0:00
what's going on youtube gsnowright here
0:02
so in today's video i have some great
0:03
news for those of you waiting for a
0:05
jailbreak on 14.7 and lower especially
0:08
on the a12 and newer devices a brand new
0:10
kernel exploit has been released so the
0:13
jailbreak may not be as far as it was
0:15
expected initially this video is brought
0:17
to you by any trans a software that
0:18
allows you to drag and drop files
0:20
directly from your computer to your
0:21
device you can backup your photos music
0:23
videos and apps and of course you can do
0:25
icloud management and so on directly
0:27
from your computer check it out in the
0:29
link below so as you probably remember
0:31
back on october 16th justin sherman
0:33
posted this quote this semester i
0:35
decided to do an independent study which
0:37
is a semester-long project that counts
0:39
for credits like a class would my
0:41
project is a kernel exploit for cve 2021
0:44
30807 plus a write-up i just finished
0:46
the exploit and popped 14.6 and 14.7 on
0:50
my phone right up ata soon now at that
0:53
point they posted this of course the
0:54
information about the kernel exploit and
0:56
of course it's completely okay the
0:58
kernel exploit works and it shows the
1:00
kernel slide and many other things in
1:02
here including getting root uid0 and
1:04
gid0 there but that was it at that point
1:07
however just yesterday justin sherman
1:09
posted this quote right up finished
1:11
thank you to everyone that gave me
1:13
feedback and they posted it in here
1:15
which is basically this huge write-up
1:17
posted on november 28th so it says in
1:19
here that popping ios 14.7 and lower
1:22
with io mfp or i o mobile frame buffer
1:25
which has been the target of many many
1:27
exploits in the past many of which have
1:29
been used for jailbreak purposes now of
1:31
course the write-up itself is huge it's
1:33
massive you would have to actually take
1:35
time to read it and so on if you're
1:37
interested in it but you probably are
1:38
not because they're probably not a
1:40
jailbreak developer so i'm going to talk
1:41
about it and how it would affect you as
1:43
a jailbreak user well it is indeed a
1:45
kernel exploit and it's the kernel
1:46
exploit that has been demonstrated in
1:48
here back in october so we know that
1:50
this kernel exploit has been used before
1:52
in order to get the kernel slide so
1:54
bypassing the kslr which is a security
1:57
feature and then getting root and
1:59
probably even bypassing the sandbox or
2:01
escaping the sandbox so we know that
2:03
this can be used for uncover and taurine
2:05
with one exception this one would
2:07
require from what i can see a safari
2:10
exploit to chain it with because you
2:12
need some entitlement in order to be
2:13
able to exploit the component that is
2:16
vulnerable here and unfortunately only
2:18
safari has that in fact web content has
2:20
that so you would need to first gain
2:23
access over safari so basically pawn
2:25
safari first and then of course spawn
2:27
this exploit here and take over the
2:30
kernel so it's just a minor hurdle ios
2:32
webkit vulnerabilities and you know web
2:34
content vulnerabilities are actually
2:35
quite often published and therefore it's
2:38
not something that is very rare and we
2:39
will never be able to find it so in
2:41
terms of that is not actually very bad
2:43
however it would mean that uncover and
2:45
taurine would have to basically find out
2:47
a way to distribute this in a different
2:49
way the standard ipa file would probably
2:51
not work at that point because you would
2:53
first need to be able to run from safari
2:55
and then of course run the kernel
2:57
exploit so it would need a little bit of
2:59
a modification in terms of the way you
3:00
installed the jailbreak itself however
3:02
the kernel exploit is indeed very
3:04
important and it's actually a great step
3:06
towards a 14.7 and 14.6 jailbreak right
3:10
now uncover only supports 14.5.1
3:13
and lower but with this in here and if
3:15
used properly it will of course mean
3:18
14.6 and 14.7 could get this as well so
3:21
for those of you who are running ios
3:23
14.7 14.6 14.5.1 and so on this would
3:27
very well work now there were a couple
3:29
of questions about whether this would
3:30
work on a12 a13 a14 and so on and the
3:33
answer is yes according to justin
3:36
sherman matt asked him in here about the
3:38
a14 plus devices and justin sherman
3:40
posted this it should work on all chips
3:43
i just opened the random iphone 13
3:44
kernel and the code is there the code
3:46
was not part of the code that was moved
3:48
to dcp so it would work on all devices
3:51
which is actually quite great because
3:53
this means that this is a huge step
3:55
forward towards the jailbreak and it
3:57
also means that we're closer than ever
3:59
to set jailbreak for 14.7 and 14.6
4:02
because remember this is a kernel
4:04
exploit is exactly what we need we need
4:06
a safari exploit in order to run this
4:07
exploit here but that's not exactly hard
4:09
to find and those have been patched left
4:12
right and center in ios i'm pretty sure
4:14
there are a couple of them waiting to be
4:16
released in ios 14.7 14.6 and so on so
4:19
yes this is laying the base for the 14.7
4:22
and 14.6 jailbreak what's next we need
4:25
to wait for a safari exploit to pop out
4:27
like this one in here has but after that
4:29
we're pretty much good to go we just
4:30
need to wait for people to update their
4:32
jailbreaks and that's it so that's
4:34
basically it thank you for watching
4:36
pretty great news i wasn't expecting it
4:38
but yeah pretty great news thanks to
4:40
justin sherman for releasing the exploit
4:42
and not keeping it private and of course
4:43
thank you for watching this video till
4:45
the next time i'm jio snow peace out
