Brandon Azad releases voucher_swap exploit for iOS 12.1.2

Google Project Zero hacker, Brandon Azad, recently released the voucher_swap exploit for iOS 12.1.2 and below versions. Here’s Why this exploit is important for users who are currently using an iOS 12 device.

voucher_swap exploit released for iOS 12.1.2

Google Project Zero researcher Brandon Azad It gets kernel task port and establishes a kernel function-calling primitive on iOS 12.1.2 on iPhone XS/XS Max, iPhone XR, and iPhone 8.

As Google Project Zero has a policy of disclosing the bug to the manufacturer, Apple has already patched the voucher_swap exploit in iOS 12.1.3. All versions below iOS 12.1.2 (included) up till iOS 11.2 are compatible, however.

Here’s a quick video demonstration of how this exploit works.

Just like the treadm1ll exploit, Brandon’s exploit also has a lot of moving parts.

As of right now, it does not support devices that come with an A8 chip (iPhone 6 and iPhone 6 plus) or below. But that could change in the future.   

Compatibility

Before you upgrade or downgrade your device to any iOS 12 version, make sure that it is compatible with your target firmware. 

Here’s the full compatibility chart for voucher_swap exploit – 

  • 12.1.2
  • 12.1.1
  • 12.1
  • 12.0.1
  • 12.0
  • 11.4.1
  • 11.4
  • 11.3.1
  • 11.3
  • 11.2.6
  • 11.2.5
  • 11.2.2
  • 11.2.1
  • 11.2

Will this exploit lead to a jailbreak?

iOS 12.0-12.1.2

Yes, voucher_swap is a powerful kernel-level exploit and, hence, makes jailbreaking iOS 12 possible. But here’s the catch: we are still missing some post-exploitation stuff, namely, RootFS remount and CoreTrust bypass.

Device compatibility another major roadblock leading up to an iOS 12 jailbreak. This exploit only supports the devices (iPhone XS, XR and iPhone 8) Brandon initially tested it on. 

Jake, Geosnow and several other developers are working on a port for older models so you can expect full compatibility within a few days.  

iOS 11.0-11.4.1

Thankfully, voucher_swap is also fully compatible with iOS 11 (up till iOS 11.2). Pwn20wnd has incorporated this exploit in the unc0ver jailbreak.

You can now switch over to v3.0.0 and select the most reliable for your device/firmware combination.     

Leave a Reply

Share32
Tweet