CoolStar’s Electra jailbreak tool for devices running iOS 11.3.1 is out there in the wild. If you are among those lucky (or smart) enough to have stayed on the 11.3.1, you could liberate your device from Apple’s walled garden using the Electra tool. But people who have upgraded their devices to iOS 11.4 or 11.4.1 – and would like to jailbreak – might not want to upgrade to iOS 12 when it is released to the public next month. That’s because developer Brandon Azad could talk about the potential iOS 11.4 jailbreak tool at a conference in September.
Azad’s presentation could lay the groundwork for iOS 11.4 jailbreak
Brandon Azad said in a tweet that he would present at the next month’s beVX Conference in Hong Kong. It has sparked speculations of a potential iOS 11.4 jailbreak release. Azad’s presentation is titled “Crashing to root: How to escape the iOS sandbox using abort().” The talk appears to be aimed at the jailbreak community and security researchers. The beVX Conference itself is an “offensive security conference,” so we have a fair idea of what to expect there.
I’ll be presenting “Crashing to root: How to escape the iOS sandbox using abort()” at @bevxcon this September. I’ll show how to exploit CVE-2018-4280, fixed in iOS 11.4.1, by crashing maliciously in order to elevate privileges, defeat codesigning, and spawn a shell on iOS 11.2.6. pic.twitter.com/tRxLqD55fY
— Brandon Azad (@_bazad) July 30, 2018
Brandon added that he would show the audience how to exploit the CVE-2018-4280 bug that Apple fixed in the iOS 11.4.1. According to Apple’s security release, the CVE-2018-4280 aka “libxpc” bug is attributed to Brandon Azad. His demo will likely focus on the iOS 11.2.6, but it could also be valid for up to 11.4. Brandon also talks about elevating privileges, which means it could be used for a future iOS 11.4 jailbreak.
Even if Brandon releases the iOS 11.4 jailbreak or at least lays the groundwork for it, very few users would want to stay on the iOS 11.4 or 11.4.1 after Apple releases the iOS 12, which is currently undergoing beta testing.
The Electra tool’s 1.0.3 version is capable of liberating the iPhone X, iPhone 8, 8 Plus, iPhone 7, and 7 Plus running iOS 11.4, but there is a big catch. It works only with iOS 11.4 beta 3, 2, and 1 because Apple has patched the exploit that Electra uses. If you are on iOS 11.4 beta 3 version, here’s how you can jailbreak your device using the Electra tool. So far, more than 270,000 people have used Electra to liberate their iPhones and iPads.
Sileo package for Electra is in the works
Developer CoolStar has told the jailbreak community that the Electra team was working on a new package manager called Sileo for Electra that would replace the Cydia Installer. It will allow jailbreak users to do everything they can do with the Cydia Installer, but it will be fully-featured and more user-friendly. Cydia is no longer fully supported by the Electra team, which means they are not adding any additional fixes or hacks to keep Cydia functional.
CoolStar has assured the community that all their packages would remain as they are when switching to Sileo. What’s more, users will be able to access their Cydia purchases right from Sileo. The new package manager will have the same back-end as Cydia, but it will support only iOS 11 and 64-bit command line tools. Older software will not be supported. It will also allow tweak developers to accept payments from jailbreak users.
We don’t know for sure if or when the iOS 11.4 jailbreak would come out. But Apple doesn’t like the idea of jailbreaking. The company has warned iPhone and iPad users on several occasions that jailbreaking removes the security layers it has built into the iOS software. It exposes you to malware and hacking. You could end up losing your data, and the apps could become unresponsive. In some cases, the device could become “permanently inoperable.” The Cupertino company doesn’t cover the jailbroken iPhones and iPads under its warranty program. The interesting this is that most of the jailbreak users are fully aware of these risks, and they liberate their devices anyway.
Read on Valuewalk