0:00
what's going on youtube gsnorik here so
0:02
in today's video we have some good news
0:03
for those of you waiting for an ios 15
0:06
jailbreak even more research has been
0:08
posted by security researcher john
0:10
eckerblom this video is brought to you
0:11
by phone rescue a software that allows
0:13
you to do data recovery from your device
0:15
or from backups or even from your icloud
0:18
account and you can also fix the device
0:19
stuck in recovery mode or a boot loop
0:21
and so on you can also recover the
0:23
screen time passcode if your device is
0:25
blocked check it out in the link below
0:27
so as you probably remember back in
0:28
april john ackerblom posted an exploit
0:31
for ios 15 and it's available here on
0:33
github this one works up to 15.1.1
0:36
it was patched in 15.2 and it can be
0:38
used for taurine and even for uncover to
0:40
update their tools in fact this might be
0:42
usable even for ios 14.8 14.8.1
0:46
14.7 and so on on those devices where
0:49
the uncover has never been updated to
0:51
support them like the a14 devices
0:53
however today john ackerblom posted
0:55
something else they also posted these
0:57
slides for their presentation held at
1:00
zerocon 2022 and these basically detail
1:03
the exploits and the techniques and so
1:05
on and this could prove very useful for
1:07
the jailbreak community because these
1:08
contain a lot of techniques and how to
1:10
exploit and where the bugs are and so on
1:12
so for anybody interested on how all
1:14
these work this presentation details a
1:17
lot of important things including kernel
1:19
vulnerability mitigations and so on but
1:21
the most important part is the currently
1:24
available techniques that are being used
1:25
in order to get generic kernel read and
1:27
write primitives and you can see here
1:29
that the ipc port or tfp0 has been
1:31
heavily mitigated over time and yes
1:33
that's correct jailbreaks used to use
1:35
this a lot in the past we used to get
1:37
the fp 0 with almost every kernel
1:40
exploit in order to get a jailbreak but
1:41
that stopped being reliable back in ios
1:44
14. then we got the pipe buffers which
1:46
have been packed or pointer
1:48
authentication coded in 14.2 then uio
1:51
which was packed in 15.0 and currently
1:53
io surface client which is still
1:56
available to this day so yes
1:57
jailbreaking is definitely not dead it's
2:00
still possible to get kernel read and
2:01
write primitives even without dsp 0
2:04
which was patched a long time ago
2:06
pattern f has been the first to
2:07
demonstrate this the usage of this apple
2:09
has done something about that in ios
2:11
15.0 they blocked a couple of methods
2:14
from being publicly available to the
2:15
safari sandbox but they did not block
2:17
all of them so that's exactly how john
2:19
ackerbloom managed to create the exploit
2:21
for ios 15.1.1 and lower because there
2:24
still are various methods to get kernel
2:26
read and write primitives because this
2:28
exploit over here also has colonel
2:30
reading right so how good is this
2:32
exploit and this presentation for
2:34
jailbreak purposes well very good it
2:36
supports a large variety of ios 15
2:38
firmware starting from 15.1.1 and going
2:41
all the way down to 14.6 and so on and
2:43
both the taurine and the young cover
2:45
team can benefit from it in fact
2:47
coolstar already announced that they
2:49
might be using this exploit that was
2:50
released in order to update taurine for
2:52
14.6 14.7.1 14.7 and even 14.8 on all
2:57
devices which is definitely great
2:59
however we don't have any information
3:01
from uncover if they're going to update
3:03
their tool or not but the exploit that
3:05
was released is actually quite good for
3:07
that and the presentation that was
3:08
released today detailing the techniques
3:10
and so on is also very important because
3:13
it tells a lot of information that is
3:15
needed to be known by people who are
3:16
getting started with jailbreak
3:18
development so yes definitely great news
3:20
coming from john akerbloom thanks for
3:22
posting the exploit and also the
3:23
presentation it definitely helps to
3:26
continue the jailbreak movement thank
3:27
you for watching i'm jio snow till the
3:29
next time subscribe to stay updated and
