News tagged ‘exploit’

The iPhone Dev-Team has released RedSn0w 0.9.8b7b to bring two new main features:

• explicit tethered jailbreak support for iOS 5 Beta 7
• untethered jailbreak for iPhone 3GS with old bootrom (iOS 4.3.5 or iOS 5 Beta 7)

Musclenerd posted via twitter:

New redsn0w is.gd/6eek4Y explicitly supports iOS5b7 (no need to point at b6 IPSW). Also brings back old-bootrom 3GS goodies.

This is great news for both developers and owners of old bootrom iPhone 3GS's who accidentally updated to iOS 4.3.5.

DevTeam posted:

About 12 hours after we released redsn0w 0.9.8b7 with some improvements for iOS5b6, Apple went and released iOS5b7 (what are the odds of that?!?). Even though that redsn0w could still jailbreak iOS5b7, you needed to point it at the iOS5b6 IPSW to do so. Today’s redsn0w 0.9.8b7b lets you point redsn0w directly at the iOS5b7 IPSW instead.

We’ve also added some overall improvements for old-bootrom 3GS owners (where the 24kpwn exploit applies): on those devices, you can tell redsn0w to untether 4.3.5 and lower, or iOS5b7. Old-bootrom 3GS owners can once again choose custom logos, and/or verbose booting (for the really nerdy iPhone3GS fans out there!). And it allows 4.3.4 or 4.3.5 users to use ultrasn0w again (if they have a compatible baseband).

Last but not least, we fixed some lingering Verizon iPhone4 4.2.10 JB issues.

We will update our tutorials shortly.

You can download RedSn0w 0.9.8b7b here.

Here are links to our RedSn0w 0.9.8b7b iOS 4.3.5 jailbreak tutorials:

• Mac OS: iPhone 4, iPhone 3GS, iPad 1, iPod Touch 3G, iPod Touch 4G
• Windows: iPhone 4, iPhone 3GS, iPad 1, iPod Touch 3G, iPod Touch 4G

The iPhone Dev-Team has released RedSn0w 0.9.8b3 which can perform a tethered jailbreak on iOS 4.3.4. This means that you will have to connect your device to a computer and run redsn0w each time you restart.

For the convenience of kernel hackers like @comex and @i0n1c, we have a new redsn0w 0.9.8b3 that supports a TETHERED jailbreak for iOS 4.3.4 on all devices that have 4.3.4 except the iPad2. The vast majority of people will want to stay back at 4.3.3 because that's where the untethered jailbreak is! There are no new features in 4.3.4 - only fixes for jailbreak exploits.

Also, this is a good time to remind everyone (since we're still seeing confusion about this): iPad2 owners with a baseband (3G or CDMA) cannot currently use saved blobs to go back to 4.3.3 once the signing window is closed. This is unlike every other device, so don't be confused! iPad2 owners with basebands should stay away from all updates to maintain your jailbreak!

This jailbreak works with iPhone 3GS, iPhone 4, iPad 1, iPod Touch 3G and iPod Touch 4G. It does not work with iPad 2.

You can download RedSn0w 0.9.8b3 from here: (Mac, Windows)

Apple have recently released iOS 4.3.4 for iPhone 4, iPhone 3GS, iPad 1, iPad 2, iPod Touch 3G and iPod Touch 4G. Here are the direct links for each device that is supported by the update:

• iPhone 4 GSM
• iPhone 4 CDMA
• iPhone 3GS
• iPad
• iPad 2 WiFi
• iPad 2 GSM
• iPad 2 CDMA
  
• iPod touch 3rd generation
• iPod touch 4th generation

Apple has released iOS 4.3.4 to block the PDF exploit used by comex in JailbreakMe utility. JailbreakMe can wireless jailbreak all devices on iOS 4.3.3.

iOS 4.3.4 Software Update
Fixes security vulnerability associated with viewing malicious PDF files.

Products compatible with this software update:
• iPhone 4 (GSM model)
• iPhone 3GS
• iPad 2
• iPad
• iPod touch (4th generation)
• iPod touch (3rd generation)

For iPhone 4 Verizon Apple released iOS 4.2.9.

The official information is available here: http://support.apple.com/kb/HT1222

iH8Sn0w has released a new version of Sn0wBreeze 2.8 b4 with iOS 5.0 beta 3 jailbreak support. Sn0wBreeze is a so-called PwnageTool for Windows, an application that creates a custom ipsw with jailbreak preserving old baseband.

The jailbreak is tethered for iPhone 4, iPhone 3GS (new bootrom), iPad, iPod Touch 3G and iPod Touch 4G. Jailbreak is untethered for iPhone 3GS with old bootrom.

You can download Sn0wBreeze 2.8 b4 here.

sn0wbreeze v2.8 BETA 4 Release Notes:

Read the rest of this entry »

As you might know hacker Comex has found a new PDF vulnerability and released JailBreakMe tool that uses it. These were great news. The bad ones is that your iPhone and iPad and iPod Touch is at risk. Bad guys can use the same vulnerability to take control of your device and do whatever they want with it.

Apple will fix it in iOS 4.3.4 firmware some day. Fortunately Comex has already released a patch for his JailbreakMe 3.0 exploit to protect already jailbroken devices from any malicious use of the exploit.

The package called 'PDF Patcher 2' can be downloaded and installed from Cydia. To jailbreak please use our step-by-step instructions.

