kpwn / yalu102 Goto Github PK
View Code? Open in Web Editor NEWincomplete iOS 10.2 jailbreak for 64 bit devices by qwertyoruiopz and marcograssi
License: Do What The F*ck You Want To Public License
incomplete iOS 10.2 jailbreak for 64 bit devices by qwertyoruiopz and marcograssi
License: Do What The F*ck You Want To Public License
Is it possible to adapt for tvOS 10.0.1 / 10.1 (equivalent to iOS10.2 I think) ?
I can test anything you post on my Apple TV.
Thanks !
Ive fixed many issues with IO kit (i think it was on my end) but anyways when i try to click the go button it crashes my device and idk if its supposed to install cydia or what (i assume it was considering it had cydia.app and all of the essintaial cydia components in the bootstrap.tar file so)
release: 16.3.0
version: Darwin Kernel Version 16.3.0: Tue Nov 29 21:40:09 PST 2016; root:xnu-3789.32.1~4/RELEASE_ARM64_S8000
machine: iPhone8,2
All apps (App Store and system) other than Cydia, Messages, Photos, Camera and Watch fail to launch.
Opens and crashes with the message found corruption 38503
else if (strcmp(u.version, "Darwin Kernel Version 16.3.0: Tue Nov 29 21:40:09 PST 2016; root:xnu-3789.32.1~4/RELEASE_ARM64_S8000") == 0) {
allproc_offset = 0x5a8438;
procoff = 0x360; // iphone 6s N71AP , credit to @jonderewith
rootvnode_offset = 0x5b20b8;
}
a known bug is syscall perf degradation. this is due to a difference from yalub3 which will be sorted out at some point
I find offset for iPhone 5S, but get error
sysname: Darwin
nodename: iPhone-Slonick
release: 16.3.0
version: Darwin Kernel Version 16.3.0: Tue Nov 29 21:40:09 PST 2016; root:xnu-3789.32.1~4/RELEASE_ARM64_S5L8960X
machine: iPhone6,1
2017-01-26 06:16:38.111751 yalu102[204:3578] found corruption 38203
2017-01-26 06:16:42.325356 yalu102[204:3578] found kernel text at fffffff015c04000
2017-01-26 06:16:42.327648 yalu102[204:3578] got tfp0 -> f07
2017-01-26 06:16:42.328246 yalu102[204:3578] found procs at fffffff0161af1b0
2017-01-26 06:16:42.328547 yalu102[204:3578] seg: __TEXT
2017-01-26 06:16:42.328619 yalu102[204:3578] seg: __DATA_CONST
2017-01-26 06:16:42.328664 yalu102[204:3578] seg: __TEXT_EXEC
2017-01-26 06:16:42.328743 yalu102[204:3578] seg: __KLD
2017-01-26 06:16:42.328789 yalu102[204:3578] seg: __LAST
2017-01-26 06:16:42.328830 yalu102[204:3578] seg: __DATA
2017-01-26 06:16:42.328871 yalu102[204:3578] seg: __PRELINK_TEXT
2017-01-26 06:16:42.328911 yalu102[204:3578] seg: __PLK_TEXT_EXEC
2017-01-26 06:16:42.328991 yalu102[204:3578] seg: __PRELINK_DATA
2017-01-26 06:16:42.329042 yalu102[204:3578] seg: __PLK_DATA_CONST
2017-01-26 06:16:42.329083 yalu102[204:3578] seg: __PLK_LINKEDIT
2017-01-26 06:16:42.329123 yalu102[204:3578] seg: __PRELINK_INFO
2017-01-26 06:16:42.329162 yalu102[204:3578] seg: __LINKEDIT
2017-01-26 06:16:42.329200 yalu102[204:3578] fffffff014dbc000 - fffffff016498000
2017-01-26 06:16:42.399342 yalu102[204:3578] ffffffff03d9c000
2017-01-26 06:16:42.444078 yalu102[204:3578] fffffff015c655a0
2017-01-26 06:16:42.483456 yalu102[204:3578] pmap: fffffff016114850
2017-01-26 06:16:42.522567 yalu102[204:3578] got phys at 0 for virt fffffff002fc8000
2017-01-26 06:16:42.522748 yalu102[204:3578] found cpu 0
2017-01-26 06:16:42.522790 yalu102[204:3578] found physz: fffffff015c87000
2017-01-26 06:16:42.522836 yalu102[204:3578] found cpu 1
2017-01-26 06:16:42.522873 yalu102[204:3578] found physz: fffffff015c87000
2017-01-26 06:16:42.522969 yalu102[204:3578] fffffff015d8733c - fffffff015d8719c
2017-01-26 06:16:42.524845 yalu102[204:3578] ttbr0: 8024c5000 fffffff015c65590
2017-01-26 06:16:42.525369 yalu102[204:3578] got a cpacr
Question in title
IOKit/IOKitLib.h file not found
Thx, this problem was solved
How much more for the 7 & 7+ to be supported??
In yalu1011 it has wierd screen distortion then it kernel panics. this time its instant to black and reboots.
sysname: Darwin
nodename: 0
release: 16.3.0
version: Darwin Kernel Version 16.3.0: Tue Nov 29 21:40:09 PST 2016; root:xnu-3789.32.1~4/RELEASE_ARM64_S8000
machine: iPhone8,1
2017-01-25 15:58:58.675005 yalu102[237:5001] found corruption 37c03
before used yalu b3,now use yalu102,show "failed,retry"
iPhone 7 iOS10.1.1
When I try to build yalu102.app in Xcode 8.2, I get a lot of kernel linking errors
The current uname.version string comparison is insufficient, it needs the board/model id to be able to create cases for devices with the same kernel but different boards (e.g. Samsung vs TSMC).
I can not build the yalu app
Trying to compile ( Error Message: 'libkern/OSReturn.h' file not found) idk whats happening because i added header and put everything in right places so it shouldn't be saying that??? Im obviously doing something wrong. I am trying to use an old device to just test it out and get a feel for a jailbreak so
What Xcode outputs
sysname: Darwin
nodename: Andrews-iPhone
release: 16.3.0
version: Darwin Kernel Version 16.3.0: Tue Nov 29 21:40:08 PST 2016; root:xnu-3789.32.1~4/RELEASE_ARM64_T7000
machine: iPhone7,2
2017-01-25 23:08:40.822432 yalu102[226:4153] found corruption d07
2017-01-25 23:08:43.421386 yalu102[226:4153] found kernel text at fffffff012404000
2017-01-25 23:08:43.423499 yalu102[226:4153] got tfp0 -> e07
2017-01-25 23:08:43.425650 yalu102[226:4153] found procs at fffffff1174f68b0
2017-01-25 23:08:43.429818 yalu102[226:4153] seg: __TEXT
2017-01-25 23:08:43.429903 yalu102[226:4153] seg: __DATA_CONST
2017-01-25 23:08:43.429940 yalu102[226:4153] seg: __TEXT_EXEC
2017-01-25 23:08:43.429978 yalu102[226:4153] seg: __KLD
2017-01-25 23:08:43.430012 yalu102[226:4153] seg: __LAST
2017-01-25 23:08:43.430044 yalu102[226:4153] seg: __DATA
2017-01-25 23:08:43.430078 yalu102[226:4153] seg: __PRELINK_TEXT
2017-01-25 23:08:43.430173 yalu102[226:4153] seg: __PLK_TEXT_EXEC
2017-01-25 23:08:43.430227 yalu102[226:4153] seg: __PRELINK_DATA
2017-01-25 23:08:43.430264 yalu102[226:4153] seg: __PLK_DATA_CONST
2017-01-25 23:08:43.430298 yalu102[226:4153] seg: __PLK_LINKEDIT
2017-01-25 23:08:43.430332 yalu102[226:4153] seg: __PRELINK_INFO
2017-01-25 23:08:43.430366 yalu102[226:4153] seg: __LINKEDIT
2017-01-25 23:08:43.430478 yalu102[226:4153] fffffff0114cc000 - fffffff012c94000
2017-01-25 23:08:43.486675 yalu102[226:4153] ffffffff03d98000
2017-01-25 23:08:43.533917 yalu102[226:4153] fffffff0124715a0
2017-01-25 23:08:43.572392 yalu102[226:4153] pmap: fffffff012920850
2017-01-25 23:08:43.611367 yalu102[226:4153] got phys at 0 for virt fffffff002f78000
2017-01-25 23:08:43.611499 yalu102[226:4153] found cpu 0
2017-01-25 23:08:43.611533 yalu102[226:4153] found physz: fffffff012493000
2017-01-25 23:08:43.611570 yalu102[226:4153] found cpu 1
2017-01-25 23:08:43.611599 yalu102[226:4153] found physz: fffffff012493000
2017-01-25 23:08:43.611645 yalu102[226:4153] fffffff012593574 - fffffff0125933a8
2017-01-25 23:08:43.612986 yalu102[226:4153] ttbr0: 802ab9000 fffffff012471590
2017-01-25 23:08:43.613362 yalu102[226:4153] got a cpacr
No, I don't have the offsets :C
a commit made like 10 mins ago called "mobilesubstrate omg" just caught my attention, does this mean substrate is working or..?
also, where should i post questions about this? twitter (i would but idk who to ask)?
Cydia substrate seems to make apps crash when jailbroken
title: s/seemingly offsets/seemingly correct offsets
Offsets I'm using:
allproc_offset = 0x5ac418;
rootvnode_offset = 0x5a8418;
syslog:
sysname: Darwin
nodename: Benjamins-iPad
release: 16.3.0
version: Darwin Kernel Version 16.3.0: Tue Nov 29 21:40:09 PST 2016; root:xnu-3789.32.1~4/RELEASE_ARM64_S5L8960X
machine: iPad4,4
2017-01-26 01:14:10.684549 yalu102[228:5118] found corruption 37c03
2017-01-26 01:14:11.442127 yalu102[228:5118] found kernel text at fffffff009804000
2017-01-26 01:14:11.445041 yalu102[228:5118] got tfp0 -> 37d03
2017-01-26 01:14:11.447014 yalu102[228:5118] found procs at fffffff10ca12cb8
2017-01-26 01:14:11.453163 yalu102[228:5118] seg: __TEXT
2017-01-26 01:14:11.453278 yalu102[228:5118] seg: __DATA_CONST
2017-01-26 01:14:11.453329 yalu102[228:5118] seg: __TEXT_EXEC
2017-01-26 01:14:11.453377 yalu102[228:5118] seg: __KLD
2017-01-26 01:14:11.453422 yalu102[228:5118] seg: __LAST
2017-01-26 01:14:11.453464 yalu102[228:5118] seg: __DATA
2017-01-26 01:14:11.453574 yalu102[228:5118] seg: __PRELINK_TEXT
2017-01-26 01:14:11.453622 yalu102[228:5118] seg: __PLK_TEXT_EXEC
2017-01-26 01:14:11.453663 yalu102[228:5118] seg: __PRELINK_DATA
2017-01-26 01:14:11.453704 yalu102[228:5118] seg: __PLK_DATA_CONST
2017-01-26 01:14:11.453745 yalu102[228:5118] seg: __PLK_LINKEDIT
2017-01-26 01:14:11.453786 yalu102[228:5118] seg: __PRELINK_INFO
2017-01-26 01:14:11.453825 yalu102[228:5118] seg: __LINKEDIT
2017-01-26 01:14:11.453866 yalu102[228:5118] fffffff008994000 - fffffff00a09c000
2017-01-26 01:14:11.526676 yalu102[228:5118] ffffffff03f64000
2017-01-26 01:14:11.580815 yalu102[228:5118] fffffff0098655a0
2017-01-26 01:14:11.620324 yalu102[228:5118] pmap: fffffff009d14850
2017-01-26 01:14:11.660655 yalu102[228:5118] got phys at 0 for virt fffffff0008bc000
2017-01-26 01:14:11.660834 yalu102[228:5118] found cpu 0
2017-01-26 01:14:11.660880 yalu102[228:5118] found physz: fffffff009887000
2017-01-26 01:14:11.660928 yalu102[228:5118] found cpu 1
2017-01-26 01:14:11.660966 yalu102[228:5118] found physz: fffffff009887000
2017-01-26 01:14:11.661028 yalu102[228:5118] fffffff00998733c - fffffff00998719c
2017-01-26 01:14:11.663283 yalu102[228:5118] ttbr0: 8020bd000 fffffff009865590
2017-01-26 01:14:11.663814 yalu102[228:5118] got a cpacr
Then the device reboots.
