Jailbreak iPhone, iPod Touch, iPad

P0sixninja has finally launched its OpenJailbreak website, where all the members of the world’s jailbreak community can find tools they need. The big event took place on August 24th, during the Worldwide Jailbreak Conference.

As to the website itself, it will contain:

• Open source components from both greenpois0n and absinthe jailbreaks
• Bug, issue, and feature tracking so even non-developers can contribute
• Wikis, forums, and documents to help new users learn how to use components

There’re currently six projects posted on the website, with more to come in a while. So, here’s what you can find once you go to openjailbreak.org:

• libmbdb-1.0 – A library and utilities for modifying backups from iOS devices
• libmacho-1.0 – A library and utilities for modifying and parsing Apple Mach-O executable files
• libimg3-1.0 – A library and utilities for parsing and decrypting iOS IMG3 files
• libdyldcache-1.0 – A library and utilities for parsing and manipulating iOS dynamic linker shared cache
• libirecovery-2.0 – A library and utilities for interacting with iOS low level bootloaders
• libcrippy-1.0 – A library containing all the common shared code for libraries

OpenJailbreak is a website created primarily for developers and jailbreakers, however, if you wish you may also take a look at it at the link above.

Popular hacker MuscleNerd has denied rumors that a bootrom exploit has been found for the iPhone. Earlier today, he tweeted:

There is no A5+ bootrom exploit, by anyone. Not even a bootrom dump. Nothing.

Speculation that a bootrom exploit may have been found began after p0sixninja tweeted that he would be releasing something bigger than a jailbreak.

The bootrom exploit can devices permanently vulnerable to a tethered jailbreak regardless of iOS version. The last bootrom exploit was limera1n found by Geohot which supported A4 devices like iPhone 4 and below.

Hacker p0sixninja (Joshua Hill) tweeted that he plans to create OpenJailbreak, a new repository of open source jailbreak components on Twitter earlier today.

Ok, I hate redsn0w, I hate sn0wbreeze, and I hate 6.1.3. I’m ready to get this #openjailbreak off the ground

Elaborating further he told:

Essentially it’s going to be a repository of open source jailbreak components that I created over the years. So much of my code has been hacked up and incorporated into other projects, it’s becoming very fragmented. There’s no central repository to maintain all this code, to allow other developers to submit patches or help layout a roadmap for what new features and abilities will be added in the future.

Surenix is reportedly working on the development of the website for the repository and Hill is organizing that components that will be posted.

Hill also says “this is just a small part of an ultimate plan” perhaps eluding to another recent tweet which said, “I got a lot of amazing things coming to you all soon. think bigger than jailbreak ”

Notably, developer Ryan Petrich posted an image on Twitter earlier today which appears to indicate that there already is a jailbreak for iOS 7.

iOS 7 has been jailbroken. Popular iOS developer Ryan Petrich has posted a screenshot which appears to show Activator running on iOS 7.

Earlier today Petrich tweeted saying, “System version too new?”. Alongside the tweet was the picture below. The picture shows the Springboard of an iPod touch with an Activator icon and a UIAlert window which reads:

System Version Too New
Activator has not been tested to work with this version of iOS. Some features may not work as designed.

Notably, this alert does not seem to be a UIAlert that could be generated from within a sandboxed application, suggesting that device may be jailbroken.

It’s unclear what expoit was used by Petrich. Last year Apple had closed comex’s developer account based exploit that had been used by hackers to root their iDevices for two years.

Hacker p0sixninja recently announced that he has “got a lot of amazing things coming to you all soon. think bigger than jailbreak ” It’s been suggested that he may have found a bootrom exploit.

Well known iPhone hacker p0sixninja has teased the upcoming release of some ‘amazing things’ on Twitter that are bigger than a jailbreak.

Last night he tweeted:

I got a lot of amazing things coming to you all soon. think bigger than jailbreak

In March, p0sixninja revealed that he had found the exploits necessary to release a new jailbreak; however, as expected, he decided to hold those back for iOS 7 or iOS 7.1.

His new announcement hints at something better than a jailbreak which suggests that perhaps he has found a bootrom exploit. The last bootrom exploit was limera1n found by Geohot which supported the iPhone 4, iPhone 3GS, iPod Touch 4G, iPod Touch 3G, and iPad. The exploit made those devices permanently vulnerable to a tethered jailbreak.

P0sixninja has revealed that he will not be using his jailbreak exploits to release iOS 6.1.3 jailbreak. He plans to hold them back for iOS 7 or iOS 7.1.

