0:00
what's going on youtube json right here
0:02
today i have important news for those of
0:04
you waiting for uncover to be updated
0:06
for ios 15. an exploit has been released
0:09
yes not a bug not a vulnerability a full
0:12
exploit which can be used this video is
0:14
brought to you by any trans a software
0:16
that allows you to drag and drop files
0:17
directly from your computer to your
0:18
device like photos music and so on check
0:21
it out in the link below also huge thank
0:23
you to the people who are supporting
0:24
this channel on patreon.com they are
0:27
right now on your screen so uncover
0:29
jailbreak if you want this to be updated
0:31
then this video is definitely for you
0:33
because if you remember i made a video a
0:35
couple of days ago about a new
0:36
vulnerability that was released and it
0:38
was a kernel vulnerability now in the
0:39
comments section of that video everybody
0:41
was like yeah it's just a vulnerability
0:43
they never get turned into exploits and
0:44
stuff like that well it turns out today
0:46
that it has been turned into an exploit
0:48
by binary boy here they posted this
0:51
called desk race and it's available on
0:53
github exploit and all so this one is
0:55
actually a full exploit full kernel
0:57
exploit which works and can be used for
1:00
a jailbreak this one works for ios 15.0
1:02
to 15.1 it says in here quote gets your
1:05
kernel memory write primitives on ios
1:07
15.0 to 15.1 using the cve 2021 30955 by
1:12
brighty up yes if you remember brighty
1:14
up found that vulnerability that i
1:16
mentioned in here this kernel
1:17
vulnerability i talked about in my
1:19
previous video that everybody said well
1:21
it's just a vulnerability and stuff like
1:22
that and well somebody else took it and
1:24
made an exploit from it which is nice i
1:27
have done all the tests on my iphone 11
1:29
running 15.1 iphone 11 being of course
1:32
post a12 so this works on newer devices
1:35
as well but it should work with all
1:37
devices with 4 gigabytes of ram because
1:39
i'm not using any hard-coded offsets or
1:41
anything so that's actually quite nice
1:43
and it's available now in here as i said
1:45
and uncover can definitely use this now
1:47
while this is not a bypass or any fix
1:50
for the sealed root fs that still
1:52
requires some work there are some ideas
1:55
for example messing with bind mounts and
1:57
stuff like that right now those things
1:59
are not fixed the root fs being sealed
2:01
but the kernel exploit is now out now
2:04
it's important to make the distinction
2:05
between a kernel exploit and the kernel
2:07
vulnerability a vulnerability is not
2:09
necessarily an exploit and you cannot
2:11
use it just like that for uncover so
2:13
what brighty app released a couple of
2:15
days ago was just a vulnerability and of
2:17
course that couldn't be used without an
2:19
exploit but what binary boy did was to
2:21
take that vulnerability and write an
2:23
exploit for it which of course this code
2:25
can be taken and integrated in uncover
2:28
basically without any effort just a
2:30
couple lines of code and dragging and
2:32
dropping some files so that's actually
2:33
great because as they say here this gets
2:35
your kernel memory right primitives
2:37
which is exactly what you need for a
2:38
jailbreak in order to apply the patches
2:40
if you can write to the kernel memory
2:42
you can disable sandbox you can elevate
2:44
your privileges and then install cydia
2:45
and stuff like that but uncovered still
2:47
needs to figure out that root fest stuff
2:49
is the same problem that checkrain has
2:51
jackrain has to fix that as well and
2:53
they are working on that so definitely
2:55
wait for that now let's address a little
2:57
bit the situation with compatibility
2:59
this vulnerability was patched in 15.2
3:02
and in my previous video i said that it
3:04
might work on 15.2 beta 1 but it wasn't
3:07
tested at that time well it turns out i
3:09
was right it was tested now and it does
3:11
work on 15.2 beta 1 which was signed
3:14
until like two or three days ago so i
3:16
made many videos in which i told you to
3:18
update that or downgrade to that so if
3:21
you didn't then i'm afraid that's on you
3:23
because it stayed signed for like a
3:24
month or so so what does this support it
3:27
supports 15.1 it supports 15.0.2 15.0.1
3:31
15.0 and that's all right now which is
3:33
great it's still a good range but 15.2
3:35
15.2.1 15.3 15.3.1 and even 15.1.1 by
3:40
the looks of it are not supported i'm
3:42
not sure if 15.1.1 isn't supported or
3:45
they just missed it here because i think
3:47
for some devices 15.1.1 doesn't exist he
3:50
may have just missed it let's see for
3:51
iphone 11 pro yeah as you can see for
3:54
iphone 11 the device they actually use
3:55
for testing the ios 15.1.1 doesn't exist
3:59
it's just 15.1 and then 15.2 so we're
4:01
not sure if 15.1.1 is supported but i
4:04
think it is but yeah all the way up to
4:06
15.1 15.2 and later are not supported
4:08
still very good because this is a full
4:10
exploit that can be used for uncover for
4:12
sure because it already gets you kernel
4:14
memory read access so that's basically
4:16
it pretty great news for the jailbreak
4:18
community the best news we had so far in
4:20
a couple of months so definitely great
4:22
thank you for watching ings now peace
