Tuesday, December 27, 2011

A4 release

Hello, as expected, the Chronic Dev Team and the iPhone Dev Team have released the A4 untethered for 5.0.1 based on my research.

It is exactly the same set of files, either distributed as a Cydia package for those that are already tethered or a redsn0w bundle for new users.

They both did a great job testing and integrating the payload.

Here is a link to their respective blog posts :
- Chronic Dev Team :
- iPhone Dev Team :


Thursday, December 22, 2011

Focused on A5

I read the comments on the blog, and I know that a lot of people are waiting for the A5 jailbreak.

Also, I know there are tons of people out there with A4 or even earlier devices who wants the untether now and don't care about it could be interesting to wait A5 is finished to release or even 5.1, so that we don't waste an exploit that took me months to find and develop.

I need to focus on A5 and hope I can find a path quick, and I have the feeling that chronic-dev could help me.

So, here is what I did:
- I gave all the details to the chronic dev team so that they can finish, test, integrate and release the A4 jb ASAP.
- I'll put all my energy from now on on the A5

Hope I don't disappoint.

See you.

Wednesday, December 21, 2011

iPhone 4 iOS 5.0.1 untethered jb demo


Here is a new video demo of the current status of the 5.0.1 jailbreak running on an iPhone 4.
This is meant to reassure people that were thinking it only works on older iPods.
The jailbreak is near ready for prime time (excluding 4S and iPad 2).
Patches are the same as redsn0w's. Expect the same level of stability.
Some more days to wait. Be patient, we're doing our best.


Tuesday, December 20, 2011

No more cache troubles

OK, figured it out, the A5 cache is not a problem anymore.
I sorted it out by doing the untether in a single thread and by flushing all the dcache then all the icache in a row at a strategical point of the process.

It took me like a hundred of tests to find the key. Hard for the nerves.

For the tech guys, here is a link explaining issues related to self modifying code ( or code patching ) on the ARM platform :

Another news : I discussed with @saurik today about the launchd boot process, and he's found one missing piece of the puzzle I needed to have a perfectly stable jailbreak. He's definitly one of the best iOS gurus out there. Thank you saurik!

Monday, December 19, 2011



Here are the news of the 4S week-end.

The untether fails right now because I'm having processor cache issues.

I'm close, but I can't figure out what happens. It certainly has something to do with the Cortex-A9 cache management.

I could sort it out quick, it's a matter of chance.

I'll report you my progress tomorrow.

BTW: I removed (sorry) the greetings messages so that only articles related to the jailbreak remain in the main page. AFAIK Blogger don't have the option to move or fusion messages while keeping the comments.


Friday, December 16, 2011

4S 5.0.1 Build 9A406 fail

@MuscleNerd tweeted something really interesting today:

The latest ipsw released by Apple for the 4S contains an unencrypted
ramdisk with the vfdecrypt key in plain text.

Everybody can decrypt the filesystem with it !

Is it a Christmas gift from Apple ?

Weird, isn't it ?

Thursday, December 15, 2011

Tested !

IPhone 3Gs 5.0.1 jb worked.

Remaining to test: iPod 4G & iPhone 4 CDMA running 5.0.1.


Hello my friends,I know that I've been silent yesterday and that it was annoying.

Sorry for this, but I had to organize things for the release.
Also, I've tested iPad 1 and it worked.
Today I hope I can test a 3Gs.

BTW: please don't propose to be a beta tester because I'm too paranoid, fearing leaks.

Now the time to finalize the jailbreak for old devices, fix some stability issues and package the whole.That will take some days.

In the meanwhile, I'm starting the research for iPad 2 and 4S.I'll take you informed of my progress.

Finally, I want to thank all who donated. I now can buy both devices! I don't know what to say.

Thank you very much my friends.
Have a good day!

See ya.

Wednesday, December 14, 2011

Apple TV 2 4.4.3 untethered

Done also. Rush mode = off for today.

Will be able to test in some days, thanks to @firecore that'd ship me an Apple TV 2 for testing !

Thanks mate ! That's awesome.

Tuesday, December 13, 2011

iPod 4G 5.0.1 untethered

This one too ! :-)

iPhone 3Gs 5.0.1 untethered

Code done. Testing tomorrow also !

iPad 1 5.0.1 untethered

Code is done, testing tomorrow with a friend's device.

Just to let you know my progress in real time.

Monday, December 12, 2011

iPod 3G 5.0.1 untethered

Hey, this one's done.

Next: iPad 1, iPhone 3Gs, iPod 4G, Apple TV 2.

Rushing the best I can.
Bye !

iPhone 4 5.0.1 untethered

It's late, time to pass out.
I just want to let you know my iPhone 4 (iOS 5.0.1) is untethered.
Some progress today heh ;-)

Next : iPod 3G, iPad 1, iPhone 3Gs, iPod 4G, Apple TV 2.

See ya.

Friday, December 9, 2011

iOS 5.0 iPod3,1 untethered

Today I succeed in jailbreaking my iPod 3G.

The exploit is user-land, rely on a user ROP payload and a kernel write anywhere exploit.

I can't give much details right now, but here are the next steps :
- upgrade the iPod 3G to iOS 5.0.1
- do the same on iPhone 4 / iOS 5.0.1
- then iPad 1 & iPod 4G

At every step, the exploit code needs certainly to be reworked, but I really don't know right now.

Next, I'll return to the research for iPad 2 and iPhone 4S. I don't know if I gonna release first for other devices or not. I've to think about it. Feel free to give your opinion.

I'll update the blog when I have news.