November 22, 2024

Google Security Researcher Ian Beer Releases Exploit for iOS 11.1.2, Could Lead to Public Jailbreak

Posted December 11, 2017 at 11:36pm by iClarified · 15526 views
Ian Beer, a security researcher for Google's Project Zero, has released an exploit for iOS 11.1.2 that could result in a working jailbreak.

Back on December 5th, Beer recommended that users keep a device on iOS 11.1.2 or lower.

If you're interested in bootstrapping iOS 11 kernel security research keep a research-only device on iOS 11.1.2 or below. Part I (tfp0) release soon.

When Apple released iOS 11.2, five of the vulnerabilities patched were attributed to Beer, including three related to the kernel.

Today Beer released an async_wake exploit which "gets tfp0 on all 64-bit devices plus an initial PoC local kernel debugger." tfp0 stands for "task for pid 0".

tfp0 should work for all devices, the PoC local kernel debugger only for those I have to test on (iPhone 7, 6s and iPod Touch 6G) but adding more support should be easy

Jonathan Levin, author of MacOS and iOS Internals, has already addressed 'ETA naggers'.

To all wen eta naggers, if it wasn't clear: UPDATE TO iOS 11.1.2 (TvOS 11.1) NOW - that's what @i41nbeer's TFP0 will be for. iOS 11.1 NO LONGER SIGNED BY AAPL. Ian's PoC won't be full JB, but will enable partial (kdata) on [iPhone 7 and higher], and (possibly) full on [iPhone 6s and lower], and it's best you'll get.

We'll be watching closely to see if anyone uses the exploit to release a public jailbreak. Please follow iClarified on Twitter, Facebook, or RSS for updates.

Read More