Luca Todesco Releases Browser Based iOS 9.3.3 Pangu Loader

Noted iOS security researcher and hacker Luca Todesco has just released a WebKit-based loader for the Pangu 9.3.3 jailbreak. This impressive browser exploit is reminiscent of the original JailbreakMe exploits on iOS 1 and iOS 4, after which it is named.


Whilst this development is testament to Todesco’s hacking skills and has alleviated one major problem with the current 9.3.3 jailbreak: its reliance on developer certificates for the loader app, there is bound to be some confusion over what this tool actually does, and what it means for the jailbreak community. This post aims to bring some clarity to the topic.

Basically, the exploit lets you reactivate the Pangu jailbreak by just navigating to https://jbme.qwertyoruiop.com/ and clicking Go.

It can:

  • Re-activate the Pangu semi-(un)tether on jailbreak devices.
  • Work without the certificate restrictions which have until now been a downside of this jailbreak.
  • Work without an app, directly from your browser.

It cannot:

  • Jailbreak devices on firmwares not supported by the Pangu jailbreak.
  • Install Cydia (which means it is not a suitable replacement for the initial Pangu jailbreak program, only for the re-activation payload).
  • Work on any 32-bit device (iPhone 5 or older).
  • Make your jailbreak permanently untethered.
In summary, this exploit is at present a straight replacement for the Pangu re-jailbreaking apps on iOS 9.3.x. It is however a remarkable achievement given that it works via a webpage in mobile Safari, traditionally a difficult place from which to mount an exploit.

One last point to note for those hoping for a fully untethered 9.3.3 jailbreak is that Todesco has commented that an untether for this exploit is not out of the question. However, it is unclear at the moment whether he intends to work on this.

 


blog comments powered by Disqus
Octofinder Blog Catalog