iOS 11 to iOS 11.4.1 Jailbreak
In this page we are discussing all the Jailbreak solutions and possibilities for iOS 11, iOS 11.0.3, iOS 11.1, iOS 11.1.1, iOS 11.1.2, iOS 11.2, iOS 11.2.1, iOS 11.2.2, iOS 11.2.5, iOS 11.2.6, iOS 11.3, iOS 11.3.1, iOS 11.4 and iOS 11.4.1.
Please select your preferred Jailbreak method for iOS 11 – iOS 11.4.1 Jailbreak.
This is the easiest method to Jailbreak iOS 11 – iOS 11.4.1 running iPhone / iPad. There are several online methods. You can complete these methods without Computer.
You can Jailbreak iOS 11 – iOS 11.4.1 device from your computer + Cydia Impactor. These are the standard methods. You need to use a MAC / Windows or Linux computer.
If you are a recent iOS or device user, you can refer to our following pages.
iOS 16 Jailbreak ( Beta )
iOS 15.6 Jailbreak ( Beta )
Following iOS 11 to iOS 11.4.1 online jailbreak tools / solution available.
- Anzhuang online
Anzhuang is the most popular online jailbreak app installer method for iOS 11 to iOS 11.4.1 in the world. It uses a dev code extraction method to install jailbreak apps. Russian hacker Ru$za found the dev code extraction method for the first time. Then Chinese hacking team developed it as Anzhuang. It has no direct link to install Anzhuang. You can download it through app stores such as zJailbreak, Xabsi or iExtras.
Device Compatibility :
iPhone X, iPhone 8 plus, iPhone 8, iPhone 7 plus, iPhone 7, iPhone 6S plus, iPhone 6S, iPhone 6 plus, iPhone 6, iPhone SE, iPhone 5S, iPad Pro (10.5-inch), iPad Pro (12.9-inch), iPad (9.7-inch), iPad Mini 4, iPad Air 2, iPad Mini 3, iPad Pro (9.7-inch), iPad Pro (12.9-inch), iPod Touch 6.
First, you need to download and install zJailbreak app store to your iPhone / iPad / iPod.
Then you can find the Anzhuang app from the zJailbreak app store. Continue the instruction to complete the Anzuang app installation.
Because the above app stores are donateware, you must donate to install them. It was available for free on the Anzhuang installation method. However, the free method misses the valuable function of Anzhuang. Therefore it is highly recommended to install a premium Anzhuang app.
- Velonzy Online
Velonzy is another jailbreak app installation method for iOS 11 to iOS 11.4.1 devices. It uses the UDID registration method to install jailbreak apps.
Velonzy allows registering user devices (UDID code) to their database. Users can sign up and download Jailbreak IPAs to their computer. Then they can use Velonzy Jailbreak app installer to install these IPAs on their iOS 11 + device.
Velonzy automatically has a UDID submission process. You can use a Computer or Online method (Using iOS 11.3 iPhone / iPad directly) to register your UDID with Velonzy database. We recommend using the online method to register the UDID on Velonzy database. It is easier than the Windows/Mac method.
- Apricot Virtual Jailbreak
Apricot WebOS is specially made targeting iPhone devices. It gives unique & uncommon OS experience as well as virtual jailbreak experience for the iPhone users. Apricot uses Unique UX Design to install Cydia virtually.
Some Apricot functions are more advanced than the default Apple OS functions.
Apricot allows you to switch default Apple iOS any time a user wants. So, it is 100% risk free to install.
Apricot developers upgraded the Apricot iOS compatibility up to the iOS 11.4.1 from iOS 11.
Apricot is a new way to experience the default of iOS 11 to iOS 11.4.1 any versions and Mirror Apricot iOS of it at the same time. It is a web-based procedure.
There is no other way to get these kinds of experiences. You can jailbreak any version from iOS 11 to iOS 11.4.1 Apricot web OS virtually and install Cydia on Apricot.
