Today I have great news for those who are waiting for iOS 12.x jailbreak. A new Proof of Concept and Exploit details have been released by SorryMyBad who is a security researcher. This is what he posted onto his Twitter account.
Here is the PoC of the bug I used to jailbreak https://t.co/IAwkiKqzNg can work before 12.1.2..The blog post about exploit on A12 will come soon.😀 pic.twitter.com/S5s2tICLaD
— SorryMybad (@S0rryMybad) January 23, 2019
He posted the picture of the code that triggers the bug which you need to put into a file to run. GeoSnow has done it in a new repo at Github which you can check from this link which you can actually compile. This is a vulnerability that has been patched in iOS 12.1.3 which was released a few days ago. It also works on A12 devices, SorryMyBad has posted this which is write up of the whole vulnerability and how it works.
The code he posted is just to trigger the vulnerability and just a proof of concept, but in the blog post he wrote about how to get kernel task port or TFP0 with this vulnerability and goes about all the details with some pieces of code which you’d have to compile yourself and add what is missing. He didn’t publish the source code of the exploit that will give you the TFP0 or the kernel task port. But given the information about how to put that together from here.
However, all the information required is there and you need someone who can put it together to get the kernel task port and definitely possible to achieve something close to a jailbreak. Because SorryMyBad has also posted this below which is pretty much a jailbreak demo which he has made using this vulnerability and in the video he posted he actually gets the terminal to actually work fine with it exploits which he triggers from Safari.
IPC Voucher UaF Remote Jailbreak Stage 2 https://t.co/V8prQKAllh (Chinese, English may be later) and demo : https://t.co/lf6aY4nRDc
— SorryMybad (@S0rryMybad) January 23, 2019
Definitely, this is a very important release that can be used for a jailbreak it does give you the TFP0 if you put it together using the instructions provided in a blog post shared above. But I may not need it because Brandon Azad, another security researcher of Google project ZERO posted this tweet below a few days ago.
If you're interested in bootstrapping iOS kernel security research (including the ability to forge PACs and call arbitrary kernel functions), keep an A12 research device on iOS 12.1.2.
— Brandon Azad (@_bazad) January 22, 2019
This is very likely going to include the TFP0 as it is without having somebody piece together anything, so definitely we do have vulnerabilities that have been released. At the same time, we can definitely use SorryMyBad exploit after piecing it together. All this have been patched in iOS 12.1.3 so do not update iOS 12.1.3 if you’re running iOS 12.0/ 12.0.1 / 12.1 or 12.1.1, do not update to iOS 12.1.2.
![How To Install RootlessJB Jailbreak Tweaks iOS 12 – iOS 12.1.2 [Guide]](https://techacrobat.com/wp-content/uploads/2019/02/install-rootlessjb-jailbreak-tweaks-120x86.jpg)
Get real time update about this post categories directly on your device, subscribe now.
![How To Jailbreak iOS 11.4.1 Using Unc0ver [Mobile/PC]](https://techacrobat.com/wp-content/uploads/2018/10/Jailbreak-iOS-11.4.1-using-unc0ver-120x86.jpg)
