Weapons of Mass Exploitation
Greetings, friends & jailbreakers!
It has now been several months since OPK and I (posixninja) took the stage at JailbreakCon (fka MyGreatFest) in London. Since then, I & other members of the Chronic Dev team have been keeping quietly busy on many fronts, so I thought it was about time to give you all a brief update.
Update on iOS5 Jailbreak
First & foremost: during my JailbreakCon talk in September, I was excited to announce that the Chronic Dev team had already discovered 5 different exploits for use in our upcoming jailbreak. Unfortunately, that announcement was a bit premature, because in the subsequent weeks, Apple found & patched a (critical) few of those exploits, between the beta versions we used for testing and the final release of iOS5 on October 12.
Sadly (and trust us, we are much more sad about this than any of you could possibly be), this has prevented us from being able to release a new jailbreak as quickly as we wanted to. As I hinted at earlier this week on Twitter, I was initially disheartened to think that so many of the countless hours we’ve worked on this jailbreak seemingly went right down the drain.
Not to mention, these are by no means the first exploits that have been “lost” by Chronic Dev (or any other iOS hacking teams) in this manner. In fact, these are just a few in a long-running series of exploits that were patched by Apple before we hackers could make use of them in a free jailbreak for you, our loyal fans.
Well, to be frank… this is bullshit!!! And now, Chronic Dev is ready to turn this little information battle into an all-out, no-holds-barred information WAR. So we want to use this experience as an opportunity to explain the method Apple uses to find potential vulnerabilities, as well as to unveil our new master plan, which should not only prevent this from happening to us again in the future, but also allow us to use all of you to find more exploits, so we can ultimately get an untethered jailbreak into your hands as quickly as possible.
How Apple Finds Exploits
One of the primary challenges in working with userland exploits is that, every time any program crashes on your iPhone, a “crash report” is generated and instantly sent back to Apple. As you can imagine, while we’re working out all the kinks in the exploitation of a vulnerability, we may need to crash any particular program thousands & thousands of times.
It’s possible to change your iTunes settings to stop sending this diagnostic information back to Apple, and of course everyone in Chronic Dev has made this change on all our development machines. However, even this is not always 100% effective at preventing Apple from obtaining our data. For instance, if one of us is at a friend’s house and plugs our iPhone up to his or her computer (even just to charge it), it’s very likely that computer is set up to send all our valuable data & crash reports right back to Apple.
As a side note, this is also the primary reason we’re unable to perform or allow any public beta testing of our software before it’s released. Any potential beta tester could be unknowingly sending crash reports back to Apple, which would prematurely alert the company to our exploits & the discovery of their vulnerabilities before we even have the chance to release.
Help Us Help You: Send Us Your Crash Reports
Instead of allowing this vicious cycle to continue, we decided to write a new program to turn Apple’s own beast against its master, per se. All this program requires from you is to attach your iOS device to your computer and click a single button!
At this point, the program copies all the crash reports off your device (which, under normal circumstances, would be sent right back to Apple), and instead sends this data to a secure, private server hosted by your friendly Chronic Dev team. Next, our program proceeds to neuter your copy of iTunes, simply by changing your settings to prevent your computer from sending any further diagnostic information from your device to Apple.
Using this agglomeration of your crash reports and our ninja skills, Chronic Dev will be able to quickly pinpoint vulnerabilities in various programs by using the same techniques Apple currently employs. At the very least, your data will help point us in the direction of which applications are the most vulnerable, so we can focus our time & energy on these with laser-like intensity. And, of course, this will also prevent Apple from accessing all your valuable data, just so they can then turn around and use it against you.
Thank You!
Many thanks in advance for your prompt response & help in this effort, your continued support of GreenPois0n & the Chronic Dev team, and your patience while we continue our never-ending, diligent work on your (free!! coming soon!) untethered jailbreak for iOS5 and/or iPhone 4S.
One final THANKS! While I have spent many of my own hours on the development, design & programming of this tool, especially the back-end, I also owe a great debt of gratitude to:
- C-Dev hacker Nikias & his lovely wife Hanene – for the many tedious hours they spent programming the front-end & user-friendly interface;
- C-Dev member OPK – for his graphic design work & the brilliant logo for this app; and
- Chronic-Dev, LLC – for graciously hosting the servers where we will store the (fingers crossed) millions of crash reports and other data that you all are going to send us momentarily, via this link…
[CDevReporter_mac.zip]
[CDevReporter_win.zip]
Finally, we will be making a more concerted effort to keep you updated on our progress in the days & weeks to come, so keep checking back here on our blog! And don’t forget to follow the official Twitter feeds of both the Chronic Dev team as well as my personal (p0sixninja) account.
