Page 1 of 2 12 LastLast
Results 1 to 20 of 25

Your favorite Apple, iPhone, iPad, iOS, Jailbreak, and Cydia site.

Thread: What is a "Userland" Jailbreak?

  1. #1
    Default What is a "Userland" Jailbreak?
    I hear all this talk about "Userland Jailbreak Spirit" or "Spirit the first Userland Jailbreak" but what exactly is a "userland jailbreak"?

    In addition, do you upgrade to 3.1.3 first then jailbreak or do you have to do something first then upgrade?

  2. #2
    Retired Moderator battlecrushr's Avatar
    Join Date
    Jun 2009
    Houston follow @al_da_beast
    Thanked 1,034 Times in 956 Posts

    well, im not sure but i think its u go to a website on ur mobile safari and then it jailbreaks for u

  3. #3
    Then wouldn't be the first userland jailbreak?

  4. #4
    Retired Moderator Cer0's Avatar
    Join Date
    Apr 2008
    Thanked 1,182 Times in 915 Posts

    Yes it was. And I don't think there really has been one since then either. Not 100% sure on that though.

  5. #5
    anyone want to post more info on this?

  6. #6
    iPhone? More like MyPhone
    Join Date
    Dec 2009
    Tasmania, Australia
    Thanked 5 Times in 5 Posts

    good old days of (:

  7. #7
    I think it's just the name of the exploit, because Spirit is not a browser-based jailbreak it's program-based, it's one-button like blackra1n

  8. #8
    Spirit was said to not be a jailbreak done by going to a website like the old days of the first iphone, which i wasn't a part of. And there still isn't a clear definition of what a userland jailbreak is. Is everyone just running around saying omg this awesome thing can do this even though it can't, or is there something about the term userland that i'm missing here

  9. The Following User Says Thank You to Ray661 For This Useful Post:

    celiboy07 (2011-03-30)

  10. #9
    iPhone? More like MyPhone
    Join Date
    Mar 2010
    New Jersey
    Thanked 22 Times in 10 Posts

    Userland jailbreak is a Client side jb done by going on a website through mobile safari on your iDevice but now spirit has changed it's plan is Now going to be sofware jailbreak like blackra1n reason being not known. Even though it's easier to be patched and found

  11. #10
    Hmmm well who knows, the devs work in mysterious ways

  12. #11
    lol yah the "omg its a userland jailbreak" is the best definition :P

  13. #12
    to what I have known from all the research I've done.. userland JB is mean for untethered jailbreak ( don't know if I had it spell right?? but whatever) and untethered JB is mean you can goes off and on your iphone without hooking back in compt for reset the JB if your phone accidentally goes off.

  14. #13
    Livin the iPhone Life
    Join Date
    Oct 2009
    Thanked 382 Times in 368 Posts

    Without knowing for sure, I believe it refers to what permissions you have to run on the device.

    For instance, for any changes to the OS, you'll need root access. With this new exploit, you can run commands that are normally reserved for root, as any user, hence the name, userland.

  15. #14
    I'm still not getting it. Can someone put it in layman terms for me?

  16. #15
    An OS usually divides virtual memory into Kernel Space and User Space. Kernel space is reserved for kernel, kernel exts, drivers and stuff like that. The User space is where user mode applications run (such as I/O libraries, filesystem access routines, user's applications). By the way, there are usually 2 levels of execution in a UNIX like environment: kernel mode (kernel hooks and kernel space memory access) and user mode (user space memory access). The term Userland refers to all the code that runs outside kernel space, therefore in user space. The jargon file says: " Anywhere outside the kernel. “That code belongs in userland.” ".
    Thus a userland jb exploits a vulnerability belonging to some code running in user space. This has drawbacks too: no very low level control(we're outside the kernel), while an iboot exploit, for instance, gives us extremely low level control. Moreover a userland jb can be fixed very easily since it exploits the vulnerability of some non-vital code.

    Hope I made it clearer.
    Last edited by Utente; 2010-05-12 at 06:27 PM.

  17. The Following 15 Users Say Thank You to Utente For This Useful Post:

    exp1icitc0nt3nt (2010-07-25), HappyTroller (2011-03-23), i.Annie (2010-09-21), kambozza (2010-07-08), KartRacer (2010-07-01), kkalani (2010-07-07), kony2186 (2010-06-30), kraziebone (2010-06-27), mendozadavid (2010-06-19), Poseidon79 (2010-06-27), quioxz (2010-06-28), svenni00 (2011-03-01), thegoodboy66 (2010-07-28), tjfitz7 (2010-06-28), Will01 (2010-06-29)

  18. #16
    Utente, that is a great explanation. Thank you very much. Is this the reason why it is an untethered jailbreak since the boot loader is unable to remove the modifications like I'm guessing the newer iPhone 4/3GS does?

  19. #17
    @kraziebone: I'm glad you found my explanation helpful. To answer your question, it's not a matter of iboot removing something or not it's more like iboot loading something modified or not. I'll try to explain. When you have a tethered jailbreak it's (often) because you don't have an exploit for your iboot version, therefore your iboot doesn't accept to load (from your non-volatile memory) and boot a modified version of the firmware because the signature check fails, so the phone doesn't boot up. To overcome this you have to connect your phone to a computer or a device able and programmed to send a series of commands (exploiting a vulnerability) which make it possible to boot your modified firmware. When you have an untethered jb it means that you found a vulnerability in the iboot's code by exploiting which you can bypass in some way the signature check. Once you bypassed the signature check you can boot whatever version of the firmware you want (even a modified one!!!!). With a userland jailbreak, the process of gaining root privileges, through the exploitation of a userland code vulnerability, happens after iboot has loaded the ORIGINAL firmware, which is then modified by the jailbreak routine. In other words you may think of a userland jb as a special app which runs at every startup, after the boot process, but before the springboard has loaded, and which each time modifies the firmware in the memory, allowing you to get root privileges.

    If there's something not clear, please ask.

    Last edited by Utente; 2010-06-27 at 05:03 PM.

  20. The Following 6 Users Say Thank You to Utente For This Useful Post:

    CH1R4L1TY (2010-07-06), exp1icitc0nt3nt (2010-07-25), KartRacer (2010-07-01), PantherUK (2010-07-23), Taizjon (2010-08-08), thegoodboy66 (2010-07-28)

  21. #18
    Retired Moderator Poseidon79's Avatar
    Join Date
    Jan 2008
    Austin, TX
    Thanked 1,681 Times in 1,159 Posts

    Great information... thanks!

  22. #19
    Someone should make a wiki page for this term...
    Looking at the comments, most people got it wrong

  23. #20
    In addition, userland refers to a vulnerability that can be exploited across all platforms - in the case of iOS 4.0, this would refer to 3G, 3G[s] and 4. The exploit resides in a file that is common to all of these files, whereas other exploits dig specifically into the individual platforms of the iPhone, as Utente alluded to.

    This is why PwnageTool asks you to select which device you're using and greys out or activates certain options depending on your specific hardware. redsn0w obscures this process by autodetecting the hardware, probably by detecting the bootrom and making it a single-click procedure.

  24. The Following User Says Thank You to eserfeliz For This Useful Post:

    thegoodboy66 (2010-07-28)

Page 1 of 2 12 LastLast
Posting Permissions
  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts