0:00
what's going on YouTube geosite here
0:02
today we're discussing a brand new
0:03
exploit that was seemingly released and
0:06
we're going to take a look at the cve
0:08
the vulnerability itself it's for iOS of
0:10
course might be usable for jailbreak
0:11
purposes so one of you told me about it
0:14
in a comment on Twitter you said have
0:16
you seen this repo which is a GitHub
0:18
repo what do you think about it scam or
0:20
not so if you go ahead in here it says
0:22
cve 20252 485 it details the cve ID the
0:27
impact the fact that it's critical it
0:29
says a malicious application that can
0:31
Elevate privileges it could possibly be
0:33
good for jailbreak purposes then says
0:35
this issue has been actively exploited
0:37
against versions of iOS before 17.2 the
0:40
vulnerability can be used to gain higher
0:42
level access to the system which leads
0:44
to unauthorized Control Data Theft or
0:47
system compromise there's even an
0:48
exploit download button over here before
0:50
we get into it this video is brought to
0:52
you by 8K SEC they teach you in their
0:55
course how to find iOS vulnerabilities
0:57
how to build your own exploits and of
0:59
course how to make a jailbreak they do
1:01
have the offensive iOS internal course
1:03
over here which goes in depth on all
1:05
security techniques on iOS like
1:07
sandboxing and code signing and they get
1:09
into each jailbreak and how they work
1:11
and whatever so definitely check it out
1:13
below right so thank you to the person
1:15
who tweeted this to me this is actually
1:17
quite interesting we're going to take a
1:18
look at it now I have a couple of
1:19
suspicions for this particular Post in
1:22
here for this particular repo first of
1:23
all if you go ahead on the security
1:25
content of iOS 18.3 which patches that
1:29
vulnerability the acve is indeed real
1:31
it's in core media says impact a
1:33
malicious application may be able to
1:35
elevate Privileges and apple is aware of
1:37
a report that this issue may have been
1:38
actively exploited against versions of
1:41
iOS before 17.2 it's a use after free by
1:43
the looks of it so these are usually
1:45
very good vulnerabilities for jailbreak
1:47
purposes so yes the vulnerability itself
1:49
is legitimate it does exist it is
1:52
actually possible to use this very
1:54
likely for jailbreak purposes maybe not
1:56
alone cuz you do need to chain them
1:58
these days there are multiple techniques
2:00
that need to be bypassed however the
2:02
vulnerability is real we got that out of
2:04
the way it is a real vulnerability it's
2:06
not fake but then the account that
2:08
posted this has only been in existence
2:11
for a couple of days you can see they
2:12
joined GitHub a couple of days ago like
2:14
three days ago they don't have any
2:16
public repositories besides this
2:18
vulnerability over here and there is no
2:21
code whatsoever not even a proof of
2:23
concept not an exploit I'm not asking
2:25
for an exploit just a proof of concept
2:27
that you can show me that the
2:28
vulnerability does exist on iOS and it I
2:31
don't know crashes the device or
2:33
something that would have been
2:34
sufficient to prove that you do have in
2:36
fact the code for this formability but
2:38
there's nothing here there is however a
2:41
contact link or rather an email but then
2:43
you have the exploit download button
2:45
which if you click it tells you to buy
2:47
it from here satosi disc.com with
2:50
Bitcoin and they ask about
2:53
$233 US dollar and you get three files
2:56
which would be .zip presumably
2:58
containing the explo itself proof. MP4
3:02
and read me. text which presumably is
3:04
the same readme from here this does seem
3:06
to be getting some traffic however I
3:08
would not buy it it's the first time I
3:10
see a vulnerability being publicly
3:12
listed for Bitcoin you know that you can
3:15
buy an exploit for iOS for Bitcoin and
3:18
it's not even a zero day it's been
3:20
patched and it's been patched in iOS
3:21
18.3 by the looks of it while this
3:23
vulnerability could definitely be usable
3:26
in a gilic context because of what it is
3:29
it's very likely not available in here I
3:31
don't know it doesn't seem legit to me
3:34
asking for Bitcoin for a vulnerability
3:36
and then there is no information that
3:38
this is the real user who found it this
3:41
account's name is not present in the cve
3:44
if you take a look in here on core media
3:46
they are not credited in here it's just
3:49
2485 nobody is being tked in here or you
3:53
know credited or just acknowledged by
3:56
Apple while other vulnerabilities you
3:58
can see they have people who have found
4:00
them you know handles on Twitter and
4:02
stuff like that so you can easily cross
4:04
reference the data and see yeah that's
4:06
the account that found it Apple credited
4:08
them so if they are selling the
4:09
vulnerability for Bitcoin at least I
4:11
know that I'm buying from the real
4:12
person who has reported the
4:14
vulnerability to Apple is there choice
4:16
if they want to sell the exploit but in
4:18
this case there is just no way to tell
4:21
if this account here is the real person
4:23
who has reported the vulnerability and
4:25
it just looks shady as hell so if you
4:27
are planning to buy this U thinking you
4:29
you can make a jailbreak or maybe use
4:31
this for jailbreak purposes please don't
4:33
there is zero confirmation that this
4:35
account is indeed selling the
4:37
vulnerability we don't know what these
4:38
files contain even if you are buying
4:40
them even if you are getting them and
4:41
while the vulnerability itself is
4:43
definitely legit and even powerful the
4:46
account might not be they might just be
4:48
hijacking the vulnerability pretending
4:49
to have it just to grab your money they
4:51
say here the exploit availability is not
4:53
public only private so yeah I would
4:55
definitely stay away thank you for
4:57
watching I am gios snow peace out
