The iPhone Wiki is no longer updated. Visit this article on The Apple Wiki for current information. |
Difference between revisions of "Corona"
m (1.0-7 and 1.0-8) |
(little note on how it works) |
||
Line 2: | Line 2: | ||
'''Corona''' is a [[Cydia.app|Cydia]] package from the [[Chronic Dev (team)|Chronic Dev Team]] on [[Saurik]]'s repo. It uses [[User:pod2g|pod2g]]'s [[Racoon String Format Overflow Exploit]] and an [[HFS Heap Overflow]] to untether iOS 5.0.1 on previously-jailbroken devices. Alternatively, users can also re-run the [[iPhone Dev Team]]'s [[redsn0w]] 0.9.10 to untether their jailbreak with the same exploit. The name is an anagram of the aforementioned [http://linux.die.net/man/8/racoon racoon] software. |
'''Corona''' is a [[Cydia.app|Cydia]] package from the [[Chronic Dev (team)|Chronic Dev Team]] on [[Saurik]]'s repo. It uses [[User:pod2g|pod2g]]'s [[Racoon String Format Overflow Exploit]] and an [[HFS Heap Overflow]] to untether iOS 5.0.1 on previously-jailbroken devices. Alternatively, users can also re-run the [[iPhone Dev Team]]'s [[redsn0w]] 0.9.10 to untether their jailbreak with the same exploit. The name is an anagram of the aforementioned [http://linux.die.net/man/8/racoon racoon] software. |
||
− | ==A5 Jailbreak== |
+ | == A5 Jailbreak == |
− | {{main| |
+ | {{main|absinthe}} |
− | |||
According to [http://pod2g-ios.blogspot.com/2012/01/sandbox-difficulties.html pod2g's blog], he was having problems with the app [[sandbox]]ing system used on the [[S5L8940|A5]] processor in the [[iPad 2]] and [[N94ap|iPhone 4S]], so he got [[User:planetbeing|planetbeing]], [[User:MuscleNerd|MuscleNerd]], [[User:posixninja|Joshua Hill]] and [[saurik]], dubbed the "dream team", to help to fix it[http://pod2g-ios.blogspot.com/2012/01/sandbox-difficulties.html][https://twitter.com/pod2g/status/156696427521773568]. [[User:DHowett|Dustin Howett]] also demoed the A5 jailbreak [http://www.youtube.com/watch?v=rDBHXbwgdc4 on YouTube]. It was released on January 20, 2012 as [[Absinthe]]. |
According to [http://pod2g-ios.blogspot.com/2012/01/sandbox-difficulties.html pod2g's blog], he was having problems with the app [[sandbox]]ing system used on the [[S5L8940|A5]] processor in the [[iPad 2]] and [[N94ap|iPhone 4S]], so he got [[User:planetbeing|planetbeing]], [[User:MuscleNerd|MuscleNerd]], [[User:posixninja|Joshua Hill]] and [[saurik]], dubbed the "dream team", to help to fix it[http://pod2g-ios.blogspot.com/2012/01/sandbox-difficulties.html][https://twitter.com/pod2g/status/156696427521773568]. [[User:DHowett|Dustin Howett]] also demoed the A5 jailbreak [http://www.youtube.com/watch?v=rDBHXbwgdc4 on YouTube]. It was released on January 20, 2012 as [[Absinthe]]. |
||
− | == |
+ | == Details == |
+ | All this package essentially does is disable [[ASLR]] to enable the [[untethered jailbreak|untether]] portion of [[absinthe]]. It does this by just changing the [[launchd]]'s config file<sup>1-31</sup> (<code>/DisableAslr</code>) from |
||
− | * '''1.0-8''' Fixed an issue were corona failed on iPhone 4S on iOS 5.0 |
||
+ | <key>DisableAslr</key> |
||
+ | <false/> |
||
+ | to |
||
+ | <key>DisableAslr</key> |
||
+ | <true/> |
||
+ | |||
+ | == Changelog == |
||
+ | * '''1.0-8''' Fixed an issue were corona failed on [[n94ap|iPhone 4S]] on [[iOS]] 5.0 |
||
* '''1.0-7''' 1.0-6 had a "Depends" that made it refuse to install on an original iPad. |
* '''1.0-7''' 1.0-6 had a "Depends" that made it refuse to install on an original iPad. |
||
