Gadgets

Absinthe 2.0 Jailbreaks iOS 5.1.1-equipped iDevices

By Aki Libo-on
Posted on May 28, 2012
  • Tweet
  • spacer -->
    • spacer

    Source: GreenPoison Absinthe 2.0/ GreenPoison

    Last Friday, a new and untethered version of the Absinthe jailbreak has been announced during the Hack in the Box event in Amsterdam. Absinthe 2.0 is compatible to almost all Apple devices that are powered by A4 and A5 processors, and running on iOS 5.1.1. In addition, it is the first software that was able to unlock the new iPad.

    Know More About Absinthe 2.0

    Absinthe 2.0 is the result of the collaboration of Chronic Dev Team and iPhone Dev Team. The jailbreak software enables users to have wider access to system features that are normally prohibited by Apple. In turn, owners of jailbroken iDevices can now download applications that are unavailable in the official App Store.

    Although it works on Apple devices running on iOS 5.1.1 only, it is compatible on almost all iPad, iPhone 3G, iPhone 4, iPhone 4S, the third and fourth-generation iPod Touch, and the second-generation Apple TV. Meanwhile, support for the new 8 GB iPad 2, which features custom-designed A5 chip, will be available on a later date.

    How Absinthe 2.0 Works

    The so-called iOS Jailbreak Dream Team explained to iClarified how the Absinthe 2.0 works:

    GreenPois0n Absinthe was built upon @pod2g’s Corona untether jailbreak to create the first public jailbreak for the iPhone 4S and iPad 2 on for the 5.0.1 firmware. In this paper, we present a chain of multiple exploits to accomplish sandbox breakout, kernel unsigned code injection and execution that result in a fully-featured and untethered jailbreak.

    Corona is an acronym for “racoon”, which is the primary victim for this attack. A format string vulnerability was located in racoon’s error handling routines, allowing the researchers to write arbitrary data to racoon’s stack, one byte at a time, if they can control racoon’s configuration file. Using this technique researchers were able to build a ROP payload on racoon’s stack to mount a rogue HFS volume that injects code at the kernel level and patch its code-signing routines.

    The original Corona untether exploit made use of the LimeRa1n bootrom exploit as an injection vector, to allow developers to disable ASLR and sandboxing, and call racoon with a custom configuration script. This however left it unusable for newer A5 devices like the iPad2 and iPhone 4S, which weren’t exploitable to LimeRa1n, so another injection vector was needed.

    An instruction on how to use the jailbreak software was also released by GreenPoison. However, iDevice owners have to bear in mind that jailbreaking may void Apple’s warranty and can cause damage to the unlocked device in rare cases. Users who want to run jailbreak software and tweaks can do so at their own risk.

    • Bio
      • Google+
    • Latest Posts
    spacer

    Aki Libo-on

    A twenty-something Manila girl who writes regularly for AMOG. She loves to eat, read books of various genres, and write more than anything. Those are the things that keep her sane.
    spacer

    +Aki Libo-on

    spacer

    Latest posts by Aki Libo-on (see all)

    • First Look at Samsung Galaxy S4 - March 15, 2013
    • Audi to Add TDI Engine Option to Next-Gen A4 - March 15, 2013
    • Twitter Now Features Line Breaks - March 15, 2013

    • Tweet
  • spacer -->
    • ← Samsung 4G Galaxy Tab is Not Apple 3G iPad 2’s Competitor
    Android 4.0 Update for Motorola Droid RAZR is on the Way →

    Leave a Comment

    Related searches:
    absinthe jailbreak iphone racoon software
    gipoco.com is neither affiliated with the authors of this page nor responsible for its contents. This is a safe-cache copy of the original web site.