Wednesday, July 24, 2024
HomeTechnologyUnc0ver: What You Need to Know About the Latest iOS Device Jailbreak!

Unc0ver: What You Need to Know About the Latest iOS Device Jailbreak!

A jailbreak is a method or piece of software that allows an iOS device (iPhone, iPad, iPod) to bypass restrictions imposed by Apple. In the case of the iPhone, a jailbreak may allow root access to iOS, unlocking features and options that are normally inaccessible.

Unc0ver, created by the unc0ver team, is a well-known jailbreak. It made use of a kernel vulnerability that hadn’t yet been discovered, which was later tracked down and given the identifier CVE-2020-985. Someone on Twitter with the handle pwn20wnd discovered the unc0ver exploit.

The purpose of this article is to analyze the unc0ver jailbreak from a digital forensics perspective. Here, we’ll go over the features of unc0ver and show you how to implement them in Belkasoft Evidence Center for your own digital forensics or incident response needs.

Extract Extensive Amounts of Data from iPhones.

unc0ver

Does Unc0ver have any practical applications in the fields of forensics, investigations, or scientific study? It is common practice in the field of mobile forensics to require a jailbreak in order to extract extensive amounts of data from iPhones, such as the device’s full file system or its keychain. More forensically-sound procedures exist, but they may not be applicable in a given case or may not be supported by the devices in question (for example, agent-based acquisition functions).

New, robust kernel security features were introduced by Apple with the release of iOS 9 in 2015. Since then, jailbreaks that actually do anything of use have largely dried up. Inadvertently reintroducing a previously patched flaw in iOS 12.4, Apple August 2019 allowed users to jailbreak their devices. Users only had a few days to take advantage of the public jailbreak before Apple released updates to patch the flaw once again.

In September of 2019, axi0mX revealed his breakthrough on “checkm8,” which was based on an ‘Unpatchable’ hardware flaw. Numerous iPad models, as well as every iPhone model from the 4s to the X, were vulnerable to the recently discovered flaw. The widely-used jailbreak known as checkra1n was developed as a direct successor to checkm8.

Read More: One Walmart: All Walmart Associates Use the Same Login System (Walmart One)?

The A5 Silicon Generation.

unc0ver

Checkra1n is used by digital forensic examiners and security researchers to access and extract data from full file system copies on iOS devices like iPhones and iPads. However, the checkm8 exploit has limited utility because it cannot be used on the most recent Apple devices beginning with the iPhone XS. Instead, it is only compatible with older models running on the A11 Bionic chip all the way down to the A5 silicon generation.

Because of this, the introduction of unc0ver is a major step forward for the security and forensics industry, especially since it provides an alternative to jailbreaks based on checkm8. After all, Unc0ver is compatible with iOS devices that aren’t susceptible to checkm8, such as the iPhone XS, iPhone 11, iPhone Pro, iPad Mini (5th generation), and iPad Air (2019).

In Regards to Uncover.

unc0ver

The unc0ver jailbreak relies on vulnerabilities present in the most widely used versions of iOS and in nearly all current iPhone models. More information about this jailbreak can be found down here.

There is a range of iOS versions that are vulnerable, from 11.0 to 13.5.

  • iOS devices impacted:
  • An Updated SE Model of the iPhone (released in 2020)
  • Smartphones: iPhone 11, iPhone 11 Pro, and iPhone 11 Pro Max
  • Different sizes and prices for the iPhone X, XS, and XR
  • Apple’s Newest Phones, the iPhone 8 and iPhone 8 Plus
  • New iPhones 7 and 7 Plus
  • Models of the iPhone 6s and 6s Plus
  • Apple’s iPhone 6 and iPhone 6 Plus
  • The New iPhone SE
  • Device: iPhone 5s
  • The following iPads are vulnerable:
  • The iPad Air and iPad Mini 5 (2019, 3rd generation)
  • Apple’s iPad mini 4, 3, and 2
  • iPad Pro 10.5-inch, iPad Pro 12.9-inch, and iPad Pro 12.9-inch, both from Apple’s first generation
  • iPad Pro 9.7
  • The iPad Air 2 and the iPad

The 6th generation iPod touch is one of the devices that has been compromised. Unc0ver supports iOS 11–13.5, which includes the vast majority of iOS builds currently installed on iPhones and iPads.

How to Install  The iPod Touch?

unc0ver

When comparing Unc0ver and checkm8, how does Unc0ver fare in the Belkasoft Evidence Center? As a digital forensics tool, Belkasoft Evidence Center (BEC) offers reliable assistance for both mobile and computer investigations. Since unc0ver is of relevance here, Belkasoft can access information from jailbroken iPhones.

Belkasoft’s acquired images from iOS devices typically include the entire file system as well as the keychain data [link]. Belkasoft enabled the same level of data acquisition from jailbroken iOS devices with the release of unc0ver 5.0.1, the most significant unc0ver release to date.

Belkasoft Evidence Center’s Sample Data Collection Process.

If You Want an I Os Device That Can Take Advantage of The Unc0ver Jailbreak, Here’s What You Need to Do:

  • Join It to Your Computer. Maintain the Belkasoft Evidence Center
  • Either Start a New Case or Access an Existing One.
  • You Need to Access the Add Data Source Screen (maybe by Pressing Ctrl + Shift + F).
  • Pick the Mobile Option. All You Have to Do Is Visit Apple.Com.
  • Select Full Logical Backup from The Menu.
  • Select the Option to Check Jailbreak Status. You’ll Be Given the All-Clear Once the Gadget Is Confirmed.
  • Select Your Desired Destination by Clicking the Corresponding Button Found in The Target Path Section.
  • The Following Page Can Be Reached by Clicking the Next Button.

Read More:Downloagram: Can IGTV Videos Be Downloaded?

Watch What’s on Your Screen.

As of Right Now, Belkasoft Will Start the Data Collection Process. when Finished, the Image of Your iPhone or iPad Will Appears as A Tar Archive Containing All the Data that Was Gathered During the Process (including Keychain). Bec Can Be Instructed to Identify a Number of Graphical Indicators of I Os Functionality. the Resulting Data Will Be Presented in Standard Formats by Belkasoft.

RELATED ARTICLES

Most Popular