At this year’s Mobile Security Conference (MOSEC 2018), the 360 Vulcan team has relatively shown off an iOS 11.4 and iOS 12 beta remote jailbreak utilizing Safari and a kernel-level bug to inject its payload.
CoolStar is working on the similar activity in the jailbreak community and is about to receive an iOS 11.3.1 jailbreak. Whether that be in the form of an updated Electra IPA or introduced as a JailbreakMe 5.0 experience, is unknown.
First, it was thought CoolStar’s Electra iOS 11.3.1 jailbreak will be using Project Zero’s Ian Beer exploit, but later it was said to be in touch with a Safari-based remote jailbreak solution. It comes from a number of individuals and teams who are actively working on discovery vulnerabilities in iOS, exploiting them, and then showcasing their work at security conferences in the form of a jailbreak demonstration.
With this latest 360 Vulcan team demonstration of the jailbreak which has taken part at the huge Mobile Security Conference – commonly referred to as MOSEC – in Shanghai – showed how devices can be jailbroken running Apple’s latest public release, iOS 11.4, as well as the company’s iOS 12 pre-release firmware, that too, using Safari and a kernel-level bug to get the required access to the device and to inject the payload.
That was what is called in the community as a “JailbreakMe” jailbreak, which recently demonstrated as a viable solution by Nikla Baumstark using a combination of bugs by Ian Beer and Samuel Groß.
It’s very unlikely that this type of jailbreak will ever make it into a public-facing jailbreak and be offered to devise owners to liberate their devices from Apple’s walled-garden. Nevertheless, it an excellent achievement that will technically be applauded in the security research community and will possibly include bugs in iOS 12 that have been, or will be, reported to Apple and closed before it makes it into the hands of the public.
So, with this jailbreak still being in research stage only, all focus and attention will be on the Electra team as we wait for a public release date to be given for Electra1131.
Note: It’s important that this is not the first time an iOS 12 beta jailbreak or an iOS 11.4 jailbreak have been teased in public domain, with Keen Lab being first to demo a jailbreak on iOS 12 only a few days ago while Richard Zhu getting the honors of jailbreaking iOS 11.4 first earlier this month.
(Source: @mj0011sec [Twitter])