1 00:00:07,070 --> 00:00:08,740 - As I mentioned in the previous lesson, 2 00:00:08,740 --> 00:00:12,620 you can historically jailbreak iOS devices 3 00:00:12,620 --> 00:00:16,010 by using one of the several tools that are available online 4 00:00:16,010 --> 00:00:20,410 or in some cases, by even visiting a particular website. 5 00:00:20,410 --> 00:00:22,390 Basically, the goal is actually you perform 6 00:00:22,390 --> 00:00:24,130 a privilege escalation attack 7 00:00:24,130 --> 00:00:26,000 to install custom themes, 8 00:00:26,000 --> 00:00:30,080 install applications, or extensions to applications. 9 00:00:30,080 --> 00:00:32,850 You can also configure the device to allow remote access 10 00:00:32,850 --> 00:00:34,580 either via SSH 11 00:00:34,580 --> 00:00:36,160 or via VNC. 12 00:00:36,160 --> 00:00:39,180 You can also install other arbitrary software 13 00:00:39,180 --> 00:00:44,130 or even compile software directly on the device. 14 00:00:44,130 --> 00:00:45,523 In some cases, 15 00:00:46,460 --> 00:00:49,240 threat actors and, you know, folks out there 16 00:00:49,240 --> 00:00:53,500 also a use it to actually pirate applications like games 17 00:00:53,500 --> 00:00:54,749 and actually play them for free 18 00:00:54,749 --> 00:00:56,150 in their mobile devices. 19 00:00:56,150 --> 00:00:57,160 And as a matter of fact, 20 00:00:57,160 --> 00:01:01,040 that's how most of the iOS devices actually get infected 21 00:01:01,040 --> 00:01:04,300 after they, you know, they go to stores, right? 22 00:01:04,300 --> 00:01:06,350 Versus the actual Apple store, 23 00:01:06,350 --> 00:01:09,490 to download, you know, pirated applications 24 00:01:09,490 --> 00:01:11,410 and you know, those games out there. 25 00:01:11,410 --> 00:01:14,140 Now, jailbreaking iOS devices have actually evolved 26 00:01:14,140 --> 00:01:17,170 to be harder to do over the most recent years. 27 00:01:17,170 --> 00:01:19,090 This was particularly harder 28 00:01:19,090 --> 00:01:22,490 after Apple released iOS version 11. 29 00:01:22,490 --> 00:01:24,720 On the other hand, folks out there have created tools 30 00:01:24,720 --> 00:01:27,910 like LiberiOS that allows you to jailbreak 31 00:01:27,910 --> 00:01:30,269 iPhone X and later models, 32 00:01:30,269 --> 00:01:32,570 things like iPads and different gadgets 33 00:01:32,570 --> 00:01:35,093 using iOS 11 or later. 34 00:01:36,040 --> 00:01:39,120 Now, jailbreaking an iOS device is a lot easier 35 00:01:39,120 --> 00:01:40,570 than you'd think. 36 00:01:40,570 --> 00:01:42,250 But before I show you these tools, 37 00:01:42,250 --> 00:01:43,780 I want to give you the disclaimer 38 00:01:43,780 --> 00:01:45,540 that these procedures 39 00:01:45,540 --> 00:01:49,270 may be illegal depending on where you live. 40 00:01:49,270 --> 00:01:51,260 Now, at the time of recording, 41 00:01:51,260 --> 00:01:54,500 the law was actually pretty ambiguous, right? 42 00:01:54,500 --> 00:01:58,100 And definitely in different countries out there. 43 00:01:58,100 --> 00:02:00,000 But something to pay attention to, 44 00:02:00,000 --> 00:02:02,070 especially if you're in the United States, 45 00:02:02,070 --> 00:02:04,863 is the Digital Millennium Copyright Act. 46 00:02:05,930 --> 00:02:08,050 Now that I got that out of the way, 47 00:02:08,050 --> 00:02:10,740 let me show you a few of the tools 48 00:02:10,740 --> 00:02:13,620 that people use to jailbreak their devices. 49 00:02:13,620 --> 00:02:15,890 This is the LiberiOS, 50 00:02:15,890 --> 00:02:18,690 a tool that can be used to jail break the devices 51 00:02:18,690 --> 00:02:21,020 running iOS 11 or later. 52 00:02:21,020 --> 00:02:23,870 And also you have Cydia Impactor, 53 00:02:23,870 --> 00:02:25,210 which is another tool 54 00:02:25,210 --> 00:02:29,330 created by a security researcher named Jay Freeman, 55 00:02:29,330 --> 00:02:31,570 otherwise known as Saurik. 56 00:02:31,570 --> 00:02:34,160 And actually, he has done a ton of research 57 00:02:34,160 --> 00:02:36,640 on iOS security and created different tools 58 00:02:36,640 --> 00:02:39,880 that are used by many security researchers, 59 00:02:39,880 --> 00:02:42,260 and in some cases, by pentesters out there. 60 00:02:42,260 --> 00:02:43,730 In the next lesson, 61 00:02:43,730 --> 00:02:45,310 we will look at several tools 62 00:02:45,310 --> 00:02:47,490 for performing reverse engineering 63 00:02:47,490 --> 00:02:51,163 and for dissembling iOS applications.