iPod4G on iOS4.3.1完美越獄影片釋出-From 德國人Stefan Esser
Untethered iOS 4.3.1 Jailbreak Demoed On Video
iPhone security expert and hacker Stefan Esser has just posted a new video on YouTube,showing untethered iOS 4.3.1 jailbreak running on his iPod touch 4th-gen.He has used the same exploit which he earlier used to jailbreak iOS 4.3.
iPhone破解駭客Stefan Esser 已經發佈關於在iPod touch 4th-gen完美越獄4.3.1的新影片在YouTube上.這個與上次越獄iPad是相同的漏洞.
There is no ETA on release,and he doesn’t plan to release it,at least not anytime soon.Also From the YouTube description of the video:
從他在YouTube影片的描述上,並未打算釋放出此越獄工具
Meanwhile everyone should have noticed that my prediction became true and Apple released iOS 4.3.1 in order to fix the PWN2OWN vulnerability in Safari.
因該很多人聽過我先前預測蘋果會推出iOS4.3.1修復在2010年PWN2OWN 全球駭客大賽中遭受Charlie Miller入侵的漏洞,現在已經實現.
It was very unlikely that Apple also fixed the kernel vulnerability I used for my untether exploit.Mainly because the kernelcache binary is about 8-10 MB in size and the likelihood that Apple finds the same vulnerability in that short amount of time was very low.
不太可能蘋果也修復我目前使用的kernel 完美越獄漏洞.主要原因是蘋果核心運算機制大小約8-10MB,所以蘋果不可能在短期間內發現這個漏洞機率很低.
However you never know until you try it.So this morning when I woke up and saw that Sn0wbreeze 2.4 beta was released I thought it would be fun to create a new video.
然而您應該不知道我在說什麼除非您親自體驗.今天一早我起床後並知道Sn0wbreeze 2.4 beta 已被釋放出來,所以我就認定將會很有樂趣去作新的越獄影片.
Unfortunately Sn0wbreeze does not work with my iPad 1 and so I had to test with my iPod 4G.
很不幸的Sn0wbreeze對於我的iPad1是起不了作用,所以我就拿我的iPod 4G再次測試.
So I just used Sn0wbreeze to do a tethered jailbreak of my iPod 4G and then I manually installed the untether exploit with SSH.
所以我只是使用Sn0wbreeze對我的iPod 4G不完美越獄4.3.1,並透過SSH安裝我的不完美越獄漏洞.
In the video you can see how I switch off the iPod,then restart it,show the version,show that it is untethered and has the multitasking gestures,i show that you can buy ringtones and then I show cydia and the ninja jump game from last time.
影片中,你可以看見我換成iPod 4G且重新開機,秀出使用版本、完美越獄及多工處理手勢以及我新買的鈴聲還有開啟Cydia及ninja jump 遊戲.
Because several people misunderstood me in the past:
因為幾位朋友對我有些誤會所以下面我提出幾個澄清
a.I repeatedly stated that I will not release a jailbreak tool –I will only give out the untether.I did not try yet,but if it is feasible the untether could be a cydia package.
我反覆聲明我不會發佈任何越獄工具-我會打算發佈完美越獄。但目前上未完成,如果可行的話,他會將完美越獄放到Cydia軟體包裏。
b.While the vulnerability I use is in the iPad 2 kernel my untether will NOT SUPPORT the iPad 2,because there is no way to install it there (bootrom exploits fixed).–however Comex is working on that part.
我的不完美漏洞對iPad 2核心處理運算是不支援,而無法安裝上去原因是bootrom漏洞早已被修補,然而目前Comex正對此努力研究中
c.I am not giving out any ETA again,because the Jailbreak community is simply nuts.Last time I gave an ETA and even before that had passed I got constantly insulted by people that were demanding an immediate release.Sorry guys the more you insult people with the knowledge to actually do what YOU WANT the less motivation there is to use our free time to give it to you.
我不會給出任何發佈日期。上次沒能如約放出越獄,他遭到人們的謾駡,也使他決定不再宣佈任何發佈日期的消息
d.The only reason why I did not finish the untether before the ETA was due to unexpected work overload in my real job.It had nothing todo with the untether being too hard or unreal.
目前尚未完成越獄的開發不是因為難度太大,而是他的本職工作太忙,無暇顧及越獄的開發
e.I don’t know why the dev team has not released a redsn0w that does tethered jailbreak for 4.3.1 –I would prefer that to be available,cause sn0wbreeze obviously does not work 100%yet.
我不知道為何dev team 還未發佈Redsn0w的4.3.1非完美越獄,但我會比較偏好Redsn0w提供,很明顯是因為Sn0wbreeze尚無法保證可以完美運作!
f.If you want to learn more about iPhone kernel hacking/exploitation you should come to SyScan Singapore at the end of April.
如果您想學會更多關於iPhone核心處理運算的破解或漏洞找尋,你應該在四月底前往SyScan新加坡.
已經打算要釋出囉,但時間未定!
http://www.allabtmen.com/?p=1648
