Monday, February 03, 2014

iOS hacker iH8sn0w has discovered a way to untether jailbreak devices powered by the AppleA5(X) processor for life

iOS hacker iH8sn0w has discovered a way to untether jailbreak devices powered by the AppleA5(X) processor for life, which includes the iPhone 4s, iPod touch 5, the iPad 2 / 3 and iPad mini. Details are relatively scarce at this moment regarding the iBoot exploit, although if the exploits were ever bound together and released in the form of a jailbreak utility, those in ownership of either device would be able to enjoy an potentially indefinite, untethered jailbreak.
A5X Jailbreak
Even though the jailbreak scene is very much a here-and-now kind of pastime in that most enthusiasts are keen to find way to breach the latest versions, it’s always nice to see progress of any kind. And by the sounds of things, this is a pretty significant inroad. Taking to his TwitterfeediH8sn0w posted A5 AES keys:
sn0w
So looks like all my A5(X) devices are fully untethered and jailbroken for life now.
A5 AES Keys anyone? 4S 7.0.4 iBSS -iv 3a0fc879691a5a359973792bcd367277 -k 371e3aea9121d90b8106228bf2b5ee4c638a0b4837fefbd87a3c0aca646e5996
All A5(X) AES Keys will be posted on @icj_’s icj.me/ios/keys as soon as I clean this up a bit more :)
Then, in speaking to fellow hacker Winocm, one of the guys behind p0sixspwn, iH8sn0w offered something of an insight into how exactly he managed to work the magic:
This isn’t a bootrom exploit. Still a very powerful iBoot exploit though (when exploited properly ;P /cc @winocm).
One follower also noted that iBoot jailbreaks can be patched by Apple on the fly. iH8sn0w responded to this by noting that they can be patched provided that they are released publicly.
Also, to further add fuel to this argument, Saurik took to a thread on Reddit to shed some light on the situation:
For informational purposes (as many people reading might not appreciate the difference), to get the encryption keys you only need an "iBoot exploit", not a "bootrom exploit". It is easier to find iBoot exploits (being later in the boot sequence, it has a larger attack surface: it has to be able to parse filesystems, for example), and they do afford more power over the device than an untethered userland exploit (in addition to letting you derive firmwareencryption keys, you can boot custom kernels, and you might be able to dump the bootrom itself), but they are software updatable as part of new firmware releases from Apple and may have "insane setup requirements" (like, you might pretty much need an already-jailbroken device to actually setup the exploit). You thereby wouldn’t see an iBoot exploit used for a jailbreak (unless everyone is out of ideas for a very long time): instead, you’d see it hoarded away as a "secret weapon" used by jailbreakers to derive these encryption keys, making it easier to find and implement exploits on newer firmware updates for the same device (especially kernel exploits, where even if you have an arbitrary write vulnerability you are "flying blind" and thinking "ok, now where should I write? I can’t see anything… :’(").
iPad rear shell
But the big question is: will the exploit ever go public? Sadly, it won’t, according to a tweet byWinocm.

Wednesday, May 15, 2013

ALL JAILBREAK DOWNLOADS

Redsn0w/Evasi0nSn0wBreezePwnageToolGreenPois0n/Absinthe
0.9.15b3 (6.1.3) MAC / WINDOWS
Evasi0n (6.0-6.1.2): MAC/WINDOWS / LINUX
Most Used Versions
0.9.15b2 [For iOS 6] MAC / WINDOWS
0.9.14b1 [For iOS 5.1.1] MAC / WINDOWS
Other
0.9.13dev4 [For iOS 6] MAC / WINDOWS
0.9.13dev3MAC / WINDOWS
0.9.14b2 MAC / WINDOWS
0.9.13dev2 MAC / WINDOWS
0.9.13dev1 MAC / WINDOWS
0.9.12b1 MAC / WINDOWS
0.9.10b8b MAC / WINDOWS
0.9.10b8 MAC / WINDOWS
0.9.10b6 MAC / WINDOWS
0.9.10b5 MAC / WINDOWS
0.9.10b4 MAC / WINDOWS
0.9.10b3 Mac / PC
0.9.9b9 Mac / PC
0.9.8b8 MAC / WINDOWS
0.9.9b5 MAC
0.9.9b4 MAC / WINDOWS
0.9.9b3 MAC / WINDOWS
0.9.9b1 MAC / WINDOWS
0.9.8b7 MAC / WINDOWS
0.9.8b6 MAC / WINDOWS
0.9.8b5 MAC / WINDOWS2.9.7
0.9.8b4 MAC / WINDOWS2.9Absinthe 2.0.4 MAC / WINDOWS
0.9.8b3 MAC / WINDOWS2.8b7Absinthe 2.0.2 MAC / WINDOWS
0.9.8b2 MAC / WINDOWS2.8b65.0.1Absinthe 2.0.1 MAC / WINDOWS
0.9.8b1 MAC / WINDOWS2.7.34.3.3.1Absinth 0.4 MAC / WINDOWS
Linux
0.9.6rc16 MAC / WINDOWS2.74.3.3Absinth 0.3 MAC / WINDOWS
Linux
0.9.6rc15 MAC/WINDOWS2.6.14.3.2Absinth 0.1.2 MAC / WINDOWS
0.9.6rc14 MAC/WINDOWS2.5.14.3RC6.1Mac/Windows

