There is no PDF file, the pdf is a base64 encoded data-uri in the javascript, in the page itself, not even in a separate asset.
For those who fancy doing some analysis, here's the curl command with the required ipad UA string:
curl -A "Mozilla/5.0 (iPad; U; CPU OS 4_3 like Mac OS X; en-us) AppleWebKit/533.17.9 (KHTML, like Gecko) Version/5.0.2 Mobile/8F190 Safari/6533.18.5" http://www.jailbreakme.com
the PDF is very invalid, because it never needs to masquerade as a real document, it doesn't have to pretend to implement the PDF spec correctly. This makes it somewhat resistant to analysis, it doesn't even have the required '%%EOF' marker so many tools choke on it immediately.
EDIT: There's an unterminated stream object in there which doesn't have a type, and it also has a declared length of 61 bytes and an actual length of well over 400. I think we have a winner... Unfortunately iOS shellcode analysis is waaaay over my head so I'll have to do something useful instead.
For those who fancy doing some analysis, here's the curl command with the required ipad UA string:
EDIT: here's the b64 pdf: http://pastebin.com/69tnPMdVthe PDF is very invalid, because it never needs to masquerade as a real document, it doesn't have to pretend to implement the PDF spec correctly. This makes it somewhat resistant to analysis, it doesn't even have the required '%%EOF' marker so many tools choke on it immediately.
EDIT: There's an unterminated stream object in there which doesn't have a type, and it also has a declared length of 61 bytes and an actual length of well over 400. I think we have a winner... Unfortunately iOS shellcode analysis is waaaay over my head so I'll have to do something useful instead.