Are just the correct offsets needed to support other devices about yalu102 HOT 24 CLOSED

Wow. I didn't know Luca would go so far as to get help for his next Yalu release. Something tells me he's not going to keep working on iOS 10.1.1 anymore.
Still searching for offsets for iPhone 6. Went crazy disassembling the broken beta. Aren't you disappointed, qwertyoruiop? I disassembled your code because I'm crazy and I know almost zero Objective-C.

from yalu102.

afaik only the offsets

from yalu102.

Offsets will help, I believe. allproc and rootvnode. If you have 10.2 IPSW and can find those, feel free to contribute them for other devices. Also, make sure to make a case for it and not override defaults.

from yalu102.

But are they the only other things needed, I have the IPSW and hopper+IDA

from yalu102.

Take the ipsw decompress the kernelcache, find allproc with IDA
Then find rootvnode with nm decompressed_kernel | grep rootvnode

from yalu102.

You'll need to calculate rootvnode

from yalu102.

iPhone SE N69uAP using correct offsets:
allproc_offset = 0x5a8438;
fffffff0075b20b8 S _rootvnode

finish with:

2017-01-26 04:10:28.316701 yalu102[243:4678] enabled patches
2017-01-26 04:10:28.318011 yalu102[243:4678] remounting: -1
2017-01-26 04:10:28.318234 yalu102[243:4678] done

from yalu102.

calculate as in math?

from yalu102.

remounting: -1 -> rootvnode is wrong.

from yalu102.

yes math, as in hex - hex

-1 means you didn't convert it right

from yalu102.

got a twitter? @drake90001

from yalu102.

yes it's edit removed twitter, getting spammed now haha

from yalu102.

(Using same kernelcache.decompressed to find allproc_offset)

DarkPlace:extractor darkplace$ nm kernelcache.decompressed | grep rootvnode
fffffff0075b20b8 S _rootvnode
fffffff0071d3eac S _vfs_rootvnode

using: rootvnode_offset = 0x5b20b8;

returning remounting: -1

from yalu102.

the SE offsets are the same as #18

from yalu102.

cool, seems returning a wrong rootvnode offset, with 5ae0b8 works perfectly. tftp working correctly.

from yalu102.

Yes, you have to subtract the __TEXT:HEADER value from rootvnode just like allproc

from yalu102.

@darkplace to confirm, #18 is working fully on the SE for you?

from yalu102.

I need to install Cydia, let me check.

from yalu102.

@nullpixel1 @kpwn working on SE N69uAP
allproc 0x5a8438 / rootvnode 0x5ae0b8 (same as 6S)

from yalu102.

Awesome! 👍

from yalu102.

Will these offsets open the ip7 on 10.2 to be able to jailbreak?? Just wondering what it would take for the iPhone 7 on 10.2 to be jail broken..thanks for the help..

from yalu102.

As a iPhone 7 plus 10.2 user DOOOOMED

from yalu102.

sysname: Darwin
nodename: iPhone
release: 16.3.0
version: Darwin Kernel Version 16.3.0: Tue Nov 29 21:40:08 PST 2016; root:xnu-3789.32.1~4/RELEASE_ARM64_T8010
machine: iPhone9,4
missing offset, prob crashing
2017-01-26 14:20:23.272130 yalu102[230:7770] found corruption 38503

from yalu102.

@lucid727 @B0ngL0rd No. NO jailbreak for 10.2 iPhone 7.

from yalu102.