JailbreakMe: Difference between revisions
m Reverted edits by 1966bataman (talk) to last revision by Logan (HG) |
1966bataman (talk | contribs) No edit summary |
||
Line 1: | Line 1: | ||
{{Infobox software |
{{Infobox software |
||
|name = JailbreakMe |
|name = JailbreakMe, TinyRa1n YouTube Channel |
||
|logo = <!--Please add a logo if possible--> |
|logo = <!--Please add a logo if possible--> |
||
|screenshot = |
|screenshot = |
Revision as of 01:11, 10 November 2011
Developer(s) | comex et al. |
---|---|
Stable release | 3.0
/ July 5, 2011 |
Operating system | iOS |
License | Freeware |
Website | www.jailbreakme.com |
JailbreakMe is a series of jailbreaks for Apple's iOS mobile operating system that take advantage of flaws in the Safari browser on the device,[1] providing an immediate one-step jailbreak unlike more common jailbreaks, such as Blackra1n and redsn0w, that require plugging the device into another computer and running the jailbreaking software from the desktop. Jailbreaking allows users to install software that is not approved by Apple on their iPod Touch, iPhone, and iPad; JailbreakMe automatically includes Cydia, a package management interface that serves as an alternative to the App Store.
JailbreakMe's first version in 2007 worked on iPhone and iPod touch firmware 1.1.1, the second version was released in August 2010 for firmware 4.0.1 and earlier, and the third version was released in July 2011 for iOS versions 4.3 to 4.3.3 (and was the first jailbreak for the iPad 2). JailbreakMe 3.0 has been used to jailbreak at least two million devices.[2] Apple Stores and other Apple mobile device retailers (such as Best Buy) block JailbreakMe.com on their Wi-Fi networks.[2]
JailbreakMe 1.0
JailbreakMe, started in 2007, was originally used to jailbreak the iPhone and iPod touch running the 1.1.1 version of iPhone OS. Using a TIFF exploit against Safari, this installed Installer.app.[3] It involves downgrading from iPhone OS 1.1.1 to iPhone OS 1.0.2, jailbreaking, and upgrading back to iPhone OS 1.1.1.[4] The vulnerability used in this exploit was patched by Apple in the 1.1.2 firmware.
This tool, also called "AppSnapp", was created by a group of nine developers.[5]
JailbreakMe 2.0 ("Star")
JailbreakMe 2.0, released by comex on August 1, 2010, exploits a vulnerability in the FreeType library used while rendering PDF files. This was the first publicly available jailbreak for the iPhone 4, able to jailbreak iPhone OS 3.1.2 through iOS 4.0.1 on the iPhone, iPod Touch, and iPad models current at the time.[6] This jailbreak was activated by visiting the jailbreakme.com web page on the device's Safari web browser.
The vulnerability used by JailbreakMe 2.0 was patched by Apple in iOS 4.0.2.[7]
JailbreakMe 3.0 ("Saffron")
JailbreakMe 3.0, released on July 6, 2011, can jailbreak most iOS devices on iOS 4.3-4.3.3 and iPad 2 on 4.3.3.[8] It is the first publicly-available jailbreak for iPad 2. JailbreakMe 3.0 exploits a FreeType parser security flaw (similar to JailbreakMe 2.0), using the form of a PDF file rendered by Mobile Safari, which then uses a kernel vulnerability to complete the untethered jailbreak.[9][10] Comex also released a patch for this FreeType flaw, called "PDF Patcher 2", which is available as a free package installable via Cydia.[11]
A few days before release, a JailbreakMe 3.0 testing beta was accidentally leaked to the public, and comex said on Twitter that this put him on a "time limit" to release the final version quickly.[11]
The JailbreakMe website looks similar to downloading an App Store app. It includes a blue button saying "FREE", which turns into a green button with the word "INSTALL" when pressed once, much like any application on the App Store. After tapping "INSTALL", Safari closes, Cydia loads as a new app, and the device is now fully jailbroken with no reboot necessary.
