Software

iOS 13.5.1-13.7 exploit to be discussed by 08Tcw3BB at HITB CyberWeek 2020

Anthony Bouchard ∙ November 17, 2020

Those paying close attention to the jailbreak community as of late would already know that there’ve been a number of recent developments that could eventually spell out the jailbreakability of iOS 13.5.1-13.7. If you missed the news, FreeTheSandbox is working on a public jailbreak supporting these firmware versions while security researcher @08Tc3wBB plans to release a dedicated exploit for use by the jailbreak community.

Neither of the aforementioned things have happened yet, but for those trying to keep tabs on everything as it happens, it might be worth mentioning that @08Tc3wBB plans to discuss his iOS 13.5.1-13.7 exploit on November 19th via HITB CyberWeek in a talk entitled “Jailbreaks Never Die: Exploiting iOS 13.7.”

Read More

Exploit PoC targeting up to iOS 13.7 released

Anthony Bouchard ∙ November 11, 2020
Matrix code hacked iPhone.

If you’ve been paying any attention to the iOS & iPadOS security research side of things recently, then you might’ve caught wind about a kernel bug discovered by Mohamed Ghannam (@_simo36) that held the capacity to pwn iOS & iPadOS 14.1 and below. Unfortunately, Ghannam later revealed that the bug didn’t work on iOS or iPadOS 14, and instead that it would only support variants of iOS & iPadOS 13.

While the aforementioned circumstances were indeed a bummer for those who’d been looking forward to a potential exploit release for iOS & iPadOS 14, the good news is that Ghannam officially released a kernel exploit proof of concept (PoC) dubbed 'OOB Events' on Wednesday with instructions for achieving kernel task port (tfp0) on iOS & iPadOS 13.7:

Read More

Kernel bug for iOS 14.1 and below raises hopes for exploit, and perhaps jailbreak

Anthony Bouchard ∙ November 6, 2020
Matrix code hacked iPhone.

Apple unleashed iOS & iPadOS 14.2 to the masses yesterday afternoon, and while most iPhone and iPad owners gleefully updated to take advantage of more than 100 new Emojis and six new wallpapers, the updates also appeared to beef up their respective platforms’ security.

Security improvements are generally a good thing for users; however, they can be red flags for proponents of the jailbreak community since software exploits are the very things that make jailbreak tools possible. With that in mind, it may come as no surprise that jailbreak developers repetitiously remind the community to stay in the lowest possible firmware, as this can increase one’s chances of jailbreak eligibility.

Read More

Checkra1n tinkerer demonstrates custom boot sound on T2-equipped Mac

Anthony Bouchard ∙ October 29, 2020

One of the things that makes the checkra1n jailbreak unique is that it’s bootrom-based, which means that it’s able to jailbreak any hardware vulnerable to the checkm8 bootrom exploit. This includes iPhones, iPads, Apple TVs, and even the T2 chip that many modern Mac computers now come equipped with from the factory.

It wasn’t long ago that the checkra1n team baked official support for the T2 chip into their jailbreak tool, and as such, it may come as no surprise that some of the first T2-based hacks are beginning to trickle in. One of the latest of such hacks apparently involves modifying a T2 chip-equipped Mac Mini to play the infamous THX sound during boot-up:

Read More

iPAPatcher comes out of beta as developer re-writes tool for v1.0

Anthony Bouchard ∙ October 29, 2020

Just under two weeks ago, developer Brandon Plank launched a beta macOS app dubbed iPAPatcher that allowed users to merge Dynamic Libraries (dylib) or jailbreak tweaks (.deb files) with iPhone or iPad apps (.ipa files) before installing them on a handset of your choosing. In essence, one might describe it as akin to enabling hacks and perks in your favorite apps without the need for a jailbreak.

As of this week, however, iPAPatcher is officially coming out of beta. The source code of version 1.0 of this handy utility is now published on the developer’s GitHub page, and as you might come to expect, it comes with a plethora of improvements that benefit the end user.

Read More

Facebook reinstates Cydia app, allowing users to log in and view past purchases again

Anthony Bouchard ∙ October 25, 2020

A substantial number of veteran jailbreakers who relied on Cydia’s ‘Log in with Facebook’ mechanism to access their previous jailbreak tweak and extension purchases were met with frustration after the feature appeared to stop working last June.

