Developer ARX8x burns iOS 11 kernelcache patching bug

Generally, jailbreak developers guard bugs and exploits very closely. However, they unintentionally end up making them public at times. This is what happened with developer ARX8x who recently burnt a valuable iOS 11 bug.

ARX8x pulls off his ECID Reader utility

Developer ARX8x recently released a new on0device ECID reader and APTicket dumper tool for iOS. While the ECID reader is rather simple, dumping onboard APTicket files requires a bug.

The APTicket component of this tool utilized a patching method, which is currently known to only a few developers.

Any hacker or security researcher can reverse engineer and learn more about this iOS bug now that it is publicly available.

Here’s how the app looked like (thanks Matis for the screenshot).

ECID reader

For the uninitiated, ARX8x is an experienced developer and has developed tools like v0rtexnonce, Telegram jailbreak bot, etc in the recent past.

Thankfully, the developer pulled off the tool from his website before users could download it.

Some users, however, who downloaded the app while the download link was alive, can continue using it.

Where does this leave us?

Though the tool is no longer online, the bug garnered a lot of attention.

If Apple’s security team gets its hands on this specific method, needless to say, this specific patching method will be closed soon.


Even developer Nullpixel told the developer that this he shouldn’t have burnt this bug by releasing such a simple tool.

Such vulnerabilities don’t drop in daily and, hence, burning them on something other than a jailbreak or a nonce setter is not wise. How this development will affect upcoming jailbreak tools still remains to be seen.

Was this a wise decision on ARX8x’s part? Drop your thoughts and opinions in the comments below.

For more jailbreak scene news and updates, follow us on Facebook and Twitter.

Leave a Reply

Share via
Copy link
Powered by Social Snap