Just crash on iphone x iOS 16.1.2

[imrobbyrc]

Here my crash log escape-2023-12-25-181836.ips.zip

[KpwnZ]

A fallback option was added to init with iOS 16.3 structure offsets. e051ea7811540295b53fbb3d6877cbec8ed9d5e2

[imrobbyrc]

A fallback option was added to init with iOS 16.3 structure offsets. e051ea7811540295b53fbb3d6877cbec8ed9d5e2

Hi thanks for build 0.999.4, but still not working for me, it just reboot my phone. I use trollstore2 to install it.

[KpwnZ]

Could you please attach the panic log?

[imrobbyrc]

Could you please attach the panic log?

sure, here you go panic-full-2023-12-26-094859.0002.ips.zip

[KpwnZ]

Please try the latest version.

[imrobbyrc]

Thanks, I already try it, but apps just crash after I pressed start

[imrobbyrc]

Cant find crashlog, did you change apps name? Dont see escape on my crashlog

[imrobbyrc]

My escape apps doenst show any logs like people on other issue, i tried v.6 and v.5 too

[imrobbyrc]

try many times and got some logs showing on apps like "KFD xxxx" and just restart my phone here's panic logs : panic-full-2024-01-07-105341.000.ips.zip

[KpwnZ]

New version is available: https://github.com/KpwnZ/Def1nit3lyN0tAJa1lbr3akTool/releases/tag/v0.999.7.

[imrobbyrc]

panic-full-2024-01-07-115104.000.ips.zip

still panic after some KPF text in logs

[KpwnZ]

Please try again.

[KpwnZ]

There might be some problem when initialization kcall primitive stage 1 but it's easy to fixed.

[imrobbyrc]

panic-full-2024-01-07-120151.000.ips.zip latest one panic, i got screenshot the apps but it dissapear after booting

[imrobbyrc]

I can help you to debug this bug 🙏

[imrobbyrc]

Any update bro? @KpwnZ

[KpwnZ]

v0.999.8 is released.

[imrobbyrc]

v0.999.8 is released.

just crash again for latest build

[imrobbyrc]

https://x.com/wh1te4ever/status/1745268601542873595?s=46&t=IXt5t1UrD1nzICs27nvDDg maybe you can use this patch finder? I try this with mikasa and it working

[KpwnZ]

There is nothing to do with the patch finder. Might because of the new exploitation method. Any crash log?

[imrobbyrc]

There is nothing to do with the patch finder. Might because of the new exploitation method. Any crash log?

Here’s panic logs, tried 5-10 times still no success just panic after press start

panic-full-2024-01-20-000231.000.zip

[KpwnZ]

There is nothing to do with the patch finder. Might because of the new exploitation method. Any crash log?

Here’s panic logs, tried 5-10 times still no success just panic after press start

panic-full-2024-01-20-000231.000.zip

Reboot, wait a few minutes then try again.

[KpwnZ]

Please try https://github.com/KpwnZ/Def1nit3lyN0tAJa1lbr3akTool/releases/tag/v0.999.9.

[imrobbyrc]

Please try https://github.com/KpwnZ/Def1nit3lyN0tAJa1lbr3akTool/releases/tag/v0.999.9.

Alrrady tried for 5 times and it only instant reboot after i press start button, different for v8 is when i press start button need some seconds before it reboot

here’s crash logs, i attach 2 different crash log using v9 Archive.zip

[imrobbyrc]

About PUAF did you use settings puaf pages? For me with mikasa or pureKFD, i need to make it 512 to work and i use Landa method

[imrobbyrc]

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>kern_version</key>
    <string>Darwin Kernel Version 22.1.0: Thu Oct  6 19:34:18 PDT 2022; root:xnu-8792.42.7~1/RELEASE_ARM64_T8015</string>
    <key>off_cdevsw</key>
    <integer>18446744005116579912</integer>
    <key>off_gPhysBase</key>
    <integer>18446744005108905872</integer>
    <key>off_gPhysSize</key>
    <integer>18446744005108905880</integer>
    <key>off_gVirtBase</key>
    <integer>18446744005108898232</integer>
    <key>off_perfmon_dev_open</key>
    <integer>18446744005110876100</integer>
    <key>off_perfmon_devices</key>
    <integer>18446744005116824592</integer>
    <key>off_proc_object_size</key>
    <integer>1328</integer>
    <key>off_ptov_table</key>
    <integer>18446744005108593000</integer>
    <key>off_vn_kqfilter</key>
    <integer>18446744005111196012</integer>
</dict>
</plist>

here’s my workin offset with misaka or purekfd

[KpwnZ]

