Pangu Team


The Pangu Team, is a Chinese programming team in the iOS community that developed the Pangu jailbreaking tools. These are tools that assist users in bypassing device restrictions and enabling root access to the iOS operating system. This permits the user to install applications and customizations typically unavailable through the official iOS App Store.

Etymology

In some versions of Chinese mythology, the name Pangu is the Chinese word for the first living being and creator of all.

Pangu jailbreak

Pangu or Pangu Jailbreak for iOS 7.1 - 7.1.x is a free iOS jailbreaking tool developed by the Pangu Team that is capable of executing jailbreaks on various iOS 7.1 devices by using various exploits. The tool was first released on 23 June 2014 to jailbreak iOS 7.1 on all iOS devices and the new fourth generation Apple TV. The initial release of the tool included support for iOS 7.1.2. This was because the team suspected that a firmware update was imminent, and Apple would use that release to patch the vulnerabilities used in the tool.

Controversy

Pangu uses a revoked enterprise certificate to inject the jailbreak, which is removed after the jailbreak is complete.
In the initial release, 25PP, a Chinese cracked app store would be installed if the user did not uncheck the check box that was checked by default during installation. 25PP was removed from the package as of version 1.1.0.
Originally, Pangu achieved the jailbreaking using an Infoleak vulnerability taken from Stefan Esser's paid security training sessions, along with other vulnerabilities that they found themselves. Although the team acknowledges Esser's help within the Pangu jailbreak tool, Esser took to Twitter to let everyone know he was "in no way okay" with Pangu using the exploit he discovered.
One of the Pangu members, Daniel_K4, later responded to the public that no one was asked to sign the NDA during the paid security training sessions, and the Infoleak bug was known to everyone that attended the security training sessions. Daniel_K4 said that they too have found a similar vulnerability in Infoleak, but it was not used since they didn't want to disclose any new vulnerabilities. The Infoleak bug was used to bypass the KASLR which will not make an untethered jailbreak alone. The team said they never thought using what they had learned from a paid class would be wrong.
Pangu offered Esser another vulnerability of their own as compensation but received no response. Thus, since version 1.1.0 of the release, Esser's Infoleak was replaced with another vulnerability found by Pangu.

Pangu 8

Pangu8 or Pangu Jailbreak for iOS 8.0 - 8.1 is a free iOS 8 jailbreak tool from the Pangu Team. It was first released on October 22, 2014. The tool is compatible with all devices capable of running iOS 8, and is currently available in both Chinese and English. Cydia was not included in the initial release package, but was added in v1.1.0 and is available from the website.

Pangu app

Since Cydia was incompatible in the initial release, Pangu8 included a Pangu app that allows users to install Cydia, alongside various Pangu bug fixes and recommended software. The tool works as a tweaking utility and also recommends tools such as OpenSSH. After Cydia is installed, the Pangu app can be removed from the device by removing the "Pangu loader for iOS" from Cydia and respringing the device. Uninstalling the Pangu app is not the same as removing the Pangu jailbreak. If iOS users remove Pangu jailbreak then they have to restore their device to the latest iOS version. Moreover, it's difficult to downgrade an iOS device back to the previous iOS version because Apple stops signing the old iOS versions after the release of a newer iOS firmware. The initial releases also enabled for Cydia to be installed through a Debian package file instead of within the Pangu app as an alternative.

Pangu 9

Pangu9 or Pangu Jailbreak for iOS 9.0 - 9.1 is the latest free iOS 9 jailbreak tool from the Pangu Team. It was first released on October 14, 2015. and only included a jailbreak for iOS 9.0 - 9.0.2. On March 11, 2016, Pangu released Pangu9 v1.3.0 that included a jailbreak for iOS 9.1. The tool is capable of jailbreaking all devices running iOS 9.0 and all 64-bit devices running iOS 9.1. It is currently available in English. There are both Windows and OS X versions available. Cydia was bundled with Pangu9 in its first release, removing the need for a Pangu app found in previous Pangu jailbreaks.

PP25 Assistant (PP助手) 5.0

Released on July 24, 2016, PP25 also known as Pangu9 or the new Pangu9 is a jailbreak for iOS 9.2 - 9.3.3 that is only supported for 64-bit devices and is not supported on the iPod 6th gen and iPad Pro. The application known as PP Assistant which is a Chinese program that can install cracked apps. The Pangu jailbreak is bundled with PP Assistant that has the option to install the PP25 app on the device. During the jailbreak process it will ask for an Apple ID used to install the unofficial app to jailbreak. The English version was released, adding support for the iPod 6th Gen and the iPad Pro but will most likely not add support for 32-bit.

iOS 9.3.3

Apple corrected the "IOMobileFrameBuffer" bug in iOS 9.3.4, released on August 4, 2016. “Team Pangu” was credited as the source for this update in the official security notes.
Apple states: "Available for: iPhone 4s and later, iPad 2 and later, iPod touch and later;
Impact: An application may be able to execute arbitrary code with kernel privileges;
Description: A memory corruption issue was addressed through improved memory handling.
Like all iOS 9.x releases, iOS 9.3.4 is designed for iPhone 4S and later, iPad 2 and later, iPad mini and later, iPad Pro range, and the 5th generation iPod touch and later. Outsiders recommend that you upgrade from iOS 9.3.3 to iOS 9.3.4 only if you do not jailbreak.

Exploits

The Pangu9 worked by allowing access to the photos app to be able to install the unsigned application Cydia. Pangu9 used a similar exploit. Allowing notifications enabled the installation of Cydia. It used an app bundled with PP25 that allowed for a jailbreak without use of a computer.