- Electra Online
Electra team with Coolstar has released Electra 1.2.0 tool using Ian Beer, Brandon Azad and tihmstar’s Exploits. All the 64-bit devices running iOS 11 to iOS 11.4.1 versions are supported well. You can install Cydia, Sileo as well as Electra Repo using this tool.
- Unc0ver Online
Pwn20wnd has released Unc0ver tool v3.0.0 to jailbreak iOS 11 to iOS 11.4.1 running iPhone, iPad or iPod along with hacker Sam Bingner. UI designed by Dennis Bednarz and Samg_is_a_Ninja. It is the semi-untethered Jailbreak.
It will Install Cydia on your devices to install more jailbreak apps. According to the developer’s, uncover is more stable Same tool can be used for Jailbreak iOS 12 & higher. It is available both Online method and PC method of Unc0ver jailbreak. However, Online is the easiest way to complete the jailbreak.
Main features of unc0ver jailbreak
- All exploits can access a single app
- Better performance and stability
- Cydia performance enhanced
- Automatic root filesystem restore
- No battery drain or slowdowns
You can complete unc0ver jailbreak without a PC. you can download Unc0ver Jailbreak online from zJailbreak, Xabsi or iExtras.
Following Computer based jailbreak methods are available to jailbreak iOS 11 to iOS 11.4.1 devices.
- Electra Jailbreak
CoolStar,(developer of the Electra) released Electra jailbreak with Cydia for iOS 11 & higher versions.Now Electra has added Sileo support too.
Electra is a semi-untethered jailbreak. It is based on the IPA + Cydia impactor method and you must have a Windows or Mac computer to run the Cydia impactor to install the Electra IPA.
Device compatibility :
iPhone X, iPhone 8, iPhone 8 Plus, iPhone 7, iPhone 7 Plus, iPhone 6s, iPhone 6s Plus, iPhone 6, iPhone 6 Plus, iPhone SE, iPhone 5s.
12.9-inch iPad Pro, 2nd generation 12.9-inch iPad Pro, 1st generation 10.5-inch iPad Pro, 9.7-inch iPad Pro, iPad Air 2, iPad Air, iPad 5th generation, iPad mini 4, iPad mini 3, iPad mini 2.
iPod touch 6G
- Electra PC required Guide
Note – Before running the Electra 1.2.0 tool, you must delete the OTA (Over the air) update and reboot the device.
Step 01 – Download the latest Electra 1.2.0 version and Cydia Impactor tool from the following buttons. You must download Cydia Impactor according to your Computer.
Step 02 – You should connect your device with the computer. Then run the Cydia Impactor. Now, drag the downloaded Electra 1.2.0 IPA into the Cydia impactor tool.
Step 04 – You must provide your Apple ID Email and the password to sideload Electra 1.2.0 IPA to your iOS 11.4.1 device.
Step 05 – Now, it will be available as an Electra Jailbreak app on your iDevice homescreen.
Step 06 – Trust the Electra app before running it. (Settings → General → Profile & Device management → Trust)
Step 07 – Run the Electra app on your device. Then tap the Jailbreak button. Make sure to enable Tweaks before tapping the jailbreak button.
Step 08 – Now, it will be completed the Electra jailbreak process on your device.
Step 08 – Finally, the device will reboot after completing the jailbreak process. Check your device homescreen now. Cydia will be available there.
Note – You must re jailbreak your device with Electra app, after every reboot, because Electra 1.2.0 jailbreak is Semi-Untethered.
- Unc0ver PC Required Guide
Renowned developers pwn20wnd released an unc0ver jailbreak for iOS 11. This is the same as Electra Jailbreak and has improved the performance and stability. Also, this is a semi-untethered jailbreak which means you need to re-jailbreak your device once the reboot.
- Enable Airplane Mode before starting the jailbreak.
- Disable your passcode, Touch ID, Face ID & Siri before starting the jailbreak.
- Reboot your device after doing the above steps.
Step 01 – Download the unc0ver IPA and Cydia Impactor tool from the following links.
