As reported recently on iDB, Luca Todesco has decided to solve the certification problems which have plagued the most recent Pangu release for 9.2-9.3.3, by making public a web-based tool for re-activating the jailbreak.
After doing some testing and research it seemed appropriate for a more in-depth discussion of the tool, along with a walkthrough, in order to address some of the more technical questions surrounding this latest development in the jailbreaking scene.
iOS 10 was released to the general public in the middle of September, and while months have passed, no jailbreak has yet surfaced for Apple’s latest mobile operating system.
Whether or not a jailbreak is coming continues to rattle the minds of hobbyists and tweak developers alike, but with all the rumors buzzing around and all these software updates seemingly launching left and right, will another jailbreak actually see the light?
Noted iOS security researcher and hacker Luca Todesco has just released a WebKit-based loader for the Pangu 9.3.3 jailbreak. This impressive browser exploit is reminiscent of the original JailbreakMe exploits on iOS 1 and iOS 4, after which it is named.
All that is required for the technique to work is to follow a URL in mobile Safari, press a button, lock your device and wait for the respring.
Whilst this development is testament to Todesco's hacking skills and has alleviated one major problem with the current 9.3.3 jailbreak: its reliance on developer certificates for the loader app, there is bound to be some confusion over what this tool actually does, and what it means for the jailbreak community. This post aims to bring some clarity to the topic.
While Apple might be trying to attract high profile hackers to help secure iOS through its bug bounty program, Zerodium appears to be once again trying to poach the talent of jailbreaking iOS for an even larger bounty.
Apple's OSes suffer from a previously unknown exploit which could allow an attacker to compromise the security of a device by having the user open an unsuspecting TIFF image file. Thankfully, the vulnerability has been patched in the most recent releases of iOS, macOS, watchOS and tvOS.
Resembling the dangerous Stagefright exploit that plagued Google's Android platform for the better part of last year, the security hole could allow a nefarious user to gather sensitive data from your device as soon as you access a simple text message containing a malicious TIFF image file, Fortune said yesterday.
Chinese hacker Min Zheng has showed a demo of Flying JB earlier today, a jailbreak for 32-bit devices running iOS 9.2.1 or lower. The video demo shows off an iPhone 5c going through the jailbreak process as well as Mobile Terminal running on the device once jailbroken.
What may sound like exciting news at first is actually nothing to call home about as the limitations and actual usage potential of Flying JB are extremely limited.
There is a new bug in iOS that resprings most peoples phones due to a low memory crash. It is caused by iOS's inability to render certain strings of Arabic characters which overloads the memory, causing resprings and reboots or safe mode on a jailbroken device. Simply explained, when someone messages you those characters and you get a banner notification, your phone starts kicking the bucket.
A few developers have stepped in and saved the day for jailbreakers. This isn't the first or second time the jailbreak community receives a security fix quicker than Apple is able to push one to stock devices. It's a great example of the argument that jailbroken iOS, in the right hands, can be more secure than stock.
A new exploit dubbed ‘FREAK Attack’ — which stands for “Factoring attack on RSA-EXPORT Keys” — that takes advantage of a security flaw dating back to the 1990s will be patched soon by Apple.
As we speak, the iPhone maker is readying a fix in iOS and OS X that will be available in software updates next week, a spokesperson for the Cupertino firm told iMore.
Plagued by this security flaw, users of Mac, iPhone, iPad, iPod touch and Android devices are at risk when visiting vulnerable websites that downgrade a secure HTTPS connection to a weaker encryption method.
You may remember MuscleNerd as being the head of the iPhone Dev Team, which has been on the sidelines in recent years in favor of the Chronic Dev Team and, later, the evad3rs. Nevertheless, the well-known iPhone hacker congratulated the Pangu Team for its impromptu iOS 7.1.1 untethered jailbreak release, in addition to providing some interesting commentary on how the exploit works.
According to his tweets, MuscleNerd says that the most unique part of the Pangu jailbreak is that it uses an expired enterprise certificate as an injection vector. He adds that enterprise certificates are something that have been out of bounds for the iPhone Dev Team, due to legal reasons, but he is glad that this method was used rather than the Pangu team burning through something more native and powerful…
iOS developer iH8sn0w confirms that the just released iOS 7.1.1 untethered jailbreak burns through two exploits that could have potentially been used towards an iOS 8 jailbreak. I want to emphasize the word "potentially" in that sentence, because it is fully possible that Apple would have patched the vulnerabilities before the release of iOS 8 in the first place. But now, they most certainly will.
iH8sn0w says that the only exploits burned relate to code signing and the kernel, alongside the "syslogd chown" vulnerability that was already disclosed at the Black Hat hacking conference in August. Interestingly, the jailbreak also contains code that will make it compatible with iOS 7.1.2 once the software update is publicly released, which could be as early as this Friday…
Two hackers have created a tool that they claim can bypass Apple's 'Activation Lock.' It's called 'doulCi, and it uses a man-in-the-middle attack to intercept users' Apple ID credentials as well as unlock devices disabled by the highly-lauded security feature.
The hack utilizes a vulnerability in iTunes for Windows that has to do with verifying security certificates. And apparently, all you have to do to get it to work is plug in the device to a computer, and alter a file, directing it to an alternate server instead of iCloud...
While the dust is far from settled on the nasty SSL bug found in iOS last week, a new security flaw in the mobile OS has been brought to light. The new flaw makes it possible for attackers to covertly log every touch a user makes, including keyboard and Touch ID presses.
Researchers at security firm FireEye made the discovery, saying in a blog post that the gap exists within iOS' multitasking feature that allows for the background monitoring, and it can be exploited via a malicious app install or remotely via a separate app vulnerability...