Ian Beer’s iOS 11.3 Exploit POC Now Available For Public, iOS 11.3 Jailbreak Possible?
After Ian Beer informed Apple and was able to fix the exploit through iOS 11.3.1, the iOS 11.3 Exploit POC is now available to the public via Chromium. With the said release many are anticipating that it could lead to an iOS 11.3 jailbreak tool.
Even though the iOS 11.3.1 already fixed the said vulnerability, any iOS devices with older versions are still possibly susceptible. Beer initially discovered the flaw way back in February and he stated that the new flaw is “MacOS/iOS ReportCrash mach port replacement due to failure to respect MIG ownership rules” which may be not significant to most people.
Additionally, the description of what this proof of an idea isn’t easier to understand. But then, if you’re interested here’s what said about it:
“ReportCrash is the daemon responsible for making crash dumps of crashing userspace processes.
Most processes can talk to ReportCrash via their exception ports (either task or host level.)
You would normally never send a message yourself to ReportCrash but the kernel would do it on your behalf when you crash. However using the task_get_exception_ports or host_get_exception_ports
MIG kernel methods you can get a send right to ReportCrash.
ReportCrash implements a mach_exc subsystem (2405) server and expects to receive
mach_exception_raise_state_identity messages. The handler for these messages is at +0x2b11 in 10.13.3.”
It can be noticed that there’s a sufficiently more technical coverage over on the Chromium bugs webpage. Also, Beer does say that the concern does signify a “plausible exploitation scenario.”
Since the bug is now fixed in iOS 11.3.1 and POC specifics has been made public, many members of the jailbreak community anticipate to see some hacker utilize it to make an iOS 11.3 and below jailbreak. Even though it’s still too early to say if this could be turned into something that’s like Electra.
What can you say about this jailbreak news? Share your thoughts with us in the comment section below.