Geohot, the first person who hacked iPhone 2G and PS3 has revealed another flaw in iPhone OS 3.1.3 and he is of the view that those iPhone users who have accidentally or unintentionally upgraded their iPhone OS to firmware 3.1.3 and was unable to Jailbreak their iPhone due to baseband 05.12.01 should not worry anymore. The first exploit in iPhone OS 3.1.3 was found by Sherif Hashim whose App Store ID was banned by Apple couple of days ago.
Actually GeoHot had two exploits to unlock baseband 05.11.07. But he used xemn in BlackSn0w since it was already public. The second exploit is still there and carries over from 05.11.07 to 05.12.01. iHackintosh has published the Twitter conversation between @visnet_, @Par4doX, @Evan, @MuscleNerd, @He and @GeoHot regarding their findings on the exploit. Here is a bit of it:
<visnet_> What does geohot tweet mean?
<%geohot> its my bb exploit for safekeeping
<%Par4doX> geohot: did you turn that over to the dev team or are you doing something with it?
<%geohot> my days of turning things over are done
<%geohot> i hope its different from the one they have
<%geohot> but they prob already have it
<%geohot> its the one i orig wanted to release blacksn0w with
<%Par4doX> it’s still there in the new bb
<%geohot> yep, just checked
<%geohot> but then opted to use xemn since it was public
<Evan> Oo, it carries over from 05.11 to 05.12?
<%geohot> why wouldn’t it, apple doesn’t fix things proactivly
<@MuscleNerd> geohot we prob should figure out a way to know if we have same exploit double blind, otherwise we may release 2 different ones at same time
<%geohot> any suggestions?
<@MuscleNerd> not sure how to do that without making it easy to brute force though
<%geohot> yea, i salted the hash
<@MuscleNerd> hmm maybe if we both hash the stack dump
<@Confucious> Can you two take this out of public sight?
<@MuscleNerd> the stack itself, not the header before it or the registers after it
<Her> muscle: any notice about the exploits are the same ?
<%geohot> we are working on it
<%geohot> cryptography, perfect for people who don’t trust each other
Just like Sherif Hashim, George forwarded the exploit to infamous iPhone Dev-team so that they may synchronize it with the next tool they are going to release for iPhone firmware 3.1.3. Initially George was also a part of the same iPhone Dev-team but later he was banned due to unknown reasons. Anyhow it won’t take too long before Dev-team will release its next updated tool through which you will be able to Jailbreak and Unlock your iPhone firmware 3.1.3 with baseband 05.12.01.