The new exploit technicality is complicated to understand through regular users, you can check this in the quote below to see how it works.
A heap overflow exists in the iPod touch 2G (both old and new) bootrom’s DFU Mode when sending a USB control message of request type 0xA1, request 0×1.You also have to know that the new exploit will also be used in the upcoming Sn0wbreeze 2.0, to jailbreak iPod touch 2G (MC Models) for ever.
On newer devices, the same USB message triggers a double free() when the image upload is marked as finished, also rebooting the device (but that’s not exploitable because the double free() happens in a row). posixninja analyzed and explained this one.
Looks like sb2 will have otb support for ipt2g MC models too! :) thx @pod2gAny way, we can sum up that the new exploit will pwn iPod touch 2G (MC Model) for ever. [via redmondpie & The iPhone Wiki]
@jonnyboywashere this exploit is only in the ipt2g, thats why pod2g published it on the wiki
You may also like:
No comments:
Post a Comment