Fortunately, the problem now appears to be fixed, as noted by a couple of Tweets shared just this weekend by Cydia creator Jay Freeman, also known more colloquially to the jailbreak community as Saurik:

Read More

iPAPatcher lets you modify apps before side-loading them, no jailbreak needed

Anthony Bouchard ∙ October 18, 2020

One of the best things about being jailbroken is that you can install jailbreak tweaks to augment your favorite apps’ functionalities, whether they were put there by Apple or installed by you via the App Store. Unfortunately, not everyone is or can be jailbroken, and this offers its own unique set of challenges for those using the latest firmware versions or newer devices that aren’t susceptible to current jailbreaks.

Given the aforementioned circumstances, we think that a newly released macOS app dubbed iPAPatcher by iOS developer Brandon Plank may be of particular interest to those who wish to tweak certain apps even when they don’t have a jailbreak at their disposal.

Read More

Hacker @08Tc3wBB to discuss iOS 13.7 exploit at Black Hat Europe 2020

Anthony Bouchard ∙ October 8, 2020

There’s a lot going on in the jailbreak community as of right now. Not only is the checkra1n team actively attempting to jailbreak iOS & iPadOS 14 on many more devices, but hacker and security researcher @08Tc3wBB may also soon share details about an exploit viable for jailbreaking iOS & iPadOS 13.7 (the last versions of Apple’s previous-generation mobile operating systems).

If you find yourself more interested in the latter tidbit, which is likely the case if you stayed on the lowest possible firmware after iOS & iPadOS 14 got released, then you might be ecstatic to learn that @08Tc3wBB will present his latest research with security group ZecOps at the Black Hat Europe 2020 event.

Read More

AltStore version 1.4 now available with support for AltDaemon & countless improvements

Anthony Bouchard ∙ October 7, 2020

Just yesterday, AltStore lead developer Riley Testut released AltDaemon, a novel package for jailbroken handsets that enables side-loaded apps to be installed, refreshed, and updated on the fly without requiring the end user to connect to a Mac or Windows PC. AltDaemon is, in essence, a future-proof alternative to the popular ReProvision.

While yesterday’s AltDaemon release received praise by jailbreakers from all walks of life, there was just one caveat – it necessitated AltStore version 1.4, which at the time, wasn’t yet available to the general public. Fortunately, that changed this Wednesday evening…

Read More

ABC Research may release an iOS 14 exploit, but only if Apple patches it first

Anthony Bouchard ∙ October 5, 2020
Matrix code hacked iPhone.

There’s a certain stigma surrounding jailbreaking and iOS & iPadOS 14 right about now, and all of it stems from the fact that Apple made its latest and greatest mobile operating systems a lot tougher to crack. But tougher doesn’t mean impossible, and that’s a fact, Jack.

With that in mind, it seemed appropriate to follow up with our optimistic attitude following Brandon Azad’s eye-tearing departure from Project Zero with a bit of good news: software security research group ABC Research appears willing to release an iOS & iPadOS 14-compatible exploit to the general public, assuming certain criteria are met…

Read More

Security researcher Brandon Azad leaves Project Zero to join Apple

Anthony Bouchard ∙ October 2, 2020
Matrix code hacked iPhone.

The jailbreak community lost a valuable asset on Friday as renowned hacker and security researcher Brandon Azad, known for his involvement with Project Zero and for his work in discovering tfp0 exploits for iOS and iPadOS alike, was hired by Apple.

Azad made the shocking announcement Monday afternoon via Twitter, noting that the bittersweet transition to Apple’s side of the security research fence would begin as soon as next week:

Read More

Deliveries 9.0 offers a fresh new look, subscriptions, and a bevy of new features

Anthony Bouchard ∙ September 30, 2020

These unprecedented times we live in, driven by the uncertainty of the Coronavirus pandemic, have driven more people to resort to online shopping over in-store shopping than ever before. With so many online orders happening all at once, some may find it difficult to keep track of all their packages, and that’s one reason why I use the Deliveries package tracking app from Junecloud.

Junecloud released a massive update for Deliveries on Wednesday, officially bringing the popular tracking up to version 9.0 for iOS, iPadOS, macOS, and watchOS and incorporating a plethora of much-needed upgrades including aesthetically pleasing interface tweaks and handy new features. If you’re already using Deliveries, then this is an update you won’t want to miss – and to those who aren’t… what are you doing with your life?

Read More