Release of Exploit PoC

If you were following the news on the security research of iOS and iPadOS devices, then you would have noticed that there was recently a kernel bug found by Mohamed Ghannam. This kernel bug allowed the iOS and iPadOS 14.1 devices to be completely owned. However, later Mr. Ghannam revealed to everyone that this bug only works on the device variants that are iOS 13 or iPadOS 13 and not iOS & iPadOS 14.1 as he previously claimed.

This was a huge bummer for users who were excited about a potential exploit release for the iOS and iPadOS 14 devices. But the good news is that Mr. Ghannam has officially released exploit proof of change kernel that is known as OOB events. It was released on Wednesday and includes instructions on how users can achieve kernel task port on their iOS 13.7 and iPadOS 13.7.

If you are new to this, let me explain what a kernel task port (tfp0) is. This basically allows the users to enable arbitrary read and writes to their device’s kernel memory. This is essentially used in jailbreaking. So, what does this mean for you?

Well, it is not as simple as it sounds. Later, Ghannam followed up with another tweet mentioning that he won’t recommend using this exploit on a personal device as it can leave the device unstable. We gather that this exploit is not quite reliable for use, especially a public jailbreak. It can leave your device kernel in arbitrary panics and will be harder to bring stability to the diverse range of Apple devices.

Does this mean you shouldn’t use this exploit? That’s not what we mean. However, it would require a lot of effort and time from someone to improve this exploit. In the past couple of years, several famous hackers and jailbreakers including Jake James have been able to improve several exploits to make them stable for Apple devices. But we don’t know if any individual hacker or person from the jailbreak community will be taking up the challenge to improve this exploit or not.

One thing to remember is that Mr. Ghannam’s exploit is supported up to iOS & iPadOS 13.7 while most other exploits can be supported by iOS & iPadOS 13.5 only. There is another jailbreak in works that can supposedly support up till iOS & iPadOS 13.7 but it is being handled by a different group of people.

It is quite fascinating to wonder what will happen to this new exploit and whether someone will be able to create a jailbreak from it or not. If we are lucky, someone might just work on it and improve its stability. The worst-case scenario is that nothing will happen to this exploit and we will have to wait a little longer for another jailbreak/exploit to be released. However, keep sure to keep your device at the lowest possible firmware if you wish to jailbreak your device in the future.

If you wish to check Mr. Ghannam’s exploit, then you can head to the official Github page. Do let us know if you try out this exploit and how did it fare for you.