Jailbreak iPhone, iPod Touch, iPad

According to the recent reports, the evad3rs have released an update for their jailbreak utility. The hackers have fixed the problem with bundled package lists that “could not be updated by Cydia”. The update has brought the evasi0n7 tool to version 1.0.7.

However, not all the users may require this update and here’s why (via iDownloadBlog):

This is more of a maintenance update, as it doesn’t really add new features or benefits for people who aren’t experiencing the above problem. So unless you are seeing the issue, there’s no reason for you to restore and re-jailbreak.

What that all means is that if you have any problems with evasi0n7 – it is recommended that you update. If everything works normally, simply ignore the new version and continue using the older one.

One can grab the new evasi0n7 jailbreak utility (version 1.0.7) from the evad3rs’ official website.

Good news for all iPhone 3G and iPod touch 4G owners – a jailbreak tool called p0sixspwn has been updated to support the recently released iOS 6.1.6. Using this small utility, you can perform an untethered jailbreak effortless.

According to what iDownloadBlog reporters write,

If you’re currently using an iPhone 3GS or a 4th generation iPod touch running iOS 6.1.x, it’s highly recommended that you update to iOS 6.1.6, and benefit from Apple’s SSL fix. The good news is that you can then use p0sixspwn to enjoy the same untethered jailbreak that was available for iOS 6.1.3 through iOS 6.1.5.

P0sixspwn is a jailbreak tool developed by iH8sn0w and Winocm. It can be downloaded from Cydia’s ‘System’ section. However, before downloading p0sixspwn you need to perform a tethered jailbreak using RedSn0w or any other utility.

Keep in mind that it is recommended that you update to the latest iOS 6.1.6 as soon as possible since it contains a fix for SSL connection verification.

The company from Cupertino will release the final version of its iOS 7.1 to the public no sooner than in March. Apart from the new mobile operating system, Apple is expected to unveil the next-generation Apple TV.

But let’s get back to iOS. According to the latest 9to5Mac report,

The iOS 7.1 update is said to not have any “secret features,” and it will basically be what we have been told to expect by the past five betas: some user-interface tweaks in the Phone app, an improved Calendar app, speed improvements, and numerous bug-fixes.

Apple hasn’t yet set the date of the release, but obviously it will do that a bit later.

However, it is still unknown whether it would be possible to jailbreak iOS 7.1. As iH8Sn0w says, the vulnerabilities used by evasi0n7 were fixed in the latest iOS 7.1 beta. Nevertheless, hackers still have some unused exploits, so let’s hope for the best.

Looks like Apple has found a way to prevent people from jailbreaking their iOS devices. According to iH8sn0w, iOS 7.1 beta 5, released on Tuesday, patches two exploits used to jailbreak Apple’s smartphones and tablets. Keep in mind that the fourth beta patched another vulnerability used by evasi0n7. It appears that beginning from iOS 7.1, it would be impossible to hack your iPhone, iPad or iPod touch. And that is definitely not good.

As noted by iDownloadBlog,

Developer and hacker iH8sn0w tweeted out a few moments ago that Apple has fixed the ‘chown’ vulnerability and ‘afc sandbox escape’ used by the evad3r’s popular jailbreak utility in beta 5. So it looks like iOS 7.1 will indeed be the death of the iOS 7 JB.

Despite all the facts given above, it is too early to panic. So far, the evad3rs haven’t officially confirmed that the evasi0n7 won’t work on iOS 7.1. Apart from that, iH8sn0w has recently found a way to jailbreak A5 devices for good and this method might also work for A6 and A7 devices as well.

Nevertheless, it is recommended that you update to iOS 7.0.4 or iOS 7.0.5 and stay away from iOS 7.1 betas. At least for some time.

I0n1c confirmed that it is safe to update to iOS 7.0.5 if you have a jailbroken device. This version of Apple’s mobile operating system is still vulnerable to the evasi0n7 jailbreak exploits. Here’s what the hacker posted on Twitter:

Okay #evasi0n7 still works in iPhone 5s at 7.0.5

Nevertheless, to successfully jailbreak a device running iOS 7.0.5 you will need a special patch for evasi0n7.

To make evasi0n work with iOS 7.0.5 one way is to patch 11B511 into 11B601 in the binary. Ehmm btw… the patch are not hex bytes but simple ASCII iOS build numbers that need to be fixed.

It’s good that Apple forgot to fix the vulnerability, which lets the users jailbreak their devices.

A new tweak for iPhone 5s has been recently released in Cydia. It is called BioProtect and it allows you to use your fingerprint to protect certain apps from unauthorized access. For instance, you may set a fingerprint authentication for your Messages app – in such case, you won’t get access to the app unless Touch ID rescans your fingerprint.

