stage 1 and stage 2

Question

stage 1 and stage 2

Closed this issue 6 years ago · 1 comments

are you going to upload stage1.js and stage2.js or are they closed source? Also, does this work on ios, since the vuln should work on ios...

Answer 1 · 2018-08-17T23:34:11.000Z

I uploaded stage1 and a dummy stage2 which simply does puts("Hello World"): 441e4e3
I'll publish the real stage2 (the sandbox escape) later this year.

The bug also works on iOS, yes. You can find a working exploit here: https://github.com/niklasb/phoenhex-files/tree/master/exploits/ios-11.3.1