Posted in

Latest Jailbreak News: Access to /var ACHIEVED with the KFD exploit on iOS 15.0 – 16.5

GeoSn0wby GeoSn0w1
Latest Jailbreak News: Access to /var ACHIEVED with the KFD exploit on iOS 15.0 - 16.5
Latest Jailbreak News: Access to /var ACHIEVED with the KFD exploit on iOS 15.0 - 16.5

As you are probably aware, a month or so ago, the KFD (Kernel File Descriptor) exploit was released as open-source by developer felix-pb.

The community quickly found very good uses for this exploit and many applications that take advantage of it have been released in the past weeks.



Apps like Misaka Package Manager, Cluckabunga, Picasso Beta, and many others, have been updated to work on iOS 15.0 up to iOS 16.5 and iOS 16.6 Beta 1 thanks to the exploits bundled with the KFD open-source project.

A full jailbreak, however, is not as simple to implement as we would hope. While the kernel exploit does provide one of the most critical and hard-to-get components of such a jailbreak, newer devices (A12+) do require more work thanks to PAC and PPL, new security mechanisms implemented on these devices.

Important: This article talks about jailbreaking. While jailbreaking is legal in the U.S. thanks to a DMCA exemption, it still uses powerful kernel vulnerabilities and exploits in order to work. This can weaken the security of your device so if you’re not comfortable running such code on your device, please do be careful.

Is KFD useful for a jailbreak?

The KFD project and the exploits bundled with it might just be the biggest release of 2023 in the jailbreak community. It was the first proper kernel exploit for iOS 16 to ever be released and it supports such a big iOS 16 range that it makes it very powerful for the end user.

While for A12+ devices we still need a PAC / PPL bypass, the kernel exploit does work on these newer devices so we have half the picture.

But KFD isn’t useful only for jailbreaking on iOS 16 and 15. The community has updated the exploit to work even down to iOS 14.



Since a lot of stuff is going on in the jailbreak community revolving around the KFD exploit, you can find a Status Page / Timeline here with all the progress and release based on KFD in terms of jailbreaking. Do check it out.

On August 22nd, the official Taurine Jailbreak website was updated to add the following changes:

  • Introduce support for iOS 14.4 to 14.8.1 for A10(X) and lower
  • Introduce support for iOS 14.5 to 14.8.1 on A11

Thanks to the KFD exploit we finally have an iOS 14.8.1 jailbreak.

On a similar note, developer @wh1te4ever is currently building various tools and ways to perform jailbreak tasks with KFD in their open-source playground repo called kfund (Fun with KFD).

This repo contains all sorts of interesting things made with KFD from implementations of MacDirtyCow, to escaping sandbox and much more.

Access to /var achieved with the KFD exploit

On August 22nd, developer @bomberfish77 posted a video on Twitter in which they demonstrated accessing and browsing /var (the iOS Mobile / User Partition) using the KFD exploit, thus implying a sandbox escape was achieved.



This is an important part of a jailbreak, and even for tweaking tools like Cowabunga, Misaka, etc. as being able to access the files in /var allows more powerful tweaks to be created.

https://twitter.com/bomberfish77/status/1694052644195635648

As you can see the community is hard at work putting the KFD exploit to good use. While it will surely be some time before we see a full iOS 15.0 – 16.5 jailbreak (especially for A12+), many of the components are in place.

The KFD exploit allowed the community to build various new tweaking tools and find interesting ways to deal with the new limitations introduced in iOS 15 and iOS 16 to thwart jailbreaking.

I’d say we’re doing quite well since KFD was released and there seems to be a large number of new developers taking KFD and making great new apps with it. I guess time will tell.

Credit: Terminal icons created by icon_small – Flaticon

Other iDevice Central Guides

GeoSn0w is an iOS and Jailbreak enthusiast who has been around for quite some time in the community. He developed his own jailbreaks before and is currently maintaining iSecureOS, one of the first iOS Anti-Malware tools for jailbroken devices. He also runs the iDevice Central on YouTube with over 149.000 Subscribers!

With over a decade of iOS jailbreak experience and several jailbreak tools built by him, GeoSn0w knows the jailbreak scene quite well having been part of several releases over the years.

GeoSn0w is also a programmer focused primarily on iOS App Development and Embedded programming. He codes in Swift, Objective-C and C, but also does PHP on the side.

One thought on “Latest Jailbreak News: Access to /var ACHIEVED with the KFD exploit on iOS 15.0 – 16.5

Leave a Reply