The iPhone Wiki is no longer updated. Visit this article on The Apple Wiki for current information. |
Difference between revisions of "Talk:T1 Font Integer Overflow"
m (Talk:Ndrv setspec() Integer Overflow moved to Talk:DejaVu: A misunderstanding occurred.) |
(questions still open) |
||
(4 intermediate revisions by 2 users not shown) | |||
Line 3: | Line 3: | ||
:I'm not sure. If this was the original untether for i0n1c, then the information I put needs to be moved. I'm confused since there was no common name for the exploit he created. I saw it in Saffron and assumed it was the new one because of the confusion. Safest bet is to move it to a new page under DejaVu. --[[User:JacobVengeance|JakeAnthraX]] 00:39, 7 July 2011 (UTC) |
:I'm not sure. If this was the original untether for i0n1c, then the information I put needs to be moved. I'm confused since there was no common name for the exploit he created. I saw it in Saffron and assumed it was the new one because of the confusion. Safest bet is to move it to a new page under DejaVu. --[[User:JacobVengeance|JakeAnthraX]] 00:39, 7 July 2011 (UTC) |
||
::This is indeed i0n1c's untethering exploit. I'll move this page (temporarily) to "DejaVu." --[[User:Dialexio|<span style="color:#C20; font-weight:normal;">Dialexio</span>]] 01:19, 7 July 2011 (UTC) |
::This is indeed i0n1c's untethering exploit. I'll move this page (temporarily) to "DejaVu." --[[User:Dialexio|<span style="color:#C20; font-weight:normal;">Dialexio</span>]] 01:19, 7 July 2011 (UTC) |
||
+ | Ok, but there's still a lot wrong: |
||
+ | *[[Saffron]] links to [[Ndrv setspec() Integer Overflow]] |
||
+ | *[[Jailbreak]] page says [[Ndrv setspec() Integer Overflow]] is a userland exploit, while [[S5L8930]] says it's a kernel exploit. |
||
+ | *Both jbm3 and i0n1c jailbreaks need each two exploits. Do they share the same kernel exploit? |
||
+ | *For the [[i0n1c]] jailbreak (not the exploits) there is no page yet. |
||
+ | I haven't understood everything yet, so I'll refrain from fixing it. --[[User:Http|http]] 06:54, 7 July 2011 (UTC) |
||
+ | :I fixed the first bullet. The terms "userland exploit" and "kernel exploit" seem to be synonymous. i0n1c never made a jailbreak; he just exploited the [[ndrv_setspec() Integer Overflow]] (and said exploit was used in PwnageTool/redsn0w/sn0wbreeze… NOT [[Saffron]]). I hope that clarifies everything more. --[[User:Dialexio|<span style="color:#C20; font-weight:normal;">Dialexio</span>]] 19:18, 7 July 2011 (UTC) |
||
+ | ::Ok. But we always talk about [[i0n1c's untether]] or so. This includes at least two exploits and is not mentioned sufficiently on the jb tools' pages. I suggest to create a new page, like for [[Saffron]], where we can mention ASLR, credits, tools that use it, exploits used, heap feng shui, etc. For this exploit here, I assume this is the -1 encryption value (lenIV) bug (see http://t.co/q3KrcJA), right? This explains the Sandbox exit, but it does not explain circumvention of ASLR and priviledge escalation.-- [[User:Http|http]] 10:04, 9 July 2011 (UTC) |
||
+ | ::Another related issue: On [http://support.apple.com/kb/HT4802 Apple KB site] they list three vulnerabilities related to [[Saffron]]. --[[User:Http|http]] 02:42, 16 July 2011 (MDT) |
Latest revision as of 08:42, 16 July 2011
Assignment
This article originally belonged to i0n1c's exploit (see "what links here"). Now also Saffron links here. Is this the same kernel exploit? --http 00:21, 7 July 2011 (UTC)
- I'm not sure. If this was the original untether for i0n1c, then the information I put needs to be moved. I'm confused since there was no common name for the exploit he created. I saw it in Saffron and assumed it was the new one because of the confusion. Safest bet is to move it to a new page under DejaVu. --JakeAnthraX 00:39, 7 July 2011 (UTC)
- This is indeed i0n1c's untethering exploit. I'll move this page (temporarily) to "DejaVu." --Dialexio 01:19, 7 July 2011 (UTC)
Ok, but there's still a lot wrong:
- Saffron links to Ndrv setspec() Integer Overflow
- Jailbreak page says Ndrv setspec() Integer Overflow is a userland exploit, while S5L8930 says it's a kernel exploit.
- Both jbm3 and i0n1c jailbreaks need each two exploits. Do they share the same kernel exploit?
- For the i0n1c jailbreak (not the exploits) there is no page yet.
I haven't understood everything yet, so I'll refrain from fixing it. --http 06:54, 7 July 2011 (UTC)
- I fixed the first bullet. The terms "userland exploit" and "kernel exploit" seem to be synonymous. i0n1c never made a jailbreak; he just exploited the ndrv_setspec() Integer Overflow (and said exploit was used in PwnageTool/redsn0w/sn0wbreeze… NOT Saffron). I hope that clarifies everything more. --Dialexio 19:18, 7 July 2011 (UTC)
- Ok. But we always talk about i0n1c's untether or so. This includes at least two exploits and is not mentioned sufficiently on the jb tools' pages. I suggest to create a new page, like for Saffron, where we can mention ASLR, credits, tools that use it, exploits used, heap feng shui, etc. For this exploit here, I assume this is the -1 encryption value (lenIV) bug (see http://t.co/q3KrcJA), right? This explains the Sandbox exit, but it does not explain circumvention of ASLR and priviledge escalation.-- http 10:04, 9 July 2011 (UTC)
- Another related issue: On Apple KB site they list three vulnerabilities related to Saffron. --http 02:42, 16 July 2011 (MDT)