Skip to main content

iOS 10.3.2 Jailbreak exploit explained

We are yet to have confirmation that someone with the relevant skillset is actually working on adapting Ian Beer’s exploit into a workable consumer jailbreak for iOS 10.3.2, but we are seeing more information about the underlying vulnerabilities being pushed out into the public domain. Now a new YouTube video published by Billy Ellis is not only referencing the vulnerabilities and triple_fetch toolkit released by Ian, but is also giving additional details on how exactly it works.

The first thing highlighted in the video is the fact that this particular bug, or set of bugs, has already been patched with the release of iOS 10.3.3, which Apple issued relatively recently. The published bugs by Ian are userland-based and are only compatible with iOS 10.0 through iOS 10.3.2, which means that anyone currently running iOS 10.3.3 needs to downgrade immediately if they plan on waiting for these vulnerabilities to materialize into a jailbreak in the future. As Apple is still signing iOS 10.3.2, it is actually possible to go through that downgrade process.

Apple security knowledge base has already referenced the aforementioned CVE-2017-7063 bug and attributes it to Ian of the Google Project Zero team. This reference is in relation to iOS 10.3.3 where Apple is essentially saying it has been patched, stating that the bug “maybe be able to execute arbitrary code with system privileges.”

Music to the ears of anyone involved in the world of jailbreaking, Ellis also shows off the Xcode project which comes as part of the triple_fetch toolkit, explaining that in its current form it’s essentially useless to any average device owner and that it is more aimed at security researchers who want to interrogate iOS and potentially look for additional bugs.

In addition to the things mentioned above, the video by Ellis embedded below also gives fairly decent overview of running the project on an iOS device and interacting with the debugger to be able to attach to system-level processes and interrogate what’s going on in the userland. All of the information on how to do that is also included in the accompanying readme file which downloads with the project.

It must be stressed again that in its current form this really doesn’t offer any advantages to an average Joe, and should really only be used by security researchers at this stage. Having said that, we have it on good authority that these vulnerabilities can be used to produce a working developer jailbreak, so let’s hope that happens sooner rather than later.


Labels:

Comments

Post a Comment

Popular posts from this blog

PRIVACY POLICY

Privacy Policy Last updated: February 20, 2024 This Privacy Policy describes Our policies and procedures on the collection, use and disclosure of Your information when You use the Service and tells You about Your privacy rights and how the law protects You. We use Your Personal data to provide and improve the Service. By using the Service, You agree to the collection and use of information in accordance with this Privacy Policy. This Privacy Policy has been created with the help of the Free Privacy Policy Generator . Interpretation and Definitions Interpretation The words of which the initial letter is capitalized have meanings defined under the following conditions. The following definitions shall have the same meaning regardless of whether they appear in singular or in plural. Definitions For the purposes of this Privacy Policy: Account means a unique account created for You to access our Service or parts of our Service. Affiliate means an entity that controls, is con...
Post a Comment
Read more

Child-friendly Galaxy Tab 3 Kids listed in Korean brochure

We're no experts in Korean back-to-school literature, but it looks as if one retailer has tipped Samsung's plans a little early. If the documents above are legitimate, then the company will launch a kiddie-focused Galaxy Tab in short order. The Galaxy Tab 3 Kids is said to be an 8.5-inch slate with a 1.2GHz dual-core CPU, a 1,024 x 600 WSVGA display, 8GB storage, 1GB RAM and Jelly Bean. The company has also seen fit to include 802.11 a/b/g/n WiFi, Bluetooth 3.0, a microSD card slot (no word on capacity) and a 4,000mAh battery. One thing that lends weight to the listing is that the device's model number is SM-T2105, which evleaks tersely described as a "Galaxy Tab for children" a month ago. There's more pictures over at the source, but not a single spec saying that this new device is resistant to jam-smeared fingers. Source: ENGADGET
Post a Comment
Read more

Apple Rejected This Game To Keep You From Killing Your iPhone

Rejected by Apple for “encouraging behavior that could result in damage to the user’s device”, Carrot Pop's Send Me To Heaven arrives on Google Play, because no one cares if your Android device shatters on the pavement. "Throw your phone as high as you can" reads the primary instruction on S.M.T.H., a free game that measures the altitude of your device as it soars (hopefully) gracefully through the air. Catching it isn't a requirement, of course, but if you want your phone to remain intact long enough to compare your height on the leaderboards, it's highly recommended. It's up to the player to balance their competitive nature with the safety of their expensive gadgets, at least that's the idea. The concept has me brainstorming soft, portable landing materials to increase my chances of coming out unscathed during attempts at surpassing the 5.69 meter high score. I might just purchase phone insurance and an air cannon. Source: KOTAKU
Post a Comment
Read more