Developer and security researcher Linus Henze has made public an exploit that exists within Safari for iOS and macOS and which affects iOS 12.1 and below. The bug itself manifests itself in the way RegEx is matched and handled on affected platforms.
This latest work and publication has been put out into the public domain by Henze due to the fact that Apple has patched the discovery in the latest version of WebKit, which means that it is no longer available in iOS 12.1.1 and later.
However, from a jailbreak perspective, this could potentially give someone with the right knowledge and skillset the basis to put together another JailbreakMe-esque creation that would allow devices to be liberated directly from within Safari on an iOS device.
If successful, and if the other relevant parts could be put together to make this possible, it would mean that there would be no need to install any jailbreak IPA file via tools like Cydia Impactor and no need to continually go through that process when the device has been rebooted or turned off. All of the jailbreak code injection could be done through Safari on the device with no need for any other tools or software.
In terms of the exploit itself, Henze describes it as a “WebKit-RegEx-Exploit”:
This is an optimization error in the way RegEx matching is handled. By setting lastIndex on a RegEx object to a JavaScript object which has the function toString defined, you can run code although the JIT thinks that RegEx matching is side effect free.
He also references that the bug is very similar to a previous bug found by @5aelo. The release of this bug, will, of course, mean that the jailbreak community will once again be up in arms about the potential of a jailbreak coming for iOS 12.x.
Currently, it’s only possible to publicly liberate an iOS device running up to iOS 11.4 beta 3 running a tool like Electra or unc0ver. To date, we’ve been privy to multiple bugs and exploits within Apple’s iOS 12 platform but none of those have yielded in the release of any public jailbreak.
If this progresses, we will be sure to keep you in the loop.
(Source: @LinusHenze [Twitter])
You may also like to check out:
- How To Downgrade iOS 12.1.1 To iOS 12.1
- Download iOS 12.1.1 Final IPSW Links And OTA Update For iPhone And iPad
- iOS 12.1.1 Final Changes, Release Notes And Features: Here’s What Is New
- Jailbreak iOS 12.1.1: Apple Details Ian Beer Jailbreak Exploit Patched In Latest Firmware
- Jailbreak iOS 12.1 / iOS 12 Update: Sandbox Escape Released To Public
- Jailbreak iOS 12.1.1 / 12.0.1 / 12 On iPhone And iPad [Status Update]
You can follow us on Twitter, add us to your circle on Google+ or like our Facebook page to keep yourself updated on all the latest from Microsoft, Google, Apple, and the Web.