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
  <key>kern_version</key>
  <string>Darwin Kernel Version 22.1.0: Thu Oct  6 19:34:18 PDT 2022; root:xnu-8792.42.7~1/RELEASE_ARM64_T8015</string>
  <key>off_cdevsw</key>
  <integer>18446744005116579912</integer>
  <key>off_gPhysBase</key>
  <integer>18446744005108905872</integer>
  <key>off_gPhysSize</key>
  <integer>18446744005108905880</integer>
  <key>off_gVirtBase</key>
  <integer>18446744005108898232</integer>
  <key>off_perfmon_dev_open</key>
  <integer>18446744005110876100</integer>
  <key>off_perfmon_devices</key>
  <integer>18446744005116824592</integer>
  <key>off_proc_object_size</key>
  <integer>1328</integer>
  <key>off_ptov_table</key>
  <integer>18446744005108593000</integer>
  <key>off_vn_kqfilter</key>
  <integer>18446744005111196012</integer>
</dict>
</plist>

here’s my workin offset with misaka or purekfd

We don't use these offsets actually (if you take a look at the code) I am looking into this problem.

[KpwnZ]

BTW could you please provide some device logs? For example, screen shot before panicking?

[imrobbyrc]

BTW could you please provide some device logs? For example, screen shot before panicking?

No device log in apps, it instantly reboot after pressing start

[KpwnZ]

BTW could you please provide some device logs? For example, screen shot before panicking?

No device log in apps, it instantly reboot after pressing start

What about waiting for a few minutes then start to jailbreak?

[imrobbyrc]

BTW could you please provide some device logs? For example, screen shot before panicking?

No device log in apps, it instantly reboot after pressing start

What about waiting for a few minutes then start to jailbreak?

Already do that, after first panics and reboot i wait for 5 minutes and start again, and try to disable low power mode, try airplane mode, but still panics instantly

[KpwnZ]

I pushed a new update https://github.com/KpwnZ/Def1nit3lyN0tAJa1lbr3akTool/releases/tag/v0.999.11.

[imrobbyrc]

I pushed a new update https://github.com/KpwnZ/Def1nit3lyN0tAJa1lbr3akTool/releases/tag/v0.999.11.

Still panicking, but now have to wait around 10seconds to restart. Btw i just notice this today, did this apps sandboxing and have rights capabilities?

[imrobbyrc]

Crashlogs for latest build Crashlog.zip

[KpwnZ]

Crashlogs for latest build

Crashlog.zip

What about retry a few times?

[imrobbyrc]

Crashlogs for latest build

Crashlog.zip

What about retry a few times?

I did, sometimes it panicked or the escape app crashing ( no crashlog for apps crash )

[imrobbyrc]

can you guide me to make i able to run this project? currently if i use escape.xcodeproj it will break like Could not build module 'Darwin', i need to make a new project and copy all depedencies, but still error, did i miss something?

[KpwnZ]

can you guide me to make i able to run this project? currently if i use escape.xcodeproj it will break like Could not build module 'Darwin', i need to make a new project and copy all depedencies, but still error, did i miss something?

Yes, you can create another empty project, set its target iOS version to the same as DNAJT. And then build it. Then you can build DNAJT. It seems like it's an Apple's bug.

[imrobbyrc]

can you guide me to make i able to run this project? currently if i use escape.xcodeproj it will break like Could not build module 'Darwin', i need to make a new project and copy all depedencies, but still error, did i miss something?

Yes, you can create another empty project, set its target iOS version to the same as DNAJT. And then build it. Then you can build DNAJT. It seems like it's an Apple's bug.

yeah i already to that step, but got error like screenshot above

[imrobbyrc]

do i need to run this? TRUSTCACHEVERSION=2 make for ios 16.1.2, i got some error on running that , could you list full step to build?

[KpwnZ]

do i need to run this?

TRUSTCACHEVERSION=2 make for ios 16.1.2, i got some error on running that , could you list full step to build?

We got a support server now. https://discord.gg/23PqE4Jd

[imrobbyrc]

Joined

[KpwnZ]

Now it should support iOS 16.1.X.

[imrobbyrc]

Now it should support iOS 16.1.X.

Working perfectly, thank you