Chronic Dev Team is almost done with a much anticipated untethered jailbreak for iOS 5 and iOS 5.0.1. Team member and French hacker pod2g just released a video showing off the jailbreak. It looks to be near-complete and functioning properly. Take a look:
pod2g even created a blog, where he plans to post the most recent news about his progress:
Today I succeed in jailbreaking my iPod 3G. The exploit is user-land, rely on a user ROP payload and a kernel write anywhere exploit.
I can’t give much details right now, but here are the next steps :
- upgrade the iPod 3G to iOS 5.0.1
- do the same on iPhone 4 / iOS 5.0.1
- then iPad 1 & iPod 4G
At every step, the exploit code needs certainly to be reworked, but I really don’t know right now. Next, I’ll return to the research for iPad 2 and iPhone 4S. I don’t know if I gonna release first for other devices or not. I’ve to think about it. Feel free to give your opinion.
Semi-tethered jailbreak is already available for some devices for both iOS 5 and iOS 5.0.1. But we all want untethered jailbreak and we want jailbreak for iPad 2 and iPhone 4S. So why not help hackers to find new exploits and vulnerabilities?
The Chronic Dev-Team has a released a tool to collect crash reports from iOS devices in order to find vulnerabilities that could lead to an untethered jailbreak.
The idea is very simple. When your iPhone, iPad or iPod Touch crashes it sends data to Apple (you can turn it this off though). Apple uses these reports to update iOS in the future. By the way, it also uses them to fix exploits found by jailbreakers. P0sixninja says that Apple closed several exploits they have found in IOS 5 beta before the final version of the software was released.
In order to find more vulnerabilities as fast as possible, the team has developed a tool which will copy the crash reports from your device and analyze them to locate potential exploits. The tool will also remove the crash reports from your device and modify your iTunes installation to prevent uploading of that diagnostic information to Apple.
Hackers from the Chronic Dev Team recently announced that they have found 5 userland exploits in iOS 5. To us this means that it is very likely that an untethered jailbreak will be available for the upcoming firmware release.
P0sixninja made the announcement at MyGreatFest jailbreak conference held in London, England.
While this is a “record breaking number of exploits found”, userland exploits can be easily fixed via a minor software update. The exploits are kept in secret, so hopefully Apple won’t fix them before the expected iOS 5 launch next month.
The jailbreak is expected for all devices, including iPhone 3GS, iPhone 4, iPad, iPad 2, iPod Touch and even future iPhone 4S and iPhone 5.
The Chronic Dev Team has released Greenpois0n RC6.1, a new version of their ‘untethered’ iOS 4.2.1 jailbreak tool which now includes an update that disables Apple’s means of protecting the iBooks application from jailbreakers.
Recent Greenpois0n changelog:
RC6.1: comex ‘hunnypot’ iBooks fix, don’t overwrite animate if it already exist
RC6: Apple TV 2 support, fixed emulators compatibility issues with greenpois0n
The new exploit is called SHAtter. It was developed by hacker pod2g a few months after hacker p0sixninja from the Chronic Dev Team discovered the crash. The same exploit can be used to jailbreak iPhone 4 and iPad with new firmwares. So iOS 4.1 and maybe even iOS 4.2 is not a problem any more. Soon we will see the utilities from DevTeam to perform the jailbreak.
The DevTeam published a video if a jailbroken iPod Touch 4G. Take a look: