search

checkra1n / BugTracker

checkra1n bug tracker
729 stars 104 forks source link

Checkra1n Exploit Failed (Error code: -31) #2156

Open Rawaz0 opened 3 years ago

Rawaz0 commented 3 years ago

Tell us about your setup:

  1. What iDevice are you using?
  2. On what version of iOS is it?
  3. What version of checkra1n are you using?
  4. What is your host system (OS version? Hackintosh? VM? etc.)?
  5. How are you connecting to the device (USB-A? USB-C? Apple/3rd party cable? Through a USB hub?)?

What are the steps to reproduce the issue?

  1. iPhone 5s
  2. 12.5.4 3.checkra1n 0.12.4 beta
  3. MacBook air m1
  4. USB-A apple cable USB hub

What do you expect, and what is happening instead?

Did you see a popup on the device stating it entered "Safe Mode" due to an error?

Does the issue also occur if you tick "Safe Mode" in the checkra1n options?

Any other info, error logs, screenshots, ...?

robciozs commented 3 years ago
  1. iPhone 5s (Global)
  2. iOS 12.1.3
  3. checkra1n 0.12.4 beta
  4. Ubuntu
  5. USB-A 3rd party cable (tested 2psc.)

Progress log

- [08/06/21 23:15:31] <Info>: Waiting for DFU devices - [08/06/21 23:15:31] <Verbose>: Using usbmuxd - [08/06/21 23:15:34] <Warning>: connection refused?! - [08/06/21 23:15:34] <Error>: usbmux: Failed to connect (error code: -79) Here i turn up DFU mode - [08/06/21 23:15:50] <Verbose>: DFU device connected: xxxxxx8885c - [08/06/21 23:15:50] <Info>: Exploiting - [08/06/21 23:15:50] <Verbose>: Attempting to perform checkm8 on 8960 11... - [08/06/21 23:15:50] <Info>: Checking if device is ready - [08/06/21 23:15:50] <Verbose>: == Checkm8 Preparation stage == - [08/06/21 23:15:50] <Info>: Setting up the exploit (this is the heap spray) - [08/06/21 23:15:50] <Verbose>: == Checkm8 Setup stage == - [08/06/21 23:15:50] <Verbose>: Disabled probabilistic mode since we encountered a partial xfer - [08/06/21 23:15:50] <Verbose>: Deterministic approach was successful! - [08/06/21 23:16:55] <Info>: Right before trigger (this is the real bug setup) - [08/06/21 23:16:55] <Verbose>: Entered initial checkm8 state after 0 steps, issuing DFU abort.. - [08/06/21 23:16:55] <Verbose>: DFU device connected: xxxxxx8885c - [08/06/21 23:16:55] <Verbose>: == Checkm8 Trigger stage == - [08/06/21 23:17:20] <Error>: Timed out in state 1, assuming we are back to square one with this device. (error code: -31) - [08/06/21 23:17:43] <Verbose>: Checkmate!

kirumburu-ngash commented 3 years ago

image

teelekkung commented 3 years ago

What your m1 is on (OS version )

zhouzhao1989 commented 3 years ago

Same issue. ipad air 1th linux usb-c I have tried to replugin the lighting cable, not work.

berkaytheunicorn commented 3 years ago

@teelekkung

What your m1 is on (OS version )

mine 11.6 (20G165)

dietmarw commented 3 years ago

Confirmed also when using Ubuntu Mate 20.04 on a Dell Latitude 7490 Target device iPad Mini 2

Mik-kee commented 2 years ago

Hello, I have the same problem with an Ipad Mini 2 with iOS 12.5.5 (checkra1n 0.12.4 beta). I get the error message "Exploit Failed (Error Code: -31). I changed my USB key, USB port, PC. Nothing helps. No" Safe mode "pop-up that appears and even the same error message if I check "Safe mode" in options. Anyone have any idea? Thanks in advance

Mik-kee commented 2 years ago

Error -31 A screenshot for more details...

amserra commented 2 years ago

Hey, having the same issue.

