Well-known hacker and security researcher Luca Todesco has released a JailbreakMe style Safari based loader for Pangu iOS 9.3.3 jailbreak.
Before you get too excited, let me clarify that the web-based loader doesn’t jailbreak iOS 9.3.3 like JailbreakMe or install Cydia. You still need a jailbroken iPhone, iPad or iPod touch on iOS 9.3.3 that has been jailbroken using Pangu jailbreak.
However, it addresses one of the biggest pain points of the iOS 9.3.3 jailbreak, which was the requirement of a developer certificate for the loader app. The web-based tool makes use of a vulnerability in Safari to re-enable the jailbreak without needing a certificate.
So I’ve decided to solve the iOS 9.3.3 jailbreak certificate issue once and for all.
— @[email protected] (@qwertyoruiopz) December 7, 2016
I am about to release a webkit based iOS 9.3.3 pangu loader. It won’t install cydia, just re-enables jailbreak.
— @[email protected] (@qwertyoruiopz) December 7, 2016
Side effect: If you are on 9.3.3/4 pay attention to the links you’re going to click on from now on.
— @[email protected] (@qwertyoruiopz) December 7, 2016
you are warned: this effectively downloads a mach-o over http and executes it. so pay attention. also i guess a patch should be mad
— @[email protected] (@qwertyoruiopz) December 7, 2016
To see it in action, you need to visit https://jbme.qwertyoruiop.com in mobile Safari on your jailbroken iPhone, iPad or iPod touch on iOS 9.3.3. Please note that this won’t work on iOS 10 – iOS 10.1.1. You need to click on the go link and wait until you see alert the following alert “All set. Close this alert and lock your screen to continue. See you on the other side. You may need to try it multiple times to get it to work.
— @[email protected] (@qwertyoruiopz) December 8, 2016
Safari based exploits are very rare, so it is quite impressive that Todesco has managed to release a Safari based solution for the certificate issue with Pangu 9.3.3 jailbreak. As Todesco points out, one of the downsides of the web-based loader is that it could be used by hackers with malicious intent, so you should careful about clicking on links from untrusted sources.
Let’s hope Todesco can work his magic and release an iOS 10 jailbreak. However, he has warned users interested in jailbreaking their iPhone, iPad or iPod touch to avoid upgrading to iOS 10.2, as Apple has patched several vulnerabilities that could have been used to release a jailbreak for iOS 10.
If you have a jailbroken device on iOS 9.3.3 let us know how it goes in the comment. Don’t forget to join our Facebook Fan page, follow us on Twitter, add us to your circles on Google+, subscribe to our RSS feed or our Daily Newsletter.
