According to the Troll Store public account, developers have discovered a new CoreTrust vulnerability in iOS. In the future, TrollStore is expected to add support for iOS 15.5-16.6 and 17.0.
TrollStore is a permanently signed non-jailbroken App that allows users to install unsigned IPA files on iPhones without jailbreaking.
Trolls claim that Apple rarely released three systems in the early morning of September 22 this year, namely iOS 16.7 official version, iOS 17.0.1 official version and iOS 17.0.2 official version exclusive to iPhone 15. This update is for Fix the CVE-2023-41991 vulnerability, which is the same vulnerability as TrollStore.
The vulnerability that is expected to achieve a permanent TrollStore signature has been fixed in iOS 16.7 and iOS 17.0.1 systems, so subsequent versions cannot use the relevant vulnerability to deploy related applications.
▲ Picture source Troll GitHub yem
The troll has updated the relevant GitHub interface and said: If users want to get TrollStore, please continue to use the relevant iOS version, and iOS16.7 and 17.0.1 or above “will never be supported (unless Apple messes up for the third time” CoreTrust)”.
The A11 model can be completed using the checkm8 vulnerability. iOS 15.5-iOS 16.5 may be adapted fastest because of the kfd vulnerability.
The three system versions of iOS 16.6, iOS 16.6.1 and iOS 17.0 require new methods or kernel vulnerabilities to complete, which is more difficult. (Currently, if we want to turn vulnerabilities into tools, we must first publish the vulnerabilities and then obtain the POC. Currently, the vulnerabilities are not public, so it is slightly more difficult)