Skip to main content

iOS Device Setup

Once the device is jailbroken, there will be a package manager available (probably Cydia or Sileo). If OpenSSH is not installed by the jailbreak software, then install it so you can SSH to the device.

NOTE: The instructions below show the setup to use SSH over the USB cable as this is more stable than connecting over the network.

Upon first login to the device, follow these instructions to secure your device from common attacks.

  • On the macOS system, startup iproxy using the standard SSH port (tcp/22) iproxy 2222 22 &

  • Then, you can SSH to the device by connecting to port 2222 ssh -p 2222 -l root localhost

  • Change the default passwords on the root and mobile accounts (default password is alpine).

  • Run ssh-keygen to setup the ~/.ssh directory, and create a key pair.

  • Create a ~/.ssh/authorized_keys file and then chmod 600 the file.

  • Add your laptop public key in to the ~/.ssh/authorized_keys file.

Package Installation

  1. Packages from default repositories:
  • Debugserver
  • LLDB
  • Network Commands
  • SQLite3
  • wget / cURL
  • ipainstaller console
  • Mterminal
  • FLEXible (Before use, run $(ldid -S /usr/lib/FLEXible/FLEX.dylib) on the device! This command will "fake" sign the library so it will run properly.)
  • Filza (optional)
  • LibertyLite (Jailbreak detection bypass)
  • plutil
  1. Install the latest version of RocketBootstrap and AppList

    • Add the repo: https://rpetri.ch/repo
    • Install RocketBootstrap by searching for it or going to the repo
    • Install AppList by searching for it (may be installed as a dependency already)
  2. Install the latest version of Frida Server

  3. Install the FLEXdecrypt package (for those edge cases where jailbreak detection prevents running the app)

    • Download the .deb package from the latest releases page.
    • Transfer it to your device.
    • SSH to the device and install the package: dpkg -i flexdecrypt.deb
  4. Install SSL Kill Switch 2 (version 0.14 or higher) on the device, to disable certificate pinning.

    • Download the latest package from https://github.com/nabla-c0d3/ssl-kill-switch2/releases

    • Install the com.nablac0d3.sslkillswitch2_0.14.deb file to the device.

      dpkg -i com.nablac0d3.sslkillswitch2_0.14.deb
    • Re-spring the device.

      killall -HUP SpringBoard
    • Enable it in the Settings app (when you need it).