Difference between revisions of "User:Aker"

From The iPhone Wiki
Jump to: navigation, search
(TaiG (8.0 / 8.0.1 / 8.0.2 / 8.1 / 8.1.1))
(add 2.x and prepare 1.x)
Line 21: Line 21:
 
* uses different common exploits
 
* uses different common exploits
 
* uses the exploits listed below to untether up to iOS 6.1.2
 
* uses the exploits listed below to untether up to iOS 6.1.2
  +
  +
== Programs which are used in order to jailbreak 1.x ==
  +
=== [[ZiPhone]] ===
  +
=== [[iLiberty+|iLiberty / iLiberty+]] ===
  +
=== [[Soft Upgrade]] ===
  +
=== [[OktoPrep]] ===
  +
=== [[AppSnapp]] ===
  +
=== [[AppTapp Installer]] ===
  +
=== [[iBrickr]] ===
  +
== Programs which are used in order to jailbreak 2.x ==
  +
=== [[QuickPwn]] (2.0 - 2.2.1) ===
  +
* uses [[Pwnage]] and [[Pwnage 2.0]]
  +
  +
=== [[Redsn0w Lite]] (2.1.1) ===
  +
* [[ARM7 Go]] (for [[n72ap|iPod touch 2G]] only)
   
 
== Programs which are used in order to jailbreak 3.x ==
 
== Programs which are used in order to jailbreak 3.x ==
=== [[purplera1n]] (3.0 / 3.0.1) ===
+
=== [[purplera1n]] (3.0) ===
 
* [[iBoot Environment Variable Overflow]] ([http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2795 CVE-2009-2795])
 
* [[iBoot Environment Variable Overflow]] ([http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2795 CVE-2009-2795])
 
* uses [[0x24000 Segment Overflow]]
 
* uses [[0x24000 Segment Overflow]]

Revision as of 19:00, 10 December 2014

Contents

Jailbreak Exploits

Common exploits which are used in order to jailbreak different versions of iOS

Programs which are used in order to jailbreak different versions of iOS

PwnageTool (2.0 - 5.1.1)

  • uses different common exploits
  • uses the exploits listed below to untether up to iOS 5.1.1

redsn0w (3.0 - 6.0)

  • uses different common exploits
  • uses the same exploits as Absinthe and Absinthe 2.0 to jailbreak iOS 5.0/5.0.1 and 5.1.1
  • uses the exploits listed below to untether up to iOS 5.1.1

sn0wbreeze (3.1.3 - 6.1.3)

  • uses different common exploits
  • uses the exploits listed below to untether up to iOS 6.1.2

Programs which are used in order to jailbreak 1.x

ZiPhone

iLiberty / iLiberty+

Soft Upgrade

OktoPrep

AppSnapp

AppTapp Installer

iBrickr

Programs which are used in order to jailbreak 2.x

QuickPwn (2.0 - 2.2.1)

Redsn0w Lite (2.1.1)

Programs which are used in order to jailbreak 3.x

purplera1n (3.0)

blackra1n (3.1.2)

Spirit (3.1.2 / 3.1.3 / 3.2)

JailbreakMe 2.0 / Star (3.1.2 / 3.1.3 / 3.2 / 3.2.1)

limera1n / greenpois0n (3.2.2)

Programs which are used in order to jailbreak 4.x

JailbreakMe 2.0 / Star (4.0 / 4.0.1)

limera1n / (4.0 / 4.0.1 / 4.0.2 / 4.1)

greenpois0n (4.1)

greenpois0n (4.2.1)

JailbreakMe 3.0 / Saffron (4.2.6 / 4.2.7 / 4.2.8)

JailbreakMe 3.0 / Saffron (4.3 / 4.3.1 / 4.3.2 / 4.3.3)

Except for the iPod touch 3G on iOS 4.3.1.

i0nic's Untether (4.3.1 / 4.3.2 / 4.3.3)

Programs which are used in order to jailbreak 5.x

unthredera1n (5.0 / 5.0.1 / 5.1 / 5.1.1)

Except for the iPad 3

Absinthe (5.0 on iPhone 4S only / 5.0.1 on iPad 2 and iPhone 4S)

Corona Untether (5.0.1)

Absinthe 2.0 and Rocky Racoon Untether (5.1.1)

This section is a stub; it is incomplete. Please add more content to this section and remove this tag.

  • a new Packet Filter Kernel Exploit (CVE-2012-3728)
  • Racoon DNS4/WINS4 table buffer overflow (CVE-2012-3727)
  • MobileBackup2 Copy Exploit

Programs which are used in order to jailbreak 6.x

evasi0n (6.0 / 6.0.1 / 6.0.2 / 6.1 / 6.1.1 / 6.1.2)

p0sixspwn (6.1.3 / 6.1.4 / 6.1.5 / 6.1.6)

Programs which are used in order to jailbreak 7.x

This section is a stub; it is incomplete. Please add more content to this section and remove this tag.

evasi0n7 (7.0 / 7.0.1 / 7.0.2 / 7.0.3 / 7.0.4 / 7.0.5 / 7.0.6)

Geeksn0w (7.1 / 7.1.1 / 7.1.2)

Pangu (7.1 / 7.1.1 / 7.1.2)

  • i0n1c's Infoleak vulnerability (Pangu v1.0.0)
  • break_early_random (by i0n1c and Tarjei Mandt of Azimuth) (Pangu v1.1.0)
  • LightSensor / ProxALSSensor kernel exploit (Pangu 1.0.0) (CVE-2014-4388)
  • TempSensor kernel exploit (Pangu 1.1.0) (CVE-2014-4388)
  • "syslogd chown" vulnerability
  • enterprise certificate (no real exploit, used for initial "unsigned" code execution)
  • "foo_extracted" symlink vulnerability (used to write to /var) (CVE-2014-4386)
  • /tmp/bigfile (a big file for improvement of the reliability of a race condition)
  • VoIP backgrounding trick (used to auto restart the app)
  • hidden segment attack
  • CVE-2014-4407

Programs which are used in order to jailbreak 8.x

This section is a stub; it is incomplete. Please add more content to this section and remove this tag.

Pangu8 (8.0 / 8.0.1 / 8.0.2 / 8.1)

  • an exploit for a bug in /usr/libexec/neagent (source @iH8sn0w)
  • enterprise certificate (inside the IPA)
  • a kind of dylib injection into a system process (see IPA)
  • a dmg mount command (looks like the Developer DMG) (syslog while jailbreaking)
  • a sandboxing problem in debugserver (CVE-2014-4457)
  • the same/a similar kernel exploit as used in the first Pangu (CVE-2014-4461) (source @iH8sn0w)
  • enable-dylibs-to-override-cache
  • CVE-2014-4455

TaiG (8.0 / 8.0.1 / 8.0.2 / 8.1 / 8.1.1 / 8.1.2)