Skip to content

/Undecimus

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Unable to verify shenanigans in kernel memory iPhone X (10.6) #1263

Closed
FrAcTi0N opened this issue Aug 18, 2019 · 4 comments

Comments

@FrAcTi0N
Copy link

commented Aug 18, 2019

Describe the bug
Unable to jailbreak iPhone X, ios 12.4, unc0ver 3.5.0
To Reproduce
Steps to reproduce the behavior:

  1. Go to unc0ver
  2. Click on jailbreak
  3. See error

Screenshots
If applicable, add screenshots to help explain your problem.

Device (please complete the following information):

  • iOS Version: 12.4
  • iOS Device: iPhone X (10.6)
  • unc0ver Version: 3.5.0

Place an "x" between the brackets if true:

  • this is a bug others will be able to reproduce
  • [ x] this issue is present with all tweaks uninstalled(except for default packages) or disabled
  • this issue is present after a rootfs restore
  • [ x] this issue is present on the latest version of unc0ver

Logs
If applicable, add logs or error messages here.

[] unc0ver Version: 3.5.0
[] Machine Name: iPhone10,6
[] Model Name: D221AP
[] Kernel Version: Darwin Kernel Version 18.7.0: Fri Jun 21 22:24:16 PDT 2019; root:xnu-4903.270.477/RELEASE_ARM64_T8015
[] Kernel Page Size: 0x4000
[] System Version: iOS 12.4 (Stable) (Build: 16G77)
[*] Bundled Resources Version: 1.0b23
[] Status: Jailbreak
[] Progress: Ready to jailbreak
[] Status: Jailbreaking
[] KernelUtilities.c(1508): Assertion failure
[+] memory_size: 2960130048
[] Progress: Exploiting kernel...
[] Failed to leak fd_ofiles
[] Failed to fetch fd_ofiles
[] Pipe constructor failed to get pipebuffer addr
[] Fake port pipe is invalid
[] Trying next potential kernel_task port...
[] Trying next potential kernel_task port...
[] Trying next potential kernel_task port...
[] Trying next potential kernel_task port...
[] Trying next potential kernel_task port...
[] Trying next potential kernel_task port...
[] Trying next potential kernel_task port...
[] kernel_task port found; read 0xffffffe00498f300 from 0xffffffe0064f8000
[] Copied fake kernel_task port to its own page, cleaning up...
[] tfp0: 0x6703
[] Successfully exploited kernel.
[] Finding kernel offsets...
[] Progress: Initializing jailbreak...
[] kCFCoreFoundationVersionNumber: 1575.170000
[] offsets selected for iOS 12.0 or above
[] Escaping sandbox...
[] myProcAddr = 0xffffffe00658d3d8
[] kernelCredAddr = 0xffffffe0008d9e60
[] Shenanigans = 0xfd50f7ec2b1fedc4
[*] Unable to verify shenanigans in kernel memory.

@FrAcTi0N FrAcTi0N added the bug label Aug 18, 2019

@FrAcTi0N

This comment has been minimized.

Sign in to view
Copy link
Author

commented Aug 18, 2019

Ok, i had to restore instead of update and now the jb works:) thanks

@FrAcTi0N FrAcTi0N closed this Aug 18, 2019

@ugahta

This comment has been minimized.

Sign in to view
Copy link

commented Aug 19, 2019

can you explain the solution more detailed? im having the same issue too
@CreeT6

This comment has been minimized.

Sign in to view
Copy link

commented Aug 19, 2019

Restored from 12.2 ip8 and ipad 10.5 can’t jb
@FrAcTi0N

This comment has been minimized.

Sign in to view
Copy link
Author

commented Aug 19, 2019

I was unable to jb while the phone was updated in iTunes. So I restored it in iTunes and then the jb worked on 2nd try... Maybe the problem is also fixed in 3.5.1.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
3 participants
@FrAcTi0N @ugahta @CreeT6
You can’t perform that action at this time.