Skip to main content

iOS 10.3.2 Jailbreak exploit explained

We are yet to have confirmation that someone with the relevant skillset is actually working on adapting Ian Beer’s exploit into a workable consumer jailbreak for iOS 10.3.2, but we are seeing more information about the underlying vulnerabilities being pushed out into the public domain. Now a new YouTube video published by Billy Ellis is not only referencing the vulnerabilities and triple_fetch toolkit released by Ian, but is also giving additional details on how exactly it works.

The first thing highlighted in the video is the fact that this particular bug, or set of bugs, has already been patched with the release of iOS 10.3.3, which Apple issued relatively recently. The published bugs by Ian are userland-based and are only compatible with iOS 10.0 through iOS 10.3.2, which means that anyone currently running iOS 10.3.3 needs to downgrade immediately if they plan on waiting for these vulnerabilities to materialize into a jailbreak in the future. As Apple is still signing iOS 10.3.2, it is actually possible to go through that downgrade process.

Apple security knowledge base has already referenced the aforementioned CVE-2017-7063 bug and attributes it to Ian of the Google Project Zero team. This reference is in relation to iOS 10.3.3 where Apple is essentially saying it has been patched, stating that the bug “maybe be able to execute arbitrary code with system privileges.”

Music to the ears of anyone involved in the world of jailbreaking, Ellis also shows off the Xcode project which comes as part of the triple_fetch toolkit, explaining that in its current form it’s essentially useless to any average device owner and that it is more aimed at security researchers who want to interrogate iOS and potentially look for additional bugs.

In addition to the things mentioned above, the video by Ellis embedded below also gives fairly decent overview of running the project on an iOS device and interacting with the debugger to be able to attach to system-level processes and interrogate what’s going on in the userland. All of the information on how to do that is also included in the accompanying readme file which downloads with the project.

It must be stressed again that in its current form this really doesn’t offer any advantages to an average Joe, and should really only be used by security researchers at this stage. Having said that, we have it on good authority that these vulnerabilities can be used to produce a working developer jailbreak, so let’s hope that happens sooner rather than later.


Labels:

Comments

Post a Comment

Popular posts from this blog

So this is basically / Asi que esto es basicamente... [SPANISH TEXT]

Si amigos, basicamente la idea del blog fue introducir a todos en el mundo de la tecnologia y hacer que esta no fuera tan "compleja" o "complicada" para todos. Ultimamente no hago reviews propios, ya que me tomo la molestia de elegir buenas noticias (que considero) para su placer informativo (bueno, las visitas me dicen que lo estoy haciendo bien) Pero, y si algun dia llegase a terminar todo? Regalar el dominio? Vender el blog? Nah, muchas veces me lo he preguntado pero... por algo senti el deseo de escribirles, desde mi misma mano y tecla, porque esto es lo que me apasiona: la tecnologia, la programacion, el llevar todo niveles superiores, exponenciar mi capacidad de analisis. De esto se trata todo, esto es basicamente el alma del blog: tecnologia. Actualmente me encuentro en otra ciudad, desde hace ya 1 mes. Las cosas han estado normales, pues dentro de lo que alguien podria definir de "normal". Gracias a Dios no me hace falta lo basico, desafortunad...
Post a Comment
Read more

Child-friendly Galaxy Tab 3 Kids listed in Korean brochure

We're no experts in Korean back-to-school literature, but it looks as if one retailer has tipped Samsung's plans a little early. If the documents above are legitimate, then the company will launch a kiddie-focused Galaxy Tab in short order. The Galaxy Tab 3 Kids is said to be an 8.5-inch slate with a 1.2GHz dual-core CPU, a 1,024 x 600 WSVGA display, 8GB storage, 1GB RAM and Jelly Bean. The company has also seen fit to include 802.11 a/b/g/n WiFi, Bluetooth 3.0, a microSD card slot (no word on capacity) and a 4,000mAh battery. One thing that lends weight to the listing is that the device's model number is SM-T2105, which evleaks tersely described as a "Galaxy Tab for children" a month ago. There's more pictures over at the source, but not a single spec saying that this new device is resistant to jam-smeared fingers. Source: ENGADGET
Post a Comment
Read more

The Ford Fiesta 2011 Was the Budget Hacker’s Dream (And No One Noticed)

The Ford Fiesta 2011 Was the Budget Hacker’s Dream (And No One Noticed) If you ever drove a Ford Fiesta 2011 SE and felt like it had hidden potential, you weren’t wrong — it was a software-defined vehicle before that was even a buzzword . While most saw it as a humble economy car, tinkerers and enthusiasts quickly discovered that the Fiesta was actually modular, reprogrammable, and surprisingly future-proof . With the right tools (and a bit of nerve), you could unlock features typically reserved for higher trims, all with minor hardware tweaks and some clever software work. Here’s a deep dive into the hidden arsenal of the 2011 Fiesta — and why it deserves a cult status among modders. The Secret Weapon: Shared Architecture Ford built the Fiesta using a highly modular electronic architecture . Many trims — from the base SE to the Titanium — shared the same PCM, wiring harnesses, and core modules . That meant you could: Add hardware from higher trims (like steering wheel...
Post a Comment
Read more