iPhoneRoot.com       

News tagged ‘exploit’


iPhone iOS 4.1 Jailbreak Released from GeoHot, called LimeRa1n





Famous hacker Geohot is back and today he released the latest iOS 4.1 jailbreak. It is called LimeRa1n and supports iPhone 3GS, iPod Touch 3G, iPad, iPhone 4, iPod Touch 4G with iOS firmwares 4.0-4.1 and beyond. It can also hacktivate your device, so there is no need in phone SIM-cards and other tricks.

This software is still in beta and was updated 3 times in last several hours. So use with caution.

There is Windows version only for now. Geohot plans to release LimeRa1n for Mac and Linux soon. You can Download it here.

Some users report that they have jailbroken their iOS 3.2.2 iPads successfully with limera1n, while others report that they tried, but failed.

Do not forget to backup.

For many users of iPhone 3GS and iPhone 4 with iOS 4.0.2 now there is a hope to perform jailbreak using LimeRa1n and unlock using ultrasn0w. We recommend NOT to do it if you have not saved your SHSH keys. You can try, but if something goes wrong without SHSH keys you'll have to restore to iOS 4.1, and there is no unlock for iOS 4.1 (possibly forever). Just wait for PwnageTool utility.

DevTeam reported that Limera1n uses a different exploit than SHAtter, so they will not release SHAtter utility, they don't want let Apple fix both security holes. However they plan to release PwnageTool using the same exploit.

You can find our LimeRa1n tutorials tutorials:


Read the rest of this entry »




|
   

Leave a comment

The Apple TV has just been jailbroken



Today the new Apple TV has been jailbroken by hacker MuscleNerd from DevTeam. He used the SHAtter exploit. This means that hackers were able to gain full access to the device. Here is MuscleNerd's comment on twitter:

AppleTV 2G SHAttered and jailbroken (not quite sure how to run apps yet!)

MuscleNerd and the rest of the Dev-Team will probably create a public release of some utility soon. Here is a youtube video showing off the jailbroken device:


Read the rest of this entry »




|
   

Leave a comment

iPod Touch 4G with iOS 4.1 is jailbroken



jailbreak-ios41-ipod4g

The new exploit is called SHAtter. It was developed by hacker pod2g a few months after hacker p0sixninja from the Chronic Dev Team discovered the crash. The same exploit can be used to jailbreak iPhone 4 and iPad with new firmwares. So iOS 4.1 and maybe even iOS 4.2 is not a problem any more. Soon we will see the utilities from DevTeam to perform the jailbreak.

The DevTeam published a video if a jailbroken iPod Touch 4G. Take a look:


Read the rest of this entry »




|
   

Leave a comment

Comex Won't Release iOS 4.1 Jailbreak



iOS4.14.2Jailbreak

Only a few days passed since Dev Team has confirmed that Comex will try to jailbreak iOS 4.1, using other exploit. However, according to the response received on Twitter, it became known that Comex may not take part in the new iOS 4.x jailbreak.

Comex replied to the message on Twitter in such a way: "ariif, the next jailbreak might not be from me :) ".

Of course, it does not mean that Comex leaves the scene and would not take part in jailbreaking as Geohot, most likely it is only this version he isn’t planning to jailbreak. Nevertheless the smile in his reply certainly means something good...




|
   

Leave a comment

Jailbreak and Unlock for iOS 4.1 is possible



According to the latest tweets from different hackers (MuscleNerd, pod2g and others) the exploit for iOS 4.1 has been already discovered:

Works on 4.1 (!) iBSS iv=c2c5416472e5a0d6f0a25a123d5a2b1c key=1fbc7dcafaec21a150a51eb0eb99367550e24a077b128831b28c065e61f894a0

I just successfully updated to 4.1 without a baseband update. PLEASE wait for 4.1.0 TinyUmbrella!!!

