Difference between revisions of "Saffron"

From The iPhone Wiki
Jump to: navigation, search
m
 
(33 intermediate revisions by 8 users not shown)
Line 1: Line 1:
[[Image:Saffron.png|thumb|right|Saffron on an [[N81ap|iPod touch 4G]]]]
+
[[File:Saffron.png|thumb|right|Saffron on an [[N81AP|iPod touch (4th generation)]]]]
  +
[[File:Saffron unsupported.jpg|thumb|right|Saffron on an (unsupported) [[N94AP|iPhone 4S]]]]
'''Saffron''' (also known as '''JailbreakMe 3.0''') is a [[userland]] [[jailbreak]] from [[User:comex|comex]] that utilizes [[JailbreakMe]].com, yet again. It was the first jailbreak made available for the [[iPad 2]]. Saffron made its debut on July 6, 2011, but a prerelease version was leaked a few days before.
 
  +
'''Saffron''' (also known as '''JailbreakMe 3.0''') is a [[userland]] untethered [[jailbreak]] from [[User:comex|comex]] that utilizes [[JailbreakMe]].com, yet again. It was the first jailbreak made available to the public for the [[iPad 2]] running iOS 4.3.3. In {{date|2011|06}}, comex began to put up teasers on JailbreakMe. In early {{date|2011|07}}, someone Googled comex's other site and found a prerelease version of "Saffron," the third incarnation of JailbreakMe. Word about this "leak" inevitably spread. On {{date|2011|07|06}}, "Saffron" made its official debut on JailbreakMe. An incomplete prerelease version was leaked on {{date|2011|07|02}}, after it was discovered on comex's server.
   
This jailbreak was patched on July 15, 2011 with the releases of iOS 4.2.9 and 4.3.4.
+
This jailbreak was patched on {{date|2011|07|15}} with the releases of iOS 4.2.9 (iPhone 4 (iPhone3,3)) and 4.3.4 (all other devices).
   
 
== Exploits Used ==
 
== Exploits Used ==
 
* [[T1 Font Integer Overflow]]
 
* [[T1 Font Integer Overflow]]
 
* [[IOMobileFrameBuffer Privilege Escalation Exploit]]
 
* [[IOMobileFrameBuffer Privilege Escalation Exploit]]
* [[ft_var_readpackedpoints Buffer Overflow]]
 
 
{{clear}}
 
   
 
== Compatibility ==
 
== Compatibility ==
 
{| class="wikitable" style="text-align: center; table-layout: fixed; border-collapse: collapse;" border="1"
 
{| class="wikitable" style="text-align: center; table-layout: fixed; border-collapse: collapse;" border="1"
 
|-
 
|-
! rowspan="2" style="width:20%;" | Device
+
! rowspan="2" style="width:30%;" | Device
! colspan="8" | Works with [[firmware]]...
+
! colspan="7" | Works with [[firmware]]...
 
|-
 
|-
 
| style="width:10%;" | 4.2.6
 
| style="width:10%;" | 4.2.6
Line 24: Line 22:
 
| style="width:10%;" | 4.3.2
 
| style="width:10%;" | 4.3.2
 
| style="width:10%;" | 4.3.3
 
| style="width:10%;" | 4.3.3
| style="width:10%;" | 4.3.4
 
 
|-
 
|-
| [[K48ap|iPad]]
+
| [[K48AP|iPad]]
| colspan="3" {{no|N/A}}
+
| rowspan="4" colspan="3" {{n/a}}
| {{yes}}
+
| colspan="4" {{yes}}
| {{yes}}
 
| {{yes}}
 
| {{yes}}
 
| {{no}}
 
 
|-
 
|-
 
| [[iPad 2]]
 
| [[iPad 2]]
| colspan="3" {{no|N/A}}
+
| colspan="3" {{no}}
 
| {{yes}}
 
| {{yes}}
| {{no}}
 
| {{no}}
 
| {{yes}}
 
| {{no}}
 
 
|-
 
|-
| [[iPhone 3GS]]
+
| [[N88AP|iPhone 3GS]]
| colspan="3" {{no|N/A}}
+
| rowspan="2" colspan="4" {{yes}}
| {{yes}}
 
| {{yes}}
 
| {{yes}}
 
| {{yes}}
 
| {{no}}
 
 
|-
 
|-
| [[N90ap|iPhone 4 (GSM model)]]
+
| class="rborderplz" | [[N90AP|iPhone 4 (iPhone3,1)]]
| colspan="3" {{no|N/A}}
 
