0:00
what's going on YouTube jar right here
0:02
so today we have very good news for
0:03
those of you on iOS who are waiting for
0:05
a jailbreak or tools related to
0:07
jailbreaking like tweaks and stuff like
0:09
that a brand new exploit with arbitrary
0:12
file right was released for Mac OS and
0:14
iOS and this might just be the first of
0:16
its kind for iOS 17 so this
0:18
vulnerability was released here on
0:19
GitHub by this developer and they even
0:22
posted an exploit maker for it so that
0:24
you can create appropriate files in
0:26
order to you know get the exploit going
0:30
202427876 and this one says it's a lib
0:33
Apple archive exploit maker you can read
0:35
the full write up over here it's
0:36
actually quite interesting i parsed
0:38
through it and yeah this does actually
0:40
work on Vision OS and iOS and Mac OS it
0:43
probably works on watch OS as well now
0:45
this was patched apparently in iOS 17.7
0:48
as well as iOS 18.0 so if you go here on
0:52
the security content of iOS 18 you can
0:54
see that they do have the uh CVE over
0:57
here in compression and it says impact
0:59
unpacking a maliciously crafted archive
1:01
may allow an attacker to write arbitrary
1:03
files now how good is this for jailbreak
1:05
purposes we're going to get into that in
1:06
a second this video is brought to you by
1:08
FlexTor they allow you to sign your own
1:10
jailbreak applications or anything
1:12
directly from your device no computer
1:15
with any certificate you can provide
1:16
your own or get one from them and even
1:18
customize the applications icon and
1:20
stuff like that you can install them
1:22
without a computer so definitely check
1:23
it out in the link below well let's
1:25
check this out and see how good is this
1:26
for jailbreak purposes at first this is
1:28
a pretty potent exploit in terms of what
1:31
it can do since this can arbitrarily
1:33
write files it means that you can
1:35
actually make a controlled application
1:37
to write whatever you want to a specific
1:39
file now from the top of my head this
1:41
would definitely be useful for
1:42
applications like Nugget and like Misaka
1:45
X which allow you to enable the EU
1:48
features for example on a device from
1:50
the US or an otherwise incompatible
1:52
device enable you know hidden features
1:54
or features that are not normally
1:55
available for you and even tweaks and
1:57
stuff like that this could theoretically
1:59
be useful for jailbreak purposes in a
2:01
way that it writes to files but this
2:03
cannot be used to make a jailbreak by
2:05
itself because the exploit itself is not
2:07
powerful enough this is not a kernel
2:09
exploit and what it can do is to make a
2:12
particular vulnerable application from
2:14
the system to write whatever you want as
2:16
the user to an arbitrary file however it
2:19
still needs to be able to control that
2:21
file to be able to have access to those
2:23
files so it's technically possible to
2:25
use this for tweaking purposes and for
2:28
developing interesting tools around it
2:30
just like they did with the Nugget and
2:32
with Kawabanga and stuff like that but
2:33
it's not really that powerful it's
2:36
useful and we might see it integrated in
2:38
something in the future however it's not
2:40
exactly powerful enough to create a
2:42
jailbreak not by a long shot it's still
2:44
one of the most powerful exploits
2:46
released for iOS 17 as far as I know and
2:48
it's actually quite interesting you
2:50
might see this being used quite soon
2:51
especially since an exploit maker was
2:54
also released for it so yeah that's
2:55
basically it i don't know what's going
2:57
to come from this exploit or whether
2:58
something will come from it but it's a
3:00
brand new exploit in the jailbreak
3:02
community it works on iOS 17 it was
3:03
patched on iOS 17.7 it should work on
3:06
all devices so I guess we'll see thank
3:08
you for watching i am Gio Snow
