Skip to content


Links for 2013-02-06

  • Evasi0n Jailbreak’s Userland Component

    Good writeup of the exploit techniques used in the new iOS jailbreak.

    Evasi0n is interesting because it escalates privileges and has full access to the system partition all without any memory corruption.  It does this by exploiting the /var/db/timezone vulnerability to gain access to the root user’s launchd socket.  It then abuses launchd to load MobileFileIntegrity with an inserted codeless library, which is overriding MISValidateSignature to always return 0.

    (tags: jailbreak ios iphone ipad exploits evasi0n via:nelson)