Ian Beer Released Exploits That Could Create iOS 11 Jailbreak

As promised, security researcher Ian Beer has released the exploit necessary to create a jailbreak for iOS 11.1.2 – iOS 11. The exploit that is called ‘tfp0’ has been fixed in iOS 11.2, which means only devices running iOS 11.1.2 or earlier will be able to work with the jailbreak if it is released.

Though he has tested the exploit on iPhone 7, iPhone 6s and iPod touch 6G, he has confirmed that it should work on the latest iPhone models such as iPhone X, iPhone 8 and iPhone 8 Plus. He has also released a PoC local kernel debugger.

Beer’s Tweets seem to validate initial assumptions that the tfp0 exploit should work on all devices running iOS 11.0-11.1.2, perhaps including Apple’s current flagship handsets: iPhone X, 8, and 8 Plus. He appears to have tested it on an iPhone 7, iPhone 6s, and iPod touch 6G, but adding support for other devices “should be easy,” as he puts it.

To be clear and upfront, Beer’s release isn’t a jailbreak. Instead, it’s a security exploit that someone could potentially use as a part of an iOS 11 jailbreak. Consider it like a piece of an incomplete puzzle; someone still needs to put those pieces together to make a functioning jailbreak tool for the public.

Good news is you can still install iOS 11.1.2 even if you have updated to iOS 11.2, since Apple is still signing the operating system as of this writing. Because Apple recently released iOS 11.2, there’s only a limited amount of time left before the signing window for iOS 11.1.2 closes. That said, you have a tough decision to make if you fancy any chance of jailbreaking iOS 11 in the future.

Two of the most significant new features on iOS 11.2 are Apple Pay Cash and 7.5W wireless charging, both of which most people can (but won’t want to) live without. That said, there isn’t much to lose unless you actually rely on these features.

It is also recommended to save iOS 11.1.2 SHSH blobs using the online TSS Saver tool. If you need help then you can check our step-by-step guide on how to save iOS 11.1.2 SHSH blobs.

The iOS 11.1.2 exploit released by Ian Beer should now allow hackers like the Pangu team to develop the elusive iOS 11 jailbreak. It remains to be seen if the jailbreak will be an untethered jailbreak but Jonathan Lovine points out that “there can be no untethering without blowing a major 0-day in code signing. This also likely requires mounting the root filesystem r/w , which requires patching.”

He also goes on to explain why it isn’t it a full jailbreak:

Because doing a full JB with Cydia and third party tweaks requires bypassing Apple’s formidable (but still imperfect) code signing. One of the trivial ways of doing so is patching kernel code (specifically AMFI hooks and/or that despicable amfid) , and that’s no longer trivially possible on iPhone 7 and later due to hardware protections (a.k.a AMCC or KTRR).

If you’re already cozily jailbroken on iOS 9 or iOS 10, my advice is to stay where you are. I wouldn’t bother taking the risk of losing your precious jailbreak, as there’s still no guarantee that an iOS 11 jailbreak will ever materialize.

Have you been waiting for the iOS 11 jailbreak? Let us know in the comments.

Leave a Reply