Alloc8 Jailbreak Bootrom Exploit For iPhone 3GS New Bootrom Released
We may find ourselves sitting with iPhone 7/7 Plus in our hands, and talking enthusiastically about what Apple has planned for this year’s anniversary edition iPhone, but attention today has taken a trip through the sands of time, focusing intently on Apple’s iPhone 3GS.
Out of nowhere, a new untethered bootrom level exploit has been found and announced, which essentially means that both variants of Apple’s legacy iPhone 3GS hardware are capable of being jailbroken in an untethered nature forever.
A developer by the name of axi0mX has released the said exploit via a GitHub project containing the necessary information and links to the alloc8 exploit. The GitHub information confirms that alloc8 isn’t a “typical heap bug”, but rather exists as a “bug in implementation of the heap itself”.
It also means that alloc8 now sits alongside an existing bootrom exploit, called 24Kpwn, for Apple’s first hardware version of iPhone 3GS (old bootrom), in allowing the updated hardware with the new patched bootrom variant, to be jailbroken, downgraded, or restored to custom firmware forever:
alloc8 brings freedom to millions of iPhone 3GS devices, forever, by exploiting a powerful vulnerability in function malloc in the bootrom. Both revisions of iPhone 3GS bootrom are vulnerable, but old bootrom is also vulnerable to 24Kpwn, which is faster than alloc8.
This is definitely exciting news, and news which will definitely be fantastic for lovers of Apple’s devices, as well as developers, due to the fact that it essentially allows unobstructed, permanent jailbreak access to any iPhone 3GS running any firmware. Apple’s iPhone 3GS may not exactly be a device which is frequently used in today’s modern smartphone world, but the fact that this discovery is at a bootrom (hardware) level, and therefore cannot ever be patched by Apple, is a huge announcement for the community, and in particular for the developer and any partners involved. It may come with limitations in that it is limited purely to that particular device, but it’s still a notable find.
From a features perspective, the developer has listed a few on the official GitHub page, such as being able to jailbreak iPhone 3GS with the new bootrom. There’s also an extensive write-up on the discovery and instructions on how to get up and running the ipwndfu tool that puts this new alloc8 exploit to work.