Categories
News Tech

A Basic iOS 12 Jailbreak Exploit is now Available

The jailbreak community was severely discouraged by the introduction of iOS 12. Apple was against jailbreak since day one and the company continues to boost the security of the OS with each major update.  The company argues that the act of jailbreaking a device will make it vulnerable to malicious attacks and users that opt to jailbreak their device will have their warranty revoked if they are caught.

The release of a developer-only jailbreak solution brought some much needed hope. Rootless JB tool is currently working on several iPhones but the solution comes with a variety of bug and is unfit for public use.

Tihmstar, a well-known contributor of the jailbreak community, has released its first iOS 12 vintex exploit.  The developer tested the jailbreak on an iPhone 6 that runs iOS 12.1.2 noting that some improvements can be made to the code. Those that wish to try it are free to do so but they should keep in mind that the solution was tested on a single device. Some developers have already tried to adapt the jailbreak for other iPhone models and it seems that there is a lot of work to be done until a stable version will be available.

Rootless JB is the only jailbreak tool that is currently compatible iOS 12 and able to run on a large selection of devices, starting with the iPhone 6S and up to the iPhone X.  As previously mentioned, this tool is aimed at developers and it is unable to grant root access or package manager functionality.

Some Apple fans condemn the use of jailbreak solution, accusing the jailbreaking community of piracy and ill-use of Apple’s intellectual property. Despite Apple’s protest jailbreak is legal, since the Library of Congress added an exemption to the DMCA which notes that iPhone owners are allowed to jailbreak their devices if they wish to do so. That exception was recently extended and now includes iPads.

It is likely that a stable jailbreak solution will surface in the following months.

Categories
News Tech

iOS 12 – 12.1.2 RootlessJB 3.0 Jailbreak Available for Limited Devices

If you are part of the jailbreak community, we have some great news for you! Jake James, the web, iOS and tweak developer (@Jakeshacks) has finally put an end to our waiting and released a jailbreak tool with the name of RootlessJB 3.0. Limited devices support this jailbreak, and only developers can use it.

The news

James announced over the weekend via Twitter that the RootlessJB 3.0 will soon be released. The tool offers initial support for A11, A10, and A9 devices that run iOS 12.0 to iOS 12.1.2.

If you take a look at what James twitted, no code and tweaks injections are included in his new tool yet. Aside from that, via dropbear, it spawns SHH.

As it does not offer package manager installation in the form of Sileo or Cydia, you should keep in mind that this is not a standard jailbreak that the public domain can take advantage of especially because it requires you to use SSH and dropbear to install the program. 

Are A12 devices left out?

James said that he is also working on the A12 support that jailbreakers had asked for and that soon enough their wishes will come true. This will be followed by support for A8 and A7 devices once there is an exploit.

How is RootlessJB3.0 doing at the moment

 

Since RootlessJB 3.0 was releases, James has tweeted a lot of updates. The recent one was announced not too much time ago by James who provided a video that shows people what the RootlessJB 3.0 is capable of. The footage comes from Sammy Guichelaar (@SammyGuichelaar), and it practically proves how successful James’ tool is. If you want to try it yourself, you can do so, but you should still keep in mind that it is not in its final form yet. 

Categories
News Tech

iOS 12 Available with 2 Jailbreak Solutions

iOS 12 has two jailbreak solutions available for the iPhone and iPad, two different hackers choose to offer them to customers around the world. Unfortunately, we are talking about jailbreak solutions for iOS 12 dedicated to application developers, that is, one does not have an installation package, and the other only works through SSH, but not with packages from Cydia.

OsirisJailbreak12 is the first jailbreak solution released sometime earlier this week, but unfortunately, it is not available as an application to automatically install. It is offered as a package that must be compiled with Xcode first, and installed in phones with a developer certificate, but of course it does not have Cydia, and support for tweaks.

