Hacker demos ‘Flying JB’ Jailbreak for iOS 9.2.1

Chinese hacker Min Zheng aka @SparkZheng has published a YouTube video which demos a jailbreak for iOS 9.2.1 called Flying JB. The demo shows ‘Flying JB’ app successfully jailbreaking iPhone 5c running iOS 9.2.1. It also installs an unsigned Mobile Terminal app during the jailbreak process, which gives you the ability to run any command as root.

Flying-JB-demo-jailbreak-iOS-9.2.1

Zheng has also credited Cererdlong and Eakerqiu for the jailbreak. Zheng has revealed in a blog post that the Flying JB is based on inpuTbag (after the popular Prison Break character Tbag), a 15-year-old kernel HeapOverFlow vulnerability. Apple has fixed the vulnerability in iOS 9.3.2, so the jailbreak won’t work on iOS 9.3.2. Zheng has confirmed that the vulnerability was “very powerful” to exploit the iOS kernel before iOS 9.3.2. However, the jailbreak is much harder in iOS 9.3 and iOS 9.3.1 due to the “entitlements” added by Apple.

Number one on the list of limitations of this tool is the fact that it supports 32-bit devices only, meaning it could potentially work on iPhone 5 and lower only. These devices also have to run iOS 9.2.1 or lower. These two requirements alone make Flying JB much less interesting right off the bat.

Unlike Pangu or TaiG jailbreak, Flying JB isn’t a GUI based tool, so jailbreaking your device wouldn’t be very easy. If you’re adventurous, then you can check out the source code on Github and follow the instructions provided to see if you can jailbreak your device. Though we would recommend holding off for now.

Leave a Reply