Tihmstar has just released a powerful tfp0 exploit for iOS 11.4-11.4.1. Here’s what this means for the jailbreak community.
Table of Contents
treadm1ll exploit achieves tfp0 on iOS 11.4.x
Tihmstar’s latest exploit, termed “treadm1ll”, successfully achieves tfp0 on iOS 11.4 and 11.4.1 versions. As of now, it works only on devices having a headphone jack (iPhone 6/6 plus and below).
The exploit per se doesn’t rely on a headphone jack. The reason behind its limited support is the presence of KTRR security mechanism that Apple first introduced in iPhone 6s and iPhone 6s plus.
The renowned German hacker has published the exploit’s source code on GitHub below.
Didn't plan to release it like this, but i'm now busy with other stuff and probably not gonna come back to this project.
tfp0 exploit which *should* work up to 11.4.1 on headphonejack-devices.
Didn't finish cleanup, but maybe it's still useful .https://t.co/PbhgzM198a pic.twitter.com/NZlrVwAI3q
— tihmstar (@tihmstar) January 29, 2019
For those who don’t know, tfp0, or in other words, root access, is an important component of a jailbreak tool.
It grants the hacker root privileges to the iOS operating system, thus allowing unfettered access to system properties.
Here’s a caveat, though. Tihmstar released this exploit just because he no longer has the time to work on it and has abandoned the project.
So, naturally, the treadm1ll exploit is a bit “raw” out-of-the-box in its current form. In spite of that, development teams behind Electra and unc0ver jailbreak tools are working to improve its reliability and make it compatible with modern devices.
The exploit is also missing some offsets. This, however, is rather simple to fix and is as simple as inputting the correct numbers in the correct places.
iOS 11.4-11.4.1 jailbreak released
Coolstar et al have already released v1.2.0 update to Electra jailbreak based on Tihmstar’s treadm1ll exploit.
The exploit has also received an upgrade in the form of enhanced support that now makes it compatible with headphone jack devices.
All models above A9-chip devices (iPhone 6S and 6S Plus) as well as A10 (iPhone 7 and iPhone 7 plus) and A11 devices (iPhone X, iPhone 8, and iPhone 8 plus).
If you are still on iOS 11.4.x, stay where you are and don’t jailbreak your iPhone or iPad just yet. The app simply crashes on iOS 11.4-11.4.1 as Coolstar forgot to add the correct right build number for those versions.