A PRE-jailbreak for iOS 14.0 ~ iOS 14.3 on all devices.
Generally speaking, jailbreak starts from an arbitrary kernel r/w vulnerability, so I name it pre-jailbreak. Actually, CVE-2021-1782(cicuta_virosa) is the pre-jailbreak thing.
Implemented an arbitrary r/w primitive based on cicuta_virosa. Useful to security researchers, and jailbreak developers.
Use it on your own risk. I build it for security researchers only. MEAN NOTHING to normal users.
DO NOT RUN IT on you main device. I can not promise WHAT WILL HAPPEN!
- make the exploit faster (iPhone 12: 65s -> 10s, iPhone 6s: 188s -> 68s)
- stable kernel r/w primitives
amfid bypassImplement it by yourself. Bad guys would use this to distribute malicious code directly.
Tested on iPhone 12 pro (iOS 14.3).
Tested on iPhone 11 (iOS 14.0).
Tested on iPhone 6s (iOS 14.0). Maybe helpful to A11 devices. I note that checkra1n said "Limited support for A11 devices on iOS 14.x".
For other devices/iOSs, add kernel offsets yourself in k_offsets.c
- @ModernPwner: CVE-2021-1782, exploitation technique
- Brandon Azad (@_bazad): Almost everything starts from oob_timestamp
- @chenliang0817: paper "Exploiting IOSurface 0"
- Jailbreak knowledge from unc0ver
- #FreeTheSandbox: post-exploit tech & binpack
inherited from cicuta_virosa
my twitter @pattern_F_
English is hard for me... I'm learning it.