Crazy timing that @pod2g got latest exploit just as 4.1 went public (lots of work left...keep away from 4.1 for now!)

congrats to @pod2g for the latest exploit and also @p0sixninja who have been trying for months.

This means that the jailbreak and unlock for iPhone and iPod Touch is possible. However please be patient and wait for the utilities.




|
   

Leave a comment

Saurik released a PDF patch for older and already jailbroken iOS devices



pdffix

As you may know, few days ago Apple had released a new version of iOS for all its mobile devices except first-generation iPhone and iPod touch, so owners of the latter are still not protected from a security flaw that allows hackers to obtain a remote control of their handsets. In fact, the latest compatible version for them is currently iOS 3.1.3.

But Saurik (who is known as a developer of Cydia) recently announced on the Dev-Team blog that he released a PDF patch that is compatible with any iOS version down to 2.x. It can be found in Cydia if you'll search for "PDF Patch". After installing it you can check if the patch is working properly with visiting jailbreakme.com page. After sliding the box to jailbreak you should only see the star background (and not a dialog box), which means you are no longer vulnerable.

Read the rest of this entry »




|
   

Leave a comment, read comments [9]

iOS 4.0.2 for iPhone, iOS 3.2.2 for iPad Have Been Released



4.0.2 3.2.2

Today Apple released patches for its iOS that address a security hole in Mobile Safari, which allowed users to jailbreak their iDevices. The PDF exploit they used also allowed hackers to gain remote control over the device with an iOS.

iOS 4.0.2 is available for:

Apple did NOT release the patch for the first generation iPhones.

iOS 3.2.2 is intended to use on the iPad and iPad 3G.

You can update your device via the links above or simply by connecting your device to iTunes and clicking Update. But note, if you want to continue using jailbreak you should not update your handset/tablet and don't forget to backup your SHSH blobs.




|
   

Leave a comment

Howto secure iPhone iOS: PDF exploit fix



There is a big a security hole in iPhone iOS. The device is insecure in a big and obvious way. You should be extremely careful of what sites you visit.

The FlateDecode vulnerability can be used when a PDF File is embedded within a Web page. Basically Safari tries to parse the PDF. And when it does it executes some code. Hackers can use this exploit to read and write iPhone data, get your contacts, sms, even delete something. So they can get all kinds to access your personal information stored on your iOS device.

Apple will fix it some day. Until then you need to take care of your iPhone security. There is a fix for that. It is available via Cydia for jailbroken devices. So you need to jailbreak in order to secure (funny isn't it?).


Read the rest of this entry »




|
   

Leave a comment

Apple investigates iOS vulnerabilities



Vupen

Recently Vupen, which is a French security firm, posted an advisory that contained information about two critical security vulnerabilities in Apple's iOS. After a while hacker comex used these flaws to create a jailbreak, which is now widely known and available on JailbreakMe.com.

But according to Reuters, yesterday Apple decided to react and its spokeswoman Natalie Harrison revealed that the company is currently investigating Vupen's advisory. So it looks like these exploits are going to be fixed soon!




|
   

Leave a comment

Written by SimplyMax

Wednesday, August 4th, 2010. 23:16

Here's what hackers say about new firmware iOS 4.0.1



Here's what hackers tweeted about new Apple firmwares 4.0.1 for iPhones and 3.1.2 for iPad:

DevTeam:

As with *any* new FW, jailbreakers + unlockers must avoid this upcoming 4.1 update until our tools are updated

3GS, ipt3G, iPhone4 users (regardless of current FW or JB status) should backup 4..0 SHSH blobs http://is.gd/dskh9 soon

MuscleNerd:

Obviously avoid today's 4.0.1 update until JB tools are updated. Luckily, no baseband change so ultrasn0w lives on :)

each FW version has unique blobs. But using http://is.gd/dskh9 you can get 4.0 blobs on PC while you stay at 3.1.2

Hah for those iPhone3G or ipt2g(non-MC) users at 4.1beta1: use redsn0w from 2 wks ago to JB http://is.gd/dstU3 :)


Read the rest of this entry »




|
   

Leave a comment

AT&T servers had been hacked



att_applelogo-299x300

A group of hackers found a security flaw on the web servers of AT&T and after obtaining users’ 3G iPad SIM addresses (also known as ICC ID) from the web made an automated script attack to receive their email addresses.

