|
The iPhone Wiki is no longer updated. Visit this article on The Apple Wiki for current information. |
Difference between revisions of "Star"
Dra1nerdrake (talk | contribs) (Saurik's patch rather than the warner.) |
(→Payloads: Slightly more in-depth info about gaining root privileges.) |
||
| Line 3: | Line 3: | ||
==Payloads== |
==Payloads== |
||
| − | The first payload is deployed via a |
+ | The first payload is deployed via a HTTP redirect to a PDF file. The PDF contains a CFF font with a malformed type 2 charstring, which contains commands to repeatedly push and duplicate random numbers onto an "argument stack". Presumably this crashes the font parser. |
| − | The second payload use an |
+ | The second payload use an integer overflow in IOSurface.framework to get root access and privileges in order to jailbreak.[http://support.apple.com/kb/HT4291] |
==PDF Patch== |
==PDF Patch== |
||
Revision as of 16:33, 13 August 2010
Star is a userland jailbreak from comex that utilizes 3 unknown exploits (2 new exploits, and 1 from Spirit) to jailbreak iOS 3.1.2, 3.1.3, 4.0 and 4.0.1. Star warns that 3.1.2 and 3.1.3 are known to fail though, and that performing a fresh restore to 4.0(.1) is recommended. It can be used via Jailbreakme. With the release of iOS 4.0.2 (and iOS 3.2.2 for iPads) on 11 August 2010 the vulnerabilities were fixed so that it doesn't work anymore.
Payloads
The first payload is deployed via a HTTP redirect to a PDF file. The PDF contains a CFF font with a malformed type 2 charstring, which contains commands to repeatedly push and duplicate random numbers onto an "argument stack". Presumably this crashes the font parser.
The second payload use an integer overflow in IOSurface.framework to get root access and privileges in order to jailbreak.[1]
PDF Patch
Because this jailbreak revealed a new security hole, malicious people could also make use of this. Therefore it is recommended to install the patch saurik put onto Cydia, to keep your device safe.
