WebKit RCE Exploit Gives Hope To Possible iOS 12.0.1 Jailbreak
Gather around jailbreak fans, because we got great news for you regarding the iOS 12. A new WebKit RCE exploit was submitted to the repository. With this, reports suggest that it could give some hope of a future jailbreak for the iOS 12.0.1
What New And Exciting Details This Time For The iOS 12.0.1
A Twitter user from South Korea who goes by the name Ahn Ki Chan (@Externalist) posted a tweet last week thanking another Twitter user – BigD (@begger_dd) – for submitting a Webkit RCE exploit. According to the tweet, the exploit written came with a very detailed annotation which works up to iOS 12.0.1.
kudima(@begger_dd) submitted another Webkit RCE exploit to the repository! He wrote the entire exploit along with a very detailed annotation, which works up to iOS 12.0.1. Thanks again @begger_dd for the contribution! 😄https://t.co/nKyHiuMd1e
— Ahn Ki Chan (@Externalist) November 1, 2018
The Reaction From The Jailbreak Community
The exploit was well received by the jailbreak community. At the moment, the Twitter announcement has received 218 Retweets and 432 likes. Sure, these numbers may look minuscule when compared to tweets done by celebrities and large companies. But for the jailbreak universe, it’s already something seen as a positive response from the community.
Among those who praised BigD was Niklas B (@_niklasb), a prominent figure in the jailbreak community. He said that BigD’s exploits and explanations are always super detailed and useful.
Niklas then pointed that the code exec from R/W + vtable hijack got slightly more complicated on A11 due to long jump changes. However, he said that it’s easy to bypass with read/write (call setjmp first to get the canary).
BigD replied to Niklas’ tweet. On his reply, he admitted that he overlooked this part and assumed that “it would be the same as in your exploit for 11.3.1 before A12 once you get r/w.”
Other Contributions By BigD
Last August, Chan also announced via Twitter regarding BigD’s contribution to the jailbreak community. On the tweet, he wrote that Kudima (presumably BigD’s first name) submitted another cool annotated Webkit infoleak exploit for the iOS 11.4.1.
kudima submitted another cool annotated Webkit infoleak exploit(written by himself) for iOS 11.4.1 to the writeup repository. The bug was fixed today. Thanks @begger_dd for the contribution! 😄https://t.co/O9Ux6MQuJU
— Ahn Ki Chan (@Externalist) August 27, 2018
What are your thoughts regarding the Webkit RCE exploit submitted by BigD? Tell us in the comment section below.