Category: Crash reporting, General
Wow, 1376 from a iPad2.. GL!
three iphones and only 2 with crash reports.and only 1 is jailbroken.being a bit of a pill the 2nd one is.
from pod2g blog:
“”" So, here is what I did:
- I gave all the details to the chronic dev team so that they can finish, test, integrate and release the A4 jb ASAP. “”"
Soooo. Any info about the release date?
Merry Christmas.
2970 crash reports from an iPhone 4.
Good luck.
Hey guys, I found about 500 crash reports, submitted them. When is untethered for 5.0.1 going to be released? Thanks.
Hey Greenpois0n,
Great work on the untethered jb! I’m currently trying to upload my crash reports to you, but the program for OS X won’t load. Any help would be appreciated!
Lacedaemon
330 crash report from my 4S. Thanks you!
To all: This software may stop in the middle of the “Uploading Now” phase with the error “ERROR: COULD NOT UPLOAD”. Just keep trying, it will upload successfully eventually.
24 uploaded
hope they help
U guys are awesome! Good luck with the JB! I understand if you want to wait for 5.1 and you dont want to waste all the time and effort spent on the exploit! Anyways, i supplied my crash reports and hope they are of good use to you guys!
Meery Xmas and a happy New Year from Holland!
U Rock!
Any updates on the exploit @pod2g found??
¡Great work! I’m sending the crash reports from my new Ipad 2 and hoping a jailbreak. Thanks for all your work.
What’s with all the silence? Do we still need to upload crash reports? Is it even helping you guys in any way? Please update and let us know
Is it possible to submit crash reports exported by Xcode? (yes I am a developer)
yes u can send crash reports with ‘crash report – corona’ in the subject to adminatchronic-dev.com
Are these crash reports intended for A4 or A5 devices? i just send out an email asking about it, and if this weapon is for helping find a jailbreak untethred for A4 devices my 4S crash reports will be of no help at all, neither my e-mail questions!
i see there is a jailbreak untethred out already for A4 5.0.1 devices
if this is not for A5 devices, help us help u
program one for ipad2 3G and iphone 4s
TANKS
KEEP UP THE GOOD WORK
help! Ive done 3 iphones before but for some reason this one just isnt wanting to jailbreak it keeps saying try again! what am i doing wrong?
you guys are just awesome! can’t wait for the 4s jailbreak. =)
249 4S crash reports sent
206 crashes on iPad2 (just bought 1 month ago)
刘
142 from my iphone4
918 from my 4S..LOL
ok so i have tried so many different hosts to download this for mac over the past month, but apparently it doesn’t work for all osx versions (eg. 10.5.8 for me)
wish i could send all of my reports because im sure i have plenty.
SO WHERE DO I DL THE GREEN POISON FOR MY IP4 THAT DOESN’T CRASH?
Thanks for your great works. I am sure most of all appreciate what you guys did. For the diagnostic reports, It is possible to included in the newly jailbreak as not many of us know how vital these report are. If you can included the diagnostic reports settings (sending reports to Chronic server and stop sending those to apple) on the default jailbreaks, it will surely be great help for u guys.
Again, thank you so much.
guys this program dosent work in my mac book with lion and the last version of itunes.i have an ipad 2 with ios 5.0.1.The aplication open, but dosent knowled my ipad.What can i do to recovered this error ???
somehow when i try to open the app,it crash at startup,and i had tried relaunching many many times,im using the mac version
Thanks so much for the article. Will read on…
I’ve been surfing on-line more than 3 hours these days, but I never discovered any attention-grabbing article like yours. It is pretty price enough for me. In my view, if all site owners and bloggers made good content material as you probably did, the web will be much more useful than ever before.
Could the functionality of this program ever be contained within an app at some point? Aside from the iTunes neutering thing obviously.
Good, valuable advice. My iphone 4 is now completely jailbroken and i currently have a performing Cydia icon on the home screen. Continue to keep up the great work!