(Make sure to download Cydia Impactor tool according to the Computer)
Step 02 – Run the Cydia Impactor tool from your Computer.
Step 03 – Drag & drop downloaded unc0ver.IPA file on to the Cydia Impactor.
Step 04 – Provide your Apple ID & Password to sign in to your device to start the sideload process.
Step 05 – Once the sideload process is complete, unc0ver jailbreak app has installed on your device. Before opening, the app trusts the developer profile. Go to Settings → General → Profiles & Device Management → Trust.
Step 06 – Now run Unc0ver app from your iOS device and Tap on Jailbreak button to put your device on jailbreak status.
Step 07 – After a few seconds, your device will, and you can find Cydia on your device homescreen.
- Velonzy PC method
Velonzy has both iOS and Windows and Mac computer-based Jailbreak app installation methods based on UDID registration. We recommend the Computer method because You will be able to install more Jailbreak apps on your iOS 11+ devices using this Velonzy Windows/Mac software.
Velonzy is a donateware. You must donate to submit your UDID to the Velonzy database.
Install Velonzy for iOS 11 – iOS 11.4.1
First It needs to donate to access both Velonzy Online and PC Methods.
Once you donate them, the developer will send you the email link to register your UDID. You need to open the link from your iOS device or PC.
If you open the link from the iOS device, it will redirect you to the “Install UDID Submitter” Window.
If you open the link from the PC, it will redirect you to the “Register UDID button” window.
Then follow the below guides according to your installation method.
Velonzy PC / Mac method to install jailbreak apps
Step 01 – Tap the “Register UDID button.”
Step 02 – Find your device UDID using iTunes & Copy it. Then paste your UDID and click register.
Step 03 – Now you can download the Velonzy app installer according to your computer OS.
Step 04 – Then Go to Velonzy Jailbreak IPA list. Paste your device UDID code to selected Jailbreak apps. Then it will download the IPA file to your computer.
Step 05 – Connect your any of iOS 11 to iOS 11.4.1 devices with the PC or Mac.
Step 06 – Open Velonzy app installer. Then drag and drop the downloaded IPA into the Velonzy app installer.
Step 07 – Now you have successfully installed jailbreak apps to your devices using Velonzy.
- LiberiOS Jailbreak
After LiberTV Jailbreak for tvOS 11, Jonathan Levin/Morpheus released the LiberiOS Jailbreak for iOS 11 versions. LiberOS is based on the tfp0 iOS 11.1.2 exploit.
Note – Cydia hasn’t been updated for iOS 11 by saurik. He will update Cydia soon. Because Cydia is not stable at this stage, highly recommend not to use it until confirming the availability of Cydia.
Compatible Devices :
iPhone – iPhone X, iPhone 8 Plus, iPhone 8, iPhone 7 Plus, iPhone 7, iPhone 6S Plus, iPhone 6S, iPhone 6 Plus, iPhone 6, iPhone SE, iPhone 5S
iPad – 12.9-inch iPad Pro, 2nd generation 12.9-inch iPad Pro, 1st generation 10.5-inch iPad Pro, 9.7-inch iPad Pro, iPad Air 2, iPad Air, iPad 5th generation, iPad mini 4, iPad mini 3, iPad mini 2
iPod – iPod touch 6G
Step Guide to Install LiberiOS Jailbreak
Step 01 – Download LiberiOS IPA and Cydia Impactor form following buttons.
Step 02 – Connect your iOS 11 device to the computer. Launch Cydia Impactor on your computer. It will detect your iOS 11 device.
Step 03 – Drag the LiberiOS IPA file into the Cydia impactor and Enter your Apple ID & the password.
Step 04 – It will install LiberiOS App on your device. After the installation, you must trust the app before opening it.
General — > Settings — > Profiles & Device Management — > Trust the Enterprise App.
Step 05 – Now launch the LiberiOS Jailbreak app from the homescreen. Click the “Do it” button to start the jailbreak process.
