The developer GeoSn0w is, indeed, making the rounds these days. After OsirisJailbreak12, the developer has released GeoFilza, which is a new Filza replacement for iOS 12. Utilizing Brandon Azad’s voucher_swap exploit, GeoSn0w developed this Filza file manager replacement for iOS 12.1.2 and below. Please note that this file manager works for iOS devices with A9-A11 processor. With the aid and assistance of Brandon Azad’s exploit, this Filza replacement escapes the Sandbox, gets Root thereby allowing the users to edit files with it and stuff.
GeoSn0w recommends using GeoFilza IPA file to side load the application. He does not recommend a signing service like Ignition as it crashes for the users trying to get the Filza replacement from Ignition. Please note that as of now, in the initial stage, the application is rather limited to reading files in the root file system. However, work is going on and the developer will soon update the application to include both read and write capabilities
GeoFilza – Filza File Manager Replacement for iOS 12 – iOS 12.1.2
Due to GeoFilza’s limited capabilities, you cannot add file system customization and hacks, which were possible in iOS 11. However, the Filza replacement can read and write from /var/ and /tmp. Apart from these directories, as mentioned above, it can only read from there. As of now A12 devices and 4K devices like iPhone 5s and iPhone 6/6+ are not supported by GeoFilza, but, GeoSn0w will add support for them as soon as a relative exploit for the same is released.
In GeoFilza’s initial version it was having Cydia Impactor issues and the application’s in-built DRM used to throw the error “The main binary was modified.” However, the developer was quick to address these issues and the current version V 1.2 is free from any kind of Cydia Impactor issues and the “Binary was modified” error.
Download and Install GeoFilza on iOS 12 – 12.1.2
If you want to install the application, as a first, please download GeoFilza IPA file from the GitHub page of the same. As mentioned above, please do not use any signing service to install the application as it will fail to launch. It is recommended that you side load the application with Cydia Impactor. onto your supported iOS device. If you are unaware of the sideloading steps, please refer to our post from here.
Once you have installed the application, you can browse the var sub directory and read and write to the desired files. Following are the few screenshots of the application for your reference.
Stay tuned with us for further updates on GeoFilza, the Filza File Manager replacement for iOS 12-12.1.2. Try out the application and if you happen to run in any kind of errors or issues, please let us know about the same in the comments section provided below.
Going by the latest tweet of GeoSn0w, GeoFilza is now available for iOS 12.1.3 – iOS 12.2 for A9 – A11 iOS devices. GeoSn0w mentions that this version is almost like Filza, the File Manager for Cydia. It escapes the sandbox and gets ROOT thereby enabling you to edit the files with it and do other related stuff.
The initial version 1.1 of GeoFilza for iOS 12.1.3 – iOS 12.2 can write to /var/ and /tmp and it can read from anywhere. If you are interested in downloading the latest version of GeoFilza on your iOS 12.1.3 – iOS 12.2 device, you can download the same from the GitHub page of GeoSn0w.
GeoSn0w just tweeted that, It seems like the huge number of A12 people are there. So, Here is my update to you guy’s also.
GeoSn0w via Twitter: “Yep, found the problem. The reason it doesn’t work on some A12 devices is that Apple forgot exporting symbols in a kernel is a thing and the _kernproc is therefore messed. The exploit works but QiLin fails hard. I will fix the offsets and release soon :)”.
The problem with A12 devices is that no symbol whatsoever was exported. iPhone X was the last one to have symbols. I don’t care about the other symbols but _kernproc is needed, otherwise, QiLin cannot do the shaiHulud and platformization / rootification. I do have good news tho. The exploit itself works fine on A12. No crash, gets tfp0, all well. It should be a matter of _kernproc to get this working.
However, as it is never as easy as it seems, without ANY symbol being exported it’s not gonna be easy to find the offset. I have to fire IDA and do a manual analysis which is tedious especially since it takes IDA over 20 minutes just to load and disassemble the kernel before I can do anything with it. So yeah, I don’t know whether Apple stopped exporting symbols just to save some space (I doubt) or to make jailbreak developer’s life miserable, but I will have to find that offset manually as any tool that would automate that (jtool2 for example) fails. So yeah, patience.
Other tools use a PatchFinder to find the offsets they need. That is indeed a great way of doing this. One should never hardcode offsets, it’s a tedious practice. However, I cannot use a PAtch Finder because I don’t have an A12 device so I cannot test whether the patchfinder works properly. Using a PatchFinder would allow me to drop QiLin and do my own rootification, sandbox escape and all that but heh, needs a ton of testing and I cannot afford to nag a tester for hours. They owe me nothing.
Check out the following interesting posts as well:
- iOS 12.1.2 Kernel Exploit Released for Next Jailbreak (Ian Beer Release).
- CarrierChanger12 for iOS 12 to iOS 12.1.2 (Latest Update Download).