In today's video, I have some great news for those of you who have updated to iOS 11.2 up to iOS 11.2.2. The exploit Zimperium said they will publish for the bluetoothd has been released alongside with great write-up explaining how to use it and what it does. The idea is simple, an application is able to trick the bluetoothd daemon and escape the sandboxed context. Using this method, Rani Idan, the researcher who published the exploit was able to control a long list of bluetoothd clients, including Springboard, wifid daemon, and many more.
The vulnerability itself is great, but it is not enough for a full jailbreak. For that, a kernel exploit is required, which this one isn't. Of course, this is still very useful as Sandbox escaping allows one to perform research way easier and gives the opportunity to developers to build stuff like Houdini.
The vulnerability has been patched by Apple in iOS 11.2.5, so if you're running that version, you can't take advantage of it. I will keep you updated with the latest news on iOS 11.2.5 and iOS 11.2.6 jailbreak as they unfold.
! Use the coupon PL15OFF to get $15 off on my iOS App Developer Course! Learn how to make iOS Apps today!
▽ Resources ▽
▶ Learn how to make iOS Apps!
▶ The exploit and the write-up
▶ How to remove to.panga
▶ More details about Meridian Jailbreak
▶ New iOS 11.2/iOS 11.2.1/11.2.2 Kernel BUG To Be Released Soon