Recently the hacker tweeted that the ‘the next jailbreak might be created entirely by me‘ saying that he had discovered several exploits needed for the new jailbreak.

In an interview to iDesignTimes p0sixninja commented that he will definitely not release jailbreak for iOS 6.x.

“I will at least wait for 7.0, if not even 7.1″

To that he added:

“I’ve … been working on it [a while]. Some of them [vulnerabilities] were ideas I had years ago, but everyone said I was crazy, and I’ve just started looking into them more and realizing I was right…”

Famous hacker P0sixninja has recently announced via Twitter that he has left the Chronic Dev-Team.

Just so everyone knows, I’m no longer associated with Chronic-Dev Team. And hopefully by now everyone sees it was never about the money for me.

It’s unclear what exactly has led p0sixninja to depart from the team and whether or not he will continue working independently on iOS jailbreaks.

P0sixninja contributed to the scene with work on GreenPois0n, Cdev Reporter, Absinthe, etc.

Here’s some clips of the jailbreak dream team presenting at HITBSecConf last week posted by JailbreakCon.

MuscleNerd, Pod2g, P0sixninja, Planetbeing, and Pimskeks can be seen presenting. Full video will be posted by HITBSecConf soon.

Tomorrow is the first conference day at famous hacker event HITBSecConf2012. The conference schedule shows that Chronic Team members Joshua Hill (@p0sixninja), Cyril (@pod2g), Nikias Bassen (@pimskeks) and David Wang (@planetbeing) will speak about Corona jailbreak and Absinthe jailbreak for iOS 5.0.1. iPhone Dev-Team member MuscleNerd will speak about “Evolution of the iPhone Baseband and Unlocks”.

The iOS 5.1.1 untethered jailbreak is rumored to be announced during this conference during Chronic Dev Team keynote. Stay tuned.

The HITBSecConf2012 schedule is available here.

The iPhone 4S and iPad 2 jailbreak utilities are undergoing testing and polishing before the public release. According to ‘Dream Team’ member planetbeing:

We’re testing & fixing problems with the jb app (that @pimskeks finished the majority of at incredible speed). Still needs to be polished.

P0sixninja also tweeted it should not be much longer before the jailbreak gets released.

not much longer now

We hope to see the utilities soon, because more than a week ago there were tweetes that jailbreak should have been ready in few days.

iPhone Dev Team has posted a blog entry about upcoming public release. If you have iPad 2 or iPhone 4S go ahead and read it:

But we’re now near the final stages of testing the public version of the jailbreak.  Please allow time to clean up any remaining bugs in the jailbreak clients.Jailbreak programs:

To be as flexible as possible, the A5 version of the corona jailbreak will take multiple forms:

• Chronic Dev have incorporated the overall flow into a GUI that runs on your Mac or PC.  The goal is for the GUI to be enough for most cases.
• iPhone Dev have also incorporated the exact same flow into an alternative command-line interface (CLI). This will allow us to help users through individual steps of the jailbreak manually, to both help the user and help improve the overall flow.  Although the CLI will also allow the user to perform the entire jailbreak from beginning to end, we anticipate it will be more useful in debugging the occasional errors.  The CLI currently has over 20 individual options (in addition to the single “jailbreak” option) that should be useful during debug after the GUI release.
• Once all the bugs in the flow are worked out, we’ll also incorporate it into the redsn0w GUI (but still leave the CLI freely available too).  In order to maximize the chances of the jailbreak working for everyone, the redsn0w GUI will use native Apple iTunes libraries — this technique is slightly different than how the Chronic Dev GUI handles communications, and should provide nice combined coverage for all the odd computer configurations out there.

Firmware:

The supported firmware versions will be:

• iPhone4S: 5.0 (9A334), 5.0.1 (9A405) and the “other” 5.0.1 (9A406)
• iPad2: 5.0.1 (9A405)

iPhone4S owners looking to maximize their chances of achieving an eventual software-based carrier unlock should be staying at 5.0. Everyone else should be at 5.0.1.  If you’re an iPhone4S owner who already updated to 5.0.1, it’s too late to go back down to 5.0, but if you’re on 9A406 it is possible to downgrade the BB by going to the 9A405 version of 5.0.1 while the window is still open.

Support:

The overall flow used by the GUI and CLI to inject the A5 corona jailbreak has never been done before, and there may be unforeseen problems once it’s released to the public.  It’s very important for you to sync your data, photos, and music before attempting any version of this jailbreak.  We’ll be watching the comments section below for signs of any widespread problems, but please be aware that you jailbreak at your own risk!

When:

As mentioned at the start of this post: when testing has shown most of the bugs have been fixed!