15
checkm8 a5
LukeeGD edited this page 2025-10-17 14:03:59 +08:00
  • The main recommendation for A5(X) devices is to just use Jailbroken/kDFU mode as much as possible. For the procedures that need pwned DFU mode (like tethered downgrade/boot), continue reading this section.
  • For A5(X) devices, additional hardware is required to enter pwned DFU mode.

There are 2 methods of using checkm8-a5: Raspberry Pi Pico, or Arduino+USB Host Shield.

Raspberry Pi Pico

Flashing

  1. Download the UF2 files to be used for flashing here: https://github.com/LukeZGD/Legacy-iOS-Kit-Keys/releases/download/a/checkm8-pico.zip
  2. While holding down the BOOTSEL button, connect the Pi Pico to your PC/Mac.
  3. In the RPI-RP2 drive, place the correct UF2 file for your A5(X) device.
    • 8940 = iPhone 4S, iPad 2 (except iPad2,4)
    • 8942 = iPad 2 Rev A (iPad2,4), iPad mini 1, iPod touch 5th gen
    • 8945 = iPad 3
  4. The onboard LED on the Pico should start blinking in 1 second intervals. This means flashing is successful and the Pico is waiting for a device.

Pwning

  1. You will need a "Micro USB 2 in 1 OTG Y cable", one that has the following ports:
    • USB-A port: The A5(X) device will be connected here with the 30-pin/lightning cable.
    • Male Micro-USB plug: This will be connected to the Pi Pico.
    • Female Micro-USB port: This will be connected to your PC/Mac or power adapter.
Micro USB 2 in 1 OTG Y cable
  1. Connect the adapter to the Pi Pico (Male Micro-USB) and the A5(X) device in DFU mode (USB-A port). Then, plug the power (Female Micro-USB).
  2. The onboard LED on the Pico should start blinking rapidly. If it starts blinking in half second intervals, that means the pwning is done.
  3. Unplug your A5(X) device from the Pico and plug into your PC/Mac.
  4. Run Legacy iOS Kit. You should see Pwned: checkm8 in the main menu.

Arduino and USB Host Shield

  • This is the less recommended, but much more well-known option of using checkm8-a5.
  • Use my fork of checkm8-a5 with an Arduino and USB Host Shield: https://github.com/LukeZGD/checkm8-a5
  • Note about clone Arduinos: Clones may work just fine as long as they have the ATmega chip. They may be listed as "DIP" in some listings.
    • Avoid using CH340 "SMD" clone Arduinos. They are very unreliable for checkm8-a5.
  • Proceed here for a video tutorial on how to install and use checkm8-a5 Arduino: https://www.youtube.com/watch?v=efAxIXieCLM
    • Stop the video tutorial around 7:12 since the steps beyond this part are no longer necessary.
  • Here is also a tutorial from ios.cfw.guide: https://ios.cfw.guide/using-checkm8-a5

Notes

  • If entering pwnDFU mode and/or sending pwned iBSS failed, the downgrade/restore will not work, and you need to force restart and try pwning again.
  • Also make sure that you have not sent a pwned iBSS yet if you will be tether booting iOS 4 on iPad 2.