 Pangu v1.1.0 on Windows | |
| Original author(s) | Pangu Team |
|---|---|
| Developer(s) | Pangu Team |
| Initial release | 23 Jun 2014 |
| Stable release | Windows: 1.2.1 / 9 Aug 2014 OS X: 1.2.0 / 11 Aug 2014 |
| Written in | C |
| Operating system | Windows / OS X |
| Size | Windows: 34.14 MiB [EXE] OS X: 31.14 MiB [DMG] |
| Available in | English / Chinese |
| Type | Jailbreaking |
| License | Freeware |
| Website | en.7.pangu.io (English) |
Pangu is an untethered jailbreak for all devices on iOS 7.1.x, except the Apple TV. It was initially released on 23 June 2014, and became subject to controversy and criticism.
Controversy[edit]
Pangu used to install 25PP, a Chinese cracked app store, if the user ticked the checkbox to install it. As of version 1.1.0, the 25PP checkbox is not included unless the device language is set to Chinese. iH8sn0w confirmed that Pangu does not install anything else on the device apart from Cydia.
Pangu also uses a revoked enterprise certificate in order to inject the jailbreak, which is removed after the jailbreak is complete. (See misuse of developer certificates for other uses of similar techniques.)
Originally (in v1.0.0), Pangu used code taken from i0n1c's jailbreak training sessions, as well as an info leak vulnerability from said sessions. Version 1.1.0 kept most of the code, but swapped i0n1c's info leak with another one, which disclosed another vulnerability to Apple.
Supported Devices[edit]
The only unsupported devices are those of the Apple TV family. All other devices capable of running iOS 7.1.x are supported.
Download[edit]
| Version | OS | SHA-1 Hash | Download | Changes | |
|---|---|---|---|---|---|
| 1.0.0 | Windows | 7d66f1f939cbf877f1e90480571f92b238245fab
|
25PP [Archived 2014-06-24 at the Wayback Machine] | — | Initial release |
| 1.1.0 | Windows | 732e5fca772e6fd6f29ab56d2e39df21bf1cbe5f
|
25PP [Archived 2014-06-29 at the Wayback Machine] | MEGA |
|
| OS X | a0158e29a4b064913e976c869e49c54c8a53fa75
|
25PP [Archived 2014-06-29 at the Wayback Machine] | MEGA | ||
| 1.2.0 | Windows | d2143ad652da7cc0e356f19c4a9dc59335a14b0b
|
25PP [Archived 2014-08-09 at the Wayback Machine] | MEGA |
|
| OS X | b523f0e4d8e96e224685a8934acc225ce3cf70fd
|
25PP [Archived 2014-08-09 at the Wayback Machine] | MEGA | ||
| 1.2.1 | Windows | 77e964304aea897ee9226d7f0521638d29ec8bbf
|
25PP | MEGA |
|
Analysis[edit]
Members of the Pangu team presented about their work at the SyScan360 conference [Archived 2014-10-25 at the Wayback Machine] in July 2014, although notes about this don't appear to be available on the web.
Installed Packages[edit]
- APR (/usr/lib) (
apr-lib) - APT 0.7 (apt-key) (
apt7-key) - APT 0.7 Strict (lib) (
apt7-lib) - Base Structure (
base) - Big Boss Icon Set (
org.thebigboss.repo.icons) - Bourne-Again SHell (
bash) - bzip2 (
bzip2) - Core Utilities (/bin) (
coreutils-bin) - Cydia Installer (
cydia) - Cydia Translations (
cydia-lproj) - Darwin Tools (
darwintools) - Debian Packager (
dpkg) - Debian Utilities (
debianutils) - Diff Utilities (
diffutils) - Find Utilities (
findutils) - GNU Privacy Guard (
gnupg) - grep (
grep) - gzip (
gzip) - LZMA Utils (
lzma) - New Curses (
ncurses) - PAM (Apple) (
pam) - PAM Modules (
pam-modules) - Pangu 7.1-7.1.x Untether (
io.pangu.axe7) - pcre (
pcre) - Profile Directory (
profile.d) - readline (
readline) - sed (
sed) - shell-cmds (
shell-cmds) - system-cmds (
system-cmds) - Tape Archive (
tar) - UIKit Tools (
uikittools)
