Twitter user leaks iOS 9 BootROM and iBoot source code online

iOS 9’s BootROM and iBoot source codes have been floating around for some time now. Thankfully, a Twitter user managed to get his hands on them and leaked it to the public.

q3hardcore leaks BootROM and iBoot source codes  

A Twitter user who goes by the name, q3hardcore, recently leaked Apple’s classified internal code online.

Earlier, this code was shared by developers in private and even sold by some before it was leaked. It has been in the public domain for about 4 months. 

hacker

The source code package titled iBoot_BootROM_iBSS_iBSS_iLLB_Source_Codes.rar is available for download publicly below. This version is missing a few files that were present in the original leak.

It also includes a “Documents” section, which provides a lot of in-depth information on how various components work.

This source code pertains to a specific build of iOS 9 firmware (9.3.x). As far as the device-specific code goes, there are identifiers present for iPhone 6s/6s plus, and iPhone SE.

Download BootROM/iBoot source code

How can this prove useful?

Untethered jailbreak for iOS 9

An iBoot exploit could potentially lead to an untethered jailbreak for the affected iOS 9 versions.

This seems somewhat plausible because an iBoot exploit is relatively easier to build.

Downgrade without SHSH

An untethered downgrade requires a BootROM exploit, which is very valuable and difficult to develop.

ios firmware

Even if a hacker releases such an exploit publicly, it will only be useful for 32-bit devices.

64-bit devices require a much powerful exploit for downgrading because they have SEP firmware to take care of.

Security research

Such a leak is of immense importance for professional security researchers and jailbreak developers alike.

Hackers can’t compile or test this code out because of missing tools. They can, however, use it to find security vulnerabilities in iOS 9 and then develop exploits based on them.

ios 9 jailbreak

Moreover, it can also prove useful for finding vulnerabilities for future versions and modern 64-bit devices.

As you already know, a BootROM exploit allows users to downgrade without SHSH Blobs. This is essential

10 Comments

  1. Chaudhry Abdul Aziz February 15, 2018
  2. Center February 9, 2018
    • iOS Expert February 9, 2018
  3. dplewis February 8, 2018
    • iOS Expert February 8, 2018
  4. Kislay February 8, 2018
    • iOS Expert February 8, 2018
  5. 0xdeadc0de February 8, 2018
    • Chris February 8, 2018
  6. async_wake February 7, 2018

Leave a Reply