PPL bypass PoC for iOS 16.0-16.5.1 published, making an arm64e jailbreak more likely

Big news surfaced for the jailbreak community on Sunday after developer Zhu Xinlang (or perhaps better known as @xina520), the mind behind the XinaA15 v2 jailbreak, shared a curious post on X (formerly Twitter).

Post by @xina520 shares PPL bypass for iOS & iPadOS 16.0-16.5.1.

Citing a follow-up post, Xinlang said that they credit other sources for making this PPL bypass possible, including kernel file descriptor (kfd), Fugu15, and the 37c3 conference where the Kaspersky GReAT team first realized the PPL bypass and shared the attack chain methodology.

So what happens now? In essence, someone will need to make a jailbreak.

Dopamine jailbreak lead developer Lars Fröder (@opa334dev) said in a post on X that he has been in possession of the PPL bypass for about a week.

Opa PPL bypass 1 week.

In follow-up posts, Fröder said he didn’t expect that we would get the PPLRW so soon and that development of Dopamine 2.0 is underway, although it may still take some time.

Dopamine developer discusses Dopamine v2.0.

From what we can gather, Fröder wanted to completely change the jailbreak infrastructure in Dopamine 2.0 so that it would support jailbreaking for years to come. Unfortunately, he didn’t expect a PPLRW bypass to launch publicly so soon, and so his work on Dopamine 2.0 is a little bit behind. Fröder says a release could still be a few months away.

For what it’s worth, however, this means that someone is working on a jailbreak.

It also remains to be seen if Xinlang will be updating the XinaA15 v2 jailbreak to support the new PPL bypass. If so, then this would provide two full-fledged rootless jailbreaks for arm64e devices running iOS & iPadOS 16.0-16.5.1.

For now, the floodgates have opened and some developers have already started releasing Procursus-based tweak injection methods that can be used with TrollStore via the kfd and CoreTrust exploits.

We strongly advise against using the aforementioned tweak injection utilities because they can potentially boot-loop your device. Now that there’s a public PPL bypass, you’re don’t want to risk your device when a jailbreak seems imminent. Doing so with these risks exist seems both reckless and pointless.

Patience is the answer.

It will be interesting to see what materializes from recent developments in the jailbreak community. After all, we’ve been waiting a very long time for an iOS & iPadOS 16 jailbreak for arm64e devices, and we’re so close now that we can almost taste it.

Are you excited? Discuss in the comments section down below.

CDN CTB