Home
ziVA Kernel Exploit for iOS 10.3.1 and below Released

ziVA Kernel Exploit for iOS 10.3.1 and below Released

August 24, 2017 Jailbreak, News No Comments

Finally, Israeli security researcher Adam Dodenfeld has released the highly anticipated kernel exploit. Here’s all you need to know about it.

Adam releases iOS Kernel Exploit for iOS 10.3.1

Adam Dodenfeld, a Zimperium Labs hacker, has recently made public ziVA, a powerful iOS kernel exploit. It hacks the kernel and allows the hacker arbitrary read-write permissions along with root access.

This exploit is compatible with all iOS 10 versions up to iOS 10.3.1. Furthermore, it also supports all iOS 10-compatible devices, including iPhone 7 and iPhone 7 plus.

hacker

Since this exploit has been released after Apple has stopped signing iOS 10.3.1, this will forever remain unpatched.

While this is a great thing, not many people are using iOS 10.3.1 at present.

How ziVA works

ziVA exploits the AppleAVE, a lesser-known kernel module that ignores all the basic security concepts.

Here’s a simplistic explanation of this complicated exploit.

  • This exploit revolves around the creation of an “IOSurface object” in the memory.
  • Due to poor implementation of certain functions, it doesn’t get destroyed like it’s supposed to.
  • Therefore, it remains in the primary memory longer than necessary.
  • At this very moment, a hacker can tinker around with it eventually gaining kernel level access.
  • Since it remains in the primary memory, it can lead to a complete device compromise.

jailbreak

Just like other jailbreak tools, you need proper offsets for your iOS device before you can test it out. Apple has already closed the underlying security vulnerabilities in iOS 10.3.2 update.

Adam will also be sending this exploit to Apple so they can take note of it.

Frequently Asked Questions

Q. Is ziVA an actual Jailbreak?

A. No, this is not a working jailbreak but a major step towards an actual jailbreak that will install Cydia on your device.

Q. Is it compatible with iOS 10.3.2?

A. Since Adam revealed these vulnerabilities to Apple, they have been patched in iOS 10.3.2 update. It only supports iOS versions less than or equal to 10.3.1.

Q. When will get an iOS 10.3.1 jailbreak?

A. An iOS 10.3.1 jailbreak is contingent to a developer packaging this exploit into a jailbreak. As of yet, no developer from the jailbreak community has started its development.

Q. Do we need a Sandbox escape for a working jailbreak?

A. Yes, a sandbox escape exploit is still needed. Thankfully, Project Zero hacker, Ian Beer, has already released his triple_fetch exploit that works up to iOS 10.3.2.

Q. Is a KPP/AMCC Bypass required?

A. No, ziVA exploits a very powerful security vulnerability at the kernel level. This means we don’t require a bypass for bypassing Apple’s hardware protection mechanisms (KPP/AMCC).

For more scene updates and releases, follow us on Facebook and Twitter.

34 Shares

Related Posts

About The Author

Gian

Gian is the resident jailbreak expert at Yalu Jailbreak. He has been jailbreaking his iPhone since 2010. Best way to catch his attention? Show him a tweak he hasn't installed.

Leave a Reply

Share via
Facebook
Twitter
LinkedIn
Mix
Email
Print
Copy Link
Powered by Social Snap
Copy link
CopyCopied
Powered by Social Snap