iOS 10.3.2 Jailbreak Nearby, Potential Exploit Explained

Waiting for iOS 10.3.2 jailbreak update? A new video released explains and details how Ian Beer’s potential jailbreak exploit for an iOS 10.0-10.3.2 hack works. Here’s everything you need to know.

How it could be when hearing about iOS 10.3.2 jailbreak tool is now available to download for those who have updated to the latest iOS 10.3.3 version from Apple. Yes, it will be something that an unexpected liberation, so before you go forward and update your compatible iPhone, iPad or iPod touch with the latest iOS version, you have to wait a little bit. As this news today makes us happy to know when the jailbreak for iOS 10.3.2 is coming out.

We are yet to have confirmation that someone with the relevant skillset is actually working on adapting Ian Beer’s exploit into a workable consumer jailbreak solution for iOS 10.3.2, but we are seeing more information about the underlying vulnerabilities being pushed into the public domain.

Now a new YouTube video published by Billy Ellis is not only referencing the vulnerabilities and triple_fetch toolkit released by Ian earlier, but is also giving additional details on how exactly it works.

The first thing highlighted in the video is the fact that this particular bug, or set of bugs, has already been patched with the release of iOS 10.3.3, which were made available by Apple recently. The published bugs by Ian are userland-based and are only compatible with iOS 10.0 through iOS 10.3.2, which means that anyone currently running iOS 10.3.3 needs to downgrade immediately if they plan on materialize these vulnerabilities into a jailbreak in the future. As Apple is still signing iOS 10.3.2, it is actually possible to go through the downgrade process.

While Apple security also referenced the aforementioned CVE-2017-7063 bug and attributes it to Ian of the Google Project Zero team. This reference is in relation to iOS 10.3.3 where Apple is essentially saying it has been patched, stating that the bug “maybe be able to execute arbitrary code with system privilages.”

Anyone involved in the world of jailbreaking, Ellis also shows up the Xcode project which comes as part of Music to the ears (the triple_fetch toolkit), explaining that in its current state from it’s essentially useless to any average device owner and that it is more aimed at security researchers who want to interrogate iOS and potentially look for additional bugs.

In addition to tthese things aforementioned, the video by Ellis embedded below also gives cue on fairly decent overview of running the project on an iOS device and technically, interacting with the bedbugger to be able to attach to system-level processes and interrogate what’s going on in the userland. All of the information obtained today details how to do that is also included in the accompanying readme file which downloads with the project.

For now, it’s in the form that really doesn’t offer any advantages to an average Joe, and should really only be used by security researchers at this current stage. Having said that, we have it on good authority that these vulnerabilities can be used to produce a working developer jailbreak, so let’s hope that happens sooner rather than later.

(Source: Billy Ellis [YouTube])

Also like this: