checkra1n / BugTracker

checkra1n bug tracker
729 stars 104 forks source link

Exploit Failed (Error code: -31) on iPad Air 1 with 12.4.9 #1875

Closed ottelo9 closed 3 years ago

ottelo9 commented 3 years ago

Tell us about your setup:

  1. What iDevice are you using? iPad Air

  2. On what version of iOS is it? 12.4.9

  3. What version of checkra1n are you using? 0.12.1 beta

  4. What is your host system (OS version? Hackintosh? VM? etc.)? MacOS 10.13 on VMWare Player v15

  5. How are you connecting to the device (USB-A? USB-C? Apple/3rd party cable? Through a USB hub?)? USB-A

What are the steps to reproduce the issue?

  1. Run checkra1n on MacOS (on VM, USB2.0 support acticated)
  2. Let the tool enter the recovery mode on ipad ... works
  3. Enter DFU ... works
  4. DFU entered successfully, tool starts ...
  5. Setting up the exploid (this is the heap spray) ...
  6. Exploit Failed (Error code: -31)

Did you see a popup on the device stating it entered "Safe Mode" due to an error? no

Does the issue also occur if you tick "Safe Mode" in the checkra1n options? yes

Any other info, error logs, screenshots, ...? Tried to start the procedure with xxx Tried other cables or USB2.o ports

ottelo9 commented 3 years ago

Because I have a Windows system I tried with "bootra1n" (usb stick). With this I get to the second step (watir for trigger) but after few minutes nothings happens and some error message appear. But I red somwhere about a replug trick. I retried the method with bootra1n and wait 2 minutes (wait trigger). Then unplug und plug the iPad very quick ... The jailbreak process bar continues and the jailbreak is successfuly :)

Sandwhich253989 commented 3 years ago

Tell us about your setup:

  1. What iDevice are you using? iPad Air
  2. On what version of iOS is it? 12.4.9
  3. What version of checkra1n are you using? 0.12.1 beta
  4. What is your host system (OS version? Hackintosh? VM? etc.)? MacOS 10.13 on VMWare Player v15
  5. How are you connecting to the device (USB-A? USB-C? Apple/3rd party cable? Through a USB hub?)? USB-A

What are the steps to reproduce the issue?

  1. Run checkra1n on MacOS (on VM, USB2.0 support acticated)
  2. Let the tool enter the recovery mode on ipad ... works
  3. Enter DFU ... works
  4. DFU entered successfully, tool starts ...
  5. Setting up the exploid (this is the heap spray) ...
  6. Exploit Failed (Error code: -31)

Did you see a popup on the device stating it entered "Safe Mode" due to an error? no

Does the issue also occur if you tick "Safe Mode" in the checkra1n options? yes

Any other info, error logs, screenshots, ...? Tried to start the procedure with xxx Tried other cables or USB2.o ports

Checkra1n doesn’t work in a vm properly because u have to keep allowing usb pass through for Apple Dfu , recovery mode, normal mode

Sandwhich253989 commented 3 years ago

Even for me it didn’t work in a vm but in Ubuntu bootable usb , checkra1n works perfectly

Siguza commented 3 years ago

See #1.
In order for a VM to even have a chance of working, you need USB passthrough. Windows doesn't support that.