iOS 10 Port Possible?

Question

iOS 10 Port Possible?

Merculous opened this issue 5 years ago · 5 comments

Just a noob casually passing by. I know this is more driven to iOS 11.x, and just wondering how far this can actually be pushed to support other versions. I have a 5S jailbroken on 10.3.3 with Spyware JBME and wondered if this can be ported to the JBME or even replace it. And I fully aware of this "may" not be stable at the moment, but I'm willing to test for iOS 10 support if possible. Anyways, sorry for the noob question. Any thoughts or suggestions will be appreciated :D

Answer 1 · 2019-12-28T16:49:38.000Z

Nope. The aslr leak won't support 10. You'd know it if you saw the presentation.

Answer 2 · 2019-12-28T17:24:01.000Z

I did, I didn't say whether the leak worked, I asked if the actual untether can be adapted to iOS 10.

Answer 3 · 2019-12-28T18:13:59.000Z

The ASLR weakness is actually present on the last few versions of iOS 10, but only for 32-bit.

Answer 4 · 2019-12-28T20:27:08.000Z

Any plans for iOS 10.3.X 32 bit release then? Seems like a niche group nowadays

Answer 5 · 2020-06-28T06:50:12.000Z

Uhm... doubleH3lix doesn't have an ASLR bypass.

Also, using the current exploit strategy, you need an ASLR bypass that you can execute while building the ROP chain. In other words, you need to know an address that is always going to be mapped, no matter what.