Developer Demos 0day Jailbreak Exploit On iOS 13 Mere Hours After Apple Released The Beta [Video]
A well-known security researcher and hacker has opened the iOS 13 “cat-and-mouse-game” with Apple by demonstrating an undisclosed 0day vulnerability in Apple’s initial iOS 13 beta.
Apple only released iOS 13 beta 1 yesterday immediately after the opening WWDC 2019 keynote so this demo shows how quickly the community has been able to hack the company’s latest firmware.
As you would expect from a demonstration of this nature, @iBSparkes shows the device in question and proves that the hardware is running Apple’s initial iOS 13 beta firmware. He does this by showing off the new native dark mode in the iOS 13 Settings app.
Next, after proving that the device is running iOS 13, the hacker launches an unknown application from his second Home screen – presumably one of his own building containing the proof-of-concept code required to invoke this 0day – which immediately crashes the device. To most people, it’s just a crashing app so what’s the big deal? However, to someone with that skill set, it’s actually a purposely induced kernel panic, which, with further work and investigation, will open up a whole new world of possibilities on iOS 13.
The extremely impressive thing here is that this has actually all been cobbled together literally within a few hours of Apple’s releasing the initial iOS 13 beta. This could be a 0day which the hacker was sitting on from a previous public version of iOS which has made it across to iOS 13 without being patched, or it could be an entirely new discovery altogether. Either way, it shows the dedication of those people in that community who are committed to outfoxing Apple and liberating iOS devices.
It remains to be seen what the next steps are here. It’s very likely that @iBSparkes will continue to work on this vulnerability and see how far he can take it, both by himself and with the help of other figureheads in the community. However, whether or not this work is released is another story. Given that iOS 13 is in a pre-release state, it simply doesn’t make sense to expose this bug until at least the first public version is released later this fall.
If anything else progresses we will be sure to keep you updated.