The iPhone Wiki is no longer updated. Visit this article on The Apple Wiki for current information. |
Difference between revisions of "Star"
m (Fixed Grammar) |
m (→PDF Patch) |
||
Line 8: | Line 8: | ||
==PDF Patch== |
==PDF Patch== |
||
− | Because this jailbreak revealed a new major security hole in iOS, it could also be adopted by rogue developers to create malware to take over your [[ |
+ | Because this jailbreak revealed a new major security hole in iOS, it could also be adopted by rogue developers to create malware to take over your [[iPad]]/[[iPhone]]/[[iPod touch]]. Therefore it is highly recommended to install [https://twitter.com/saurik/status/20958834996 the patch] [[saurik]] released via Cydia in order to keep your device safe. |
==Links== |
==Links== |
Revision as of 22:09, 1 September 2010
Star is a userland jailbreak from comex that utilizes two new exploits to jailbreak iOS 3.1.2 through 4.0.1 (except for 3.2.2). Star warns that 3.1.2 and 3.1.3 are known to fail on iPod touch 3G, and that performing a fresh restore to 4.0(.1) is recommended. It can be used via Jailbreakme. With the release of iOS 4.0.2 (and iOS 3.2.2 for iPads) on 11 August 2010, the vulnerabilities were fixed so that it doesn't work anymore.
Payloads
The first payload is deployed via a HTTP redirect to a PDF file. The PDF contains a CFF font with a malformed type 2 charstring, which contains commands to repeatedly push and duplicate random numbers onto an "argument stack". This allows arbitrary code execution due to stack overflow in CFF parser inside FreeType 2 library used by iPhone.
The second payload (wad.bin) use an integer overflow in IOSurface.framework to get root access and privileges in order to jailbreak.[1]
PDF Patch
Because this jailbreak revealed a new major security hole in iOS, it could also be adopted by rogue developers to create malware to take over your iPad/iPhone/iPod touch. Therefore it is highly recommended to install the patch saurik released via Cydia in order to keep your device safe.