A recent surprise report that “VFS Exploit can be invoked via Safari” was done, but some methods were also released …!
Although so-called “JailBreakMe” can not be created by this alone, CoolStar and others are interested in making a jailbreak or jail restoration site via Safari for iOS 11.3.1.
Niklas who reported “VFS Exploit can be invoked via Safari” released a new exploit.
Since Exploit is [executable program or code], this makes it possible to use this method.
Safari exploit for iPhone 8, iOS 11.3.1 https://t.co/LbfT4asyFM
NOT USEFUL FOR USERS. Stage 2 is not open source so people can’t abuse it easily. Won’t have time to work on this more, but as a developer lmk if you want to turn this into something cool and I can share sources.
— Niklas B (@_niklasb)
However, not everything is public, only things for iPhone 8 and iOS 11.3.1 at the moment. Also, there seems to be a part that is not made public.
It is said that developers would like to provide them if they want it, and those that are unpublished are handled correspondingly, and they are going to be released.
To Niklas CoolStar replied, “If Electra is able to publish 【JailbreakMe 5.0】 using them, it may be wonderful!”, It seems to show interest!
@_niklasb hey, I saw your webkit exploit and thought it might be cool if Electra could be distributed using it as a JailbreakMe 5.0 🙂
— CoolStar (@coolstarorg)
By the way, Niklas “Because I have time tomorrow, so I should talk with you in chat”, so some kind of consultation may be done?
Well, it’s two bugs exploited in sequence. @5aelo‘s bug is used for RCE, then Ian’s bug is used for privesc
— Niklas B (@_niklasb) June 16, 2018
By the way, because JailbreakMe 5.0 has a jailbreak site “JailbreakMe 4.0” for iOS 9.1 – 9.3.4, it will be the next version ….
Nullpixel, a member of the Electra team, also said “If this is realized, we will be able to fully solve 7th issue, and will no longer have the need for an Apple ID or developer account!”
Usually Electra uses Cydia Impactor, authenticates with its own Apple ID, installs … and then uses it. The biggest problem here is that “the certification will expire in 7 days”. If it is now, you can also authenticate the device alone with Extender etc, but if you forget it, you need to connect with the PC ….
However, if JailbreakMe 5.0 is realized, it will become possible to jailbreak and return to the jailbreak environment just by accessing from Safari.
Of course, since authentication etc. are unnecessary for this, we will solve the 7th issue perfectly!
However, personally, “Jailbreak” also responds … That part is a little doubtful.
When “jailbreak” is done, what you can enclose if it is the application version of Electra, because some degree of file is exchanged every time in the site version, I thought how it is like CoolStar.
However, if it is just “returning to a jailbreak environment”, it is likely that it will be possible to do so only by reading the capacity of the site or a small capacity file.
Basically, if we respond even to “return to jailbreak environment”, we can solve the problem on Cydia Impactor’s errors, so most people seem to be very satisfied with just that.