ltechnologygroup.com is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to amazon.com.
Google security researcher Ian Beer has published proof-of-concept code for a rooting exploit that works both iOS and macOS devices.
Beer teased the publication of the code last week via a tweet on his newly created Twitter account.
If you’re interested in bootstrapping iOS 11 kernel security research keep a research-only device on iOS 11.1.2 or below. Part I (tfp0) release soon.
— Ian Beer (@i41nbeer) December 5, 2017
Yesterday, he published a link to a Google Project Zero discussion about a vulnerability in the iOS and macOS kernels.
tfp0 should work for all devices, the PoC local kernel debugger only for those I have to test on (iPhone 7, 6s and iPod Touch 6G) but adding more support should be easy
— Ian Beer (@i41nbeer) December 11, 2017
In the discussion, the researcher explains that a memory corruption issue allows an attacker to execute malicious code with system-level privileges.
Apple patched the bug at the heart of this exploit two weeks ago. For iOS, the Apple tracks the bug as CVE-2017-13861, and fixed the bug with the release of iOS 11.2, on December 2. It is unclear what CVE number the bug has received on macOS, since Apple does not include detailed descriptions for each fixed issue.
PoC code will help jailbreak iOS devices
Jailbreaking projects have said they plan on integrating Beer’s code into their tools. Beer’s PoC will allow users to root devices running iOS versions up to v11.1.2.
“This bug is reachable from the iOS app sandbox as demonstrated by this PoC,” Beer says, also adding that an attacker will be able to get tfp0 (task for process 0 —a.k.a kernel-level access) and a kernel debugger.
The researcher says he tested the second, more intrusive PoC on 64-bit devices such as iPhone 7, iPhone 6s, and iPod Touch 6G, but, in theory, it should work on all other devices as well.
“You just need to find the [code debugging] symbols,” Beer wrote in a README file included with the second PoC.
Beer is a prodigious Google security researcher
CVE-2017-13861 is not the only bug Beer reported to Apple. Just this month, the OS maker fixed five bugs in iOS 11.2 and six bugs in macOS High Sierra 10.13.2, all reported by Beer.
The researcher is part of Project Zero, an elite team of security researcher working for Google. This group searches for security flaws in common tools and applications used by Google and the general public.
After finding bugs, they report all the issues they discover manufacturers for free. In most cases, vendors ship fixes right away. In the past, Project Zero researchers have focused their efforts on the antivirus industry, Microsoft, and Apple products.
At L Technology Group, we know technology alone will not protect us from the risks associated with in cyberspace. Hackers, Nation States like Russia and China along with “Bob” in HR opening that email, are all real threats to your organization. Defending against these threats requires a new strategy that incorporates not only technology, but also intelligent personnel who, eats and breaths cybersecurity. Together with proven processes and techniques combines for an advanced next-generation security solution. Since 2008 L Technology Group has develop people, processes and technology to combat the ever changing threat landscape that businesses face day to day.
Call Toll Free (855) 999-6425 for a FREE Consultation from L Technology Group, https://www.ltechnologygroup.com.