Skip to content
This repository was archived by the owner on Nov 16, 2025. It is now read-only.
/ bookrestore Public archive

arbitrary file overwrite exploit for iOS 26.2b1 and lower

License

GPL-3.0 license
10 stars 3 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

jailbreakdotparty/bookrestore

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
files
files
 
 
sparserestore
sparserestore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
bookrestore.py
bookrestore.py
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

archived

this doesn't work. use duy's PoC.

no support will be provided

original README follows below

bookrestore

patched in iOS 26.2 beta 2 (23C5033h)

notice

this tool is unstable and experimental. developer-oriented proof-of-concept!!

use at your own risk. this is probably the better PoC anyways.

info

what is this? arbitrary file overwrite exploit for iOS versions lower than 26.2 beta 2 (23C5033h)

how does it work? path escape involving some database files. this is mainly supposed to be just some exploit code, you can read a decent writeup on the vulnerability here.

how do i use this? clone this repo, and run bookrestore.py. enter the destination path and your input data and do what it says.

credits

  • Skadz for developing this exploit tool
  • Duy Tran for the initial PoC code
  • hanakim3945 for publishing the first public writeup which this exploit is based off
  • exploit initially used in some iCloud bypass tools, actively sold and utilized in-the-wild

About

arbitrary file overwrite exploit for iOS 26.2b1 and lower

Resources

Readme

License

GPL-3.0 license
Activity
Custom properties

Stars

10 stars

Watchers

1 watching

Forks

3 forks
Report repository

Languages