Flying JB (OverSky Jailbreak)
Min Zheng has announced Flying JB (OverSky / aka Flying jailbreak) for iOS 9.3.4 as well as iOS 9.2.1 versions. However, these were not released to the public and considered as private jailbreak tools.
Min Zheng / Min (Spark) Zheng is famous as Android & iOS Senior Security Engineer at Alibaba. Also he was credited for the vulnerabilities in iOS versions prior to iOS 9 by Symantec on 16th September 2015.
Min Zheng’s all Jailbreak approaches as follows
iOS 12 to iOS 13.4 Jailbreak
Zheng continuously supports jailbreak every iOS version there is no hint about iOS 12.1.3 & higher version.
Refer to the following pages to get information about the latest version jailbreak.
Previously, Zheng and Xiaolong Bai attended iOS iOS 12.1.2 jailbreak. They achieved root access on iOS 12.1.2 running iPhone XS max. Time to time they are publishing proof about iOS 12.1.2 jailbreak related things.
Here are some of the few tweets screenshots extracted from his official twitter ac.
Min Zheng announced via tweeted about iOS 12 jailbreak achieved on iPhone XS by Pangu team.
Zheng has previously tweeted about iOS 12 untethered jailbreak has been achieved on an iPhone X by Pandora Lab. Also Zheng & Xiaolong Bai iOS senior security engineers at Alibaba released a video on Weibo Chinese site.
iOS 11.4 / iOS 11.4.1 Jailbreak
Min Zheng attended iOS 11.4 Jailbreak. He achieved the Sandbox Escape bug on iOS 11.4. This vulnerability is a very important part of Jailbreak.
Min (Spark) Zheng & Xiaolong Bai speak about “Fasten your seatbelts: We are escaping iOS 11 sandbox” 26th Def-Con Hacking Conference held on 9th-12th August 2018 at the Caesars Palace in Las Vegas, Nevada, USA.
Also, deliver a speech about “One bite and all your dreams will come true: Analyzing and Attacking Apple Kernel Drivers.”
However, he did not mention about iOS 11.4.1 jailbreak.
iOS 11.3.1 Jailbreak
Again Min Zheng comes with iOS 11.3.1 Jailbreak. Spark (@SparkZheng) and Bxl (@bxl1989) published iOS 11.3.1 Jailbreak demonstration video on youtube as well as the twitter page. However, there is no hint about the public release of this iOS 11.3.1 Jailbreak. Sometimes they won’t release it to the public as earlier OverSky Jailbreaks.
iOS 11.3 Jailbreak
Min Zheng continuously worked on iOS 11.3 Jailbreak. This time Zheng has confirmed that he has successfully jailbreak iOS 11.3 with his latest tweet.
He always shared the progress of work through Twitter and before this he tweeted as he wasn’t able to remount rootfs and get R/W privileges to install Cydia.
Even if it is real iOS 11.3 jailbreak, most likely private Jailbreak is the same as his previous Jailbreak tools.
Min Zheng again surprised the jailbreak community by achieving root shell access on iOS 11.3. It is an essential part of iOS 11.3 Jailbreak. He informed me about this via his official twitter ac. Check below screenshot.
A couple of days ago he discovered a new kernel vulnerability survive in iOS 11.3 versions. It exists in iOS 11.2.6 and Older versions too. Zheng tweeted it via his official Twitter page. Still, Zheng has not confirmed further details about the exploits. Apparently, this would be useful to develop an iOS 11.3 jailbreak tool.
OverSky iOS 9.3.4 Jailbreak
Min Zheng announced iOS 9.3.4 Jailbreak method. He published a youtube video demonstration of iOS 9.3.4 OverSky (aka Flying) Cydia Installation process using an iPhone 6. It shows an app called ‘OverSky’ being launched that performs actions like “Exploiting kernel” → “Patching Kernel” → “Installing Cydia.” Watch the following Video.
Flying JB iOS 9.2.1 Jailbreak
Min Zheng has demonstrated jailbreak method for iOS 9.2.1 via youtube video. Flying JB is based on inpuTbag (after the popular Prison Break character Tbag), a 15-year-old kernel HeapOverFlow vulnerability.
