Jailbreak iPhone, iPod Touch, iPad

Now we have some estimations regarding the release of the iOS 5.1 untethered jailbreak. Pod2g noted that it is at least a month away.

ETA for 5.1 JB: no clue! We’re going to set pieces of the puzzle together this week. We could have issues… Could be 1 month maybe 2…

I know 1 month seems long, but it’s short to work on a project like this when it’s a hobby and you’ve other things to do as well.

Last week, pod2g reported that the Chronic Dev-Team has all the exploits required to release an untethered jailbreak of iOS 5.1 for all devices, including iPad 3, iPad 2 and iPhone 4S. However it would take some time to put it together into a useable release.

A new unlock has been discovered that works for all iPhones and all 5.x firmware versions, all basebands are supported.

The method discovered by Loktar_Sun appears to exploit a logical bug in Apple’s server and can be performed on any jailbroken iOS device. His procedure involves using Sam Bingner’s SAM (Subscriber Artificial Module) package to perform a series of steps that unlocks your phone to use a specific SIM.

It has been confirmed working by iPhone Dev-Team member MuscleNerd who notes an update may be coming to SAM from @sbingner to make the procedure simpler.

We will post detailed step by step unlock instructions soon.

UPDATE: Tutorial is ready! You can find it here.

Pod2g has bypassed ASLR at bootup, making progress towards the public release of an iOS 5.1 jailbreak. ASLR is a security method that randomly arranges important data areas. This is one more step toward untethered iOS 5.1 jailbreak for all devices including iPhone 4S, iPad 2 and new iPad 3.

ASLR seems bypassed! Weird machines FTW. Time to ROP the payload.

Earlier this week pod2g revealed that the Chronic Dev-Team now has all the exploits required to release a userland jailbreak of iOS 5.1. It takes time to put them together in a public ready tool.

The iPhone Dev-Team has updated RedSn0w to jailbreak the iPhone 4S and iPad 2 on iOS 5.0.1.

Version 0.9.10b7 of redsn0w adds a collection of useful features: It finally implements the corona-A5 jailbreak for iPhone4S and iPad2 devices still at 5.0.1. It can also re-install that jailbreak for those who accidentally uninstalled the untether. When stitching an IPSW, it can now grab your blobs directly from Cydia. It now shows a lot more info about your device (for instance, whether your iPhone3G has the vulnerable baseband boot loader, or whether your iPhone3GS has the old exploitable bootrom. (And the next new feature to be added will be built-in restore support, to provide an alternative to iTunes restores.)

Previously you needed to use Absinthe to jailbreak the iPhone 4S and iPad 2.

You can download the new version of RedSn0w from here.

We will update our tutorials soon.

Famous hacker pod2g has announced that the Chronic Dev-Team now has all the exploits required to release a userland jailbreak for iOS 5.1.

News: we have all exploits required to do a new jailbreak. I’m working on bypassing ASLR at bootup.

Last month Pod2g said that the team only had a few pieces of a userland jailbreak. Now that the team has them all, it will still take some time to put them together in a public ready tool.

Since this is a userland jailbreak, it will be the first publicly available jailbreak of the iPad 3. I0n1c has demonstrated a jailbreak of the new device, however, he’s said he will not release his jailbreak to the public.

The iPhone Dev-Team has released updated RedSn0w 0.9.10b6b for Mac OS that fixes an issue for those on Mac OS X 10.5.x or earlier.

Update #1b: The OS X version of redsn0w has been updated to fix an issue for those running OS X 10.5.x or earlier.

You can download the latest version of RedSn0w from here.

Our step-by-step tutorials for jailbreak iOS 5.1 using redsn0w 0.9.10b6 are here.

This week Gareth Wright reported that Facebook’s app for iOS has a security vulnerability through which malicious users can access login credentials saved in a .plist file of the app. With a copy of that .plist file malicious users could automatically log into the affected user’s Facebook account on another device. Reportedly, the vulnerability also exists on Android devices.

Wright describes several different ways in which your login credentials could be obtained by a malicious user, including hidden applications installed on shared PCs, customized apps, or modified speaker dock that could copy your plist.

According to Facebook, the issue only affects jailbroken or lost devices, as it requires physical access or installation of a custom app on the device. But Wright and The Next Web pointed out that simply plugging into any device would be sufficient for malicious users to gather these files.

The Next Web has confirmed that Dropbox for iOS is also vulnerable to this issue. Given that two such high-profile apps as Facebook and Dropbox are vulnerable to credential theft, it is likely that other apps are also affected by the issue.

As many reports note, this method of gathering login credentials is not actively utilized in a malicious manner, and users can protect their data for the time being by not plugging their devices into shared computers and charging stations.

FireCore announced today that they have successfully jailbroken the Apple TV 2 with the latest iOS 5.1 (5.0). The jailbreak is tethered which requires the Apple TV to be connected to a Mac/PC when powering it on (each time).

Today we’re happy to release new versions of Seas0nPass and aTV Flash (black) that are compatible with latest 5.0 (iOS 5.1) software running on the ATV2.

What’s new in the 5.0 AppleTV software? Should I update?

• New interface: - Fast, visual access to all content choices
• Movie purchases in iCloud: Support for buying movies on Apple TV and playing back purchased movies from iCloud
• Genius Recommendations: Recommendations for content on the iTunes Store based on previous rentals and purchases
• Screensaver photos: New National Geographic photos built-in for screensaver
• On-device sign-up: On-device sign up for content partners on Apple TV using your Apple ID

Updating to the new 5.0 software is not required, and all aTV Flash (black) features will continue to be supported on AppleTV versions 4.2 and later.

What about the ATV3, will this work?

Unfortunately not. Work is still ongoing for the ATV3, and we hope to have more news soon. For the latest updates be sure to follow us on Twitter.

Which plugins are currently supported on 5.0?

• Couch Surfer (works)
• Last.fm (works)
• Maintenance (works)
• Media Player (works)
• NitoTV (works)
• RSS Feeds (works)
• Weather (works)
• Overflow (not working)
• Plex (not working)
• Remote HD (not working)
• Rowmote (not working)
• XBMC (not working)

Note: Non-working items require an author update for 5.0 compatibility.

UPDATE: Tutorials for iOS 5.1.1 can be found here.

Here are our step-by-step tutorials that will guide you through all the process of jailbreaking iOS 5.1 with redsn0w and sn0wbreeze:

iPhone 4

Tethered jailbreak iOS 5.1:

• RedSn0w (Windows)
• Custom firmware and jailbreak using Sn0wBreeze (Windows)

iPhone 3GS

(Un)Tethered jailbreak iOS 5.1

• RedSn0w (Windows)
• Custom firmware and jailbreak using Sn0wBreeze (Windows)

Read the rest of this entry »

iH8sn0w, developer of sn0wbreeze and iFaith, has found a way to downgrade the firmware on A5 devices – iPhone 4S, iPad 2.

Using saved SHSH blobs, iH8sn0w was able to downgrade his A5 iPad 2 from iOS 5.1 to iOS 5.0.1. He says his method will also work with the A5X processor once firmware updates are released for the new iPad. That means that it’s possible to restore to any firmware you want on A5 devices, as long as you have the SHSH blobs saved.

This is great news for those with the iPhone 4S and newer iPads. As it stands now, if you have to restore for any reason, you will be forced to upgrade to the latest firmware. This could leave you without the ability to jailbreak for some time.

Found a loophole in Apple’s apticket system. Restored my iPad 2 to 5.0.1 from 5.1. Works on all A5 devices.

A5X devices will work too once Apple pushes a new firmware for it.

Hope we will see update to current utilities soon.