Brandon Azad Publishes iOS 12.0-12.1.2 Jailbreak Exploit
Security researcher Brandon Azad has ignited an already fired up jailbreak community by announcing further details of his iOS 12.0-12.1.2 exploit. Dubbed “voucher_swap,” the exploit offers kernel code execution and could be important as developers work toward the first public iOS 12.x.x jailbreak.
Once an exploit of this nature and all accompanying information is published and made public it doesn’t take long for the well-known figureheads in the community to pick it up and start looking at it seriously.
Developer @Pwn20wnd, who previously worked on the Electra team and is also responsible for the unc0ver jailbreak, has confirmed his interest in the exploit. However he has also conceded that the exploit currently requires a “16K (A9(+)) device for now,” which he currently doesn’t have access to for testing purposes.
It’s times like this that you really see the positive and collective spirit of the jailbreak community, however. Multiple people have already responded suggesting that they would donate their own A9 device to the cause if it helped in testing the exploit to work toward an actual jailbreak release. Others have suggested that if a dedicated PayPal donation link was created then the developer would receive enough donations very quickly to purchase the relevant hardware for testing and to be able to move this forward.
As for Azad’s post and publication, he discusses how he “discovered and exploited” bug number CVE-2019-6225 which has recently been acknowledged and credited to him as part of Apple’s iOS 12.1.4 security content update. The information dives into the detail of how to exploit that big on iOS 12.1.2 by building a “fake kernel task port”, which, in turn, allows the developer to read and write arbitrary kernel memory. Apple attributes the bug to Brandon Azad and Qixun Zhao of the Qihoo 360 Vulcan Team.
This is the closest that we have been to what appears to be an incoming iOS 12.x.x jailbreak. Apple is currently still signing iOS 12.1.1 and iOS 12.1.2 so it could definitely be worthwhile downgrading your firmware version from iOS 12.1.3 and soon to be released iOS 12.1.4 if you are interested in liberating your device when this jailbreak finally drops into the public domain. Of course, there are no timescales for that but we can only presume that it is incoming.
You can check out the details on the exploit right here.