0:00
what's going on YouTube GSN here today
0:02
we have a brand new iOS 18 vulnerability
0:04
compatible with old devices that was
0:07
released this one could potentially be
0:08
useful for jailbreak purposes and for
0:10
iOS customization purposes so we're
0:12
going to get into it in a second this
0:14
video is brought to you by AKC Academy
0:16
if you want to learn everything about
0:18
iOS how it works how to create exploits
0:20
and how to find vulnerabilities as well
0:22
as how to create your own chill break
0:23
they provide a master mobile security
0:25
course which essentially contains a lot
0:28
about iOS about Android and stuff like
0:30
that they even have offensive iOS
0:32
internals over here which goes in depth
0:34
about the operating system the kernel
0:36
reverse engineering finding
0:38
vulnerabilities exploiting them and even
0:40
creating your own jailbreak because you
0:41
get all the knowledge that you need for
0:43
that these are actually quite great they
0:45
go in depth if you always wanted to
0:47
learn how to make your own jailbreak or
0:49
how to find these bugs for example the
0:51
bug that we essentially are going to
0:52
talk about in this video so what is this
0:55
bug well Tommy posted this a couple of
0:57
days ago quote I've been told that my
0:59
online activity has been dead for years
1:01
so after a friend suggestion I've made a
1:03
simple PC or proof of concept with a
1:05
little description for cve 2024
1:08
44285 so it's an iOS surface proof of
1:11
concept in here and uh we have this
1:13
GitHub repository containing the proof
1:15
of concept this is the code that you can
1:17
run to trigger the vulnerability
1:19
remember this is not an exploit it's a
1:21
proof of concept it's a vulnerability
1:23
and this code essentially just triggers
1:25
it now we also have something from this
1:27
person over here 34306 this is
1:29
essentially an application that uses the
1:31
same vulnerability in order to crash the
1:33
device so it successfully exploits the
1:35
vulnerability triggers the vulnerability
1:37
in order to make the device just reboot
1:39
it's not useful for jailbreaking this
1:40
application over here it just proves
1:42
that the vulnerability does work and
1:44
with this you can actually test if the
1:45
vulnerability works on your device now
1:47
if you want to learn more about this
1:48
vulnerability they do have an entry on
1:50
the national vulnerability database over
1:52
here on nest and you can see exactly
1:54
which devices are affected but it is
1:56
actually present in Apple's change log
1:58
as well and you can see its iio surface
2:01
over here it says an application may be
2:03
able to cause unexpected system
2:04
termination or corrupt kernel memory now
2:06
this is a use after free type of
2:07
vulnerability it supports iPhone 10s it
2:09
supports iPhone 10s and later so all
2:12
devices all modern devices are supported
2:15
you already have a proof of concept for
2:16
it over here which is actually quite
2:19
great now would you be able to use this
2:20
vulnerability for a jailbreak like
2:22
dopamine probably probably not the
2:24
vulnerability itself is actually
2:26
powerful it's quite powerful it's a
2:28
kernal vulnerability however being a use
2:30
after free with all the mitigations that
2:32
are present in modern iOS the success
2:35
rate for this exploit is probably
2:36
atrocious however you could
2:38
theoretically still create an exploit
2:39
for it and it could theoretically still
2:41
be used for jailbreak purposes you may
2:43
need to chain it with different exploits
2:44
especially on newer iOS versions for you
2:47
know Pac and stuff like that pointer
2:49
authentication codes but that's what
2:51
every exploit needs to do in order to
2:53
create a Jailbreak on iOS and modern
2:55
devices so it's not particularly this
2:57
exploit being weak another place where
2:59
this exploit would shine is in
3:00
applications like Mya X and nugget and
3:03
kaab banga and stuff like that those
3:06
tweaking applications customization
3:08
applications for iOS 17 and 18 that
3:10
essentially modify the system files just
3:12
a bit to allow various tweaks and you
3:15
know various modifications on iOS like
3:17
bringing back the old photos UI on iOS
3:20
18 or enabling Apple Intelligence on
3:23
devices that don't naturally support it
3:25
by default or not yet enabling top to
3:27
wake SOS Collision changing the clock UI
3:30
maybe even changing icons and stuff like
3:32
that these actually could definitely
3:34
benefit from this kind of vulnerability
3:36
once this one is exploited right now
3:38
it's in the stage of a PC proof of
3:40
concept anybody who has the knowledge
3:41
can create an exploit for it um so we're
3:44
going to wait and see what's going on
3:45
this was patched in iOS 18.1 but it
3:47
should not update to iOS 18 at all at
3:50
the moment if you're running iOS 18.0
3:53
something stay where you are if you're
3:54
running iOS 17 stay where you are do not
3:57
update further y thank you for watching
3:59
I amgs till the next time peace out