OS X 10.9) AppleWebKit/537.71</string>
      </array>
    </dict>
  </array>
</plist>

The idea is to download that application and store it locally. You can do that with wget, curl, or similar tools:

wget --header='User-Agent: iTunes/11.1.3 (Macintosh; OS X 10.9) AppleWebKit/537.71' \
  --header='Accept: */*' \
  --header='Cookie: downloadKey=expires=1388710803~access=/us/r1000/098/Purple/v4/...' \
  'http://a906.phobos.apple.com/.../mzps6036043982514941651.D2.pd.ipa'

Then tell evasi0n to download the .ipa from your local computer instead of Apple servers.

Windows steps

  1. Install an HTTP server in your computer (WAMP, XAMPP, etc).

  2. Create apple-ipa-info.plist in C:\wamp\www\.

  3. Modify your hosts file (C:\Windows\System32\drivers\etc\hosts) and add:

    127.0.0.1    evasi0n.com

  4. Place the downloaded .ipa in C:\wamp\www (for example WWDC.ipa).

  5. Update apple-ipa-info.plist and replace the Apple URL with http://localhost/WWDC.ipa.

That’s it. If WAMP is running and you jailbreak with evasi0n, the remote file will be downloaded from your own computer. You can jailbreak multiple devices without internet access.

In the next post: after jailbreak, Cydia installs still need extra steps if you are offline. The next guide covers installing afc2add offline as well.