jailbreak download

Redsn0w/Evasi0nSn0wBreezePwnageToolGreenPois0n/Absinthe
0.9.15b3 (6.1.3) MAC / WINDOWS
Evasi0n (6.0-6.1.2): MAC/WINDOWS / LINUX
Most Used Versions
0.9.15b2 [For iOS 6] MAC / WINDOWS
0.9.14b1 [For iOS 5.1.1] MAC / WINDOWS
Other
0.9.13dev4 [For iOS 6] MAC / WINDOWS
0.9.13dev3MAC / WINDOWS
0.9.14b2 MAC / WINDOWS
0.9.13dev2 MAC / WINDOWS
0.9.13dev1 MAC / WINDOWS
0.9.12b1 MAC / WINDOWS
0.9.10b8b MAC / WINDOWS
0.9.10b8 MAC / WINDOWS
0.9.10b6 MAC / WINDOWS
0.9.10b5 MAC / WINDOWS
0.9.10b4 MAC / WINDOWS
0.9.10b3 Mac / PC
0.9.9b9 Mac / PC
0.9.8b8 MAC / WINDOWS
0.9.9b5 MAC
0.9.9b4 MAC / WINDOWS
0.9.9b3 MAC / WINDOWS
0.9.9b1 MAC / WINDOWS
0.9.8b7 MAC / WINDOWS
0.9.8b6 MAC / WINDOWS
0.9.8b5 MAC / WINDOWS2.9.7
0.9.8b4 MAC / WINDOWS2.9Absinthe 2.0.4 MAC / WINDOWS
0.9.8b3 MAC / WINDOWS2.8b7Absinthe 2.0.2 MAC / WINDOWS
0.9.8b2 MAC / WINDOWS2.8b65.0.1Absinthe 2.0.1 MAC / WINDOWS
0.9.8b1 MAC / WINDOWS2.7.34.3.3.1Absinth 0.4 MAC / WINDOWS
Linux
0.9.6rc16 MAC / WINDOWS2.74.3.3Absinth 0.3 MAC / WINDOWS
Linux
0.9.6rc15 MAC/WINDOWS2.6.14.3.2Absinth 0.1.2 MAC / WINDOWS
0.9.6rc14 MAC/WINDOWS2.5.14.3RC6.1Mac/Windows

Jailbreak 6.1.3 Semi Untethered On iPhone 4, 3GS, and iPod Touch 4G


Jailbreak 6.1.3 Semi Untethered On 

iPhone 4, 3GS, and iPod Touch 4G 

How to jailbreak 6.1.3
iOS Version 6.1.3 was released to today, and it patches the Evasi0n Jailbreak as we warned our viewers earlier.
Warning: If you are on any device other than the  iPhone 4, iPhone  3GS, or iPod Touch 4G STAY ON 6.1.2 OR LOWER. Updating your device to 6.1.3 will cause it to be non jailbreakable and non downgradable. We also recommend all users stay on 6.1.2 or lower as evasi0n is a much better jailbreak.
Redsn0w can jailbreak the  iPhone 4, iPhone  3GS, or iPod Touch 4G  semi-untethered (meaning you will need to run the last steps every time your device shuts down). This can be annoying so like we said previously this is only for people already on 6.1.3.

SemiRestore – restore to a fresh version of iOS without losing your jailbreak!



SemiRestore – restore to a fresh version of 

iOS without losing your jailbreak!










Most people in the jailbreak community have come across this before – you’re messing around with your iDevice and cluelessly install some buggy tweak from Cydia, landing your device in an unusable state. Apple has recently released a new un-jailbreakable firmware (6.1.3, 6.1.4)  and if you do happen to mess up your device, MobileSubstrate is basically your only hope to get your device back to working order. If you are a jailbreak addict, you will know that MobileSubstrate can’t always save you, and you are forced to restore to an un-jailbreakable firmware and oh no! Life ‘seems’ hopeless and worthless without your jailbreak.
But CoolStar from HASHBang productions must be all too familiar with this situation and has been working on a new solution to (semi)restore your device without losing your jailbreak. Presenting, SemiRestore! SemiRestore allows you to fix your device in a respring loop or in a unusable state, without losing your jailbreak. CoolStar has been working on a SSH version of SemiRestore as well as a OS X/Windows/Linux version on which you may connect your device up via USB to semi-restore. SemiRestore effectively restores your device essentially like how iTunes does but preserves your jailbreak on your current iOS version. After the restore, you can easily sync back all your data from iTunes and of course, install your most treasured packages from Cydia to once again enjoy the jailbreaking experience.

Some frequently asked questions from the website are below.
Can I use this to go from firmware x to firmware y?

No, this only allows you to go to a fresh version of your current firmware.

Do I need SHSH blobs or APTickets for this semi-restore?

No, since this is not a full restore and is at the userland level, this doesn't require blobs.

I have a question regarding the jailbreak process or jailbreaking in general.

Please go to the Jailbreak QA dedicated website or try /r/jailbreak on Reddit.

SemiRestore requires:
- iOS 5.0-6.12
- a jailbroken device with OpenSSH and APT 0.7 Strct

SemiRestore does:
- restore the version of iOS (supports 5.0-6.1.2)
 on your device
- fix your unusable device
- save your life

SemiRestore does not:
- unlock your device
- jailbreak your device

SemiRestore has already proven to me that it does do the job after being stuck in a respring loop and successfully restoring my device whilst keeping my jailbreak (phew).