Difference between revisions of "H3lix"

From The iPhone Wiki
Jump to: navigation, search
(background and development)
m (links)
Line 21: Line 21:
   
 
=== Development ===
 
=== Development ===
At least one of the exploits that powered the iOS 10 jailbreaks, mach_portal by [[Ian Beer]] of the Google Zero project, could in theory be ported to 32-bit. Beer used another vulnerability he discovered, CVE-2017-13861, to write the async_exploit for iOS 11, inspiring Siguza to write an exploit that was compatible with 64-bit iOS 10, named v0rtex, on which he published an article in early December of 2017.<ref>[https://siguza.github.io/v0rtex/ v0rtex | IOSurface exploit]</ref> v0rtex quickly replaced Adam Donenfeld’s ziVa exploit in the [[Saïgon]] project, and it was expected that porting it to 32-bit would be feasible. About a week later, tihmstar announced that he and Siguza had in fact done so,<ref>[https://twitter.com/tihmstar/status/940751131709292545 @tihmstar: We just ported v0rtex to 32bit :D @s1guza is going insane lately!]</ref> and as the duo were responsible for the [[Phœnix]] jailbreak a few months earlier, users hoped that this meant that a 32-bit jailbreak was imminent. Screenshots were posted by tihmstar as the development progressed, and the user community was involved with choosing the name and designing the app and logo. Credits were given to @FoxletFox for the graphics and Jacky C for the logo concept.
+
At least one of the exploits that powered the iOS 10 jailbreaks, mach_portal by [[Ian Beer]] of the Google Zero project, could in theory be ported to 32-bit. Beer used another vulnerability he discovered, CVE-2017-13861, to write the async_exploit for iOS 11, inspiring Siguza to write an exploit that was compatible with 64-bit iOS 10, named [[v0rtex]], on which he published an article in early December of 2017.<ref>[https://siguza.github.io/v0rtex/ v0rtex | IOSurface exploit]</ref> v0rtex quickly replaced Adam Donenfeld’s ziVa exploit in the [[Saïgon]] project, and it was expected that porting it to 32-bit would be feasible. About a week later, tihmstar announced that he and Siguza had in fact done so,<ref>[https://twitter.com/tihmstar/status/940751131709292545 @tihmstar: We just ported v0rtex to 32bit :D @s1guza is going insane lately!]</ref> and as the duo were responsible for the [[Phœnix]] jailbreak a few months earlier, users hoped that this meant that a 32-bit jailbreak was imminent. Screenshots were posted by tihmstar as the development progressed, and the user community was involved with choosing the name and designing the app and logo. Credits were given to @FoxletFox for the graphics and Jacky C for the logo concept.
   
 
The first release candidate of h3lix was then published on tihmstar’s website on Christmas Eve, successfully tested with iOS 10.3.3 on the [[N42AP]] (iPhone5,2). Users found it to be compatible with other A6 devices on the same version, while some also reported problems when attempting to use it on older iOS 10 versions.<ref>[https://www.reddit.com/r/jailbreak/comments/7lvufg/release_tihmstar_releases_ios_10x_h3lix_jailbreak/ <nowiki>[Release]</nowiki> Tihmstar releases iOS 10.x H3lix jailbreak for 32bit devices]</ref>
 
The first release candidate of h3lix was then published on tihmstar’s website on Christmas Eve, successfully tested with iOS 10.3.3 on the [[N42AP]] (iPhone5,2). Users found it to be compatible with other A6 devices on the same version, while some also reported problems when attempting to use it on older iOS 10 versions.<ref>[https://www.reddit.com/r/jailbreak/comments/7lvufg/release_tihmstar_releases_ios_10x_h3lix_jailbreak/ <nowiki>[Release]</nowiki> Tihmstar releases iOS 10.x H3lix jailbreak for 32bit devices]</ref>
Line 38: Line 38:
 
| Initial release
 
| Initial release
 
|}
 
|}
  +
  +
== See also ==
  +
* [[Saïgon]]
  +
* [[v0rtex]]
   
