Pod2g Asks Community for Crash Reports to Assist in Finding iOS 5.1 Jailbreak

POST

MAIL

Posted March 12, 2012 at 9:15pm by iClarified

Pod2g has asked the jailbreak community to send him any iOS 5.1 crash reports that are reproducible in a post on his blog.

He notes that to jailbreak a device, hackers need a set of exploitable vulnerabilities :
● a code injection vector : a vulnerability in the core components of iOS that leads to custom, unsigned code execution.
● a privilege escalation vulnerability : it's usualy not enough to have unsigned code execution. Nearly all iOS applications and services are sandboxed, so one often need to escape from the jail to trigger the kernel exploit.
● a kernel vulnerability : the kernel is the real target of the jailbreak payload. The jailbreak has to patch it to remove the signed code enforcement. Only the kernel can patch the kernel, that's why a code execution vulnerability in the context of the kernel is needed.
● an untethering vulnerability : when the device boots, it is unpatched, thus cannot run unsigned code. Thus, to start the jailbreak payload at boot time, a code execution vector either in the services bootstrap or in the loading of binaries is mandatory.

If you can crash either a core application (Safari, Mail, etc...) or the kernel (reboots phone) in a repeatable way then send him an email with the steps to repeat the crash and the crash report at: ios.pod2g a.t gmail d.o.t com.

Read More

Important Notes:
● Always test on the latest iOS version before reporting a crash (at the time of writing, iOS 5.1)
● Be sure to not report crashes to Apple : on your iOS device, go to Settings / General / About / Diagnostics & Usage, and verify that "Don't Send" is checked.
● Not all crashes are interesting : aborts, timeouts or out-of-memory kind of crashes are useless. Verify the crash dump in Settings / General / About / Diagnostics & Usage / Diagnostic & Usage Data that the crash report you created is of Exception Type SIGILL, SIGBUS or SIGSEGV.
● The crash should be repeatable, which means you should know what exact steps produced it and how to reproduce it on another device.

Pod2g Asks Community for Crash Reports to Assist in Finding iOS 5.1 Jailbreak

Follow iClarified

Ioushtt - March 13, 2012 at 11:41pm

How can I help? any instructions how to send these crashes? Last time you guys had a link how to do it ? Please let us no how to help..I have 4 IPHONE4S I can send all the crashes you need

Reply · Like

Leggoman - March 13, 2012 at 11:09pm

Iphoneboy What a wasted post What the hell has it got to do with crash reports? Tested what? What phone did you Jb on 5.1 Your not telling anyone anything that is of any use

iPhoneboy - March 13, 2012 at 8:05pm

I was able to upgrade my iPhone to 5.1 n kept my jb. Tested all jb apps n they all work perfectly.

Steve Anderson - March 13, 2012 at 8:15am

They still havnt sorted 5.0.1 problems out yet icons turning white safe mode turning on get one thing done first

@mprogano - March 13, 2012 at 2:33pm

or white when installing anything from Cydia without respring after...

young - March 13, 2012 at 2:46pm

OK fine then lets NOT have a JB and just wait till they fix such a SMALL issue wow i have to respring WAAAAa...really thats not really a issue big deal....dont wanna deal then dont JB no more white icons

tim - March 12, 2012 at 11:52pm

how on earth is that a pwn

@mprogano - March 12, 2012 at 9:51pm

@pod2g: Crash reports are useless without explanations on how to reproduce them !!! :-(

Dv - March 12, 2012 at 9:29pm

Take all the crashes u want. Just wanted u to know, we appreciate your work!