The demo shows ‘Flying JB’ app is successfully jailbreaking iPhone 5c running iOS 9.2.1. Flying JB tool is a little bit different than other jailbreak tools. Cause, when running the JB tool, it installs the terminal app into the home screen. It means it is not 100% complete jailbreak. Therefore we have to run the terminal app manually if we need to complete the full jailbreak.
And on the other side, even if he has entered into the system root of the device by jailbreaking, it has not published any note, it is possible to install Cydia automatically or at least by manually.
Min Zheng’s video has ended, when it enters the system root using the Flying JB tool. So, it has little doubt about the success of it. As the new JB tool developer he must prove the possibility of installing Cydia using the same video. Watch the following video carefully. However, he has mentioned Apple has fixed this vulnerability in iOS 9.3.2.
Flying JB’s guide
Download the needed files via https://github.com/zhengmin1989/iOS_ICE_AND_FIRE . There is a readme file inside of the zip. Need to follow it for the jailbreak perfection.
Flying JB tool for latest iOS versions
If the flying JB tool needs to go to the future, it wants to expand. Working only with 32 bit devices is not enough, when discussing the latest iOS versions. The Flying JB tool needs to work with 64 bit devices too. All the latest iDevices are 64-bit devices. Already there are several jailbreak tools available for iOS 11 & higher versions.
What so ever, it needs the complete jailbreak using the tool. When checking his above video it can identify that after running the Flying JB tool, it installs terminal app only. Then the terminal app should run to complete the jailbreak manually. Without having codes and apps knowledge, it can not complete the jailbreak for Cydia.
Completing the jailbreak as well as installing Cydia with a flying JB tool is a little bit harder than other JB tools, when watching the video. There is no news on how to install Cydia after completing the jailbreak too. So, all of these issues should be managed, if this tool works with the latest iOS versions.
Reliability of OverSky Jailbreak tool among the jailbreak lovers
Lots of Jailbreak lovers are aware of every new release related to jailbreak just like this tool. Most of them say that this tool is fake. Few of them trust this. Actually it has some doubt to trust, when comparing all the information about the Flying JB tool. These info got from the jailbreak users to prove it. So, following screenshots witnesses for that.
- Users are well known about this jailbreak.
- Excited comment from excited user.
- It has been given an excellent explanation from a Flying JB tool lover for another user, who claims this tool is fake.
- Some negative thinking about this tool.
- One of the users has given positive comments about the tool.
- One user reveals one of the fake Flying JB twitter accounts. Actually it is not an official account. Min Zheng also informs it via his twitter account. see the following picture to know Min Zheng’s announcement.
When comparing Flying JB with TaiG jailbreak, PP Jailbreak and also Pangu jailbreak, it is not sure about JB tool release of this in the future. At least jailbreak possibility proven also is in zero marks, when comparing with the iH8sn0w jailbreak, i0n1c jailbreak.
Jailbreak App Installers
Jailbreak app installation methods available for latest iOS versions. Dev Code extraction method is one of the best jailbreak app installation methods for iOS 12 to iOS 12.1.4 versions. UDID registration method also installs Jailbreak apps up to iOS iOS 11.4.1 version. So far these methods are the best jailbreak app installation methods for latest iOS versions.
Saigon jailbreak tool released to jailbreak iOS 10.2.1 version. Saigon is developed by Abraham Masri (iabem97/cheesecakeufo), and It is a semi-untethered jailbreak method.Saigon does not use new exploits and only chains together triple_fetch exploit+ziVA exploit+extra_recipe exploits to jailbreak your device.
KeenLab proved iOS Jailbreak possibility for many iOS versions as follows so far.
Jailbreak iOS 12.2 on iPhone XS Max at InfiltrateCon 2019
iOS 12.1 jailbreak on iPhone Xs at PoC 2018
iOS 12 Jailbreak on iPhone Xat RECon conference
iOS 11.3.1 Jailbreak using iPhone X at InfiltrateCon 2018
iOS 11.1.1 jailbreak at PoC 2017
Jailbreak iOS 11 beta 2 on iPhone 7, Jailbreak iOS 10.3.2 on iPhone 6 & Jailbreak iOS 10.3.2 on iPhone 7 on MOSEC 2017
However they have not released a public tool yet & it has many jailbreak tools for these versions now.
Phoenix jailbreak released jailbreak tool for iOS 9.3.5 running 32-bit devices. This is a semi-untethered jailbreak, and both online, and pc required jailbreak method available with this tool.