It was just yesterday when Ian Beer posted on his Twitter that he was able to discover iOS 11.4.1 exploit. Now, Brandon Azad, another prominent name in the jailbreak scene has released an iOS 11.4 exploit, which may hint that a jailbreak toolkit may be coming soon.
Redmond Pie stated in its article that Beer started that fire off yesterday by publicizing that his iOS 11.4.1 exploits will be shared. After that, Azad has followed that lead by releasing his “match port replacement vulnerability”:
“OS full userspace compromise via malicious crashing: https://github.com/bazad/blanket. Versions up to 11.4 are vulnerable, but the exploit only targets 11.2.6. The write-up also discloses some new mitigation bypasses.”
Moreover, it is worth noting that the tweet confirms that the fundamental bug is exploitable from iOS 11.2.6 up to Apple’s iOS 11.4 platform, with the dispute essentially being patched with the rollout of the iOS 11.4.1. Nonetheless, the shared exploit only essentially aims the iOS 11.2.6 so some extra work would be required for anybody who wanted to prove this conception. As a portion of the release to GitHub, Azad defines the launch as the following:
“CVE-2018-4280: Mach port replacement vulnerability in launchd on iOS 11.2.6 leading to sandbox escape, privilege escalation, and codesigning bypass.”
With that being said, it is confirmed that the exploit offers an escape out of the sandbox. Aside from that, it is also capable of providing privilege escalation and can sidestep Apple’s internal codesigning checks.
Nonetheless, this isn’t sufficient to obtain a jailbreak that is fully functional on iOS. But then, it could be very beneficial if someone could make it work for an iOS 11.4 final jailbreak as at present the Electra only supports jailbreaking iOS 11.4 beta 3. Also, since the iOS 12 is already out, it’s likely that this release will be treated for learning and informational purposes only. But despite that, it is still great to see that the jailbreak community is thriving.
These are the know details about the iOS 11.4 exploit released by Brandon Azad. In case new information has surfaced about it, we’ll surely keep you updated, so always stay tuned!