Evasi0n



evasi0n is a jailbreak tool that can perform an untethered jailbreak on iOS 6.0-6.1.2 for all supported devices, excluding both Apple TV 3G revisions. It was first released on 4 February 2013 by evad3rs, and is available for Windows, Mac OS X, and Linux (x86 and x86_64). There is also a Cydia package called "evasi0n iOS 6.0-6.1 untether" which can untether an existing tethered jailbreak without the need to restore and use the desktop tool. It is a userland jailbreak.

Supported Devices
As of evasi0n's release, the only unsupported devices are the Apple TV 3G revisions, since the kernels on these devices lack an injection vector to run unsigned code. All other devices running iOS 6.0-6.1.2 are supported (including iOS 5.2 for the Apple TV 2G).

Cydia Package
The Cydia package contains just these files: /usr/libexec/dirhelper /var/evasi0n/amfi.dylib /var/evasi0n/evasi0n

It also includes three Debian maintenance scripts:  (a bash script that cancels uninstallation if the device is not vulnerable to limera1n), as well as   and   binaries.

Exploits and Vulnerabilities
evasi0n takes advantage of several vulnerabilities:
 * Symbolic Link Vulnerability
 * Malformed PairRequest
 * Timezone Vulnerability (CVE-2013-0979)
 * Shebang Trick
 * AMFID code signing evasion
 * launchd.conf untether
 * IOUSBDeviceFamily Vulnerability (CVE-2013-0981)
 * ARM Exception Vector Info Leak (CVE-2013-0978)
 * dynamic memmove locating
 * vm_map_copy_t corruption for arbitrary memory disclosure
 * kernel memory write via ROP gadget
 * Overlapping Segment Attack (CVE-2013-0977)