 
== References ==
 
== References ==

Revision as of 17:26, 25 December 2017

h3lix
Developer(s) tihmstar
Siguza
Initial release 24 Dec 2017 (2017-12-24)
Stable release RC 1 / 24 December 2017; 6 years ago
Operating system iOS
Available in English
Type Jailbreaking
Website h3lix.tihmstar.net

h3lix is a semi-untethered jailbreak for 32-bit devices running any version of iOS 10, developed by tihmstar and Siguza. h3lix works by sideloading an IPA using Cydia Impactor. The first release candidate was released on 24 December, 2017. It is one of two jailbreak projects based on the v0rtex exploit, the other being Saïgon for 64-bit devices.

History

Background

Since Apple’s transition to 64-bit in 2013, the market share of their 32-bit devices has been steadily shrinking. During the lifespan of iOS 9, the 32-bit share reached a level low enough for jailbreak developers to start dropping 32-bit support altogether. The iOS 10 jailbreaks released in late 2016 and early 2017 continued this trend and left the last supported 32-bit devices, namely the A6 devices, unjailbreakable.

Early 2017 saw renewed interest in the 32-bit deivces, with the release of the Home Depot jailbreak for iOS 9.1-9.3.4, as well as the iDeviceReRestore tool for restoring to iOS 9 using saved blobs, and the combination of them provided a jailbreak solution for 32-bit devices that had been stuck on iOS 10. Apple silently and effectively killed off iDeviceReRestore as an escape route in July 2017, by exploiting the introduction of a new activation method in iOS 10 to reject activation records coming from A6 devices on iOS 9 and older, if they had ever been activated on iOS 10. By then, the focus of jailbreak developers had already started shifting to the upcoming iOS 11, and it was feared that both iOS 9.3.5 and iOS 10 would remain unjailbreakable on 32-bit. Soon after, however, no less than four jailbreaks were released for 32-bit devices (Phœnix, UntetherHomeDepot, etasonJB and Home Depot 1.1 for 8.4.1). At that point all pre-A6 devices were jailbreakable for life, and hopes grew for a final 32-bit jailbreak.

Development

At least one of the exploits that powered the iOS 10 jailbreaks, mach_portal by Ian Beer of the Google Zero project, could in theory be ported to 32-bit. Beer used another vulnerability he discovered, CVE-2017-13861, to write the async_exploit for iOS 11, inspiring Siguza to write an exploit that was compatible with 64-bit iOS 10, named v0rtex, on which he published an article in early December of 2017.[1] v0rtex quickly replaced Adam Donenfeld’s ziVa exploit in the Saïgon project, and it was expected that porting it to 32-bit would be feasible. About a week later, tihmstar announced that he and Siguza had in fact done so,[2] and as the duo were responsible for the Phœnix jailbreak a few months earlier, users hoped that this meant that a 32-bit jailbreak was imminent. Screenshots were posted by tihmstar as the development progressed, and the user community was involved with choosing the name and designing the app and logo. Credits were given to @FoxletFox for the graphics and Jacky C for the logo concept.

The first release candidate of h3lix was then published on tihmstar’s website on Christmas Eve, successfully tested with iOS 10.3.3 on the N42AP (iPhone5,2). Users found it to be compatible with other A6 devices on the same version, while some also reported problems when attempting to use it on older iOS 10 versions.[3]

Being the last version offered for the A6 devices, iOS 10 was considered by some users to be slower and less usable than older versions, making downgrading one of the main use cases for this jailbreak. Like some other jailbreaks, h3lix does not enable task_for_pid(0), but tihmstar announced that it does have the equivalent host_get_special_port(4) instead.[4] For kloader-based downgrades to work, kloader must be recompiled using host_get_special_port(4) instead.

Version Change Log

Version Date Changes
RC 1 24 December, 2017 Initial release

See also

References