iOS 12.0.1 Jailbreak: New WebKit RCE Bug Discovered And Exploited

Updated on

We have been waiting for an iOS 12 jailbreak tool for months, but there seems to be no confirmed public jailbreak on the horizon. It doesn’t mean developers in the community are not putting any efforts. With its iOS 12 software and A12 Bionic chip, Apple has made it more difficult than ever before to jailbreak iPhones and iPads. Now one developer has discovered and exploited an iOS 12.0.1 WebKit RCE bug that could lead to a public iOS 12.0.1 jailbreak in the near future.

Will this lead to an iOS 12.0.1 jailbreak?

Korean Twitter user Ahn Ki Chan said in a tweet that developer Kudima (@begger_dd) aka BigD has submitted a WebKit RCE exploit to the GitHub repository. You can find it here. The exploit works with up to 12.0.1, which gives us hope that there could be an iOS 12.0.1 jailbreak in the future. It also means that Apple has patched the bug in the recently released iOS 12.1, which brought many new features and bug fixes including Group FaceTime.

Kudima aka BigD is well-known in the jailbreaking community. Another popular security researcher Niklas B praised Kudima, saying their exploits and annotations are always useful and thorough. Back in August, BigD had also submitted an annotated WebKit infoleak exploit for the iOS 11.4.1. The latest exploit shared by BigD is only one step in the long journey to put all the pieces together and release a public iOS 12.0.1 jailbreak, if BigD chooses to work on it.

Other developments in the community

Last month, reputed developer Luca Todesco confirmed on Twitter that he had successfully achieved iOS 12 jailbreak on the iPhone XS Max. Todesco had ‘pwned’ the iOS 12 just days after Apple released it to the public without changing even a single line of code from his earlier project. Todesco had also released a video to support his claim. The fact that Todesco had jailbroken iOS 12 on the iPhone XS Max suggests there were no hardware restrictions to prevent him from liberating the latest iPhones.

Todesco not only jailbroke the XS Max but also restored it to iOS 12 stock version. However, he didn’t reveal whether he would release a jailbreak tool publicly. In the past, Todesco has released popular jailbreak tools such as Yalu and Yalu102. His hack does show that it’s still possible to liberate iPhones and iPads from Apple’s walled garden despite the company’s attempts to prevent jailbreaking.

Even before Todesco, Chinese security firm Team Pangu jailbroke iOS 12 on the iPhone XS within a week of the new iPhones going on sale. Team Pangu achieved root access on the iPhone XS by bypassing PAC mitigation on the A12 Bionic processor. Pangu has also released iOS jailbreak tools to the public in the past. But they have now become a private security company, so they might not be interested in putting together a public jailbreak. It’s also the reason why they didn’t share the iOS 10 and iOS 11 jailbreak publicly despite having developed them.

Currently, the only reliable jailbreak tools available are the Electra and Unc0ver, both of which work up to iOS 11.3.1. There is no public iOS 12 jailbreak available at the time. Apple doesn’t want its customers to jailbreak their device. The company has strictly warned users that jailbreaking voids the warranty and removes the built-in security layers in iOS. It exposes the device to malware and other hacking attempts. Jailbreaking could also cause individual apps to become unresponsive.

Leave a Comment