iOS 12.1.4 / iOS 12.1.3 JAILBREAK GREAT NEWS: SANDBOX ESCAPE EXPLOIT RELEASED!

In today's video, I have great news for those of you waiting for an iOS 12.1.4 or #iOS 12.1.3 #Jailbreak: A new sandbox escape exploit (CVE-2019-8549) has been released by @_simo36 and it's compatible with A11 devices and lower. That means iPhone X all the way down to iPhone 5S. SSD Secure Disclosure has posted a write-up on how the exploit works in which they also described the vulnerability in details. Unfortunately, this has already been patched in iOS 12.2 which means that iOS 12.2 users cannot use it. Apple has stopped signing iOS 12.1.4 just a few hours ago.

The vulnerability can be exploited to trigger a sandbox escape and even privilege escalation, but how are these useful for Jailbreaking? Well, a sandbox escape would allow us to write to anywhere on the user partition and read on the whole system. Combined with a ROOT FS remount, this can be used to read and write anything to anywhere in the system. A privilege escalation to root would allow us to handle files that we don't normally own such as daemons and other root-owned files.

The exploit, although powerful, is not all it takes for a jailbreak. We still need a kernel exploit with tfp0 in order to power a proper jailbreak with Cydia and Substrate (Tweaks, Themes) on iOS 12.1.4 and iOS 12.1.3, but this is a very good start. If exploited properly, we may be able to carry some lightweight system modifications to the system which is cool.

 




 

▽ Resources ▽
Simo's tweet about this exploit
iOS 12.2 / 12.1.4 / 12.1.3 JAILBREAK IMPORTANT UPDATE & A12 JAILBREAK NEWS
iOS 12.1.2 / 12.0 TOP BRAND NEW FREE CYDIA TWEAKS TO INSTALL WITH Unc0ver JAILBREAK
AWESOME iOS 12 CYDIA TWEAKS: BEST FREE Tweaks to Install On iOS 12.0 – 12.1.2

GeoSn0w

About GeoSn0w

C#, C, Objective-C Programmer | Beginner iOS Security Researcher | Content Creator | Web Developer I like to bring the latest news from the iOS / iDevice / Jailbreak battlefield to you in a beautiful manner :) I hope you like the site. If you do, don't forget to check out my channel :)