Well-known hacker and security researcher Luca Todesco has just released a WebKit-based loader for the Pangu 9.3.3 jailbreak. This impressive browser exploit is reminiscent of the original JailbreakMe exploits on iOS 1 and iOS 4, after which it is named. All that is required for the technique to work is to follow a URL in mobile Safari, press a button, and then lock your device.
However, it addresses one of the biggest pain points of the iOS 9.3.3 jailbreak, which was the requirement of a developer certificate for the loader app. The web-based tool makes use of a vulnerability in Safari to re-enable the jailbreak without needing a certificate.
So I’ve decided to solve the iOS 9.3.3 jailbreak certificate issue once and for all.
— qwertyoruiop (@qwertyoruiopz) December 7, 2016
To see it in action, you need to visit https://jbme.qwertyoruiop.com in mobile Safari on your jailbroken iPhone, iPad or iPod touch on iOS 9.3.3. Please note that this won’t work on iOS 10 – iOS 10.1.1. You need to click on the go link and wait until you see alert the following alert “All set. Close this alert and lock your screen to continue. See you on the other side. You may need to try it multiple times to get it to work.
Safari based exploits are very rare, so it is quite impressive that Todesco has managed to release a Safari based solution for the certificate issue with Pangu 9.3.3 jailbreak. As Todesco points out, one of the downsides of the web-based loader is that it could be used by hackers with malicious intent, so you should careful about clicking on links from untrusted sources.
Let’s hope Todesco can work his magic and release an iOS 10 jailbreak. However, he has warned users interested in jailbreaking their iPhone, iPad or iPod touch to avoid upgrading to iOS 10.2, as Apple has patched several vulnerabilities that could have been used to release a jailbreak for iOS 10.