iOS 11.3.1 To Get A Safari-Based Jailbreak In The Form Of JailbreakMe 5.0

A new report surfaced on Twitter confirming that a well-known developer and security researcher – Niklas Baumstak working on a Safari-based JailbreakMe jailbreak experience for iOS 11.3.1. Further, he also released a bug into the community which is exploitable via Safari, that could theoretically lead to the creation. Here are the details on it.

The tweet confirms that he has “just exploited @i41nbeer’s bug via Safari RCE,” which suggests that someone with the relevant interest and skill set could take this knowledge and process further to build a web-based solution and release it into the community as JailbreakMe 5.0.

Niklas tweets then go on to mention the bug by its reference – CVE-2018-4233 – which is extremely interesting as Apple references that number as a WebKit bug raised by Samuel Groß of Trend Micro’s Zero Day Initiative, and not Project Zero’s Ian Beer.

The security researcher has also given clarification on this, it seems that the process involves the exploiting of two bugs back-to-back, one by the aforementioned Samuel Groß and then the Ian Beer bug.

It also seems that there is a bug which is attributable to iOS 11.3.1 which, due to its nature, can be exploited via Safari, meaning that it could possibly be for a very easy-to-use jailbreak. This type of jailbreak to be released which doesn’t actually require an individual to sideload an IPA to their device or re-sign the app every time seven days. Out of all the jailbreaks ever released into the community, the original Safari-based JailbreakMe solution might be the most popular and most definitely the easiest to use. In fact, it’s simplicity made it probably one of the most alluring pieces of work and software architecture ever released into the jailbreak community.

Currently, we can only guess and wait for that researcher to come out with a stock jailbreaking solution, as he is one of those individuals who has been highly successful at multiple Pwn2Own competitions. However, to the best of our knowledge, he hasn’t been credited or actively involved in any recent jailbreak activity, Maybe this is the time that someone else puts their head above the parapet and pushes something miraculous out into the jailbreak community.

Stay tuned for more and more updates on this one, or beyond this as if it develops.

Continue reading:

(Visited 98 times, 1 visits today)