![]() Uunlike the previous exploits, which could be used against an unwitting victim, jailbreaks that require USB tethering have a lower security impact, and are usually only useful to the phone’s owner. Something to point out with Evasi0n is unlike Jailbreaking exploits used with JailbreakMe, Evasi0n’s is less dangerous in terms of what it could do in the hands of a malicious hacker. Since backups are created by the user’s device, and must be interchangeable between devices, they cannot be easily cryptographically signed, so they are essentially untrusted data. All of the stages use functionality on the phone exposed by MobileBackup, the daemon used to backup user data from the device, and restore backups back to the device. ![]() Perhaps it was named evasi0n because it evades all the userland exploit defenses instead of attacking them head-on.Įvasi0n works in 3 stages that are described below. ![]() It doesn’t require memory corruption to escalate privileges from mobile to root. It is definitely a technical read that is not for the feint hearted, but the introduction provides a somewhat helpful overview.Įvasi0n’s userland component is very unique, because it is entirely filesystem-based. Sure a Jailbreaking tool looks simple behind the graphical user interface (GUI), but underneath it is the work of hundreds of hours from some of the brightest minds in the exploitation / hacking industry.īraden Thomas from Accuvant Labs has recently provided a detailed explanation on how Evasi0n ( Evasi0n7) was accomplished. ![]() How Evasi0n iOS 6.x – iOS 7.0.x Untethered Jailbreak WorksĪs Jailbreaking tools nowadays are so well tested, it is easy for people to forget just how complex they really are. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |