Apple May Have Patched Limera1n Exploit in Newer iOS Devices (iPhone 4, iPad, iPod touch) – Rumor [Updated x2]
We have just been tipped off, by the user himself to an interesting story that he posted over at ModMyi Forums where he bought a new iPad (running iOS 4.2.1) for his lady as a Christmas present, only to find out that he was not able to jailbreak it using the latest version of Redsn0w.
orbyorb: @TaimurAsad Please read http://bit.ly/hJuCSc –limera1n has probably been patched in iOS devices rolling out as of this week.
In case you don’t already know, the current version of Redsn0w uses Geohot’s bootrom based Limera1n exploit to jailbreak all current iOS devices on the latest firmware. Since Limera1n exploit exists in the hardware, only a hardware revision from Apple could have patched it. And if Jack’sfindings are true, Apple might have patched it in the new stock of iPhone 4, 3GS, iPad, iPod touch 4G and Apple TV 2G.
Here is the complete story:
I made a trip to the Apple Store today to get an iPad for my old lady (Christmas present). She told me she’d love it jailbroken, so I sat down in front of my computer to redsn0w this 4.2.1 iPad.
One problem–redsn0w 0.9.6b6 could not upload a pwned iBSS (hanged at the white screen on OS X, upload timed out and rebooted into jailed state with Windows).
Furthermore, the device constantly stalls when attempting to dump its bootrom. This leads me to believe the injection vector used via USB has been patched in DFU mode.
Case in point: Any iOS device with a serial number xx050 (this week) or higher might be unable to be jailbroken via the limera1n exploit. Slightly older devices may be invulnerable as well.
So if your new iOS device comes with serial number xx050, there is a high chance that Limera1n is already patched on this device and you may not be able to jailbreak it with current jailbreak tools.
Again, we are not sure if this is indeed the case. Hopefully someone from the Dev-Team will soon shed some light on this. [Thanks to Jack for the hat tip via Twitter]
This is the first revision of the S5L8930 bootrom, found in the iPad, the iPod touch 4G, and in the iPhone 4. Geohot has hinted at an undiscovered bootrom exploit in all iDevices. He then left the jailbreak scene, but came back to release limera1n.
SHAtter, a different exploit that only targets S5L8930 devices, is not released yet.
UPDATE 2: Dev-Team responds:
MuscleNerd: the 2 times Apple has fixed bootrom so far, the bootrom version # changed too. This is still showing 574.4, so I wouldn’t worry.
You can follow us on Twitter or join our Facebook fanpage to keep yourself updated on all the latest from Microsoft, Google and Apple.