Jailbreak News

Help the iOS 5.1 Jailbreak Community With Tips from Pod2g

Pod2g, the popular iOS hacker, just posted on his blog informing us all on how we can do our part  to help push along a Jailbreak for iOS 5.1. He explains what it takes to achieve a Jailbreak, and what everyone in the Jailbreak community can do to pitch in.  Be sure to follow @pod2g on Twitter and show your support!

Below is the blog posting via Pod2g’s iOS blog.

To jailbreak a device, hackers need a set of exploitable vulnerabilities :

  • a code injection vector : a vulnerability in the core components of iOS that leads to custom, unsigned code execution.
  • a privilege escalation vulnerability : it’s usualy not enough to have unsigned code execution. Nearly all iOS applications and services are sandboxed, so one often need to escape from the jail to trigger the kernel exploit.
  • a kernel vulnerability : the kernel is the real target of the jailbreak payload. The jailbreak has to patch it to remove the signed code enforcement. Only the kernel can patch the kernel, that’s why a code execution vulnerability in the context of the kernel is needed.
  • an untethering vulnerability : when the device boots, it is unpatched, thus cannot run unsigned code. Thus, to start the jailbreak payload at boot time, a code execution vector either in the services bootstrap or in the loading of binaries is mandatory.
You can help if you can crash either a core application (Safari, Mail, etc…) or the kernel in a repeatable way. A kernel crash is easy to recognize : it reboots the device.
Important facts :
  • Always test on the latest iOS version before reporting a crash (at the time of writing, iOS 5.1)
  • Be sure to not report crashes to Apple : on your iOS device, go to Settings / General / About / Diagnostics & Usage,  and verify that “Don’t Send” is checked.
  • Not all crashes are interesting : aborts, timeouts or out-of-memory kind of crashes are useless. Verify the crash dump in Settings / General / About / Diagnostics & Usage / Diagnostic & Usage Data that the crash report you created is of Exception Type SIGILL, SIGBUS or SIGSEV.
  • The crash should be repeatable, which means you should know what exact steps produced it and how to reproduce it on another device.
How and where to report :
  • Send an email to ios.pod2g@gmail.com detailing the steps to produce the crash and the associated crash report.

Thank you very much for reading & helping !

~pod2g

REMEBER: Make sure the crash falls under one of the specified exception types! Be sure to include the report and detailed steps on how to reproduce the crash. If you don’t include this detailed information the data will be useless to Pod2g and you’ll just end up creating more work.

Stay tune here or Follow us on Facebook and Twitter for more breaking news on all things iOS 5.1 Jailbreak

Source: Pod2g’s iOS blog

Share this Story

Related Posts

Comments are closed.

Join Our Mailing List

Email Format

Free iTunes Gift Cards!

Find us on Google Plus