![]() Pangu v1.1.0 on Windows | |
Original author(s) | Pangu Team |
---|---|
Developer(s) | Pangu Team |
Initial release | 23 Jun 2014 |
Stable release | Windows: 1.2.1 / 9 Aug 2014 OS X: 1.2.0 / 11 Aug 2014 |
Written in | C |
Operating system | Windows / OS X |
Size | Windows: 34.14 MiB [EXE] OS X: 31.14 MiB [DMG] |
Available in | English / Chinese |
Type | Jailbreaking |
License | Freeware |
Website | en.7.pangu.io (English) |
Pangu is an untethered jailbreak for all devices on iOS 7.1.x, except the Apple TV. It was initially released on 23 June 2014, and became subject to controversy and criticism.
Controversy[edit source]
Pangu used to install 25PP, a Chinese cracked app store, if the user ticked the checkbox to install it. As of version 1.1.0, the 25PP checkbox is not included unless the device language is set to Chinese. iH8sn0w confirmed that Pangu does not install anything else on the device apart from Cydia.
Pangu also uses a revoked enterprise certificate in order to inject the jailbreak, which is removed after the jailbreak is complete. (See misuse of developer certificates for other uses of similar techniques.)
Originally (in v1.0.0), Pangu used code taken from i0n1c's jailbreak training sessions, as well as an info leak vulnerability from said sessions. Version 1.1.0 kept most of the code, but swapped i0n1c's info leak with another one, which disclosed another vulnerability to Apple.
Supported Devices[edit source]
The only unsupported devices are those of the Apple TV family. All other devices capable of running iOS 7.1.x are supported.
Download[edit source]
Version | OS | SHA-1 Hash | Download | Changes | |
---|---|---|---|---|---|
1.0.0 | Windows | 7d66f1f939cbf877f1e90480571f92b238245fab
|
25PP Archived 2014-06-24 at the Wayback Machine | — | Initial release |
1.1.0 | Windows | 732e5fca772e6fd6f29ab56d2e39df21bf1cbe5f
|
25PP Archived 2014-06-29 at the Wayback Machine | MEGA |
|
OS X | a0158e29a4b064913e976c869e49c54c8a53fa75
|
25PP Archived 2014-06-29 at the Wayback Machine | MEGA | ||
1.2.0 | Windows | d2143ad652da7cc0e356f19c4a9dc59335a14b0b
|
25PP | MEGA |
|
OS X | b523f0e4d8e96e224685a8934acc225ce3cf70fd
|
25PP Archived 2014-08-09 at the Wayback Machine | MEGA | ||
1.2.1 | Windows | 77e964304aea897ee9226d7f0521638d29ec8bbf
|
25PP | MEGA |
|
Analysis[edit source]
Members of the Pangu team presented about their work at the SyScan360 conference Archived 2014-10-25 at the Wayback Machine in July 2014, although notes about this don't appear to be available on the web.
Installed Packages[edit source]
- APR (/usr/lib) (
apr-lib
) - APT 0.7 (apt-key) (
apt7-key
) - APT 0.7 Strict (lib) (
apt7-lib
) - Base Structure (
base
) - Big Boss Icon Set (
org.thebigboss.repo.icons
) - Bourne-Again SHell (
bash
) - bzip2 (
bzip2
) - Core Utilities (/bin) (
coreutils-bin
) - Cydia Installer (
cydia
) - Cydia Translations (
cydia-lproj
) - Darwin Tools (
darwintools
) - Debian Packager (
dpkg
) - Debian Utilities (
debianutils
) - Diff Utilities (
diffutils
) - Find Utilities (
findutils
) - GNU Privacy Guard (
gnupg
) - grep (
grep
) - gzip (
gzip
) - LZMA Utils (
lzma
) - New Curses (
ncurses
) - PAM (Apple) (
pam
) - PAM Modules (
pam-modules
) - Pangu 7.1-7.1.x Untether (
io.pangu.axe7
) - pcre (
pcre
) - Profile Directory (
profile.d
) - readline (
readline
) - sed (
sed
) - shell-cmds (
shell-cmds
) - system-cmds (
system-cmds
) - Tape Archive (
tar
) - UIKit Tools (
uikittools
)