| {{yes}}
 
| {{yes}}
 
| {{yes}}
 
| {{yes}}
 
| {{no}}
 
 
|-
 
|-
| [[N92ap|iPhone 4 (CDMA model)]]
+
| [[N92AP|iPhone 4 (iPhone3,3)]]
| {{yes}}
+
| colspan="3" {{yes}}
| {{yes}}
+
| colspan="5" {{n/a}}
| {{yes}}
 
| colspan="4" {{no|N/A}}
 
| {{no}}
 
 
|-
 
|-
| [[N18ap|iPod touch 3G]]
+
| [[N18AP|iPod touch (3rd generation)]]
| colspan="3" {{no|N/A}}
+
| rowspan="2" colspan="3" {{n/a}}
| {{yes}}
 
| {{no}}
 
| {{yes}}
 
 
| {{yes}}
 
| {{yes}}
 
| {{no}}
 
| {{no}}
  +
| colspan="2" {{yes}}
 
|-
 
|-
| [[N81ap|iPod touch 4G]]
+
| [[N81AP|iPod touch (4th generation)]]
| colspan="3" {{no|N/A}}
+
| colspan="4" {{yes}}
| {{yes}}
 
| {{yes}}
 
| {{yes}}
 
| {{yes}}
 
| {{no}}
 
 
|}
 
|}
   
== Links ==
+
== Problems ==
  +
=== Domain owner problem ===
* [http://www.jailbreakme.com/ Saffron]
 
  +
On {{date|2011|10|07}}, [[MuscleNerd]] announced that the domain was sold and that the new owner was unknown, so that there is a big danger of the site hosting malware. It turned out that the new owner was friendly and sold it the next day to [[Saurik]] who hosted the site anyway. Problem solved.
* [http://intrepidusgroup.com/insight/2011/07/reversing-jailbreakme-com-4/ Reversing Saffron]
 
  +
* [http://support.apple.com/kb/HT4802 About the security content of iOS 4.3.4]
 
  +
=== Certificate problem ===
  +
Starting early {{date|2015|12}}, the domain started to display a blank homepage. In addition, JailbreakMe began to redirect traffic to HTTPS; however, the TLS certificate it was using was invalid. Turns out comex moved the files to his personal domain.
  +
  +
=== References ===
  +
*[https://twitter.com/MuscleNerd/status/122266354173739010 sale announcement]
  +
*[https://twitter.com/MuscleNerd/status/122267822280814592 untrusted]
  +
*[https://twitter.com/MuscleNerd/status/122715500349374465 buyback announcement]
  +
  +
== External Links ==
  +
* [http://www.jailbreakme.com/ Saffron] (semi-broken)
  +
* [https://github.com/comex/star_ Source Code]
  +
* [http://esec-lab.sogeti.com/post/Analysis-of-the-jailbreakme-v3-font-exploit Analysis of the Exploit]
  +
* [http://support.apple.com/kb/HT4802 Apple KB HT4802] ([[iOS]] 4.2.9/4.3.4 Security Fixes)
  +
  +
[[Category:Jailbreaks]]
  +
[[Category:Jailbreaking]]

Latest revision as of 01:07, 17 September 2021

Saffron on an (unsupported) iPhone 4S

Saffron (also known as JailbreakMe 3.0) is a userland untethered jailbreak from comex that utilizes JailbreakMe.com, yet again. It was the first jailbreak made available to the public for the iPad 2 running iOS 4.3.3. In June 2011, comex began to put up teasers on JailbreakMe. In early July 2011, someone Googled comex's other site and found a prerelease version of "Saffron," the third incarnation of JailbreakMe. Word about this "leak" inevitably spread. On 6 July 2011, "Saffron" made its official debut on JailbreakMe. An incomplete prerelease version was leaked on 2 July 2011, after it was discovered on comex's server.

This jailbreak was patched on 15 July 2011 with the releases of iOS 4.2.9 (iPhone 4 (iPhone3,3)) and 4.3.4 (all other devices).

Exploits Used

Compatibility

Device Works with firmware...
4.2.6 4.2.7 4.2.8 4.3 4.3.1 4.3.2 4.3.3
iPad N/A Yes
iPad 2 No Yes
iPhone 3GS Yes
iPhone 4 (iPhone3,1)
iPhone 4 (iPhone3,3) Yes N/A
iPod touch (3rd generation) N/A Yes No Yes
iPod touch (4th generation) Yes

Problems

Domain owner problem

On 7 October 2011, MuscleNerd announced that the domain was sold and that the new owner was unknown, so that there is a big danger of the site hosting malware. It turned out that the new owner was friendly and sold it the next day to Saurik who hosted the site anyway. Problem solved.

Certificate problem

Starting early December 2015, the domain started to display a blank homepage. In addition, JailbreakMe began to redirect traffic to HTTPS; however, the TLS certificate it was using was invalid. Turns out comex moved the files to his personal domain.

References

External Links