iOS 11 proved one of the toughest iOS version for the jailbreakers because no solid jailbreak was released for the said version at the appropriate time. The first public version of iOS 11 was released on September 19, 2017, and the first jailbreak, Electra, was made public on February 26, 2018, exactly after 160 days. The Electra jailbreak was not a fully tethered jailbreak. It was, in fact, a semi-tethered jailbreak.
So far Electra jailbreak supports only from iOS 11 to iOS 11.1.2. It doesn’t work on the newer versions especially on iOS 11.3.1 which is the next major release of the series.
Many people who have updated their devices to iOS 11.3.1 are still waiting for a valid jailbreak. And finally, a ray of hope comes into their lives.
Story Behind iOS 11.3.1 Jailbreak Exploit:
The main contributer to Electra jailbreak, Ian Beer, has today released his secret exploit for iOS 11.3.1 for the developers. The jailbreak community has already welcomed the decision and it has started working hard to incorporate the exploit into the next version of Electra jailbreak.
There are many questions in the minds of the users regarding the release of this exploit at this time. Some people asked why the Google developer, Ian Beer, kept the code up to himself till now. Few others are concerned why he released it right after the announcement of iOS 12.
There is no clear statement from the developer regarding these questions, but he has already confirmed the release of the bugs.
iOS 11.4 patched kernel memory corruption bugs I reported in two distinct areas: mptcp and vfs. My exploit for the mptcp bug is here: https://bugs.chromium.org/p/project-zero/issues/detail?id=1558… Please read the README. It requires an Apple developer cert.
In his tweet, Ian Beer talked about two bugs, one is called mptcp and other is vfs. The first bug requires developer certificate to exploit and the second bug doesn’t require any developer certificate. If the second bug is used in the next jailbreak tool, it means we will be having a fully tethered jailbreak for our devices. But in case it is not exploited, then the first one with semi-tethered feature will be used in the latest jailbreak for iOS 11.3.1, just like Yalu jailbreak for iOS 10.
The vfs bug doesn’t require an Apple developer cert but is considerably harder to exploit. You get to write 8 NULL bytes off the end of a kalloc.16 buffer. It’s sufficiently hard to exploit that it’s worth trying just to demonstrate that such issues are reliably exploitable…
What Electra Team Says About This Exploit:
Now it is up to the jailbreak community, especially the team behind Electra jailbreak, that how they use these bugs in their upcoming iOS 11.3.1 jailbreak for iPhone X, iPhone 8, iPhone 7, iPhone 6 and iPhone 5S model.
Ian Beer also confirms that he will soon publish the detailed method of exploitation in the next few days.
CoolStar, the team behind Electra, has already welcomed the news and confirmed the use of this exploit in the next major release of Electra.
Re: Ian’s recent release. He has released an exploit for mptcp (requires dev acct), and a bug that requires an exploit to be written for it (doesn’t require a developer account).
Will try to get a hold of a dev account to get started, but for release dev acct isn’t too great.
After analyzing all these recent updates regarding the iOS 11.3.1 jailbreaking process, it seems the next release is around the corner.
What We Should Do for iOS 11.3.1 Jailbreak:
If you are still on any older non-jailbreakable iOS version, update your devices to iOS 11.3.1. And in case you are planning to install iOS 11.4 in the coming days, please wait for a few more days as the new version of Electra liberation tool for your iPhone seems around the corner.
Source: twitter