In today's video, we're discussing yet another release from Google Project Zero, an iMessage exploit powerful enough that once can get unsandboxed remote code execution with it, so much so that Min (Spark) Zheng managed to extract files from an iPhone with it, and Samuel Groß managed to remotely open the "Calculator" application just by sending an iMessage to the target device which was an iPhone XS (A12). In his demo, Samuel first breaks ASLR by leaking the dyld_shared_cache base address, then proceeds to open the calculator app using the exploit.
Security researcher Natalie Silvanovich of Google Project Zero has posted a full writeup on the Project Zero blog detailing the vulnerability and how the exploit works. While this is not tfp0, it's still very impressive, and can potentially be used for a Jailbreak since it is unsandboxed. One of the uses could be as a vector to initialize the jailbreak itself, though I believe that is less practic than a standard #iOS application. The exploit works on iOS 12.3, iOS 12.3.1 and iOS 12.4.
As always, do not forget to SUBSCRIBE to stay updated with the latest iOS and Jailbreak news!
Security researcher Natalie Silvanovich of Google Project Zero has posted a full writeup on the Project Zero blog detailing the vulnerability and how the exploit works. While this is not tfp0, it's still very impressive, and can potentially be used for a Jailbreak since it is unsandboxed. One of the uses could be as a vector to initialize the jailbreak itself, though I believe that is less practic than a standard #iOS application. The exploit works on iOS 12.3, iOS 12.3.1 and iOS 12.4.
As always, do not forget to SUBSCRIBE to stay updated with the latest iOS and Jailbreak news!
