KASLR Spells Trouble…

One feature of the iOS 6 firmware that was not discussed at the WWDC 2012 was KASLR. What does KASLR stand for you might ask? Well, KASLR stands for Kernal Address Space Layout Randomization, which is essentially the next step up from ASLR that was introduced in iOS 5. For non technology orientated individuals both KASLR and ASLR serve a simple purpose – to make your iOS device more secure. This is great for those running stock iOS devices, but for the Jailbreaking community this spells trouble.

With the addition of KASLR in iOS 6 it essentially breaks any current exploits hackers have in their possessions to Jailbreak the iPhone, iPod Touch and iPad.

Hacker @Veeence has recently tweeted about KASLR and has mentioned that due to KASLR the Rocky Racoon exploits are not longer valid and as such new exploits are needed.

No. iOS 6 is not compatible with Rocky Racoon exploits.iOS 6 now has KASLR, a new security layer (anti-JB), so new exploits are needed.

Although KASLR will definitely mean more work for hackers in the Jailbreaking community, it is not the end of Jailbreaking. And according @i0n1c, KASLR is not even something to be too worried about because there are other security features implemented in iOS 6 that are going to be more troublesome.

From what I hear KASLR is one of the things in iOS 6 that will not be a problem at all. Other stuff is more troubling.

I shall keep you posted about any new discoveries made in iOS 6.

Stay tuned with us for more info at iOS Jedi Blog or join our Facebook fan page or Follow us on Twitter or subscribe to the RSS feeds or connect with us on our Freenode-IRC channel for any iOS question you have.

Downgrade from iPad baseband will be possible in the near future

If you are an iPhone 3G/3GS user and are officially unlocked but stuck on the iPad baseband and are frustrated by the fact that you cannot use GPS, then you should start waiting for the day when the next update to Redsn0w hits the market since it will allow you to downgrade the iPad baseband.

MuscleNerd, the developer of the legendary jailbreak tool – Redsn0w, just now tweeted:

A month or two ago, there was a heavy discussion between i0n1c and MuscleNerd about downgrading your baseband. i0n1c was telling his followers that it is impossible to do so, while MuscleNerd replied saying that it was perfectly possible to downgrade the iPad baseband. Then like always i0n1c felt hurt and started his usual tantrums, anyway leave that for another time. So what I wanted to point out is that, this is most likely going to feature soon and will once again silence i0n1c.

Note: I won’t be able to post any replies by i0n1c since he has blocked me on twitter. (An achievement :P)

Update #1: MuscleNerd just posted another tweet, saying that this will allow you to downgrade to any prior baseband, preferably you would like to downgrade to 5.13.04 since it will allow you to keep your ultrasn0w unlock as well as allow you to use GPS.

NOTE: THIS FEATURE WILL ALLOW YOU TO DOWNGRADE ONLY THE iPAD BASEBAND.

What is your take on this?

Obviously this feature will be added to the next update to Redns0w, so tay tuned with us for more info at iOS Jedi Blog or join our Facebook fan page or Follow us on Twitter or subscribe to the RSS feeds or connect with us on our Freenode-IRC channel for any iOS question you have.

The First Commercial Jailbreak…

Well, as I see it someone has finally helped i0n1c live his year-long dream. If you did not get the clue, I was pointing out that someone has finally released a new jailbreak which is PAID. The exploit is done by a Russian hacker @legerov. The tool is known as Vulndisco Mobile 1.7 which allows you to untether any A4 device on iOS 5.1.1. Oh by the way for your information, this jailbreak was popularized by none other than i0n1c.

The idea behind the InteVyDis jailbreak is that you use Redsn0w to tether jailbreak your device and then Vulndisco Mobile module builds a custom bundle you have to install on your device with the help of redsn0w. After this you will have your device jailbroken and you’ll get remote CANVAS shell.

Here is the video of how their jailbrak works:


If you are one of those i0n1c followers then you can go ahead and purchase the jailbreak from here.

Well since Pod2g’s last update on his jailbreak, we see that it is only a few days away and more over Absinthe 2.0 will support all devices including A5s, the jailbreak as usual will be a free one, so I don’t see anyone paying for this jailbreak other than ardent i0n1c supporters.

What are your thoughts on this?

Stay tuned with us for more info at iOS Jedi Blog or join our Facebook fan page or Follow us on Twitter or subscribe to the RSS feeds or connect with us on our Freenode-IRC channel for any iOS question you have.

Pod2G Has Untethered His New iPad Running iOS 5.1…

Few days back, pod2g revealed that his untethered jailbreak works on iPhone 4 running iOS 5.1.