  1. iPhone 7
  2. 14.6
  3. checkra1n 0.12.4 beta
  4. MacBook pro m1
  5. usb-c to usb-a apple cable Any fixes yet?
trawman commented 2 years ago

same issue here

  1. iPad Air A1475
  2. IOS12.5.5
  3. checkra1n 0.12.4
  4. vm ubuntu with AMD based pc
  5. USB-A original apple cable
nightkall commented 2 years ago

same issue here

  1. iPad Air A1475
  2. IOS12.5.5
  3. checkra1n 0.12.4
  4. vm ubuntu with AMD based pc
  5. USB-A original apple cable

I had the same issue with the iPad Air A1474 (A7) with iOS 12.5.5 and found the solution here. Try Ra1nUSB_HT to boot in to a macOS environment. I used balenaEtcher to install the dmg file in a 16GB USB drive. checkra1n 0.12.4 beta (enter 124 in Terminal) worked on the first try. I used the Intel version, there is an AMD version too.

KGP2006 commented 1 year ago

same issue here

  1. iPad Air A1475
  2. IOS12.5.5
  3. checkra1n 0.12.4
  4. vm ubuntu with AMD based pc
  5. USB-A original apple cable

I had the same issue with the iPad Air A1474 (A7) with iOS 12.5.5 and found the solution here. Try Ra1nUSB_HT to boot in to a macOS environment. I used balenaEtcher to install the dmg file in a 16GB USB drive. checkra1n 0.12.4 beta (enter 124 in Terminal) worked on the first try. I used the Intel version, there is an AMD version too.

Can you please guide me from the start?

Martyn575 commented 1 year ago

Had this issue today on ipad mini 2. A1489. Exploit failed (Error code -31). I tried enabling the experimental / untested versions with and without, same error.

SpaceSaver commented 10 months ago

When it says Right before trigger (this is the real bug setup) wait 2-5 seconds and then unplug and replug, said DFUSyncUpload FAILED: -1 then finished and the checkra1n showed up on my home screen a couple of minutes after power on!

fractalf commented 9 months ago

Same here on v0.12.4-beta (running on a Mac) for the iPad Air 1

EDIT

This is apparantly an UI bug. Works fine in the terminal!

Fix: https://github.com/checkra1n/BugTracker/issues/1161#issuecomment-640922994

Smilium-LeaFAT commented 3 months ago

When it says Right before trigger (this is the real bug setup) wait 2-5 seconds and then unplug and replug, said DFUSyncUpload FAILED: -1 then finished and the checkra1n showed up on my home screen a couple of minutes after power on!

Thanks for your sharing, it works on me! I'm using iphone 5s with ios version 12.5.7 and the checkrain version is 0.12.4 beta.

minosimo commented 2 months ago

I have not managed to get it working with an iPad Mini 3 on 12.4.8. I have tried every combination of steps I could think of, including with and without -c, replugging during various stages of the jailbreak, resetting the ipad, different checkra1n versions, etc. As soon as the process starts I get a bunch of

[ 6655.404846] apple-mfi-fastcharge 1-6: usbfs: USBDEVFS_CONTROL failed cmd checkra1n rqt 128 rq 6 len 65 ret -110 in dmesg.

then a pause, I believe during Right before trigger (this is the real bug setup), then three more 

[ 6655.839818] apple-mfi-fastcharge 1-6: usbfs: USBDEVFS_CONTROL failed cmd checkra1n rqt 128 rq 6 len 64 ret -110
[ 6655.841850] apple-mfi-fastcharge 1-6: usbfs: USBDEVFS_CONTROL failed cmd checkra1n rqt 128 rq 6 len 64 ret -110

I tried Ra1nUSB_HT with the same error -31, which implies this is something specific to the iPad and not chekra1n. I'll try updating the iPad to see if it makes a difference.

I have just noticed in the notes for all releases since 12.0 beta that:

A7 devices will currently not work with the Linux version

Does anyone know if this started from 12.0, or did earlier versions also not work for the A7 on linux?