triple_fetch Exploit for iOS 10.3.2 Firmware Explained

As you know, Google Project Zero hacker Ian Beer recently made public two userland exploits. One of these exploits is called triple_fetch and here’s how it works.

How triple_fetch works

Hacker Ian Beer is the developer of the triple_fetch exploit. This exploit works for iOS 10.3.2 firmware and is based on the CVE-2017-7047 security vulnerability.

It is a part of the sandbox escape exploits released by Ian Beer a few days back.

At present, triple_fetch gives grants hackers the ability to tinker with userland processes such as backboardd, launchd, etc. We are still a long way away from a proper jailbreak.

triple_fetch exploit

Since it was patched on iOS 10.3.3, it’s safe to assume it works for iOS 10.0-10.3.2. Here’s how this exploit works.

  • Send a malicious message to a service.
  • The message then corrupts that service. 
  • The hacker now launch unsigned code or an lldb debugging server to access other processes.

Here’s a video by Youtuber Billy Ellis who explains it in great detail.

Can triple_fetch be used to develop a jailbreak?

It’s a major step towards a full-fledged jailbreak but there’s still some work to do. We can safely consider it as 25% of a jailbreak. The remaining exploits such as patching the kernel, bypassing the KPP, etc constitute the remaining 75%.

ios 10.3.1 jailbreak

This means you should downgrade to iOS 10.3.2 by all means. The signing window of iOS 10.3.2 is still open and you will be stuck on iOS 10.3.3 should you miss it.

All users, who are on iOS 10.3.1, should stay where they are.

Do you think this will lead to a jailbreak for iOS 10.3.x? Let us know in the comments section below.

For more scene updates and releases, follow us on Facebook and Twitter.

4 Comments

  1. Daniel Yankovich August 7, 2017
    • Luca R August 7, 2017
  2. jspx August 5, 2017
    • Luca R August 5, 2017

Leave a Reply