The second jailbreak solution for iOS 12 is called rootlessJB 3.0, and is only compatible with devices that have A9, A10 and A11 chips.
Unfortunately, this solution only works through SSH, so it does not have Cydi, and the installation of tweaks is impossible for now because no support has been implemented by the developer.

It is unclear how long it will take for both jailbreak solutions to have full support for jailbreak, and can be easily used on the iPhone and iPad.

Categories
News Tech

iOS 12 Jailbreak – What Will Happen to the Reported Bug?

Last year the 360 Vulcan team was congratulated by TianfuCup (@Tianfucup) on Twitter after they won the highest reward of Tianfu Cup 2018 PWN contest. They got the win after they gained full access to iPhone X using a UaF bug in iOS kernel and a type confusion jit bug in Safari.

SorryMyBad (@SorryMyBad) of 360 Vulcan then replied that after the fix he would release more information and this is precisely what happened last week. Information was promised by the security researcher according to RedmondPie all after the reported bug will be patched by Apple.

The iOS 12.1.3 developer beta was released by Apple on Monday as you may already know and not too long after the iOS 12.1.3 public beta 3 followed. It is still unknown whether the SorryMyBad’s reported bug was patched or not, but there will not be long until someone figures it out.

Returning to the bug we heard about from SorryMyBad, it affects iOS 12.1.2 and below according to RedmondPie. Besides that we know for sure that is compatible with all pre-A12 device which means that if you are an iPhone XR, iPhone XS, iPhone XS Max owner you can’t benefit from it. Another thing was confirmed by SorryMyBad, and that is that the kernel task port is provided.

GeoSn0w (@FCE365) asked whether or not the kernel task is reported and SorryMyBad offered the answer everybody was hoping for “Absolutely yes.”

GeoSn0w explains why this support is so important. One is allowed to perform arbitrary writes and reads to the kernel memory only with the help of tfp0 ( the kernel task port) that is also necessary to apply the required jailbreak patches. Besides that, users are also advised not to update.

Categories
Tech

Remote iOS 12 Jailbreak Might Come Via WebKit Exploit

Safari has been announced as a potential exploit for both iOS and macOS, and that would be the key to a remote iOS 12 jailbreak, as Linus Henze informed. According to him, that vulnerability affects devices running iOS 12.1 or lower. Henze, who is a renowned security researcher and developer, posted about the WebKit exploit on his Twitter page and his followers using iOS 12.1 found the information very useful as they learned how to protect their iOS-based devices against threats.

In addition to Linus Henze, Min Zheng, aka Spark, a staff member at Alibaba IT security department and a popular figure in the iOS jailbreaking community, indicated that an iOS 12 jailbreak is coming soon. He also referred to the vulnerability found within Safari for iOS and macOS.

According to Min Zheng, the WebKit exploit might be handy for jailbreakers to develop a remote iOS 12 jailbreak. That’s why many of the iOS jailbreak community’s members think that an iOS 12 jailbreak might be coming soon.

Remote iOS 12 Jailbreak Might Come Via WebKit Exploit

“Community members could see that the bug acts similar to RegEx on affected platforms. Thanks to this WebKit exploit, anyone who knows enough about jailbreaking could perform such a process. Thus, affected iOS devices could be ”cleaned” directly from the affected browser – Safari,” wrote the folks from TechNewsWatch.

“Note that POP technology was not created by us. We saw it in many public exploits and then summarize this code reuse attack technique for systematic study. The main contribution of this talk is to build a defense mechanism for POP, not the attack part. Thanks,” said Min Zheng, aka Spark, on Twitter.

Zheng, in a more recent post on Twitter, also announced that iOS 12 and macOS 10.14 XNU code had been released. “Finally, iOS 12/macOS 10.14 XNU source code released” by Apple, Spark informed on his Twitter page, suggesting that a remote iOS 12 jailbreak might come out soon, most likely, via the WebKit exploit recently discovered.

Exit mobile version