iOS 12 Jailbreak News: Every Development We Know So Far!
It’s been months since Apple first release the iOS 12. So far, there hasn’t been any iOS 12 jailbreak released in the public domain. With that, here is everything we know so far.
iPhone X iOS 12 Jailbreak Ali Security Team
Back in September, Ali Security released a video featuring an untethered jailbroken iPhone X running on iOS 12. However, reports note that this video will only serve as a proof-of-concept so expecting for it to be released to the public seems unlikely. They will either keep it for internal testing or sell the exploit(s) used.
iPhone XS iOS 12 Jailbreak By Pangu Team
On September 28, we made a report about Min (Spark) Zheng (@SparkZeng), a prominent figure in the jailbreak community, congratulating the Pangu jailbreak team via Twitter for jailbreaking an iPhone XS running on iOS 12. The team managed to do this by bypassing PAC mitigation on the A12 Bionic chip.
Just like the one from Ali Security team, it’s also unclear whether this will be released to the public domain. Perhaps it will only serve as a proof-of-concept as well.
iPhone XS Max iOS 12 Jailbreak Luca Todesco
On the second week of October, Luca Todesco / qwertyoruiopz (@qwertyoruiopz) announced via Twitter that he was finally done hacking the iPhone XS Max and has started the smartphone as his daily device.
since I’m finally done hacking the Xs Max I started using it as my daily driver and I gotta say it’s a damn fine piece of hardware
— qwertyoruiop (@qwertyoruiopz) October 5, 2018
The WebKit RCE Exploit
Back on November 5, we published a report about another WebKit RCE exploit submitted by BigD (@beggerd_dd). The exploit came with a very detailed annotation which works up to iOS 12.0.1.
On November 9, we reported that iOS hacker and developer Sem Voigtländer was working on jailbreak tool dubbed as “JailbreakMe Unified” which works through the use of a website accessed via Safari. The said tool works with anything from iOS 4 to iOS 12.0.1.
The Exploitable FaceTime Bug
On the same article, we also mentioned Natalie Silvanovich of Google Project Zero. She discovered a bug in the iOS 12.1 firmware. The bug itself is memory corruption in VCPDecompressionDecodeFrame class that lives within the FaceTime protocol in iOS and macOS.
360 Vulcan Security Team Promises To Release An iOS 12.0/12.1 Exploit
On November 20, we reported about @S0rryMyBad of 360 Vulcan. After the winning the highest reward of Tianfu cup by gaining full access to iPhone X through type confusion jit bug in Safari and a UaF bug in iOS kernel, @S0rryMyBad promised to release exploit for the iOS 12.0 and 12.. He also recommended staying on iOS 12.1 (or lower) firmware in case anyone wants to take advantage of these bugs in the future.
The iOS 12 Jailbreak List
The same month, a Twitter user who goes by the name iFenix (@iFenixx) posted a list of the known iOS 12.0 to 12.1 jailbreak from prominent figures in the jailbreak community. The names mentioned on the list are:
- Umang Raghuvanshi – iOS 12.0 – 12.1 Jailbreak
- SorryMyBad – iOS 12.0 – 12.1 Jailbreak
- KeenLab – iOS 12.0 – 12.1 Jailbreak
- Qwertyoruiopz – iOS 12.0 – 12.1 Jailbreak
- PanguTeam – iOS 12.0 – 12.1 Jailbreak
The Safari Exploit For iOS 12.1
On the month of December, Linus Henze made public an exploit that exists within Safari for iOS and macOS and which affects iOS 12.1 and below. Reports note that with this exploit, anyone who has the right amount of knowledge and skillset can put together another JailbreakMe-esque creation which will allow devices to be liberated directly from within Safari on an iOS device.
Want a free Safari 0day? (Ok, it's actually a 1day because it's fixed in the latest WebKit version, but it still works in the latest version of Safari) Then go to https://t.co/CD9IwHUQP8
Please don't do evil stuff with this.
— Linus Henze (@LinusHenze) December 6, 2018
A few days later after the announcement, Min(Spark) Zheng went to Twitter to say that the exploit by Linus can be used for a remote jailbreak.
Ian Beer Google Project Zero And The Kernel Bug
Apple published a document that describes the security content of the iOS 12.1.1 firmware. On the document, Apple notes the kernel bug found and reported by Ian Beer identified as “CVE-2018-4461”. It is an application that may be capable of executing arbitrary code with kernel privileges and available for:
- iPhone 5s and later
- iPad Air and later
- iPod touch 6th generation.
The Privilege Escalation Bug Fixed In iOS 12.1.1
After Apple’s public release of the iOS 12.1.1, Jann Horn of Google Project Zero published a privilege escalation bug which has been patched with the release of the iOS 12.1.1 firmware. He published his notes online which can be found in this link.
What are your thoughts about the exploits mentioned? Are they are a clear sign that a public iOS 12 jailbreak will be released? If yes, when do you think will that be? Tell us in the comment section below.