New WebKit RCE Bug Discovered, Could Lead To iOS 12.0.1 JailbreakMe-Style Jailbreak

A new WebKit RCE bug has been discovered, exploited, and documented, which could give some hope of a future JailbreakMe-style jailbreak. After a period of relative calm in the world of jailbreaking, this could be the hope that a lot of people need relating to a potential iOS 12 jailbreak.

The existence of the WebKit RCE bug and the associated exploit was announced to the world on Twitter by Ahn Ki Chan. The work has actually been undertaken and shared with the world by Twitter user @begger_dd, who goes by the name of “BigD.”

Not exactly the best hacking or security name in the world but he is clearly an individual who is well-known to the community and has benefited from kind words from popular members such as Niklas Be (@_niklasb):

kudima(@begger_dd) submitted another WebKit RCE exploit to the repository! He wrote the entire exploit along with a very detailed annotation, which works up to iOS 12.0.1. Thanks again @begger_dd for the contribution! ?

As confirmed by the tweet, this work exists all the way up to iOS 12.0.1 meaning that it looks as though Apple may have patched whatever this bug was with the release of iOS 12.1. That’s not exactly ideal but could potentially give hope to the community that we could be seeing an iOS 12.0.1 jailbreak soon.

It is, however, worth noting that this is only part of the overall puzzle but could potentially lend itself to the production of a JailbreakMe type experience that is capable of remote jailbreaking a device through a web page visited via Mobile Safari.

Currently, members of the jailbreak community and those who are interested in jailbreaking are able to jailbreak devices up to and including iOS 11.3.1. Electra and Unc0ver both support jailbreaking at that level and also include the ability to liberate iOS 11.4 beta 3 but neither have the ability to jailbreak anything higher than that.

We’ve seen a number of potential breakthroughs as far as iOS 12 is concerned but nothing concrete yet that could be released into the public domain. Let’s keep our fingers crossed that the iOS 12.0.1 WebKit RCE bug could give us something in the near future. You can check out the work over at the GitHub page here.

(Source: @Externalist [Twitter])

You may also like to check out:

You can follow us on Twitter, add us to your circle on Google+ or like our Facebook page to keep yourself updated on all the latest from Microsoft, Google, Apple, and the Web.