As noted by iClarified,

BioProtect, a highly anticipated tweak developed by Elias Limneos (SBRotator, CallBar, Aquaboard, AudioRecorder), lets you protect your apps with Touch ID and is now available for download in Cydia. A short teaser was posted about a week ago shortly after the iOS 7 jailbreak was released.

If you think you need such a tweak, you can purchase it on the Cydia Store for $2.99.

Popular hacker MuscleNerd has denied rumors that a bootrom exploit has been found for the iPhone. Earlier today, he tweeted:

There is no A5+ bootrom exploit, by anyone. Not even a bootrom dump. Nothing.

Speculation that a bootrom exploit may have been found began after p0sixninja tweeted that he would be releasing something bigger than a jailbreak.

The bootrom exploit can devices permanently vulnerable to a tethered jailbreak regardless of iOS version. The last bootrom exploit was limera1n found by Geohot which supported A4 devices like iPhone 4 and below.

Apple has posted a document warning users that jailbreaking their iOS devices may cause instability, security vulnerabilities, shortened battery life, and other issues. The document was posted on February 3rd, the same day the Evasi0n jailbreak was originally expected to drop. Take a look:

Unauthorized modification of iOS can cause instability, security vulnerabilities, shortened battery life, and other issues

Summary
This article is about adverse issues experienced by customers who have made unauthorized modifications to iOS (this hacking process is often called ”jailbreaking”).

The iPhone Dev-Team has released updates to RedSn0w and PwnageTool that bring support for the iOS 5.1.1 untethered jailbreak.

RedSn0w 0.9.12b1 supports untethered iOS 5.1.1 jailbreak for all devices:

• iPhone 3GS
• iPhone 4
• iPhone 4S
• iPad 1
• iPad 2
• new iPad 3
• iPod Touch 3G
• iPod Touch 4G

PwnageTool 5.1.1 allows to create custom firmware and preserve modem version for unlock with ultrasn0w or Gevey. PwnageTool 5.1.1 supports all A4 devices:

• iPhone 3GS
• iPhone 4
• iPad 1
• iPod Touch 3G
• iPod Touch 4G
• Apple TV 2G

You can download RedSn0w 0.9.12b1 here and PwnageTool 5.1.1 here.

iOS 5.1.1 untethered jailbreak tutorial using Redsn0w is available here.

Official DevTeam comments:

RedSn0w
redsn0w allows owners of A4+earlier devices to install rocky-racoon two different ways:

• backup/restore method similar to Absinthe and cinject
• its traditional limera1n-based ramdisk install. If you have a lot of media on your A4 device (music, movies, TV shows, etc), then the ramdisk method is preferrred because it avoids any possibility of later problems related to syncing to iCloud (including Photo Stream and Music Match). The ramdisk method is not available for A5 devices or later because limera1n can’t be used. If you’d like to use redsn0w’s ramdisk method, just be sure to put the A4 device in DFU or Recovery mode before starting redsn0w (otherwise it will immediately start to use the backup/restore method).

We’ve also added a new redsn0w feature specifically for those who got in on the SAM unlock: you can now include your SAM tickets as part of your initial ramdisk jailbreak of iPhone4 or earlier, or alternatively you can upload your SAM tickets to any device after its been jailbroken. redsn0w accepts either the individual SAM activation ticket plist file, or the entire zip file created by redsn0w’s “Backup” button. As usual, redsn0w continues to cover all of its previous jailbreaks and untethers (so redsn0w-0.9.12b1 covers everything from 5.1.1 all the way back to 4.1).

PwnageTool
PwnageTool also avoids any possible sync issues, but again it applies only to A4+earlier devices. If you unlock your iPhone with ultrasn0w or a commercial method, you must use PwnageTool to avoid updating your baseband otherwise you’ll lose the unlock. PwnageTool will also jailbreak+untether the AppleTV2,1 5.0_2B206f (unless you customize the IPSW further, you’ll have just basic SSH access to the device).

Pod2g has announced that iPad 3,3 support has been added to the Absinthe jailbreak utility, leaving only the iPad 2,4 jailbreak to be implemented.

OK just added iPad3,3 support to Absinthe thanks to @flawlessfox. Only remains iPad2,4 now but we need the actual device.

Any people of #HITB2012AMS has an iPad2,4? Model number: either MC954 or MC989. Please check in Settings / General / About.

So far support for the following devices has been completed:
- iPhone 3Gs, iPhone 4, iPhone 4 CDMA, iPhone 4S, iPad 1, iPad 2 Wifi, iPad 2 GSM, iPad 2 CDMA, iPad 3 Wifi, iPad 3 CDMA, iPad 3 GSM, iPod 3G, iPod 4G, AppleTV 2.

If anyone at the HITBSecConf has the new iPad2,4 device please contact @pod2g.