rootvnode_offset

[ca13ra1]

I was able to get correct offset for 6s on 10.2. Here's the output. Am I suppose to change the rootvnode_offset too?

[kpwn]

yep! that looks successful! if you put a valid rootvnode it's going to remount / as readwrite.

[kpwn]

Unrelated questions will be removed. Stop it.

[ca13ra1]

@kpwn I just kept the rootvnode offset the same, didn't change rootvnode just allproc_offset . Would that be an issue? Also didn't seem to do anything for my device after it rebooted.

[kpwn]

Yes, you need rootvnode. No extraction of bootstrap is being done at the moment, however.

[ca13ra1]

@kpwn Ok, thank you!

[EGYbkgo9449]

@kpwn sorry for commenting a lot but I've got the rootvnode offset, it said on Xcode already jailbroken but no Cydia, so have you implemented the Cydia yet or no ???

[ghost]

I meant where is rootvnode offset located so i can put in the correct one @kpwn

[willsmillie]

@CrypticGit clone the latest commit

[ghost]

@williamfs i did its giving me apple mach o linker errors

[willsmillie]

@kpwn Would you like us to send you our offsets after we find them?

[kpwn]

Yes, it's part of the reason why this is opensource.

[willsmillie]

Where should we send them?

[kpwn]

rootvnode is very easy to find: just run the 'nm' command on a decompressed kernel, one of the symbols is rootvnode. and here is fine.

[EGYbkgo9449]

@kpwn I already found it, tell me where should I submit my offsets :)

[ghost]

@kpwn Im confused my device says one kernel but the ipsw says another

[dallasco]

Wait is kpwn Luca or? I'm confused

[oncheonche]

@kpwn is it interesting to know them for tvOS ?
If so, I can find them, but I won't be able to confirm they work unless I'm able to build the app

[willsmillie]

iPhone 6s // iOS 10.2 // N71mAP

allproc_offset = 0x5a8438;
procoff = 0x360;
rootvnode_offset = 0x5b20b8;

[EGYbkgo9449]

@williamfs delete the 7 from the rootvnode_offset

[willsmillie]

@EGYbkgo9449 Oops, thanks!

[BryanSuero]

The correct rootvnode_offset is rootvnode_offset = 0x5ae0b8;

[willsmillie]

@kpwn reporting back. Got it working on 6s 10.2 N71mAP. Cydia is on the device now! :D

[BryanSuero]

I also have it 💃

[oncheonche]

Yep, working here too

[willsmillie]

Welcome to the club 😎

[ca13ra1]

@williamfs What offsets did you use? I found

[oncheonche]

I used the last commited version with new offsets

[willsmillie]

@ca13ra1 I got the same

[BryanSuero]

Guys remember to NOT install the Substrate Fix and run the command to fix facetime and those things.

[kpwn]

@BryanSuero No.

[ghost]

@kpwn do i edit the offsets above the if statements or leave them?

[BryanSuero]

@kpwn What would happens if you run the commands to fix them? Because I already did it and it didn't fix it

[oncheonche]

Moreover, remember it's not aimed to be used on any "everyday" iPhone

[berkeelevent]

I do found fffffff0075c20b8 rootvnode for iPhone 6, in case anyone if need

[EGYbkgo9449]

Worked here too (6S+) :P

[ca13ra1]

@williamfs didn't update to the latest commit lol :) Working now fine

[berkeelevent]

BTW, how can I convert rootvnode?

[BryanSuero]

You have to subtract the kernel base to get the offset

[berkeelevent]

@BryanSuero thank you!

[BryanSuero]

@berkeelevent check Ian Beer's Google Code

[ca13ra1]

5s n51 rootvnode fffffff0075b60b8 S _rootvnode & 5s allproc_offset = 0x5ac418

[ghost]

Iphone 6s samsung 10.1.1 offsets:
allproc_offset = 0x5a8148;
procoff = 0x360;
rootvnode_offset = 0x5ae0b8;

@kpwn

[berkeelevent]

does anybody have iphone 6? I did found all offsets but still cant make it work

allproc_offset = 0x5b8468;
procoff = 0x360;
rootvnode_offset = 0x5be0b8;

I got;

then it just reboots

[ghost]

@berkeelevent Someone asked me to find 6+ offsets i dont know if they are the same.

[berkeelevent]

@CrypticGit I can try

[x86shell]

@berkeelevent I think the code itself doesn't support the iPhone 6/+ yet. I could be wrong however but i added the offsets myself for 6+ and i get a kernel panic still on "got a cpacr", just wait for Q to update this repo!