Today Comex has officially released the new web-based jailbreak for iOS 4.3.3. It supports all devices including iPad 2.

The jailbreak uses a PDF exploit similar to old JailbreakMe and does not require your device to be connected to the computer.

To jailbreak, navigate to http://www.jailbreakme.com on your iOS device after updating to iOS 4.3.3 (if you do not need unlock). We will be posting detailed instructions shortly.

Here is the list of devices and iOS versions that are supported:

• iPad 1: iOS 4.3 - 4.3.3
• iPad 2: iOS 4.3.3
• iPhone 3GS: iOS 4.3 - 4.3.3
• iPhone 4 GSM: iOS 4.3 - 4.3.3
• iPhone 4 CDMA: iOS 4.2.6 - 4.2.8
• iPod Touch 3G: iOS 4.3, 4.3.2, 4.3.3
• iPod Touch 4G: iOS 4.3 - 4.3.3

Step by step JailbreakMe tutorials:

• iPad 1
• iPad 2
• iPhone 3GS
• iPhone 4
• iPod Touch 3G
• iPod Touch 4G

Comex's jailbreak based on new PDF exploit was unofficially leaked recently. It looks like it will be released quite soon. Currently Jailbreakme.com shows the "coming soon" yellow sticky, that looks like the sticky Apple puts on its store right before new products hit the virtual shelves.

The new jailbreak is mostly for Apple iPad 2 users, because all other devices can be jailbroken with existing tools.

Comex's jailbreak for the iPad 2 has been stolen from secret website and later published on different sites. The jailbreak uses a PDF exploit similar to how JailbreakMe worked in the past.

User AppReviewerWill even posted a video showing working iPad 2 jailbreak on iOS 4.3. The video is currently unavailable.

This is quite sad, because now Apple is aware of the vulnerability and will probably release the fixed iOS 4.3.4. If now this will be fixed in iOS 5 for sure.

We strongly suggest that you wait for official release by Comex. Now you should just save your SHSH blobs using tinyumbrella utility.

Before you even start thinking about it -

• you do it at your own risk
• you will probably loose warranty
• you cant go back to iOS 4.x once you go to iOS 5
• Apple will probably fix this soon.

The exploit uses a combination of Voiceover and the pull down notifications to activate the phone. The user that found this exploit says the device continues to work after restarts (so you won’t need to activate it every time you restart). The steps are:

Read the rest of this entry »

MuscleNerd has announced in Twitter that iOS 5 has been successfully jailbroken using old good LimeRa1n exploit. Cydia and SSH is working without any problems.

iOS5 jailbroken on ipt4g: http://is.gd/7GxIcK http://is.gd/BwPvfh via limera1n + tethered boot..not too many surprises

Cydia works fine too from quick testing (I installed SSH) http://is.gd/oADWEo

It is currently tethered, that means jailbreak is gone after reboot. Hopefully i0n1c will be able to port his untether to iOS 5. Anyway great news for all jailbreakers!

Read the rest of this entry »

I0n1c has confirmed that his untethered jailbreak exploit is still working for iOS 4.3.2. This is good news for all jailbreakers.

Here are his recent tweets:

Apple has been nice. I just verified that the untether vulnerability is not fixed in iOS 4.3.2 - my Ipad 1 is running untethered jailbroken

Of course the public untether binaries will not work with iOS 4.3.2 - I have to generate new untether binaries with new dyld/kernel offsets

I won't be able to create all the untether binaries before sunday, because I will be on planes, ...

The dev-team cannot produce the untether binaries on their own, because they don't have the source code to the untether exploit.

Well from what I hear lots of the problems people had with 4.3.1 (like wifi, 3g, ...) are gone in 4.3.2

The new version of iOS 4.3.2 jailbreak tools RedSn0w and PwnageTool will be released by the iPhone Dev-Team quite soon.

Hacker I0nic has given his untether exploit for the iOS 4.3.1 jailbreak to the iPhone Dev-Team. They will perform testing and integrate it into their jailbreak utilities - redsn0w and pwnagetool. This untethered jailbreak will probably work for iPhone 3GS, iPhone 4, iPod Touch 3G, iPod Touch 4G and iPad.

The iphone-dev-team is already beta-testing the untether. So it is up to them to give you your tool of choice.

Please don't bother the dev-team now. The deal is: if the beta test is successfull, they are free to do whatever they want with it.

I0nic recently demonstrated his jailbreak on iPod Touch 4G. I hope to get iOS 4.3.1 jailbreak soon.

Comex, famous iPhone hacker, tweeted today that the kernel exploit for jailbreak he had found long ago was closed by Apple in recent iOS 4.3.1. This exploit could be used to jailbreak iPad 2.

As noticed by @0naj, my kernel exploit was fixed in 4.3.1.

I try not to be paranoid, but it is really hard to explain this as anything but a leak.

The funny thing is that my "new" kernel exploit is actually the kernel exploit used by JailbreakMe 2.0. It was never properly fixed.

It stayed there from 4.0.2 through 4.3, but was magically found in time for 4.3.1. well, go go @MuscleNerd and @i0n1c I guess

This is not good news. However we have recently seen working untethered jailbreak video. There are other vulnerabilities in iOS 4.3.1.

Here is a nice video for all jailbreakers. Hacker used sn0wbreeze to tether jailbreak iPod Touch 4G. Than he installed new untether exploit using SSH. Watch the result: