Alibaba Team Flaunts iOS 12.1.2 A12 Bionic PoC Jailbreak

Min “Spark” Zheng and Xialong Bai have taken to Twitter to show more of their work pertaining to security research on Apple’s iOS platform. The latter, Bai, has tweeted about gaining tfp0 and root on Apple’s A12 devices running iOS 12.1.2.

Min Zheng had previously taken to the social network to showcase the work that he was calling “Port-oriented Programming Attack Proof 2: Getting task_for_pid_0 & root on iOS 12.1.2.”

This was extremely impressive and gave hope to the jailbreak community regarding the potential of an iOS 12.1.2 jailbreak but that work came with limitations. The most notable was that the research and work were carried out was solely on and for Apple’s iPhone 6s.

It seems that the internal work by both of these extremely talented security researchers has continued and has progressed to the point where Xialong Bai feels comfortable to let the world know about “Attack Proof 3,” which they are titling “Attack Proof 3: Get task_for_pid_0 & root on iOS 12.1.2 (iPhone XS Max with A12 core).” This is essentially a continuation of the same work but which has now been extended to work with Apple’s latest A12 Bionic chip that includes the latest hardware such as iPhone XS Max.

This latest revelation is excellent news for the fact that it shows that Apple’s iOS 12.1.2 OS is indeed vulnerable to getting read and write access at a kernel level, even on the latest hardware running Apple’s latest chip architecture. This will undoubtedly boost the community and give a sense of belief that if the work is released into the public domain then someone with the necessary skills could pick it up and hopefully add in the missing parts to provide what is a highly anticipated iOS 12.x.x jailbreak.

However, we are talking about work from engineers within Alibaba who find bugs and vulnerabilities with the sole aim of selling those to companies like Apple and then presenting their findings at security conferences.

Given the history and what we know, this team will definitely not be putting together a jailbreak on the back of this work that will then be released into the public domain. However, this work could actually lead to something tangible being pushed out into the community in the near-to-medium future.

(Source: @bxl1989 [Twitter])

You may also like to check out:

You can follow us on Twitter, add us to your circle on Google+ or like our Facebook page to keep yourself updated on all the latest from Microsoft, Google, Apple, and the Web.