evasi0n is a jailbreak program for iOS 6.0-6.1.2, released on 4 February 2013, made by the evad3rs team. An updated version for iOS 7.0-7.0.6, evasi0n7, was released on 22 December 2013. More than seven million copies of evasi0n were downloaded in the first four days after release.[1] It is known for a portable code base and minimal use of arbitrary code execution.
Developer(s) | Evad3rs (pod2g, MuscleNerd, planetbeing, pimskeks) |
---|---|
Stable release | 1.5.3
|
Operating system | Microsoft Windows, macOS and Linux |
Website | evasi0n.com/iOS6 (archived) |
Developer(s) | Evad3rs (pod2g, MuscleNerd, planetbeing, pimskeks) |
---|---|
Stable release | 1.0.8
|
Operating system | Microsoft Windows, and macOS |
Website | evasi0n.com (archived) |
History
editFour of the six exploits used were patched by Apple on 18 March 2013 with the release of iOS 6.1.3. On 22 December 2013, the evad3rs released a new version of evasi0n that supports iOS 7.x, known as evasi0n7. One major exploit used by this jailbreak was patched by Apple with the 4th beta of iOS 7.1 and two more with beta 5. The final release of iOS 7.1 fixed all the exploits used by evasi0n7.[2][3][4]
Technology
editThe evasi0n jailbreak first remounts the root file system as read-write and then achieves persistence by editing the /etc/launchd.conf
file, which launchd consults. Evasi0n then applies patches in the kernel, bypassing address space layout randomization by triggering a data fault and reconstructing the kernel slide by reading the faulting instruction from the appropriate ARM exception vector.[5] It produces an "untethered" jailbreak, which means that the jailbreak continues to work even after rebooting the phone.
PCMag reported that evasi0n checks whether it is running on a Chinese-language computer, and, if so, installs Taiji, a Chinese app market, rather than Cydia.[6]
See also
editReferences
edit- ^ "Evasi0n 'jailbreaks' 7M iOS devices, update already available for iOS 6.1.1". AppleInsider. 12 February 2013. Retrieved 13 February 2013.
- ^ "iH8sn0w on Twitter: "So the code sign bug that evasi0n7 uses still exists in 7.1b4. Kernel exploit looks patched though :P"". Twitter.com. 2014-01-21. Retrieved 2015-01-28.
- ^ "iH8sn0w on Twitter: "Apple fixed the chown vuln that appeared in iOS 7 and used by evasi0n7 by checking to see if its a symlink again :P"". Twitter.com. 2014-02-04. Retrieved 2015-01-28.
- ^ "iH8sn0w on Twitter: "evasi0n7's afc sandbox escape is patched in 7.1b5 too."". Twitter.com. 2014-02-04. Retrieved 2015-01-28.
- ^ Greenberg, Andy. "Inside Evasi0n, The Most Elaborate Jailbreak To Ever Hack Your iPhone". Forbes. Retrieved 23 December 2013.
- ^ "The Real Code In iOS 7 Jailbreak's Evasi0n". PCMag. Retrieved 2023-03-28.
External links
edit- Evasi0n.com – official site (archived)