Firmware Keys of iOS 9.3.5 Released, May lead to a Jailbreak

Today has been an interesting day in the world of jailbreaking. New developers have been able to achieve miraculous feats. Here’s all you need to know about it.

What are Firmware Keys? 

Hacker xerub, who is behind jailbreak tools such as extra_recipe, has released firmware keys for iOS 9.3.5.

Firmware Keys are “keys” that allow you to decrypt the root file system of an iOS version. Apple utilizes these “keys” for securing the files present in a firmware.

ios firmware

They are acquired through a low-level exploit such as the one used by limera1n jailbreak.

iKGD, developed by Neal, is one such tool that is based on limera1n’s exploit. iKGD automatically dumps the AES keys for iOS firmware.

Why are Firmware keys important?

Finding firmware keys per se doesn’t mean there will be a jailbreak. However, they are useful for decrypting IPSW firmware files.

Keys also signify the existence of an iBoot or a BootROM exploit out there.


Once a hacker gains access to the filesystem and bootloader, he can then proceed to detect security vulnerabilities that might lead to jailbreak. In layman’s terms, you can access the encrypted parts of a firmware.

The best part about this is that Apple can’t patch this exploit anymore since iOS 9.3.5 is the last firmware for 32-bit devices.

It works on all 32-bit iOS devices and 64-bit devices with some enhancements.

Are we getting an iOS 9.3.5 Jailbreak?

Jailbreak developer iH8sn0w has clearly stated that he “might” release his exploit once Apple officially stops supporting 32-bit devices.

As you already know, iOS 11 firmware‘s final version will only be compatible with 64-bit devices, not 32-bit devices. This development sure gives us all some hope.

9.3.5 jailbreak

Finding an iBoot exploit is no walk in the park, even for an advanced hacker who knows his stuff. I bet dollars to dinars that no hacker today will be able to find a security vulnerability in iBoot or BootROM like the older developer teams did.

This means iH8sn0w can keep this exploit stashed until Apple patches it. He can then utilize this exploit for infosec research on iOS 11 and newer firmware versions.

This exploit will most likely lead to a Userland jailbreak if it is made public. It will also allow you to downgrade to iOS 9.x if it’s compatible with iOS 10.

If you have any 32-bit device running iOS 9.3.5 lying around, it’s important to not lose hope at this point.

For more jailbreak scene updates, subscribe to our social channels.   

Leave a Reply

Share via
Copy link
Powered by Social Snap