Can't get v0rtexNonce to work on iPad Air 2 10.3.1

[P0rnflakes]

The IPSW for 10.3.1 containing 3 different kernels I searched them all,as well as using the script made by uroboro to check one of the offsets set I found, tried to use each of those sets for like 50 times each yet I can't seem to trigger the exploit. It either immediately reboots my device or displays an error saying the exploit failed (the logs shows it can fail at different steps of the process).

I don't know if I am doing something wrong/am shit out of luck/there is something wrong with the ipsw containing 3 kernels/there is something wrong fit vortex on iPad

[P0rnflakes]

logs.txt

Here is a sample of my logs running it, it's what I get with either of the three offsets sets. I once got a bit more lines, like 50 or so but couldn't reproduce it.

Those are with the offsets pulled by uroboro's script.

[Tanish1]

Same here... Can you please send me the actions you did to change up the v0rtex master?

[P0rnflakes]

Don't really know what you expect from me, I'm definitely not knowledgeable enough in the matter :d

[arx8x]

Afaik, uroboro, script grabs the first kernelcache it finds.

[P0rnflakes]

It most likely was a VTAB offset issue, had the wrong value on the one I found by myself, it actually went much further in the process in the first try, it was very similar to your example of a successfull log the end being Successfully patched permissions for variable "com.apple.System.boot-nonce" Reading var failed instead of current generator: 0xfeedfacebadf00d0 It looks like I can set a generator tho.. not sure if that means the exploit triggered

[arx8x]

Actually "Reading var failed" can happen even with right offsets

[kallism]

Hi there. I am facing the same issue with ipad air 2. Is there any way to make it work?

[arx8x]

@kallism Are you compiling the latest one?

[kallism]

Yes I compiled the latest one, but still no luck ! (I have managed to get it working on my ipad pro, however my ipad air 2 (Cellular) is not succesful !

[arx8x]

Did iPad pro work before I added all the offsets?

[kallism]

after trying several times, I can confirm that the offsets for ipad air 2 are correct :) ipad pro worked after adding all the offsets. Thanks a lot for your contribution ! your work is much appreciated :)