He has now tweeted that the untethered jailbreak also work on the new iPad (iPad 3,1) running iOS 5.1.

Pod2g just tweeted:

Couple of weeks back, pod2g had revealed that he had discovered 2 big vulnerabilities in iOS 5.1, in addition to the five vulnerabilities that they had discovered earlier. However, he wasn’t sure if the exploits could be used to perform an untethered jailbreak.

But he has managed to successfully jailbreak iPhone 4 and the new iPad (iPad 3,1). It remains to be seen if the untethered jailbreak will also work with iPhone 4S and iPad 2 powered by Apple’s A5 chip, but the fact that it has worked with the new iPad powered by Apple’s A5X chip, it is almost certain that it will work on them as well.

It will also be interesting to see if pod2g’s untethered jailbreak also works on iOS 5.1.1 that was released by Apple earlier in the week. Stefan Esser aka i0n1c who had also managed to jailbreak the new iPad running iOS 5.1, has revealed that his untethered jailbreak works on iOS 5.1.1 as well, though he has categorically stated that he doesn’t plan to release the jailbreak.

Pod2g also tells us that since his untethered jailbreak works on iPhone 4 and iPad 3, it should work with other iOS 5.1 devices like iPhone 4S and iPad 2 as well. But it may not work with Apple TV 3. He tweeted:

And finally here is the video by Pod2G showing off his untethered iPad 3:


How impressed are you by Pod2G this time round?

Stay tuned with us for more info at iOS Jedi Blog or join our Facebook fan page or Follow us on Twitter or subscribe to the RSS feeds or connect with us on our Freenode-IRC channel for any iOS question you have.

i0n1c “Achieves” Another 0day…

iOS Hacker Stefan Esser aka i0n1c who had successfully jailbroken the new iPad running iOS 5.1, has just revealed that has also jailbroken his 4G LTE iPad 3 running iOS 5.1.1.

Along with the tweet he has published a photo, which shows Cydia running on his 4G LTE iPad 3 running iOS 5.1.1.

It means that the exploit he had used for the untethered jailbreak for iOS 5.1 still works with iOS 5.1.1. Unfortunately, don’t get your hopes up as i0n1c has categorically stated that he doesn’t plan to release the untethered jailbreak.

i0n1c later tweets as to why does Cydia show his device as “iPad 3 (AT&T)” :-

BTW You have to blame Saurik for the AT&T stuff in Cydia. He wrongly calls iPad3,3 the iPad3 AT&T.

Pod2g who has been also working on the untethered jailbreak for iOS 5.1 has made quite a lot of progress and had managed to untether jailbreak his iPhone 4 running iOS 5.1.
After a few minutes Pimskeks (a member of the jailbreak dream team) tweeted:
Meanwhile, MuscleNerd has revealed that it is still possible to downgrade to iOS 5.0.1 from iOS 5.1.1 using the unreleased method that iH8sn0w had discovered.

5.1.1 shows Apple knows about an unreleased technique to downgrade A5 devices to 5.0.1 with saved blobs (but left it  alone..hmm)

Do you think we will see a public release of the iOS 5.1.1 jailbreak?

Stay tuned with us for more info at iOS Jedi Blog or join our Facebook fan page or Follow us on Twitter or subscribe to the RSS feeds or connect with us on our Freenode-IRC channel for any iOS question you have.

Update: iOS 5.1 Jailbreak

Few days back, pod2g had revealed that they had discovered 5 exploits that were required for the iOS 5.1 jailbreak.

Pod2g has some more good news, he has just tweeted that he has discovered 2 more big vulnerabilities over the weekend.

He just tweeted the following update:

Just a few moments after that he tweeted that:

The reason of the second tweet by Pod2g is the recent tension between i0n1c and him regarding wether jailbreak exploits should be free or not.

Pod2g had also posted a poll asking users if they should hold off the jailbreak for iOS 6 to be released or release a jailbreak for iOS 5.1 as soon as possible, which would mean that the exploits used for the jailbreak would be patched by Apple in iOS 6 or in the next iOS software update. With 2 days still to go for the poll, it looks like majority of the users (61% of the 135,961 votes and counting) want pod2g and team to release a jailbreak for iOS 5.1 as soon as possible.

The ideal situation would be if the hackers don’t have to use all the 7 exploits discovered so far for the iOS 5.1 jailbreak and the exploits that are not used are enough for the next jailbreak. So it remains to be seen if the two big vulnerabilities that pod2g has discovered over the weekend can be used for future jailbreaks.