According to Gawker report, now hacked users may "be vulnerable to spam marketing and malicious hacking". SIM addresses are easy enough to obtain, because many people have already posted their ICC ID numbers in photos published on Flickr for instance. But most of them have their e-mails published too, so it is likely that they have already received such spam.

Read the rest of this entry »




|
   

Leave a comment

JailBreak for iPad is Finally Available!



spirit_jailbreak

Finally the jailbreak for iPad, iPhone and iPod Touch from the Dev Team is available for download. It's free and untethered and it's called "Spirit". The jailbreak supports every iDevice with firmware version 3.1.2, 3.1.3 or 3.2.


Read the rest of this entry »




|
   

Leave a comment, read comments [10]

A bug in iPhone Safari will allow the firmware 3.1.3 jailbreak



Recently MuscleNerd, the member of DevTeam, reported the presence of an interesting security bug in Safari for the iPhone. It will probably allow a quick remote jailbreak of iPhone or iPod Touch simply by connecting the device to an external website created for this purpose.

The bug was discovered by two hackers Ralph Phillip and Vincenzo Iozzo, who won the prize of $15 000 during CanSecWest. Their initial idea was to use a web portal to do the exploit of the SMS database and retrieve it's content.




|
   

Leave a comment

Gull1Hack: new demonstration video



A few hours ago we wrote about new group of hackers who claimed to have found a new exploit for the iPhone 3GS and iPod Touch with new iBoot. With this Gull1Hack utility you should be able to perform the untethered Jailbreak even on new devices. Here is a new demo video:

What do you think? Fake?




|
   

Leave a comment

GeoHot and DevTeam discuss exploits for new firmware 3.1.3 baseband



highfives

A few days ago in an IRC channel the DevTeam and GeoHot discussed and summarized the state of the exploits found in the new baseband 05.12.01 in firmware 3.1.3. GeoHot explains that an exploit that had previously discovered and used in blacksn0w is still present in the new firmware released by Apple. It appears that both he and MuscleNerd are working on the same exploit, and if this were true, it would be a really good start to team up and release a new unlock tool.

Here is their discussion:

< visnet_ > What does geohot tweet mean?
< %geohot > its my bb exploit for safekeeping
< %Par4doX > geohot: did you turn that over to the dev team or are you doing something with it?
< %geohot > my days of turning things over are done
< %geohot > i hope its different from the one they have
< %geohot > but they prob already have it
< %geohot > its the one i orig wanted to release blacksn0w with
< %Par4doX > it’s still there in the new bb
< %geohot > yep, just checked
< %geohot > but then opted to use xemn since it was public
< Evan > Oo, it carries over from 05.11 to 05.12?
< %geohot > why wouldn’t it, apple doesn’t fix things proactivly
< @MuscleNerd > geohot we prob should figure out a way to know if we have same exploit double blind, otherwise we may release 2 different ones at same time
< %geohot > any suggestions?
< @MuscleNerd > not sure how to do that without making it easy to brute force tho
< %geohot > yea, i salted the hash
< @MuscleNerd > yeah
< @MuscleNerd > hmm maybe if we both hash the stack dump
< @Confucious > Can you two take this out of public sight?
< @MuscleNerd > the stack itself, not the header before it or the registers after it
< Her > muscle: any notice about the exploits are the same ?
< %geohot > we are working on it
< %geohot > cryptography, perfect for people who don’t trust each other

We should not expect much for the firmware 3.1.3 since the rumors predict the firmware 3.2 for mid-March. However these news are really good for owners of locked devices.




|
   

Leave a comment