Difference between revisions of "Star"

From The iPhone Wiki
Jump to: navigation, search
(Added a picture of Star.)
(new firmware, Sourcecode link, PDF warner)
Line 1: Line 1:
 
[[Image:Star.jpg|thumb|Star on an [[N72ap|iPod touch 2G]].]]
 
[[Image:Star.jpg|thumb|Star on an [[N72ap|iPod touch 2G]].]]
Star is a userland [[jailbreak]] from [[User:Comex|comex]] that utilizes 3 unknown exploits (2 new exploits, and 1 from [[Spirit]]) to jailbreak iOS 3.1.2 and later. Star warns that 3.1.2 and 3.1.3 are known to fail though, and that performing a fresh restore to 4.0 is recommended. It can be used via [[Jailbreakme]].
+
Star is a userland [[jailbreak]] from [[User:Comex|comex]] that utilizes 3 unknown exploits (2 new exploits, and 1 from [[Spirit]]) to jailbreak iOS 3.1.2, 3.1.3, 4.0 and 4.0.1. Star warns that 3.1.2 and 3.1.3 are known to fail though, and that performing a fresh restore to 4.0(.1) is recommended. It can be used via [[Jailbreakme]]. With the release of iOS 4.0.1 (and iOS 3.2.2 for iPads) on 11 August 2010 the vulnerabilities were fixed so that it doesn't work anymore.
   
 
==Payloads==
 
==Payloads==
Line 6: Line 6:
   
 
The second payload use an exploit in the kernel to get root access and privileges in order to jailbreak.
 
The second payload use an exploit in the kernel to get root access and privileges in order to jailbreak.
  +
  +
==PDF Warner==
  +
Because this jailbreak revealed a new security hole, malicious people could also make use of this. Therefore it is recommended to install the PDF Warner from Cydia.
  +
==Links==
  +
*[http://github.com/comex/star Sourcecode for Star]

Revision as of 00:07, 12 August 2010

Star on an iPod touch 2G.

Star is a userland jailbreak from comex that utilizes 3 unknown exploits (2 new exploits, and 1 from Spirit) to jailbreak iOS 3.1.2, 3.1.3, 4.0 and 4.0.1. Star warns that 3.1.2 and 3.1.3 are known to fail though, and that performing a fresh restore to 4.0(.1) is recommended. It can be used via Jailbreakme. With the release of iOS 4.0.1 (and iOS 3.2.2 for iPads) on 11 August 2010 the vulnerabilities were fixed so that it doesn't work anymore.

Payloads

The first payload is deployed via a http redirect to a prepared pdf file. The PDF contains a CFF font with a malformed type 2 charstring, which contains commands to repeatedly push and duplicate random numbers onto an "argument stack". Presumably this crashes the font parser.

The second payload use an exploit in the kernel to get root access and privileges in order to jailbreak.

PDF Warner

Because this jailbreak revealed a new security hole, malicious people could also make use of this. Therefore it is recommended to install the PDF Warner from Cydia.

Links