Two new kernel exploit demo apps have been released based on recently disclosed security vulnerabilities in iOS.
Ned Williamson, a Project Zero researcher, recently announced a new vulnerability discovered in iOS 15.4.1 and lower. Apple fixed the vulnerability with the release of iOS 15.5.
CVE-2022-26757 is my first report using a new technique to find race conditions deterministically. The featured protobuf testcase repros 100% of the time on my internal SockFuzzer branch. I will discuss and open source this technique at Black Hat 2022!
Halo-Michael has now released an exploit demo app using this vulnerability for iOS 15.4.1 and lower, as well as an exploit demo app for the ipc_kmsg vulnerability affecting iOS 15.3.1 and lower.
-----
So, I wrote two exploit demo app here:
https://halo-michael.github.io/appstore/en_US/
if anyone wants test it :P
flow_divert support ipc_kmsgs support enjoy!
You'd better be quick before the profile has been revoked! :P
-----
It's possible that these kernel exploits could lead to a jailbreak; however, there are other components required before a full publicly releasable jailbreak is achieved.
If you plan on installing the exploit demo app, ensure you do so on a test device. Please download the iClarified app or follow iClarified on Twitter, Facebook, YouTube, and RSS for more updates.
Ned Williamson, a Project Zero researcher, recently announced a new vulnerability discovered in iOS 15.4.1 and lower. Apple fixed the vulnerability with the release of iOS 15.5.
CVE-2022-26757 is my first report using a new technique to find race conditions deterministically. The featured protobuf testcase repros 100% of the time on my internal SockFuzzer branch. I will discuss and open source this technique at Black Hat 2022!
Halo-Michael has now released an exploit demo app using this vulnerability for iOS 15.4.1 and lower, as well as an exploit demo app for the ipc_kmsg vulnerability affecting iOS 15.3.1 and lower.
-----
So, I wrote two exploit demo app here:
https://halo-michael.github.io/appstore/en_US/
if anyone wants test it :P
flow_divert support ipc_kmsgs support enjoy!
You'd better be quick before the profile has been revoked! :P
-----
It's possible that these kernel exploits could lead to a jailbreak; however, there are other components required before a full publicly releasable jailbreak is achieved.
If you plan on installing the exploit demo app, ensure you do so on a test device. Please download the iClarified app or follow iClarified on Twitter, Facebook, YouTube, and RSS for more updates.