Can anyone verify if these offsets are correct?
I was just wondering if just the correct offsets are needed for other devices or if other things are needed as well. A straight forward answer will suffice, thanks.
Before everyone goes crazy, yes, I know. It does not work on all devices. Just letting Luca know.
I don't think it was a kernel panic, all that happens is it hangs and then reboots.
Please add iPhone SE
Thanks
allproc_offset = 0x5b20e0;
rootvnode_offset = 0x5b20b8;
Darwin Kernel Version 16.3.0: Tue Nov 29 21:40:09 PST 2016; root:xnu-3789.32.1~4/RELEASE_ARM64_S5L8960X
Adding Support for iOS 10.1.1 for the iPhone 5S and 6 ?
Thanks for your hard work
Whenever I try on iPad Air 2 Wi-Fi it either reboots or says "failed, retry."
Need iPad Air 2 offsets
please add iPad Air offset
If someone is trying to make it work, here's what I found :
allproc_offset = 0x5b8168;
procoff = 0x360; //not sure at all
rootvnode_offset = 0x5ba0b8;
Could you make a write up on how to find the offsets for our device and iOS like p0 did it would save you time and since you don't have the devices anyway it could help for more support
The allproc offset is the one from Mach portal right?
The other two we don't know how to get so maybe you could explain to us how like project zero did
Regards
Cawk
For iOS 10.1.1:
Darwin Kernel Version 16.1.0: Thu Sep 29 21:56:11 PDT 2016; root:xnu-3789.22.3~1/RELEASE_ARM64_T7000
0x5B4168
0x5ba0b8
(planning for the future)
/Users/arinc/Documents/yalu102/yalu102/jailbreak.m:14:9: 'IOKit/IOKitLib.h' file not found
After my phone is sitting for a while i go to cydia and the phone crashes and reboots. I have to hardreset the phone for yalu to work again @kpwn
I have a feeling this is due to my device (iPhone 6+) not being officially supported, but here's the report.
I have put the correct allproc_offset
inside offsets.c
. When I run the jailbreak, the app stalls.
The log is as follows:
sysname: Darwin
nodename: Georges-iPhone
release: 16.1.0
version: Darwin Kernel Version 16.1.0: Thu Sep 29 21:56:11 PDT 2016; root:xnu-3789.22.3~1/RELEASE_ARM64_T7000
machine: iPhone7,1
2017-01-26 09:49:45.375728 yalu102[245:6882] found corruption 1207
2017-01-26 09:49:48.027033 yalu102[245:6882] found kernel text at fffffff012404000
2017-01-26 09:49:48.029040 yalu102[245:6882] got tfp0 -> 38103
2017-01-26 09:49:48.029424 yalu102[245:6882] found procs at fffffff11654dc98
2017-01-26 09:49:48.033201 yalu102[245:6882] ffffffffffffffff - 0
2017-01-26 09:49:48.033250 yalu102[245:6882] 143080040ef80
(lldb)
The error message (Line 183, jailbreak.m):
http://i.imgur.com/u9aFPah.png
Variable values at the point of crash:
http://imgur.com/a/pZ555
iPhone 6s N71m failed try again ;)
it doesn,t work
I don't have a mac D:
Support needed for 4K devices. ( In more understandable terms, "old" devices )
_allproc: 0x5b8528
_kernproc: 0x5be0e0
fffffff0075c20b8 S _rootvnode
fffffff0071e1258 S _vfs_rootvnode
With the current status of the jailbreak community going to an absolute pile of garbage, would it be ok if I opened the source to learn a little about how the jailbreak works?
Thanks and with much respect,
rpalmieri
Also says this when i try to compile
Trying out the jailbreak on my iPhone 6 (7,2) and I get passed the crash that most are having at found corruption but then it freezes afterwards at "found kernel text at" I did some logging in the code and it seems to be stuck at the while loop around line 247 (while (proc_) {
) any ideas?
This is running while still attached to Xcode by the way.
says file not found cannot compile...
Can anyone give me the mini 3's offsets
Hey,
I've tried the jailbreak about 10 times but it resprings the device and nothing happen, here is the kernel panic log:
Could someone add support for this please, thanks in advance.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.