0:00
what's going on YouTube GSN here today
0:02
we're discussing about troll store
0:04
whether you can install it on iOS 17.0.2
0:07
and newer all the app IOS 18 what
0:09
prevents you from doing so on certain
0:11
versions and what we have in store for
0:14
troll store going forward so probably a
0:16
lot of you know about troll store is a
0:18
tool created by Opa 334 the developer
0:21
behind dopamine jailbreak and this one
0:22
essentially installs applications on iOS
0:25
without signing them so you don't have
0:27
to resign them you don't have to keep on
0:28
using alt store or certificates and so
0:31
on however being based on a
0:33
vulnerability it actually requires that
0:36
vulnerability to be present on the iOS
0:38
version so it doesn't work with all
0:39
devices and all iOS versions I put
0:42
together an article here on ivice
0:43
central.com an in-depth one about troll
0:46
store on iOS 17.0.2 up to 18.3 can you
0:50
still install it why is it was patched
0:53
and what was patched now the official
0:54
support as you can see here on my
0:56
website goes up to iOS 17.0 not the beta
1:00
the 17.0 final version it is supported
1:03
on all devices now the installation
1:05
method as you know is different
1:07
depending on the iOS version you either
1:08
have troll installer X or troll restore
1:11
and of course with troll restore you can
1:13
install it on iOS 17.0 and that's the
1:15
latest version that we've got the latest
1:17
update back in September however you
1:20
probably know that iOS
1:21
17.0.2 and newer are not supported but
1:24
why is that well troll store itself is
1:27
based on several vulnerabilities most of
1:29
them in core trust in in m and stuff
1:32
like that M handles the code signing so
1:34
it's Apple mobile file integrity and the
1:36
code signing is an important thing on
1:38
iOS because it's what prevents you from
1:41
installing applications from unknown
1:43
sources or you know unsigned and so on
1:45
it's also what verifies the signature of
1:48
your application and it will not open
1:50
the app if the 7 Days certificate for
1:52
example has expired so having a
1:55
vulnerability in M or in core trust is a
1:57
big deal because you can bypass all of
1:59
those things that is exactly what troll
2:01
store was and what it used is the cve
2:06
41991 which is essentially used to
2:08
bypass the certificate validation and
2:11
this one was in fact patched Apple took
2:13
note of it and patched it in iOS
2:16
17.0.2 hence why you cannot install
2:18
troll store on that version or newer
2:21
this did happen before the first version
2:23
of troll store actually only worked on
2:26
iOS 14 and iOS 15 as far as I can
2:28
remember and um that vulnerability was
2:31
patched but then after a while Apple
2:34
reintroduced that same vulnerability
2:36
again in iOS in a different format but
2:38
still in court trust and we were able to
2:40
make troll store 2 which supports up to
2:43
iOS 17.0 now will that happen again a
2:47
third time it's less likely because I
2:49
think Apple by now has indeed learned
2:51
from their mistakes but if they didn't
2:53
and they do get to create a new
2:56
vulnerable version of cor trust in the
2:58
newer iOS versions it's not completely
3:00
impossible to see troll star making a
3:02
comeback however for now the chances
3:05
that Apple screws up the same thing
3:07
three times in a row is actually quite
3:09
low now you can do a lot with troll
3:11
store and for those of you who are on a
3:14
supported version I highly recommend you
3:16
do not update cuz you may never have a
3:18
similar chance again but yes the
3:19
vulnerability used in it is patched and
3:22
it's very unlikely we're going to see
3:24
again such a vulnerability unless Apple
3:26
screws up a third time anyway this video
3:28
was brought to you by 8K SEC they have
3:30
an iOS security course that you can
3:32
definitely check out it's great because
3:34
if you want to learn how to make your
3:36
own jailbreaks or tools like troll store
3:38
if you want to find iOS vulnerabilities
3:40
they do go in depth about the iOS kernel
3:42
the security techniques used on the iOS
3:45
and yeah you can learn how to find
3:47
vulnerabilities build exploits and so on
3:49
check the uh course out in the link
3:51
below thank you for watching I am GSN
