In today's video, we're discussing the latest news about a new ICMP exploit #PoC that was released by Kevin Backhouse. The PoC affects iOS 11.0 all the way up to iOS 11.4.1 and macOS High Sierra and lower. Kevin's proof of concept shows how the devices are panicked remotely by just having them connected to the same wireless network when the payload is sent. Apple has fixed this vulnerability in iOS 12 and macOS Mojave, and they said the vulnerability can be used to gain remote code execution.
It's uncertain if this vulnerability can be used in a jailbreak context for the moment. #Apple says it can lead to RCE (remote code execution) which means it can be used for Jailbreaking if exploited right, but the PoC made available by Kevin Backhouse isn't doing that. I also have a sneaking suspicion RCE may be hard to achieve with this bug (if at all), but if Apple says it can then it might be the case.
In this video, we also talk about how to save SHSH2 blobs with the Unc0ver #Jailbreak on #iOS 11.4 Beta 3 and lower all the way down to iOS 11.0. Pwn20wnd, the creator of the Unc0ver Jailbreak for iOS 11 has posted a command on his Twitter that can be used in a Mobile Terminal environment when TSSChecker is installed from Cydia to save the SHSH2 blobs on the device. This is pretty useful for those of you how are already jailbroken and wanna save the iOS 12.0.1 or iOS 12.1 Blobs.
▽ Resources ▽
▶ Kevin Backhouse's PoC video (On Twitter)
▶ NEW iOS 12.1 / iOS 12 JAILBREAK EXPLOIT TO BE RELEASED (THE BEST SO FAR)
▶ iOS 12.1 / 12.0 JAILBREAK WAS ACHIEVED! & The Biggest Jailbreak Bounty In Our Community
▶ iOS 12 (FINAL) UNTETHERED JAILBREAK SUCCESSFULLY ACHIEVED