Signature Check Patch

For a BootROM-based jailbreak, you may need to patch the signature checking. This allows the loading and booting of unsigned and patched images.

This patch is done in gaster by writing mov x0, #0 into an address inside of image4_validate_property_callback(), so that it always returns 0 (meaning that the verification was a success). You can see this patch here.

A signature check patch is not necessary for a BootROM-based jailbreak, as shown with checkra1n, which requires a valid boot chain in order to boot PongoOS. Instead, it patches the trampoline so that when the LLB/iBoot thinks that it is jumping to XNU, it actually jumps to PongoOS.

External Links

YouTube video detailing how to make the patch for older versions of iOS

This jailbreaking article is a stub. Please add more content to this article and remove this tag.

v t e Exploits
Exploits	0x24000 Segment Overflow ARM Exception Vector Info Leak ARM7 Go alloc8 Exploit amfid Lazy Binding Exploit amfid Text Relocation Exploit BPF_STX Kernel Write Exploit blackbird Exploit CVE-2013-0964 CVE-2021-30773 CVE-2021-30807 CVE-2021-30883 checkm8 Exploit CoreTrust Root Certificate Validation Vulnerability De Rebus Antiquis diags (iBoot command) Dual Boot Exploit Dynamic memmove() locating HFS Heap Overflow HFS Legacy Volume Name Stack Buffer Overflow iOS 5 HFS Heap Buffer Overflow IOSurface Kernel Exploit IOUSBDeviceFamily Vulnerability Incomplete Codesign Exploit iran Kernel memory write via ROP gadget libTiff Exploit limera1n Exploit MacDirtyCow Malformed CFF Vulnerability Malformed PairRequest MobileBackup Copy Exploit Overlapping Segment Attack Packet Filter Kernel Exploit posix_spawn kernel information leak Psychic Paper Pwnage Pwnage 2.0 Racoon String Format Overflow Exploit Ramdisk Hack SHA-1 Image Segment Overflow Shebang Trick Symbolic Link Vulnerability T1 Font Integer Overflow Timezone Vulnerability usb_control_msg(0x21, 2) Exploit usb_control_msg(0xA1, 1) Exploit v0rtex vm_map_copy_t corruption for arbitrary memory disclosure
Patches	/private/etc/fstab AMFI Binary Trust Cache Patch ASR Crazeles hgsp4 patch Hunnypot Kernel Patches PE_i_can_has_debugger Patch Sandbox Patch Signature Check Patch vm_map_enter Patch vm_map_protect Patch