The jailbreak process is a battle between Apple and developers that are usually looking for exploits in their free time. Each version of iOS has offered a new challenge for these elite few, as Apple has fixed the exploit that was found in the previous version. This isn’t a bad thing, especially in cases where the vulnerability could be used by those with malicious intent to cause real harm to your iDevice. Unfortunately, we’ve reached a point where Apple has spent considerable time and money sealing up these exploits. The Evasi0n jailbreak is so impressive because it takes an entirely new approach to delivering an exploit that allows root access to iOS.Many of the previous jailbreak techniques relied on a memory corruption process that escalated the user privileges from the normal user state to super user. Evasi0n doesn’t use this method, most likely because Apple’s recent anti-exploit work has removed this as a possible point of entry. Instead, an application is installed on the iPhone or iPad that takes advantage of the open nature of Apple’s backup files.
When you back up files on your iPhone or iPad, the backup can be applied to any other iDevice. This is a fantastic feature in the event that something happens to your iPad. You can buy a replacement piece of hardware and have all of your apps and data restored in minutes. It’s a killer tool that isn’t provided by any other mobile platform right now.
That also means that this data isn’t digitally signed, and the operating system relies on a super user to apply the backup and reboot your device. This provided Evasi0n with an entry point to inject the necessary files within the backup data. From here, an app is created that iOS treats as though it was part of the backup. This app modified the rules that govern how iOS responds to external requests made by the computer you are currently connected to.
Then the app on your PC can deliver Cydia to the device so it can be installed once super user status has been permanently accessed. Alongside Cydia is a new configuration file that is injected into the filesystem. This file is activated when the iPhone or iPad reboots, which in turn runs Evasi0n during boot. This makes sure that, every time the device boots, you are granted the Super User status to do most of the things you find in Cydia.
Then the app on your PC can deliver Cydia to the device so it can be installed once super user status has been permanently accessed. Alongside Cydia is a new configuration file that is injected into the filesystem. This file is activated when the iPhone or iPad reboots, which in turn runs Evasi0n during boot. This makes sure that, every time the device boots, you are granted the Super User status to do most of the things you find in Cydia.
0 comments:
Post a Comment