On July 15, Apple released iOS 4.3.4 (GSM) and 4.2.9 (CDMA) to patch the flaws used by JailbreakMe.[12]
Comex received a "Pwnie" award at the Black Hat conference 2011 for "Best Client-Side Bug" for this work.[13]
Comex was hired by Apple as an intern in August 2011.[14]
Ownership transition
On October 7, 2011, MuscleNerd said on Twitter that the jailbreakme.com domain had been sold by its original owner to an unknown third party, so the domain could no longer be trusted for hosting jailbreaking tools, and that the tool would be moved to a new domain owned by the Dev Team.[15] On October 8, Jay Freeman (saurik), the developer of Cydia, said on Twitter that he had acquired the domain from the third-party owner, so the jailbreakme.com domain can continue to be a safe place for jailbreaking tools.[16]
Compatible iOS versions
Device |
Can be Jailbroken | Firmware versions compatible with JailbreakMe |
---|---|---|
iPhone 2G (Original iPhone) |
Yes | 3.1.2 to 3.1.3 |
iPhone 3G | Yes | 3.1.2 to 4.0.1 |
iPhone 3GS | Yes | 3.1.2-4.0.1, 4.3-4.3.3 |
iPhone 4 (GSM) |
Yes | 4.0-4.0.1, 4.3-4.3.3 |
iPhone 4 (CDMA) |
Yes | 4.2.6-4.2.8 |
iPod Touch 1G | Yes | 3.1.2 to 3.1.3 |
iPod Touch 2G (2nd Generation) (MB model) |
Yes | 3.1.2 to 4.0 |
iPod Touch 2G (2nd Generation) (8GB MC model) |
Yes | 3.1.2 to 4.0 |
iPod Touch 3G (3rd Generation) |
Yes | 4.3, 4.3.2, 4.3.3 |
iPod Touch 4G (4th Generation) |
Yes | 4.3-4.3.3 |
iPad (Wi-Fi model) |
Yes | 4.3-4.3.3 |
iPad (Wi-Fi + 3G model) |
Yes | 4.3-4.3.3 |
iPad 2 (Wi-Fi model) |
Yes | 4.3.3 |
iPad 2 (Wi-Fi + 3G model) |
Yes | 4.3.3 |
References
- ^ Tony Bradley (August 3, 2010). "JailbreakMe Exploits Serious iPhone Security Flaw". Net Work. PCWorld Communications, Inc. Retrieved October 15, 2010.
- ^ a b Andy Greenberg (August 1, 2011). "Meet Comex, The 19-Year-Old iPhone Uber-Hacker Who Keeps Outsmarting Apple". The Firewall. Forbes. Retrieved August 2, 2011.
- ^ Ben Wilson (October 29, 2007). "One-step method for adding third-party apps to iPhone 1.1.1, iPod Touch debuts". CNET. Retrieved August 25, 2011.
- ^ Wilson, Ben (2007-10-10). "Official iPhone 1.1.1 jailbreak released with easy-to-follow instructions; does not require TIFF exploit". CNET.com. Retrieved 2009-11-10.
- ^ Gregg Keizer (October 29, 2007). "Hacker Software Can Install Unauthorized Software on iPhones". PCWorld. Retrieved August 25, 2011.
- ^ Sean Hollister (August 1, 2010). "Official: iPhone 4 jailbreak hits from iPhone Dev Team (updated with video)". Engadget. Retrieved September 11, 2010.
- ^ Nilay Patel (August 11, 2010). "Apple releases iOS 4.0.2 for iPhone and 3.2.2 for iPad, fixes PDF vulnerability". Engadget. Retrieved 2010-09-11.
- ^ iPhone Dev Team (July 6, 2011). "jailbreakme times 3". iPhone Dev Team Blog. Retrieved August 2, 2011.
- ^ P. J. Connolly (July 15, 2011). "Apple Fixes Latest iOS Exploit". eWEEK Labs. eWEEK. Retrieved October 23, 2011.
- ^ jean (July 18, 2011). "Analysis of the jailbreakme v3 font exploit". Sogeti ESEC Lab. Retrieved October 23, 2011.
- ^ a b Mathew J. Schwartz (July 7, 2011). "Apple iOS Zero-Day PDF Vulnerability Exposed". InformationWeek. Retrieved October 23, 2011.
- ^ Nick Mediati (July 15, 2011). "iOS 4.3.4 Is Out; Fixes JailbreakMe 3.0 Exploit". Geek Tech. PCWorld. Retrieved October 23, 2011.
- ^ Mathew J. Schwartz (August 4, 2011). "Pwnie Award Highlights: Sony Epic Fail And More". InformationWeek. Retrieved August 25, 2011.
- ^ Andy Greenberg (August 26, 2011). "Apple Hacker Extraordinaire Comex Takes An Internship At Apple". Forbes. Retrieved November 2, 2011.
- ^ Waisybabu (October 7, 2011). "Jailbreaks.me Is The New URL For iPad 2 Jailbreak; Stay Away From JailbreakMe.com As It May Distribute Malware Under New Ownership". Redmond Pie. Retrieved October 23, 2011.
- ^ Waisybabu (October 8th, 2011). "JailbreakMe.com Bought Back By Saurik, Community Collectively Heaves Sigh Of Relief". Redmond Pie. Retrieved October 8th, 2011.
{{cite web}}
: Check date values in:|accessdate=
and|date=
(help)