* '''1.0-6''' fixed iBooks issues (books having DRM may show half pictures and/or grey rectangles). |
* '''1.0-6''' fixed iBooks issues (books having DRM may show half pictures and/or grey rectangles). |
||
Line 14: | Line 21: | ||
* '''1.0-4''' includes sandbox patches by [[User:comex|comex]] that fixes [[iBooks]] problems, as well as another fix for [[launchctl]].[http://blog.iphone-dev.org/post/14857834236/untethered-holidays] |
* '''1.0-4''' includes sandbox patches by [[User:comex|comex]] that fixes [[iBooks]] problems, as well as another fix for [[launchctl]].[http://blog.iphone-dev.org/post/14857834236/untethered-holidays] |
||
* '''1.0-3''' was updated by Saurik to enable [[redsn0w]] 0.9.10 users to update the jailbreak through Cydia. |
* '''1.0-3''' was updated by Saurik to enable [[redsn0w]] 0.9.10 users to update the jailbreak through Cydia. |
||
− | * '''1.0-2''' attempted to fix a bug that caused launchctl to not start daemons on-demand. |
+ | * '''1.0-2''' attempted to fix a bug that caused [[launchctl]] to not start daemons on-demand. |
* '''1.0-1''' is the initial release of the jailbreak. |
* '''1.0-1''' is the initial release of the jailbreak. |
||
− | == |
+ | == References == |
+ | # [[i0nic]]'s [http://cansecwest.com/csw12/CSW2012_StefanEsser_iOS5_An_Exploitation_Nightmare_FINAL.pdf March 2012 presentation] (An Exploitation Nightmare) |
||
+ | |||
+ | == External Links == |
||
*[http://pod2g-ios.blogspot.com/2012/01/details-on-corona.html pod2g's details on the exploits] |
*[http://pod2g-ios.blogspot.com/2012/01/details-on-corona.html pod2g's details on the exploits] |
||
+ | |||
[[Category:Hacking Software]] |
[[Category:Hacking Software]] |
||
[[Category:Jailbreaks]] |
[[Category:Jailbreaks]] |
Revision as of 04:18, 26 October 2012
Corona is a Cydia package from the Chronic Dev Team on Saurik's repo. It uses pod2g's Racoon String Format Overflow Exploit and an HFS Heap Overflow to untether iOS 5.0.1 on previously-jailbroken devices. Alternatively, users can also re-run the iPhone Dev Team's redsn0w 0.9.10 to untether their jailbreak with the same exploit. The name is an anagram of the aforementioned racoon software.
A5 Jailbreak
- Main article: absinthe
According to pod2g's blog, he was having problems with the app sandboxing system used on the A5 processor in the iPad 2 and iPhone 4S, so he got planetbeing, MuscleNerd, Joshua Hill and saurik, dubbed the "dream team", to help to fix it[1][2]. Dustin Howett also demoed the A5 jailbreak on YouTube. It was released on January 20, 2012 as Absinthe.
Details
All this package essentially does is disable ASLR to enable the untether portion of absinthe. It does this by just changing the launchd's config file1-31 (/DisableAslr
) from
<key>DisableAslr</key> <false/>
to
<key>DisableAslr</key> <true/>
Changelog
- 1.0-8 Fixed an issue were corona failed on iPhone 4S on iOS 5.0
- 1.0-7 1.0-6 had a "Depends" that made it refuse to install on an original iPad.
- 1.0-6 fixed iBooks issues (books having DRM may show half pictures and/or grey rectangles).
- 1.0-5 was updated by Saurik again to require a reboot after installing.
- 1.0-4 includes sandbox patches by comex that fixes iBooks problems, as well as another fix for launchctl.[3]
- 1.0-3 was updated by Saurik to enable redsn0w 0.9.10 users to update the jailbreak through Cydia.
- 1.0-2 attempted to fix a bug that caused launchctl to not start daemons on-demand.
- 1.0-1 is the initial release of the jailbreak.
References
- i0nic's March 2012 presentation (An Exploitation Nightmare)