Talk of jailbreaking and rooting a mobile device is common these days but not everyone knows what it is or what happens to the mobile device after it has been jailbroken or rooted. Essentially, the idea behind it is to give you root access to the mobile device – the root is the access point to the file system, the part that no mobile manufacturer wants you to have access to. On the iPhone, for example, you cannot install apps that come from anywhere other than iTunes iOS app store – unless you jailbreak. Jailbreaking cuts through the security and allows you root access, giving you the ability to override the restrictions.
Image : Jailbreaking iOS 9 on iPhone – iPad
Rooting and Jailbreaking work the same :
They both require an exploit or two to work. These are vulnerabilities, holes in the security web that jailbreak teams find and take advantage of – Evad3rs used at least 5 in iOS 6 to build the jailbreak. First of all, they access a file that contains a bug in the backup system, a file that shows the time zone of the device. They then place a symbolic link into that file in a socket hat grants the hackers access to launchd, which is the service management framework.
Image : Pangu 9 Jailbreak Application
Next, the jailbreak application is signed and executed on springboard, which results in a remount command being run – this makes the file system writable, essentially open. Evad3rs also used launchd to swap the code signature function that is called whenever a program opens to a function that is always “approved”. They then simulate a crash so that they can find the kernel. The kernel is a program that manages requests from software and turns them to data processing so the CPU can read them.
Lastly, they exploit a bug that resides in the USB interface – this bug passes kernel addresses without looking to see if they are returned unchanged. This is how the jailbreakers can write to any bit of the kernel, in particular the part that restricts code changes.
Image : Cydia codes running on a Jailbroken iPhone 6
Basically, the jailbreak and rooting softwares go looking for security holes in the operating software that they then exploit, resulting in us being able to jailbreak or root our devices gaining full administrative access, which allows us to customize our device how we want to.
Useful Links :