Step 06 – It will take a few times to complete the Jailbreak process. Finally, you should get the screen indicating that the jailbreak has been successful.
Congratulations!Your device is now jailbroken!
- Houdini Semi Jailbreak
Abraham Masri updated Houdini semi jailbreak tool for iOS 11.3.1.
He released Houdini beta 3 with the support of iOS 11.3.1 to iOS 11.2 including new features such as added Passcode customization, Home and lock screen widgets, Customize iOS 11 Control Center, etc.
It was updated using Ian beer iOS 11.3.1 exploit and previously he upgraded Houdini for iOS 11.1.2 to iOS 11 versions. It was initially released for iOS 10 to iOS 10.3.2 versions.
Houdini Device Compatibility
iPhone X, iPhone 8 & 8 Plus, Phone 7 & 7 Plus, iPhone 6S & 6S Plus, iPhone 6 & 6 Plus, iPhone SE, iPhone 5s.
iPad Mini 2, iPad Mini 3, iPad Mini 4, iPad Air, iPad Air 2, iPad Pro
iPod Touch 6G
Houdini Installation Guide (PC Required)
Step 01 – Download Houdini Semi Jailbreak IPA from the following button.
Step 02 – Download the Cydia Impactor from Official site.
Step 03 – Launch Cydia Impactor and drag and drop the Houdini IPA to the Cydia impactor.
Step 04 – Enter your Apple ID and passcode to sideload the Houdini IPA.
Step 05 – Once complete the installation process, Houdini app available on your device homescreen.
Step 06 – Before opening it trust the Houdini app. Go to Settings > General > Profile & Device Management > Trust the app.
Congratulations! Now you have installed the Houdini on your iOS 11.3.1 iPhone / iPad. You can customize your device using Houdini now. However, you cannot install Cydia with Houdini Semi Jailbreak. Houdini Online guide to install jailbreak apps for iOS 11.3.1 will be available soon with zJailbreak or Xabsi app store.
More iOS 11 to iOS 11.4.1 Jailbreak
- New blizzard Jailbreak for iOS 11 – iOS 11.4.1
Blizzard Jailbreak is a new open source jailbreak designed by famous developer GeoSn0w (@FCE365). It is initially supported for the iOS 11 – iOS 11.4.1 jailbreak and planned to upgrade iOS 12, iOS 13 – iOS 13.5 later. Also, Blizzard will be compatible with all device models including A12 / A13 devices. Zebra is the default package manager for the Blizzard Jailbreak. Also, you can install another package manager too. However, it is still not available to download for the public. Full components and documentation will be released soon by @FCE365. Stay tuned to get download links and guides soon.
Watch the following Video to see the Blizzard Jailbreak user interface.
- Yalong Semi-Untethered Jailbreak
Yalong iOS 11.4 is one of IPA + Cydia impactor Semi-untethered Jailbreak methods. Yalong Jailbreak installs Cydia on your iOS 11.4 running 5S device. It has a Yalong Windows version only. The Mac version will be available soon.
Currently, Yalong is the only IPA + Cydia impactor method for iOS 11.4. Most probably, Electra, Pangu or Yalu will release Semi-untethered jailbreak tool based on the IPA + Cydia impactor method to target Jailbreak iOS 11.4 version.
Here is the Yalong Jailbreak procedure for iOS 11.4 Jailbreak.
- Make sure to backup your device using iTunes.
- Disable Passcode/Touch ID/Find My iPhone
- Turn ON Airplane Mode, while the jailbreak process.
- Download Cydia impactor from the official site.
Step 01 – Download the Yalong IPA from the following button.
Step 02 – Connect your iOS 11.4 iPhone to your PC via USB cable.
Step 03 – Drag and drop the Yalong IPA into the Cydia Impactor app.
Step 04 – Enter your Apple ID and password. Now Cydia Impactor will install the new Yalong jailbreak app on your iPhone.
Step 05 – Now Yalong app installed successfully on your iPhone. Go to your device homescreen and run the Yalong app on your device. Click on the Jailbreak button.
Step 06 – After a few seconds Cydia icon will show up on your iOS 11.4 device.
TweakMo is another jailbreak app installer which uses the UDID registration method. It installs jailbreak apps on iOS 11.4 version. Tweak Mo offers a wide variety of modified/tweaked social media apps, Games, entertainment etc.
It has three types of memberships as Silver, Gold, and Platinum. According to membership type, Tweak Mo features may vary.
You can get step guide, download links, free installation methods and more details from TweakMo official site.
How developed iOS 11 – iOS 11.4.1 Jailbreak? (Related News)
- iOS 11.4.1 Jailbreak by Tihmstar
Tihmstar who brought Phoenix, JailbreakMe 4.0 & Etason working for iOS 11.4.1. Tihmstar who brought Phoenix, JailbreakMe 4.0 & Etason working for iOS 11.4.1. Already he has finished the exploit and Achieved the kernel base. As a skillful Jailbreak developer no doubt about Tihmstar’s iOS 11.4.1 Jailbreak. So if your device is running on iOS 11.4.1 version, don’t upgrade it, stay on iOS 11.4.1. Here is Tihmstar’s tweets about iOS 11.4.1 Jailbreak progress.
- New iOS 11.4.1 / 11.4 Jailbreak Achieved by Code4iOS
James Seeley / @Code4iOS has tweeted a crash log from iOS 11.4.1 Jailbreak. This is used on multiple jailbreaks including the Electra Jailbreak, Unc0ver, and Meridian. Also, he asked folks to try this jailbreak.
Further, he said, he created Code4iOS for the public as a tool to customize and secure their devices & his site contains iOS Configuration Profiles that are signed using the Code4iOS Profile Signing Certificate.
The famous iOS security researcher GeoSn0w / @FCE365 is interested in this and he has published a video on Youtube regarding this. He already messaged Code4iOS to ask for more details and still no response from this developer. However, he recommends that you avoid trying this iOS 11.4.1 jailbreak related thing until he confirms it is legitimate.
- iOS 11.4.1 Jailbreak by Zlabs Team
Zlabs team team has announced iOS 11.4.1 jailbreak as JailbreakMe UEF. Still, they have not released the IPA and Project has released to GitHub mentioning it will be coming soon. This is compatible with all iOS 11.4 to iOS 12.0.1 versions.
- iOS 11.4.1 zero Jailbrake2.0 by Yangcheesen, H_PW2NTP, TinLin, ZerojbTeam, TeamZlab
Vietnam champion U23 Asia, Tinlin tweeted zero jailbreak for iOS 11.4.1 & iOS 11.4 will be coming soon. Since iOS 11.2 versions they have been talking about their Jailbreak tool. There is not much information about them hence they are newcomers to the Jailbreak Community.
- As promised Ian Beer released iOS 11.4.1 exploit to the public
A month ago Ian beer announced about the IOS 11.4.1 exploit and he released it to the public as promised. It consists of following iOS security exploits.
Kernel UaF exploit
Kernel info leak exploit
Sandbox escape exploit
However, these bugs are not powerful enough for an iOS 11.4.1 jailbreak and it is useful when in conjunction with other public exploits, in the future.
According to Jake James, an iOS jailbreak tweak developer, these exploits don’t grant root access, which is necessary for the jailbreak.
- Ian Beer (@i41nbeer) has found iOS 11.4.1 exploits
Ian Beer has found iOS 11.4.1 exploits and It will be released soon. Most probably, he will shift it to iOS 12. According to his tweet, we can guess both iOS 11.4.1 and iOS 12 jailbreak with Electra tool.
Ian Beer used the same tweet to inform using the mptcp/vfs exploits for security research.
- Richard Zhu demos iOS 11.4 jailbreak
Security researcher Richard Zhu demonstrated iOS 11.4 Jailbreak using iPhone 7. He is the 2018 Pwn2Own champion and newcomer for the Jailbreak community. He shows a jailbroken device running Apple’s latest iOS 11.4 version. He runs the mobile Terminal app and signs into root with the default password ‘alpine.’
- FilzaJailed /FilzaEscaped for iOS 11.3.1
FilzaJailed iOS file manager just updated for iOS 11.3.1 to iOS 11.2 versions. There is no jailbreak method to get full root access for all the files in the directory. Bas vT / @AppleDry05 is the creator of FilzaEscaped. Download FilzaJailed /FilzaEscaped from here.
- RootlessJB for iOS 11.3.1
New concept Jailbreak called RootlessJB released by Jake James. It is not a system rooted jailbreak and does not install Cydia. It allows you to install Cydia tweaks on iOS 11.3.1 to iOS 11.2 with the support of Filza and ZipApp free.
- Phoenix Dev Team releases Safari exploit for iOS 11.3.1
Niklaus Baumstark has released browser-based Safari exploit for iOS 11.3.1 version. The Safari browser exploits using the CVE-2018-4233 WebKit bug based on Ian Beer’s tfp0 exploit. Niklaus Baumstark is a member of Phoenix Dev Team. Previously, this team has discovered the bugs in Safari and Participated in the Pwn2Own 2018 too.
However, these bugs have patched on the iOS 11.4 versions.
- Ian Beer released second iOS 11.3.1 Jailbreak exploit :
Again, Ian Beer released empty_list, a proof-of-concept exploit for getvolattrlist iOS 11.3.1 kernel bug.
- iOS 11.3.1 Electra with Cydia demoed
Electra developer Cool star & the team workers shared the Electra1131 jailbreak progress. This time @nullriver shared numerous screenshots of Cydia running on iOS 11.3.1 version.
Besides, another Electra team member, @Pwn20wnd has confirmed that the new Electra1131 tool will offer a feature that users can revert to a non-jailbroken state with the new Electra app.
- iOS 11.3.1 Jailbreak Exploit Released By Google’s Ian Beer :
As promised, Ian beer has released the iOS 11.3.1 exploit in the public domain.
Ian beer who released tfp0 exploit for iOS 11 again working for the iOS 11.3.1 exploit and he informed via his official twitter aC.Jailbreak developers can create iOS 11.3.1 Jailbreak using this exploit.
- iOS 11.3.1 Jailbreak Demo by @S0rryMybad :
Qixun Zhao/(@S0rryMybad) a member of the Qihoo 360 Vulcan team, Jailbreak the iOS 11.3.1. He confirmed it via his official Twitter page and thanks to Qihoo 360 Vulcan Team and @Morpheus. As well he published a demonstration video to the Chinese site. Zhao shows off Mobile Terminal running on the iOS 11.3.1 device with root access before launching Cydia. However, there is no hint about public release yet.
Watch the following video by @S0rryMybad
- iOS 11.3.1 Jailbreak by Spark and Bxl :
Min(Spark) Zheng and Xiaolong Bai (@bxl1989) have Jailbreak iOS 11.3.1 version. They have published a demonstrated iOS 11.3.1 video on youtube as well as the official Twitter page. Before Spark tweeted, he successfully jailbreak the iOS 11.3 version too. However, even Spark owns OverSky jailbreak, he never released it to the public. Therefore, most probably this will be a private jailbreak too.
- Keen iOS 11.3.1 Jailbreak :
Liang Chen and Marco Grassi (Tencent Keen Security Lab) proved the Semi-Untethered jailbreak possibility of iOS 11.3.1 version. They have successfully jailbreak iOS 11.3.1 version using iPhone X at Infiltrate Security Conference 2018.
Also, Liang Chen tweeted one of the screenshots having Cydia on iOS 11.3.1 version through his official twitter account.
However, there is no mention about the public release of Keen IPA to jailbreak iOS 11.3.1 yet. Keen Lab demonstrated iOS 11.1.1, iOS 11 and iOS 10.3.2 previously. They did not release the Keen jailbreak method which was used to jailbreak iOS 11.1.1, iOS 11 and iOS 10.3.2 at that time too.
- Ian beer – Memory corruption issue (CVE-2018-4206)
Ian beer, who brought us iOS 11- iOS 11.1.2 exploit for potential Jailbreak, discovered the Memory corruption issue on iOS 11.3 running iPhone 5s and later, iPad Air and later, and iPod Touch 6th generation. He reported the vulnerabilities existing on iOS as well as MacOS. He released the POC info on the exploit to the public. We expect this would be developed as an iOS 11.3 Jailbreak tool, the same as previous Electra Jailbreak.
However, these vulnerabilities were patched by Apple releasing iOS 11.3.1.
- Min (Spark) Zheng iOS 11.3 Jailbreak
As we are aware, Min Zheng’s iOS 11.3 jailbreak works in progress. Here is the Latest news about iOS 11.3 Jailbreak status. He tweeted that he successfully jailbreak iOS 11.3 and published the screenshot of Cydia configuration.
However, when we are going through his history, we can not expect a public release for OverSky iOS 11.3 jailbreak whether it is real iOS 11.3 jailbreak or not.
Min Zheng (Alibaba security team) root shell access achieved on iOS 11.3. Achieving root access is leading to potential jailbreak and now so much closer to iOS 11.3 Jailbreak.
Previously he has discovered a zero-day bug and a kernel bug which allows the attacker to execute unsigned code with kernel privileges in iOS 11.3 versions. These vulnerabilities affected iOS 11.2.6 and older versions, too. That means you still have a chance to jailbreak these versions and we can keep hope for iOS 11.3 jailbreak and you should prepare your device for a future jailbreak or semi-jailbreak release. It is recommended to save SHSH Blobs for iOS 11.3 version.
- iOS 11.2.6 & iOS 11.2.5 has fixed number of bugs
iOS 11.2.6 & iOS 11.2.5 updates are stable than the iOS 11.2.This iOS 11.2.6 & iOS 11.2.5 versions contain a number of bug fixes. According to jailbreak experts it is more difficult to rooted jailbreak iOS 11.2.6 & iOS 11.2.5 than iOS 11.2, iOS 11.2.1 and iOS 11.2.2. That is because of It has many vulnerabilities in iOS 11.2 to iOS 11.2.2 versions and Apple patched those vulnerabilities by iOS 11.2.6 & iOS 11.2.5 updates. Here are the details about bug fixes in brief.
Memory corruption issue by Russ Cox of Google (CVE-2018-4082)
Russ Cox discovered the memory corruption issue arose in iOS 11.2 – iOS 11.2.2 running iPhone 5S and later, iPad Air and later, iPod touch 6th generation. This issue leads to executing arbitrary code with kernel privileges. This is the most important fact to create a jailbreak tool. However Russ Cox reported this bug to Apple and They have Patched it through the iOS 11.2.5 update.
Memory corruption issue by Rani Idan of Zimperium zLabs Team (CVE-2018-4087/CVE-2018-4095)
Rani reported memory corruption issues which are caused to execute arbitrary code with system privileges. The problem is affected by iOS 11.2 to iOS 11.2.2 running iPhone 5S, and later, iPad Air and later, iPod touch 6th generation devices. This issue is a privilege to potential jailbreak.
Apart from the above major issues, It has several bugs reported as follows.
CVE-2018-4090: Jann Horn of Google Project Zero
CVE-2018-4094: Mingi Cho, MinSik Shin, Seoyoung Kim, Yeongho Lee and Taekyoung Kwon of the Information Security Lab, Yonsei University
CVE-2018-4092: Stefan Esser of Antid0te AND
CVE-2018-4100: Abraham Masri (@cheesecakeufo)
CVE-2018-4085: Ret2 Systems Inc. working with Trend Micro’s Zero Day Initiative
CVE-2018-4086: Ian Haken of Netflix
CVE-2018-4096: found by OSS-Fuzz
However all these bugs are patched by iOS 11.2.5 update. It has mentioned in “About Apple security content of iOS 11.2.5.”
Even though these are patched in iOS 11.2.5 update, iOS 11.2 to iOS 11.2.2 firmware is remaining the bugs above. In that manner, it is effortless to jailbreak iOS 11.2 – iOS 11.2.2 versions. That is because there is a Sandbox escape attribute which is essential to create a jailbreak tool. So we can keep hopes about Untethered or Semi-tethered jailbreak for iOS 11.2 – iOS 11.2.2 jailbreak than iOS 11.2.5 & iOS 11.2.6.
- Zimperium zLabs release iOS 11.2.2 Vulnerabilities
Security Researcher Rani Idan, member of the Zimperium zLabs, has published two iOS vulnerabilities which are potentially leading to Jailbreak. They have discovered the following vulnerabilities and are active on iOS 11.2 / iOS 11.2.1 and iOS 11.2.2.
CVE-2018-4095 – Memory corruption over bluetoothd.
CVE-2018-4087 – Execution of arbitrary code on different crucial daemons.
Previously Zimperium zLab’s member Adam Donenfeld released a fully chained iOS kernel exploit (ziVA) that works on all the iOS devices running iOS 10.3.1 and it is appropriate for iOS 10.3.1 Jailbreak.
According to Rani :
They have reported these bugs to Apple, and they have fixed it by iOS 11.2.5 update. However, Rani promised to publish more details regarding the research process and technical write up, along with the full exploit source code. He expressed his gratitude to Apple as well as the zLabs team and Nikias Bassen (@pimskeks) for the support throughout the project.
Sandbox escape is an essential part of jailbreak. If they release this as an open source code project, definitely jailbreak experts can develop this up to Jailbreak. However we recommend that you follow the below steps to get iOS 11.2 Jailbreak as soon as it was released.
Downgrade your device to iOS 11.2 – iOS 11.2.2
Save SHSH Blobs for your device
Don’t upgrade your device if you are an iOS 11.2.2 or below user
- Russ Cox’s kernel exploit
According to rumors :
Security Researcher Russ Cox who works for Google has found the new Kernel Exploit for iOS 11.2. As once Ian beer released iOS 11 – iOS 11.1.2 exploit many jailbreak tools arrived for iOS 11, everyone expects it will hit iOS 11.2 Jailbreak using this kernel exploit.
According to Russ Cox Kernel exploit support list, it will work on iPhone 5S and later, iPad Air and later, iPod touch 6 devices running iOS 11.2, iOS 11.2.1 & iOS 11.2.2. Therefore, some jailbreak experts advise you to get ready for iOS 11.2 to iOS 11.2.2 jailbreak.
In addition to that rumors says, Russ Cox did not release the exploit to the public yet and informed via the official Twitter account that he has planned to release the kernel exploit to the public soon.
According to Russ Cox :
However, Russ Cox said he did not release any kernel exploit and he just reported the bugs only. Here is the screenshot of his tweet.
He is absolutely right and we can find that from Apple’s Security content. Apple patched this vulnerability in iOS 11.2.5 which was discovered from iOS 11.2. Here is the Screenshot of Apple’s security content of iOS 11.2.5.
However, there is still the chance to Jailbreak the iOS 11.2 because that bug remains same for the iOS 11.2 versions hence this was patched in iOS 11.2.5.
Whatsoever it is advisable staying on iOS 11.2 – iOS 11.2.2 versions than updating to iOS 11.2.5.
- Kernel level async_awake exploit
This tfp0 exploit was discovered by Google security researcher Ian beer for Google’s Project Zero. That exploit was released for the iOS 11 and higher versions for the 1st time and many developers released Jailbreak tools for iOS 11 & higher versions using this exploit.
This time many hackers are busy with releasing untethered or Semi-tethered Jailbreak for iOS 11.2 to iOS 11.2.2 using this exploit.