This is very unstable and This is only work on Iphone 8 (iOS 11.3.1)
This exploit obtains tfp0 from the WebContent sandbox (i.e. from a website), via two known bugs: CVE-2018-4233 (discovered by saelo, reported via ZDI, exploit by niklasb) and CVE-2018-4243 (empty_list exploit by Ian Beer), both fixed in 11.4.
See pwn_i8.js for details.
I have no plans to work on this more. Stage 2 is closed source for now so people don't write malware, but I'm willing to provide sources to legitimate developers who want to build something awesome with it.