Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Jailbreak Chain #4

Open
okbabsh opened this issue Aug 28, 2017 · 6 comments
Open

Jailbreak Chain #4

okbabsh opened this issue Aug 28, 2017 · 6 comments

Comments

@okbabsh
Copy link

okbabsh commented Aug 28, 2017

So as you mentioned , it requires a sanbox escape to get a full jailbreak , is there any other requirements? If no then i know someone who can function the P0 exploit and the ziVA into one program , then install cydia and get a jailbreak , tell me what is missing without only saying "alot is missing"
@GeekBreak
Copy link

GeekBreak commented Aug 28, 2017
edited
Loading

To install Cydia atm a KPP bypass is needed, iOS 10.2.1 is the only version with a public KPP bypass (the one used by mach_portal+taluX, Yalu102 and extra_recipe+yaluX)
Without a KPP bypass the best thing that you can do is gain tfp0 patch and set a nonce to use futurerestore with your SHSH2

@okbabsh
Copy link
Author

okbabsh commented Aug 28, 2017

Can't i just install cydia using the normal ipa's? I mean can't it get us to something? And my friend had a jailbreak on 10.2 and the updated to the 10.3.1 does that trigger anything?

@GeekBreak
Copy link

Cydia and tweaks can't be installed as iPAs, standard application, just like an AppStore app, can't access the filesystem, needs to be installed as a deb or using a bootstrap.tar, and no, 10.2 Jailbroken>10.3.1 doesn't trigger anything.
From what doadam wrote in his HITBSEC slides and xerub on his twitter, if saurik will rewrite Cydia and his core, a KPP/AMCC. bypass could not be necessary

@okbabsh
Copy link
Author

okbabsh commented Aug 29, 2017

Thanks alot that almost answered my question , so now the jailbreak final chapter is maybe betweek saurik's hands , and sorry now i read doadam slides , i think i have to talk to saurik about that? And know if it's even possible , the only missing now is cydia , with cydia installed having access to file system , we can install debs , this way we can have a full functioning jailbreak? Correct me if i mistaked something

@okbabsh
Copy link
Author

okbabsh commented Aug 29, 2017

And another question , can we install cydia's ipa , using bootstrap? Without a jailbreak? I mean depending on a mac not the iphone itself , i'm really trying to help here so just tell me the missings and i can contact the developers personally

@robonxt
Copy link

robonxt commented Aug 30, 2017

Jailbreaking isn't that easy. We may have the exploits to create a jailbreak, but we also need to bypass rest of the security systems inside iOS. You can't just 'install' Cydia onto a non-jailbroken phone by installing the ipa, because like what @GeekBreak said, Cydia needs access to the file system and without the access to the file system, Cydia will be useless. Also, correct me if I'm wrong, but you can only bootstrap IF you have access to the file system or core iOS processes.
I'm not a jailbreaker or a hacker, so take my words with a pinch of salt :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@robonxt @GeekBreak @okbabsh