33% of iOS 10.3.2 Jailbreak Achieved, says Alibaba Security Engineer

Min “Spark” Zheng, a senior security engineer at Alibaba, claims 33% of an iOS 10.3.x jailbreak has already been achieved. Let’s find out how much weights his claim holds.

Zheng analyzes triple_fetch exploit

Min Zheng has posted an in-depth analysis of Ian Beer’s triple_fetch exploit for iOS 10.0-10.3.2. Here’s what the Chinese hacker tweeted.

For the uninitiated, Zheng is an eminent security researcher and hacker. He currently works for Alibaba. He has also worked with internet giants like Tencent and Baidu.

In his analysis, Zheng played around with the triple_fetch NSXPC security vulnerability. Subsequently, he introduced a function that performs a Stack Pivot attack.

This attack allows arbitrary code execution permissions through ROP (Return Oriented Programming).

triple fetch

Tencent KeenLab member Laing Chen has also analyzed this exploit in the past. However, his analysis was extremely complex and perplexing.

What else is required for a 10.3.2 jailbreak?

As you already know, Ian Beer’s exploits are not capable of exploiting the kernel. We still require one or two more powerful security vulnerabilities in XNU or IOKit.

The hacker also explains that Apple has already patched the KPP bypass technique used by yalu102. This certainly means there’s still a lot of work to be done.

keenlabjb

Although Zheng has never released anything, he is well respected within the jailbreak community. Therefore, any tweet or information that comes from him is highly reliable.

Apple has already stopped signing iOS 10.3.2 and yet a jailbreak is nowhere to be found. Hopefully, a fully working jailbreak tool will be released soon for iOS 10.3.x.

When do you think iOS 10.3.2 will become free from Apple’s shackles? Let us know in the comments below.

For more scene updates and news, like and follow us on Twitter and Facebook.

3 Comments

  1. windowsio ROBLOX And More August 15, 2017
    • Luca R August 15, 2017
      • windowsio ROBLOX And More August 24, 2017

Leave a Reply