Monday, June 9, 2014

I0n1c Explains How Untethered Jailbreak for iOS 7.1.1 Works

Hacker i0n1c who managed to makes his iPhone 5c with iOS 7.1.1 jailbroken explained how his program works. This security researcher [his real name is Stefan Esser] now is running Cydia on his smartphone however his jailbreak for iOS 7.1.1 will not become public, experts believe.

The news about iOS 7.1.1 untethered jailbreak quickly spread the net. Users became curious how it is possible to perform such a procedure and start using Cydia on their handsets that cannot be jailbroken with Evasi0n at the moment.

How iOS 7.1.1 Jailbreak Works

According to the hacker, his program uses the kernel bug present inside this firmware version. He assures that it is possible to get closer to this hole within app sandbox. The vulnerability is not similar to other kernel holes used by others. The buggy code allows to break out of different programs you are exploiting.

This is a very powerful untethered iOS 7.1.1  jailbreak. It can be compared to JailbreakMe3 and posix_spawn which was later turned into the base for p0sixpwn tool creation.

Cyberelevat0r allows exploit against vulnerable programs from the official Apple App Store, internal programs (for example, Mobile Safari) and within dev applications.

The exploit can be simply delivered, the hacker notes, because backed up games / apps can be re-exploited again.

The new tool created by i0n1c also showed that the vulnerability known as the stack_guard stack canary which was believed to be patched a year ago is actually not fixed. It can be used for future programs.

The discoveries found by Esser might help other hackers from the jailbreaking community to released the untethered iOS 7.1.1 jailbreak for modern iPhones and iPads. Pod2g, winocm and other hackers managed to jailbreak their iOS 7.1.1 devices as well, so the future of the jailbreaking is bright. Let’s just hope Apple won’t add any changes that kill the exploits.


Post a Comment