If you haven’t voted, I highly recommend you to go ahead and cast your vote on pod2g’s website.

What do you guys make of this?

Stay tuned with us for more info at iOS Jedi Blog or join our Facebook fan page or Follow us on Twitter or subscribe to the RSS feeds or connect with us on our Freenode-IRC channel for any iOS question you have.

Round-Up of All the Three Jailbreak Exploits…

If you’ve been following us for the past few hours you by now have known that there have been three jailbreak exploits by four different renowned developers/jailbreakers/hackers on the same day residing in three different locations.

All the posts might be clattering in your mind so I thought before ending the day I should write the summary of all the three posts.

First up: @MuscleNerd‘s exploit

He was the first one to jailbreak the new iPad with his own method. Here are the images:

  

Second: @i0n1c‘s exploit

He has been telling us that he has an exploit for the iOS 5.1 even before it was released and it seems those words were quite right because he posted a video of his untether jailbreak:

Third: @chpwn and @phoenixdev‘s exploit

They were the third and fourth people to find the third iPad 3 exploit and showed it off with these images:

  

Hang on! It’s not over yet I have some more good news from the Dev-Team Blog:

  • We can confirm that the method used to jailbreak the iPad2 4 months ago (before corona) still works even in 5.1.  That means we’ll at least be able to get our foot in the door to get the required kernel dumps on the iPad3.  That’s an important step, but by no means is it the end of the story.
  • Those of you following @i0n1c may have noticed he’s already tweeted pictures of his iPad2 jailbroken at 5.1.  As far as we know, he’s using a method completely unrelated to the one mentioned above.  That would be great news!
  • We’ve also seen bits and pieces of an entirely different jailbreak method being investigated by someone close to the Cydia repo scene.
There is also a caution note posted by MuscleNerd on the blog:

Don’t update your new iPad3 past whatever iOS it comes shipped with

By the way, it’s rare but entirely possible that some of you may find your iPad3 comes with an iOS version that’s not quite 5.1.

One last thing, in the midst of these three exploits everyone is forgetting pod2g, I think he will also come up with another exploit for an untether jailbreak.
Now that the exploits have been found all we have to do is wait for a public release of one of these or perhaps two of these or perhaps all three of them. I’am also expecting new jailbreak tools with these exploits.
So what do you guys have to say about March 16? (Pretty slick day huh?)
You can connect with us on FacebookTwitter or on our Freenode-IRC channel #iosjedi.

Another exploit for the new iPad…

Hot off the heals of MuscleNerd posting his images of the jailbroken iPad 3 came i0n1c’s jailbreak exploit with a video and a just a couple of minutes ago chpwn tweeted that he also managed to jailbreak his iPad 3 with another different exploit!

Having three different exploits I think the public release of the jailbreak should be imminent and should be in the near future.

Here are the images.. the third one is really beautiful:

  

I guess having three different exploits that to on the day of release is pretty amazing, looks like Apple’s engineers did a bad job this time.

Not to forget: Pod2G this time you got owned! :P

Whom do you think will release his jailbreak exploit first?

Do you think we’ll be seeing more jailbreak tools after 3 consecutive exploits?

You can connect with us on FacebookTwitter or on our Freenode-IRC channel #iosjedi.

Untethered Jailbreak video of the new iPad

As I previously told you i0n1c is uploading the video of his untethered jailbroken iPad ( the new one :| ).

So here is the video:


What are your thoughts on this?

You can connect with us on FacebookTwitter or on our Freenode-IRC channel #iosjedi.

The Race is over…

In my previous post I told you about the race for a stable jailbreak exploit for “The New iPad” with the A5X processor has ended already, i0n1c emerged on top. His latest tweet tells us that his jailbreak is now finally an untether and he is trying to upload a video proof for us.

This jailbreak exploit did not take as long as everyone expected… but no one knows if it is perfectly stable for a public release as of now. So there is still no ETA.

Here is i0n1c’s tweet in which he tell us he has an untether jailbreak for the iPad 3,3:

He goes on to add about his video proof:

Hmm… even though i0n1c is a great developer/hacker it seems that he is not too good at remembering things… nor did he think about using a 4S video stabilizer. (Just kidding).

Now it seems i0n1c did get the idea of using the video stabilizer and tells us:

Hmm that untether video seems to be quite big in MB

 

Personally I think he should stop whining.

So what do you guys think will this jailbreak be released to us?

You can connect with us on FacebookTwitter or on our Freenode-IRC channel #iosjedi.

Follow

Get every new post delivered to your Inbox.