The recent launch of the checkm8 bootrom exploit for A5-A11 devices certainly piqued the interest of many, and perhaps a lot more than some people would like.
Electra Team lead developer CoolStar took to Discord over the weekend to announce that he would be shifting focus away from A12(X) jailbreak development on iOS 12.1.3 and later and more toward experimenting with and developing around the checkm8 exploit:
The tides of the jailbreak community forever changed for the better on Friday when hacker and security researcher @axi0mX released checkm8, the first publicly-released bootrom exploit for iOS-powered devices since the iPhone 4 in 2010. Captivatingly, checkm8 works on a significant number of handsets ranging from the antiquated iPhone 4s to the not-so-old iPhone X.
Checkm8 is, in and of itself, an exploit. That said, it’s not a jailbreak, but rather a powerful tool that jailbreak developers could use to devise a USB-based tethered or semi-tethered jailbreak tool for A5-A11 devices. Given how recently checkm8 was released, it should come as no surprise to anyone that public jailbreak tools don’t yet utilize the exploit, but that hasn’t stopped some talented hackers from flexing their l33t dexterities:
It’s an exciting time to be an active member of the jailbreak community. Security researcher axi0mX has released a powerful new bootrom exploit targeting A5-A11 devices, and for veteran jailbreakers who remember the action-packed limera1n days of yore, this might feel like a blast from the past.
Axi0mx announced his new bootrom exploit, dubbed checkm8, via Twitter just this morning, noting that it would work on all iPhones, iPads, and iPod touches from the iPhone 4s to the iPhone X:
The first round of iPhone 11, 11 Pro, and 11 Pro Max pre-orders started delivering to antsy customers late this week, with the bulk of those arriving today (Friday, 20th). While most people will use their shiny new device as it comes, a smaller percentage are actively anticipating the idea of jailbreaking it. Fortuitously, such an idea might not be too far out of reach.
Renowned security researcher @iBSparkes purportedly succeeded in deploying a tfp0 exploit on his brand-new A13-equipped handset. The hacker shared his experience via Twitter early this morning:
Those heavily invested in the jailbreak community will be happy to hear that Pwn20wnd teased significant progress on the much-awaited A12(X) jailbreak with Cydia support Tuesday afternoon. The hacker shared a series of Tweets about all the work that went into making the jailbreak experience on unc0ver as good as humanly possible.
According to Pwn20wnd, Cydia support on A12(X) will be PAC-less, which means it won’t use traditional kernel patches for total handset liberation as current jailbreak solutions do. What’s more is the implementation has been totally rewritten from scratch in an effort to address performance and stability:
The Electra Team posted an updated version of the iOS 12-centric Chimera jailbreak tool this week with a focus on jailbreak reliability on older handsets. The latest update brings the Chimera jailbreak tool up to version 1.3.9.
The Electra Team announced the launch of Chimera v1.3.9 via Twitter late last night, noting that it touts a more robust version of the Sock Puppet 3 exploit:
It’s been less than 24 hours since hacker and unc0ver lead developer Pwn20wnd dropped the largest stability and reliability update for the iOS 11 & 12-centric unc0ver jailbreak tool to date, but that hasn’t stopped him from updating the tool some more with additional improvements.
Just this afternoon, Pwn20wnd shared a series of Tweets denoting that unc0ver versions 3.6.2 and 3.6.3 had been released:
Unless you’ve been living under a rock, you’ve undoubtedly witnessed the staggered inclusion of support for iOS 12.4 in the Electra Team’s Chimera jailbreak tool and Pwn20wnd’s unc0ver jailbreak tweak over the course of the past month. This feat was made possible with a revised version of the Sock Puppet exploit dubbed Sock Puppet 3 by security researcher Umang Raghuvanshi (@umanghere).
From what we can gather, today (Sunday, September 8th) is Raghuvanshi’s Birthday, and the lad has opted to celebrate his special day by open sourcing the Sock Puppet 3 exploit to the general public, a move that he hopes will contribute to even more great works in the community:
If you’re on iOS 12, then there are two primary jailbreaks you can choose from: Chimera by the Electra Team or unc0ver by Pwn20wnd. Both jailbreaks are neck-and-neck with device and software compatibility, but since iOS 12.4 first became jailbroken, both parties have been hard at work to implement support for A12(X) devices.
The unc0ver jailbreak only “partially” supports A12(X) devices at the time of this writing, and full support is coming sometime in the near future, including those running iOS 12.4. Chimera, on the other hand, has lacked A12(X) support on iOS 12.1.3-12.3 (beta) and 12.4 since v1.3.0 first launched, and still lacks it to this day.
Anyone familiar with the jailbreak scene knows that Luca Todesco sports l33t hacking skills, but the security researcher reaffirmed those skills this week after sharing a demonstration video of what appears to be a hacked iPhone X-style device running the eighth developer beta of iOS 13.
The video, embedded below for your viewing pleasure, showcases what appears to be a WebKit-based software bug at work:
It was only within the past couple of weeks that Pwn20wnd and the Electra Team updated the unc0ver and Chimera jailbreak tools with support for iOS 12.4 by way of an updated Sock Puppet exploit, and while it was the first time in a long while that the latest version of iOS could be jailbroken, all fun things must, unfortunately, come to an end…
Apple released iOS 12.4.1 to the general public on Monday with bug fixes and security enhancements, one of which tended to the updated Sock Puppet exploit that Apple initially patched in iOS 12.3 and then inadvertently un-patched again in iOS 12.4.
Pwn20wnd updated the unc0ver jailbreak Saturday afternoon, officially bringing it up to version 3.5.6 with increased support for A12(X) devices running iOS 12.1.3-12.4.
As you might recall, Pwn20wnd released unc0ver v3.5.5 earlier this week with SSH support on the aforementioned device and firmware combinations, but citing a Tweet shared just this afternoon, the latest unc0ver update adds support for remounting and restoring the RootFS on those same devices: