SlideShare une entreprise Scribd logo

iOS jailbreaking

Télécharger en tant que PPTX, PDF
Varun Luthra
Varun Luthra

This document provides an overview of iOS jailbreaking. It explains that jailbreaking removes limitations imposed by Apple to allow root access and installation of unauthorized apps. Reasons for jailbreaking include customization, adding features, and making development easier. The document discusses the jailbreaking process, which involves exploiting checkpoints in the device startup process. It also covers jailbreak tools, repositories for unauthorized apps like Cydia, common jailbreak terms, and legal issues.

1  sur  20
iOS Jailbreaking We Control our iDevice
What is iOS Jailbreaking? • iOS jailbreaking is the process of removing the limitations imposed by Apple on devices running the iOS operating system through the use of hardware/software exploits . • Jailbreaking allows iOS users to gain root access to the operating system.
Why Jailbreak? • One of the main reasons for jailbreaking is to expand the feature set limited by Apple and its App Store and get paid apps for free. • Users install these programs for purposes including personalization and customization of the interface, adding desired features and fixing annoyances,and making development work easier.
Processing Involved •Jailbreak itself is getting control over the root and media partition of your iDevice; where all the iOS’s files are stored at. •To do so /private/etc/fstab must be patched. •fstab is the switch room of your iDevice, controlling the permission of the root and media partition. The default is ‘read-only’, allowing eyes and no hands.
•The main problem is not getting the files in, but getting them trough various checkpoints. These checkpoints were put by Apple to verify if the file is indeed legit, or a third- party. •When an iDevice boots up it goes trough a “chain of trust”. It goes on the following (specific) order: Runs Bootrom: Also called “SecureROM” by Apple, it is the first significant code that runs on an iDevice. Runs Bootloader: Generally, it is responsible for loading the main firmware.
Loads Kernel: Bridge between the iOS and the actual data processing done at the hardware level. Loads iOS: The final step to the chain, iOS starts and we get our nice “Slide to Unlock” view. •The jailbreaker objective is to either patch the checks or simply bypass them. •Thus bringing us to the two main exploit categories: Bootrom exploit: Exploit done during the bootrom. It can’t be patched by conventional firmware update, and must be patched by new hardware.
•Since it’s before almost any checkpoint, the malicious code is injected before everything, thus allowing a passage way to be created to bypass all checks or simply disable them. •Userland exploit: Exploit done during or after the kernel has loaded and can easily be patched by Apple with a software update. •Since it’s after all the checks, it injects the malicious code directly into the openings back into the kernel. These openings are not so easy to find, and once found can be patched.
Types Of Jailbreak •Tethered: With a tethered jailbreak, if the device starts back up on its own, it will no longer have a patched kernel, and it may get stuck in a partially started state. •Untethered: An untethered jailbreak has the property that if the user turns the device off and back on, the device will start up completely.
How to Jailbreak? •redsn0w: redsn0w is a free iOS jailbreaking tool developed by the iPhone Dev Team, capable of executing jailbreaks on many iOS devices. •Absinthe or greenpoisi0n: It is another tool created to jailbreak Apple iOS devices, developed by Chronic Dev Team.
Cydia •Developed by Jay Freeman (also called "saurik") and his company, SaurikIT. •Cydia is a graphical front end to Advanced Packaging Tool (APT) and the dpkg package management system, which means packages available in Cydia are provided by a decentralized system of repositories (also called sources) that list these packages.
iOS ‘Signature’ Feature •In September 2009 Cydia was improved to help users to downgrade their device to versions of iOS not currently allowed by Apple. Cydia caches the digital signatures called SHSH blobs used by Apple to verify restores of iOS. •Cydia's storage mechanism enables users to downgrade a device to a prior version of iOS by means of a replay attack.
Installous •Installous is an iOS application developed by docmorelli and originally created by puy0. • Installous allows users to download, install, update and share cracked iOS applications in a clean and organized fashion. It has been installed on nearly thirteen million different devices.
Jailbreak Terminologies •Baseband: This has everything to do with your service and signal. This is why most unlockers have to be extremely careful when upgrading. If the baseband changes, it can permanently keep them from achieving an unlock. •Blobs : When you upgrade firmware in iTunes, you’ll see at the top when you start a restore “Verifying restore with Apple”. SHSH blobs basically give iTunes a fake hand to shake, which in turn, makes iTunes think your restore has been verified.
•DFU mode : Stands for device firmware update. DFU mode will talk to iTunes but it bypasses iBoot which will then allow you to downgrade firmware. Most jailbreaks will require DFU mode for these reasons as opposed to recovery mode. •SpringBoard: The graphical user interface on iOS devices. •Respring: Process of restarting the springboard. Many Cydia packages will require users to do this in order to install and execute bottom level files.
Top 10 Cydia Sources 1. http://cydia.hackulo.us/ 2. http://repo.hackyouriphone.org/ 3. http://repo.insanelyi.com/ 4. http://apt.modmyi.com/ 5. http://cydia.xsellize.com/ 6. http://apt.thebigboss.org/repofiles/cydia/ 7. http://repo666ultrasn0w.com/ 8. http://ihacksrepo.com/ 9. http://sinfuliphonerepo.com/ 10.http://biteyourapple.net/
Top 10 Cydia Tweaks 1.Byta Font 2.SB Settings 3.Barrel 4.Zephyr 5.Call Bar 6.Activator 7.Swipe Selection 8.Bigify+ 9.Springtomize 10.Bite SMS
Open SSH •The iPhone runs on a basic variant of Mac's OS X operating system, which is Unix-based. This means that if you're so inclined, you could jailbreak the iPhone platform and install certain Unix apps with SSH daemon to accept remote connections -- thus turning the iPhone into a tiny computer. •This is a useful utility for the users in order to allow SSH access to the device. Once the SSH gets access to the system, you can use the SSH clients to access the main file of your device for editing.
•SSH consumes more battery power and allows the hackers to get access to your file system if you forget to close or disable SSH. Changing root password is necessary.
Legal Issues • Under the Digital Millennium Copyright Act, jailbreaking iPhones is legal in the United States, although Apple has announced that the practice "can violate the warranty“. •As of July 26, 2010, the U.S. Copyright Office has approved exemptions to the DMCA that allow iPhone users to jailbreak their devices legally.
R.I.P.

Recommandé

Email investigation
Email investigationEmail investigation
Email investigationAnimesh Shaw
 
Intrusion detection system
Intrusion detection system Intrusion detection system
Intrusion detection system gaurav koriya
 
What is Email Header - Understanding Email Anatomy
What is Email Header - Understanding Email AnatomyWhat is Email Header - Understanding Email Anatomy
What is Email Header - Understanding Email Anatomyemail_header
 
Email security - Netwroking
Email security - Netwroking Email security - Netwroking
Email security - Netwroking Salman Memon
 
SSL
SSLSSL
SSLBadrul Alam bulon
 
Cyber security and emails presentation
Cyber security and emails presentationCyber security and emails presentation
Cyber security and emails presentationWan Solo
 
E mail forensics
E mail forensicsE mail forensics
E mail forensicssaddamhusain hadimani
 
Cloning
CloningCloning
CloningDevansh Khanna
 

Recommandé

Email investigation
Email investigationEmail investigation
Email investigationAnimesh Shaw
 
Intrusion detection system
Intrusion detection system Intrusion detection system
Intrusion detection system gaurav koriya
 
What is Email Header - Understanding Email Anatomy
What is Email Header - Understanding Email AnatomyWhat is Email Header - Understanding Email Anatomy
What is Email Header - Understanding Email Anatomyemail_header
 
Email security - Netwroking
Email security - Netwroking Email security - Netwroking
Email security - Netwroking Salman Memon
 
SSL
SSLSSL
SSLBadrul Alam bulon
 
Cyber security and emails presentation
Cyber security and emails presentationCyber security and emails presentation
Cyber security and emails presentationWan Solo
 
E mail forensics
E mail forensicsE mail forensics
E mail forensicssaddamhusain hadimani
 
Cloning
CloningCloning
CloningDevansh Khanna
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection systemOECLIB Odisha Electronics Control Library
 
Mobile security
Mobile securityMobile security
Mobile securitypriyanka pandey
 
Email Forensics
Email ForensicsEmail Forensics
Email Forensicsprimeteacher32
 
Cloud-forensics
Cloud-forensicsCloud-forensics
Cloud-forensicsanupriti
 
Cyber Security Layers - Defense in Depth
Cyber Security Layers - Defense in DepthCyber Security Layers - Defense in Depth
Cyber Security Layers - Defense in DepthMuhammad Faisal Naqvi, CISSP, CISA, AMBCI, ITIL, ISMS LA n Master
 
mobile forensic.pptx
mobile forensic.pptxmobile forensic.pptx
mobile forensic.pptxAmbuj Kumar
 
Computer forensics and its role
Computer forensics and its roleComputer forensics and its role
Computer forensics and its roleSudeshna Basak
 
Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...
Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...
Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...JAINAM KAPADIYA
 
Information Security Policies and Standards
Information Security Policies and StandardsInformation Security Policies and Standards
Information Security Policies and StandardsDirectorate of Information Security | Ditjen Aptika
 
Mobile Forensics
Mobile ForensicsMobile Forensics
Mobile Forensicsprimeteacher32
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information securityKATHEESKUMAR S
 
Seminar-Two Factor Authentication
Seminar-Two Factor AuthenticationSeminar-Two Factor Authentication
Seminar-Two Factor AuthenticationDilip Kr. Jangir
 
Security Basics
Security BasicsSecurity Basics
Security BasicsRishi Prasath
 
Soc
SocSoc
SocMukesh Chaudhari
 
Email Security and Awareness
Email Security and AwarenessEmail Security and Awareness
Email Security and AwarenessSanjiv Arora
 
Digital Anti-Forensics: Emerging trends in data transformation techniques
Digital Anti-Forensics: Emerging trends in data transformation techniquesDigital Anti-Forensics: Emerging trends in data transformation techniques
Digital Anti-Forensics: Emerging trends in data transformation techniquesSeccuris Inc.
 
Introduction to Malware Analysis
Introduction to Malware AnalysisIntroduction to Malware Analysis
Introduction to Malware AnalysisAndrew McNicol
 
E mail Investigation
E mail InvestigationE mail Investigation
E mail InvestigationDr Raghu Khimani
 
Secure coding practices
Secure coding practicesSecure coding practices
Secure coding practicesMohammed Danish Amber
 
Pgp
PgpPgp
PgpReham Maher El-Safarini
 
Jailbreaking iOS
Jailbreaking iOSJailbreaking iOS
Jailbreaking iOSMihir Patel
 
Jailbreaking iOS
Jailbreaking iOSJailbreaking iOS
Jailbreaking iOSKai Aras
 

Contenu connexe

Tendances

Cloud-forensics
Cloud-forensicsCloud-forensics
Cloud-forensicsanupriti
 
mobile forensic.pptx
mobile forensic.pptxmobile forensic.pptx
mobile forensic.pptxAmbuj Kumar
 
Computer forensics and its role
Computer forensics and its roleComputer forensics and its role
Computer forensics and its roleSudeshna Basak
 
Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...
Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...
Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...JAINAM KAPADIYA
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information securityKATHEESKUMAR S
 
Seminar-Two Factor Authentication
Seminar-Two Factor AuthenticationSeminar-Two Factor Authentication
Seminar-Two Factor AuthenticationDilip Kr. Jangir
 
Email Security and Awareness
Email Security and AwarenessEmail Security and Awareness
Email Security and AwarenessSanjiv Arora
 
Digital Anti-Forensics: Emerging trends in data transformation techniques
Digital Anti-Forensics: Emerging trends in data transformation techniquesDigital Anti-Forensics: Emerging trends in data transformation techniques
Digital Anti-Forensics: Emerging trends in data transformation techniquesSeccuris Inc.
 
Introduction to Malware Analysis
Introduction to Malware AnalysisIntroduction to Malware Analysis
Introduction to Malware AnalysisAndrew McNicol
 

Tendances (20)

Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection system
 
Mobile security
Mobile securityMobile security
Mobile security
 
Email Forensics
Email ForensicsEmail Forensics
Email Forensics
 
Cloud-forensics
Cloud-forensicsCloud-forensics
Cloud-forensics
 
Cyber Security Layers - Defense in Depth
Cyber Security Layers - Defense in DepthCyber Security Layers - Defense in Depth
Cyber Security Layers - Defense in Depth
 
mobile forensic.pptx
mobile forensic.pptxmobile forensic.pptx
mobile forensic.pptx
 
Computer forensics and its role
Computer forensics and its roleComputer forensics and its role
Computer forensics and its role
 
Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...
Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...
Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...
 
Information Security Policies and Standards
Information Security Policies and StandardsInformation Security Policies and Standards
Information Security Policies and Standards
 
Mobile Forensics
Mobile ForensicsMobile Forensics
Mobile Forensics
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information security
 
Seminar-Two Factor Authentication
Seminar-Two Factor AuthenticationSeminar-Two Factor Authentication
Seminar-Two Factor Authentication
 
Security Basics
Security BasicsSecurity Basics
Security Basics
 
Soc
SocSoc
Soc
 
Email Security and Awareness
Email Security and AwarenessEmail Security and Awareness
Email Security and Awareness
 
Digital Anti-Forensics: Emerging trends in data transformation techniques
Digital Anti-Forensics: Emerging trends in data transformation techniquesDigital Anti-Forensics: Emerging trends in data transformation techniques
Digital Anti-Forensics: Emerging trends in data transformation techniques
 
Introduction to Malware Analysis
Introduction to Malware AnalysisIntroduction to Malware Analysis
Introduction to Malware Analysis
 
E mail Investigation
E mail InvestigationE mail Investigation
E mail Investigation
 
Secure coding practices
Secure coding practicesSecure coding practices
Secure coding practices
 
Pgp
PgpPgp
Pgp
 

En vedette

Jailbreaking iOS
Jailbreaking iOSJailbreaking iOS
Jailbreaking iOSMihir Patel
 
Jailbreaking iOS
Jailbreaking iOSJailbreaking iOS
Jailbreaking iOSKai Aras
 
Hotspots of biodiversity
Hotspots of biodiversityHotspots of biodiversity
Hotspots of biodiversitySomya Bagai
 
Evolution & structure of erp
Evolution & structure of erpEvolution & structure of erp
Evolution & structure of erpSomya Bagai
 
History and Evolution of ERP & SAP
History and Evolution of ERP & SAPHistory and Evolution of ERP & SAP
History and Evolution of ERP & SAPShivkumar Rai
 

En vedette (7)

Jailbreaking iOS
Jailbreaking iOSJailbreaking iOS
Jailbreaking iOS
 
Jailbreaking iOS
Jailbreaking iOSJailbreaking iOS
Jailbreaking iOS
 
Hotspots of biodiversity
Hotspots of biodiversityHotspots of biodiversity
Hotspots of biodiversity
 
Evolution of ERP
Evolution of ERPEvolution of ERP
Evolution of ERP
 
Evolution & structure of erp
Evolution & structure of erpEvolution & structure of erp
Evolution & structure of erp
 
History and Evolution of ERP & SAP
History and Evolution of ERP & SAPHistory and Evolution of ERP & SAP
History and Evolution of ERP & SAP
 
Evolution of ERP Systems
Evolution of ERP SystemsEvolution of ERP Systems
Evolution of ERP Systems
 

Similaire à iOS jailbreaking

Android and ios cracking, hackintosh included !
Android and ios cracking, hackintosh included !Android and ios cracking, hackintosh included !
Android and ios cracking, hackintosh included !Veduruparthy Bharat
 
OWASP Melbourne - Introduction to iOS Application Penetration Testing
OWASP Melbourne - Introduction to iOS Application Penetration TestingOWASP Melbourne - Introduction to iOS Application Penetration Testing
OWASP Melbourne - Introduction to iOS Application Penetration Testingeightbit
 
Ruxmon April 2014 - Introduction to iOS Penetration Testing
Ruxmon April 2014 - Introduction to iOS Penetration TestingRuxmon April 2014 - Introduction to iOS Penetration Testing
Ruxmon April 2014 - Introduction to iOS Penetration Testingeightbit
 
Toorcon 2010: IPhone Rootkits? There's an App for That
Toorcon 2010: IPhone Rootkits? There's an App for ThatToorcon 2010: IPhone Rootkits? There's an App for That
Toorcon 2010: IPhone Rootkits? There's an App for ThatEric Monti
 
CNIT 128 Ch 3: iOS
CNIT 128 Ch 3: iOSCNIT 128 Ch 3: iOS
CNIT 128 Ch 3: iOSSam Bowne
 
Attacking and Defending Apple iOS Devices
Attacking and Defending Apple iOS DevicesAttacking and Defending Apple iOS Devices
Attacking and Defending Apple iOS DevicesTom Eston
 
Rooting an Android phone
Rooting an Android phoneRooting an Android phone
Rooting an Android phoneArnav Gupta
 
Yow connected developing secure i os applications
Yow connected developing secure i os applicationsYow connected developing secure i os applications
Yow connected developing secure i os applicationsmgianarakis
 
ios 5 semi tethered jailbreak
ios 5 semi tethered jailbreakios 5 semi tethered jailbreak
ios 5 semi tethered jailbreakJack Smith
 
iOS-Application-Security-iAmPr3m
iOS-Application-Security-iAmPr3miOS-Application-Security-iAmPr3m
iOS-Application-Security-iAmPr3mPrem Kumar (OSCP)
 
2a Analyzing iOS Apps Part 1
2a Analyzing iOS Apps Part 12a Analyzing iOS Apps Part 1
2a Analyzing iOS Apps Part 1Sam Bowne
 
Forensics WS Consolidated
Forensics WS ConsolidatedForensics WS Consolidated
Forensics WS ConsolidatedKarter Rohrer
 
iOS Application Security
iOS Application SecurityiOS Application Security
iOS Application SecurityEgor Tolstoy
 
CNIT 128 2. Analyzing iOS Applications (Part 1)
CNIT 128 2. Analyzing iOS Applications (Part 1)CNIT 128 2. Analyzing iOS Applications (Part 1)
CNIT 128 2. Analyzing iOS Applications (Part 1)Sam Bowne
 
AusCERT - Developing Secure iOS Applications
AusCERT - Developing Secure iOS ApplicationsAusCERT - Developing Secure iOS Applications
AusCERT - Developing Secure iOS Applicationseightbit
 
YOW! Connected 2014 - Developing Secure iOS Applications
YOW! Connected 2014 - Developing Secure iOS ApplicationsYOW! Connected 2014 - Developing Secure iOS Applications
YOW! Connected 2014 - Developing Secure iOS Applicationseightbit
 
Hacking and Securing iOS Apps : Part 1
Hacking and Securing iOS Apps : Part 1Hacking and Securing iOS Apps : Part 1
Hacking and Securing iOS Apps : Part 1Subhransu Behera
 

Similaire à iOS jailbreaking (20)

Android and ios cracking, hackintosh included !
Android and ios cracking, hackintosh included !Android and ios cracking, hackintosh included !
Android and ios cracking, hackintosh included !
 
OWASP Melbourne - Introduction to iOS Application Penetration Testing
OWASP Melbourne - Introduction to iOS Application Penetration TestingOWASP Melbourne - Introduction to iOS Application Penetration Testing
OWASP Melbourne - Introduction to iOS Application Penetration Testing
 
Ruxmon April 2014 - Introduction to iOS Penetration Testing
Ruxmon April 2014 - Introduction to iOS Penetration TestingRuxmon April 2014 - Introduction to iOS Penetration Testing
Ruxmon April 2014 - Introduction to iOS Penetration Testing
 
Toorcon 2010: IPhone Rootkits? There's an App for That
Toorcon 2010: IPhone Rootkits? There's an App for ThatToorcon 2010: IPhone Rootkits? There's an App for That
Toorcon 2010: IPhone Rootkits? There's an App for That
 
128-ch3.pptx
128-ch3.pptx128-ch3.pptx
128-ch3.pptx
 
CNIT 128 Ch 3: iOS
CNIT 128 Ch 3: iOSCNIT 128 Ch 3: iOS
CNIT 128 Ch 3: iOS
 
Attacking and Defending Apple iOS Devices
Attacking and Defending Apple iOS DevicesAttacking and Defending Apple iOS Devices
Attacking and Defending Apple iOS Devices
 
iOS Basics
iOS BasicsiOS Basics
iOS Basics
 
Rooting an Android phone
Rooting an Android phoneRooting an Android phone
Rooting an Android phone
 
Yow connected developing secure i os applications
Yow connected developing secure i os applicationsYow connected developing secure i os applications
Yow connected developing secure i os applications
 
ios 5 semi tethered jailbreak
ios 5 semi tethered jailbreakios 5 semi tethered jailbreak
ios 5 semi tethered jailbreak
 
iOS-Application-Security-iAmPr3m
iOS-Application-Security-iAmPr3miOS-Application-Security-iAmPr3m
iOS-Application-Security-iAmPr3m
 
2a Analyzing iOS Apps Part 1
2a Analyzing iOS Apps Part 12a Analyzing iOS Apps Part 1
2a Analyzing iOS Apps Part 1
 
Forensics WS Consolidated
Forensics WS ConsolidatedForensics WS Consolidated
Forensics WS Consolidated
 
iOS Application Security
iOS Application SecurityiOS Application Security
iOS Application Security
 
CNIT 128 2. Analyzing iOS Applications (Part 1)
CNIT 128 2. Analyzing iOS Applications (Part 1)CNIT 128 2. Analyzing iOS Applications (Part 1)
CNIT 128 2. Analyzing iOS Applications (Part 1)
 
AusCERT - Developing Secure iOS Applications
AusCERT - Developing Secure iOS ApplicationsAusCERT - Developing Secure iOS Applications
AusCERT - Developing Secure iOS Applications
 
YOW! Connected 2014 - Developing Secure iOS Applications
YOW! Connected 2014 - Developing Secure iOS ApplicationsYOW! Connected 2014 - Developing Secure iOS Applications
YOW! Connected 2014 - Developing Secure iOS Applications
 
Hacking and Securing iOS Apps : Part 1
Hacking and Securing iOS Apps : Part 1Hacking and Securing iOS Apps : Part 1
Hacking and Securing iOS Apps : Part 1
 
iOS Application Pentesting
iOS Application PentestingiOS Application Pentesting
iOS Application Pentesting
 

iOS jailbreaking

  • 1. iOS Jailbreaking We Control our iDevice
  • 2. What is iOS Jailbreaking? • iOS jailbreaking is the process of removing the limitations imposed by Apple on devices running the iOS operating system through the use of hardware/software exploits . • Jailbreaking allows iOS users to gain root access to the operating system.
  • 3. Why Jailbreak? • One of the main reasons for jailbreaking is to expand the feature set limited by Apple and its App Store and get paid apps for free. • Users install these programs for purposes including personalization and customization of the interface, adding desired features and fixing annoyances,and making development work easier.
  • 4. Processing Involved •Jailbreak itself is getting control over the root and media partition of your iDevice; where all the iOS’s files are stored at. •To do so /private/etc/fstab must be patched. •fstab is the switch room of your iDevice, controlling the permission of the root and media partition. The default is ‘read-only’, allowing eyes and no hands.
  • 5. •The main problem is not getting the files in, but getting them trough various checkpoints. These checkpoints were put by Apple to verify if the file is indeed legit, or a third- party. •When an iDevice boots up it goes trough a “chain of trust”. It goes on the following (specific) order: Runs Bootrom: Also called “SecureROM” by Apple, it is the first significant code that runs on an iDevice. Runs Bootloader: Generally, it is responsible for loading the main firmware.
  • 6. Loads Kernel: Bridge between the iOS and the actual data processing done at the hardware level. Loads iOS: The final step to the chain, iOS starts and we get our nice “Slide to Unlock” view. •The jailbreaker objective is to either patch the checks or simply bypass them. •Thus bringing us to the two main exploit categories: Bootrom exploit: Exploit done during the bootrom. It can’t be patched by conventional firmware update, and must be patched by new hardware.
  • 7. •Since it’s before almost any checkpoint, the malicious code is injected before everything, thus allowing a passage way to be created to bypass all checks or simply disable them. •Userland exploit: Exploit done during or after the kernel has loaded and can easily be patched by Apple with a software update. •Since it’s after all the checks, it injects the malicious code directly into the openings back into the kernel. These openings are not so easy to find, and once found can be patched.
  • 8. Types Of Jailbreak •Tethered: With a tethered jailbreak, if the device starts back up on its own, it will no longer have a patched kernel, and it may get stuck in a partially started state. •Untethered: An untethered jailbreak has the property that if the user turns the device off and back on, the device will start up completely.
  • 9. How to Jailbreak? •redsn0w: redsn0w is a free iOS jailbreaking tool developed by the iPhone Dev Team, capable of executing jailbreaks on many iOS devices. •Absinthe or greenpoisi0n: It is another tool created to jailbreak Apple iOS devices, developed by Chronic Dev Team.
  • 10. Cydia •Developed by Jay Freeman (also called "saurik") and his company, SaurikIT. •Cydia is a graphical front end to Advanced Packaging Tool (APT) and the dpkg package management system, which means packages available in Cydia are provided by a decentralized system of repositories (also called sources) that list these packages.
  • 11. iOS ‘Signature’ Feature •In September 2009 Cydia was improved to help users to downgrade their device to versions of iOS not currently allowed by Apple. Cydia caches the digital signatures called SHSH blobs used by Apple to verify restores of iOS. •Cydia's storage mechanism enables users to downgrade a device to a prior version of iOS by means of a replay attack.
  • 12. Installous •Installous is an iOS application developed by docmorelli and originally created by puy0. • Installous allows users to download, install, update and share cracked iOS applications in a clean and organized fashion. It has been installed on nearly thirteen million different devices.
  • 13. Jailbreak Terminologies •Baseband: This has everything to do with your service and signal. This is why most unlockers have to be extremely careful when upgrading. If the baseband changes, it can permanently keep them from achieving an unlock. •Blobs : When you upgrade firmware in iTunes, you’ll see at the top when you start a restore “Verifying restore with Apple”. SHSH blobs basically give iTunes a fake hand to shake, which in turn, makes iTunes think your restore has been verified.
  • 14. •DFU mode : Stands for device firmware update. DFU mode will talk to iTunes but it bypasses iBoot which will then allow you to downgrade firmware. Most jailbreaks will require DFU mode for these reasons as opposed to recovery mode. •SpringBoard: The graphical user interface on iOS devices. •Respring: Process of restarting the springboard. Many Cydia packages will require users to do this in order to install and execute bottom level files.
  • 15. Top 10 Cydia Sources 1. http://cydia.hackulo.us/ 2. http://repo.hackyouriphone.org/ 3. http://repo.insanelyi.com/ 4. http://apt.modmyi.com/ 5. http://cydia.xsellize.com/ 6. http://apt.thebigboss.org/repofiles/cydia/ 7. http://repo666ultrasn0w.com/ 8. http://ihacksrepo.com/ 9. http://sinfuliphonerepo.com/ 10.http://biteyourapple.net/
  • 16. Top 10 Cydia Tweaks 1.Byta Font 2.SB Settings 3.Barrel 4.Zephyr 5.Call Bar 6.Activator 7.Swipe Selection 8.Bigify+ 9.Springtomize 10.Bite SMS
  • 17. Open SSH •The iPhone runs on a basic variant of Mac's OS X operating system, which is Unix-based. This means that if you're so inclined, you could jailbreak the iPhone platform and install certain Unix apps with SSH daemon to accept remote connections -- thus turning the iPhone into a tiny computer. •This is a useful utility for the users in order to allow SSH access to the device. Once the SSH gets access to the system, you can use the SSH clients to access the main file of your device for editing.
  • 18. •SSH consumes more battery power and allows the hackers to get access to your file system if you forget to close or disable SSH. Changing root password is necessary.
  • 19. Legal Issues • Under the Digital Millennium Copyright Act, jailbreaking iPhones is legal in the United States, although Apple has announced that the practice "can violate the warranty“. •As of July 26, 2010, the U.S. Copyright Office has approved exemptions to the DMCA that allow iPhone users to jailbreak their devices legally.