Awesome
bluetoothdPoC
CVE-2018-4087 PoC
ETA son? (Is it a jailbreak?)
Depends, Got any kernel vulnerability? You're welcome chain them together. This one allow you to have huge attack surface from within the sandbox. https://www.weibo.com/ttarticle/p/show?id=2309404271293301154324 - @SparkZheng - iOS jailbreak internals (2): Escaping sandbox using callbacks
References
https://blog.zimperium.com/new-crucial-vulnerabilities-apples-bluetoothd-daemon/
https://blog.zimperium.com/cve-2018-4087-poc-escaping-sandbox-misleading-bluetoothd/