Let’s review the content first. Master Linus Henze discovered a signature verification vulnerability that can bypass the iOS 14.3 - 14.5.1 system, which is what everyone calls a perfect jailbreak. Later, he also released a perfect jailbreak video on Twitter , A combination of five vulnerabilities can be used to attack the jailbreak.
As we all know, if you want to install the IPA application on the iOS system, you need a certificate signature. If you do not have a certificate signature, you cannot install it successfully. Therefore, Linus Henze found a way to bypass the signature and directly installed the jailbreak store to achieve permanent validity, which is CVE-2021-30740 loopholes.
until! In the morning session of October 25, 2021, Linus Henze was confirmed to be public. Unfortunately, the five vulnerability codes were not disclosed, but a boot installation tool called Fugu14 was released. This tool can be used to install unrestricted applications.
does not have a real public method of bypassing signatures, so there is no way to achieve the previous jailbreak state of restarting, and it can only be unrestricted for a certain application, so! unc0ver injects the Fugu14 tool for the first time to install the Untether unrestricted jailbreak tool.
followed! Master Linus Henze has discovered a way to circumvent signatures in iOS 15.4.1 and below systems. In other words, he can achieve a perfect jailbreak again, and also found four vulnerabilities, and these four vulnerabilities can be combined to achieve jailbreak.
Unfortunately, Linus Henze has not yet mentioned his intention to make it public, nor has he mentioned the Fugu15 tool. We can only wait patiently to see if there is any new progress.
-- Let’s start with the key points--
In the afternoon of July 2, zhuowei announced some signature bypass methods for CVE-2022-26766 and CVE-2022-26763, which was obviously an analysis of Linus Henze’s method, so the jailbreak community was active again stand up.
Which systems does this method support? unc0ver team Jake James responded that iOS 14.0 - 15.4.1 is supported.
In other words, iOS 14.0 - 14.8 can currently be jailbroken using this method to achieve unrestricted jailbreak, so! unc0ver iOS 14.6 - 14.8 will most likely be updated and added, provided that the crash problem caused by A12+ is solved.
followed! Taurine has added support for the first time, adding unrestricted jailbreak for iOS 14.0 - 14.3. You can directly search for: taurine-Permanent plug-in. After successful installation, two taurine tools will appear on the desktop, one of which does not rely on certificates.
Unfortunately, A12+ devices are currently not supported. Once the taurine-Permanent plug-in is installed on an A12+ device, a crash will occur when opening Taurine again. It only supports devices below A11, that is, devices below iPhone X.
If you have an iPhone 6S -
Regarding the crash issue caused by A12+, experts have already solved it. Please wait patiently for the next taurine-Permanent update to be released.
Regarding iOS 15.0 - 15.1.1 system jailbreak, this method also supports bypassing signatures. Domestic master Zhu Xinlang mentioned on Twitter that this method can be tested on iOS 15.1 without hooking amfid and can also bypass kernel AMFI detection. It really helps with Taurine15 jailbreak.
So! The iOS 15.0 - 15.1.1 system should be retained and do not upgrade on impulse. Jailbreak will not be far away from us. There will be one. There is no need to rush and it is not recommended to upgrade.
Regarding the iOS 15.2 - 15.4.1 system, there is currently no available kernel vulnerability, which means that the method of bypassing signatures cannot be used. You still need to wait patiently. Once you can jailbreak, you will most likely be able to experience unrestricted jailbreak. It seems that it is not necessary. I am worried that the certificate will be signed off.
That’s about it, by the way! Are you looking forward to experiencing unrestricted jailbreak on iOS 15? Please comment.
