• Home
  • Apple News
  • Jailbreak News
  • Android News
  • Wallpapers
  • Deals

iJailbreak | Jailbreak And iOS News

iJailbreak is an online resource for jailbreak and unlock iPhone, iPad, iPod Touch, Apple TV and iOS news.

  • How To Jailbreak
    • Cydia Installer: Everything You Need To Know
    • What Is Jailbreaking? Why Should I Jailbreak?
    • Untethered vs Tethered vs SemiTethered Jailbreak
  • Jailbreak Software Tools
    • PP Jailbreak
    • TaiG
    • Pangu
    • Evasi0n (Evasi0n7)
    • Absinthe
    • JailbreakMe.com
    • RedSn0w
    • GreenPois0n
    • Sn0wBreeze
    • PwnageTool
    • LimeRa1n
    • Spirit
    • BlackRa1n
    • Seas0nPass
    • Developers
  • How To Unlock
  • How To Downgrade
    • How To Save SHSH Blobs
    • TinyUmbrella
    • iFaith
    • F0recast
  • Cydia Tweaks
    • Top / Best Cydia Tweaks
    • Best Cydia Sources
    • Siri Cydia Tweaks, Hacks, Mods
    • Spire Proxy Host List
  • How To Root
    • Top / Best Custom ROMs
  • Downloads

Saurik Releases Both An Exploit (Cydia Impactor) And A Patch For The ‘Android Master Key’ Vulnerability

July 21, 2013 by Jaden Easton-Ellett 2 Comments

Saurik really is a jack of all trades. Not only is he the mastermind behind Cydia, essentially a 3rd party App Store for Jailbroken iOS devices, but he is also behind numerous Cydia tweaks and iOS frameworks. To top all of this off Saurik even turned his attention to Android back in May when he released both Cydia Substrate and Winterboard for Android.

It looks like Saurik isn’t done with Android just yet though…

Android Master Key

He has tweeted today that he has just patched a severe security vulnerability that plagues 99% of Android devices that has been nicknamed ‘Android Master Key.’ The vulnerability was originally discovered by the company Bluebox Security and I will let them take it away in explaining it to you:

The Bluebox Security research team – Bluebox Labs – recently discovered a vulnerability in Android’s security model that allows a hacker to modify APK code without breaking an application’s cryptographic signature, to turn any legitimate application into a malicious Trojan, completely unnoticed by the app store, the phone, or the end user. The implications are huge! This vulnerability, around at least since the release of Android 1.6 (codename: “Donut” ), could affect any Android phone released in the last 4 years – or nearly 900 million devices– and depending on the type of application, a hacker can exploit the vulnerability for anything from data theft to creation of a mobile botnet.

Not only has Saurik patched ‘Android Master Key’ and released it to the public for those that want to manually protect themselves though, he has also released a tool called Cydia Impactor that can root an Android phone or tablet utilizing the vulnerability. He has noted that it should “work up through approximately Android 4.1, including Glass and Google TV.”

Saurik Releases Both An Exploit (Cydia Impactor) And A Patch For The 'Android Master Key' Vulnerability

As 9To5Google explains “In true jailbreak fashion, the exploit [tool] runs from a Mac or PC and in a few steps gives your su/Root access to the infected phone/tablet. While it isn’t as plug and play easy as recent iOS jailbreaks, it is easy enough for anyone who wants to root their unpatched phone to do in a few minutes.”

Saurik plans to go into more detail on the vulnerability, his patch and Cydia Impactor next month at the annual Black Hat security conference in Las Vegas. In the mean time be sure to check out his in-depth article on the matter on his blog.

Comments

  1. Brotherman7 says

    July 22, 2013 at 11:21 am

    Thank you Saurik, your work is helping.

  2. Jay Freeman (saurik) says

    July 28, 2013 at 5:05 am

    > Saurik plans to go into more detail on the vulnerability, his patch and Cydia Impactor next month at the annual Black Hat security conference in Las Vegas.

    I am not giving a talk at either of these conferences, although I will be in attendance of both, and will likely be talking to a bunch of people about these very things in the hallway. The company that discovered the original Master Key exploit (without whose “hint” I may never have looked at any of this code at all) *is* giving a talk at Black Hat, which I mentioned a lot in my article; I am not exactly certain what he’s presenting.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Read Our Most Recent Articles

Untethered iOS 12 Jailbreak Demoed by Ali Security
Untethered iOS 12 Jailbreak Demoed by Ali Security
iOS 12 Now Available for Download: Compatible Devices
iOS 12 Now Available for Download: Compatible Devices
iPhone X Discontinued, iPhone 8 and iPhone 7 Prices Slashed
iPhone X Discontinued, iPhone 8 and iPhone 7 Prices Slashed
Apple iPhone Xs, iPhone Xs Max, and iPhone Xr Announced
Apple iPhone Xs, iPhone Xs Max, and iPhone Xr Announced
Apple Watch Series 4 Announced With Larger Display, Louder Speaker, and More
Apple Watch Series 4 Announced With Larger Display, Louder Speaker, and More

Follow Our How To Guides

Install MIUI Themes On Ice Cream Sandwich 4.0 Without A MIUI ROM [Android]
Install MIUI Themes On Ice Cream Sandwich 4.0 Without A MIUI ROM [Android]
How To: Install Whited00r 6 On Your iPhone 2G, iPhone 3G Or iPod Touch 1G, iPod Touch 2G
How To: Install Whited00r 6 On Your iPhone 2G, iPhone 3G Or iPod Touch 1G, iPod Touch 2G
How To: Save Apple TV SHSH Blobs Using TinyUmbrella [Required, If Jailbroken]
How To: Save Apple TV SHSH Blobs Using TinyUmbrella [Required, If Jailbroken]
How to enable multitouch gestures on 4.3.1 [The complete how to guide!]
How to enable multitouch gestures on 4.3.1 [The complete how to guide!]
How To Jailbreak iPhone 4, iPhone 3GS On iOS 5.0.1 Using RedSn0w 0.9.9b8 [Windows/Mac OS X]
How To Jailbreak iPhone 4, iPhone 3GS On iOS 5.0.1 Using RedSn0w 0.9.9b8 [Windows/Mac OS X]
About | Contact | Advertise | RSS Feed | Sitemap | TOS | Privacy Policy

© Copyright 2010 - 2021 iJailbreak. All Rights Reserved.