iPhone and iPod touch v1.1.1 full jailbreak tested, confirmed!

October 10th, 2007 | Category: Cellphones, Portable Audio, Portable Video

We were invited by iPhone / iPod touch file system hacker Niacin (who you might additionally know for his PSP and MSN TV Linux cluster hacks, etc.) and Dre to pop quiz out their new v1.1.1 file system hack. We know the whole v1.1.1 hacking thing has been massively confusing even to folks like us, so here’s a quick n’ dirty timeline to bring you up to duration.

  1. Apple releases iPhone, which was obviously cracked six ways from Sunday.
  2. Through firmwares 1.0.1 and 1.0.2 Apple does not block these hacks in any way.
  3. Firmware v1.1.1 is released for iPhone and iPod touch, which completely locks out file system access (and thus 3rd party software).
  4. Awkward silence from Apple fans and the dev community as every ponders how to crack the new file system protections.
  5. Hackers dinopio, edgan discover the symlink hack, which takes v1.0.2 iPhones up to v1.1.1 with read / write file system access. In other words, the hack only works on v1.0.2 iPhones (not the iPod touch) when being upgraded to v1.1.1, and still doesn’t grant the ability to execute loaded programs.
  6. The next version of dinopio & co.’s symlink hack (which hasn’t yet been released to the public) grants the
    coveted execute privilege (so you can run those 3rd party apps), and enables another hack (by pumpkin) to assemble the new SpringBoard (the application launcher) recognize the freshly recompiled iPhone apps.
  7. Hacker Niacin (aka toc2rta) and Dre claim they’ve managed to construct combine symlink hack with a TIFF vulnerability found in the v1.1.1 firmware’s mobile Safari to get access to the file system. that is the hack we’re evaluating here.
    Note: Due to the nature of that hack, it’s to be considered ephemeral. Apple needs only to patch the TIFF vulnerability and file system access on v1.1.1 is out, with the touch and iPhone back to their previously not-too-hackable state.

And the conclusion thus far? We’ve tested the solution, and we can confirm file system read+write access via the TIFF exploit, meaning loading a simple image file on your v1.1.1 device gives full root file system access! Developing…

Quick terminal log using iPHUC on the iPod touch confirming write ability to root FS after the break.

Continue reading iPhone and iPod touch v1.1.1 full jailbreak tested, confirmed!

Original post by Ryan Block

Share and Enjoy: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Netvouz
  • DZone
  • ThisNext
  • MisterWong
  • Wists
  • Fark
  • Furl
  • Netscape
  • NewsVine
  • StumbleUpon
Related Articles
  • iPhone and iPod touch v1.1.1 get instant jailbreak + installer
  • Jailbreak 1.1.3 for iPhone, iTouch completed, public release delayed
  • iPhone and iPod touch v1.1.1 full jailbreak posted
  • Dev Team’s 1.1.3 jailbreak for iPhone / iPod touch now available
  • Debunk: Yes, Virginia, the iPhone libtiff exploit can additionally be used for mischief

    • No comments yet. Be the first.

    Leave a reply