Not long after tihmstar published his iOS 11.4-11.4.1-centric tfp0 exploit for headphone jack-enabled handsets, security researcher Brandon Azad followed up by releasing an exploit of his own intended for iOS 12.0-12.1.2 devices.
Azad shared the news via Twitter Tuesday afternoon, including a link to documentation encompassing the exploit:
The A12, now with more kernel code execution; introducing voucher_swap: https://t.co/rVkwo50fgd
— Brandon Azad (@_bazad) January 29, 2019
The supported firmware versions should sound familiar if you’ve been following the iOS exploitation train lately, and that’s because hacker S0rryMyBad recently posted a PoC of an exploit that achieved similar results.
Commentary left on /r/jailbreak by hacker and unc0ver lead developer Pwn20wnd reveals that the exploit currently “requires a 16K (A9(+)) device for now.” Unfortunately, that isn’t one of the devices Pwn20wnd has in his testing arsenal at the time of this writing; that said, it remains to be seen if Azad’s exploit will result in the very first public jailbreak for iOS 12. Some community members have already offered to donate to the hacker to hel facilitate progress on an iOS 12 jailbreak:
In any case, Apple is still signing both iOS 12.1.1 and 12.1.2 at the time of this writing, which means you can still downgrade via iTunes if you haven’t already. Don’t forget to check IPSW.me for the signing status of these firmware versions before proceeding with a downgrade and save your SHSH blobs. Those happily jailbroken on iOS 11 should stay where they are, and so too should those un-jailbroken on iOS 11.4-11.4.1 – especially now that tihmstar’s exploit is publicly available.
As Pwn20wnd noted previously, it’s best to stay on the lowest possible firmware if you care about jailbreaking iOS 12, as each software update tends to close vital security holes that could be exploited for a jailbreak.
Those interested in learning more about Brandon Azad’s iOS 12.0-12.1.2-centric exploit can read the official documentation here.
It’s virtually unheard of for so many exploits to be released at one time, and for that reason, this is a day we will not soon forget. On the other hand, the release of an exploit isn’t the only component that goes into jailbreak tool development, so the community will need to continue waiting to see if anything materializes from it all.
What do you think about the sudden splurge of iOS-centric exploits? Discuss in the comments section below.