search

checkra1n / BugTracker

checkra1n bug tracker
728 stars 104 forks source link

[Linux] Error code -79, installation gets stuck in loop. #798

Open K4rakara opened 4 years ago

K4rakara commented 4 years ago

Tell us about your setup:

  1. What iDevice are you using? iPod gen 6, as a test before I use my main device.

  2. On what version of iOS is it? 12.4.5

  3. What version of checkra1n are you using? GUI or CLI? CLI

  4. What is your host system (OS version? Hackintosh? VM? etc.)? x86_64 Manjaro Linux, Kernel version 5.4.14-2-MANJARO.

  5. How are you connecting to the device (USB-A? USB-C? Apple/3rd party cable? Through a USB hub?)? USB-A to Apple cable. Its plugged in through a USB hub that's built into my PC's case. Note A: I tried the jailbreak process with one of the motherboards USB ports, with the same result. Note B: I also tried all the different apple cords I have , with no success. Even the stock cord from my main device didn't work.

What are the steps to reproduce the issue?

  1. ( not sure if this matters ) Download checkra1n onto a secondary or removable hard drive.
  2. Set it to executable.
  3. Run it in bash via sudo ./checkra1n.

...

What do you expect, and what is happening instead? Installation onto the device. What occurs is that it starts the exploit process as usual, however it reaches "Setting up the exploit (this is the heap spray)" and idles for 10-12 minutes. Then, it briefly flashes a message along the lines of "Check for right trigger" (I can't make out what it says before it changes).

Following that, the progress bar goes backwards and it quickly goes through messages along the lines of "Check if device is ready","Starting the bug", and then back to "Setting up the exploit (this is the heap spray)". This process then repeats several times until the device decides to boot for whatever reason, and no exploit is installed. The CLI then displays error -79.

Does the issue also occur if you enable Safe Mode? Yes.

Any other info, error logs, screenshots, ...? Can't get it to output an error log, but here's the crash screen. Also, regardless of my success with the exploit, thank you for developing it :+1: Best of luck with squashing bugs. 2020-02-05_19-29

K4rakara commented 4 years ago

Update: the bug also occurs with my iPhone 6s + on iOS 13.1.1. I suspect it’s an incompatibility with Arch Linux, which Manjaro is based on. Will try and run a Debian KVM and report back with results.

seriousm4x commented 4 years ago

I'm having the same issue on pop os (debian) with webra1n.

Tell us about your setup:

  1. What iDevice are you using? iPhone X (GSM)

  2. On what version of iOS is it? 13.3. and 13.3.1. Same issue on both versions.

  3. What version of checkra1n are you using? GUI or CLI? cli with webra1n.

  4. What is your host system (OS version? Hackintosh? VM? etc.)? Linux pop-os 5.3.0-7625-generic #27~1576774560~19.10~f432cd8-Ubuntu x86_64 GNU/Linux

  5. How are you connecting to the device (USB-A? USB-C? Apple/3rd party cable? Through a USB hub?)? Apples usb a to lightning. No dock. Nothing.

What are the steps to reproduce the issue?

  1. run checkra1n with sudo checkra1n -l rain.log -w 192.168.5.5 80
  2. jailbreak through the website
  3. gets stuck at - [02/06/20 15:15:46] <Error>: usbmux: Failed to connect (error code: -79) and iPhone is on the checkra1n screen for about 3-4 minutes. Then it goes black for a second and boots into non jailbroken mode.

Any other info, error logs, screenshots, ...? It works flawless when using the cli mode without webra1n. rain.log

seriousm4x commented 4 years ago

Hold on. After posting my reply i tried again to jailbreak via normal cli mode. Now its stuck at the same error message. So it's got nothing to do with webra1n I guess.

K4rakara commented 4 years ago

Ran it again with the -l command, this is the log. For some reason, a different error occurred.

 - [02/06/20 14:42:47] <Info>: Waiting for DFU devices
 - [02/06/20 14:42:47] <Verbose>: DFU device connected: 67cd908398c26
 - [02/06/20 14:42:47] <Info>: Exploiting
 - [02/06/20 14:42:47] <Verbose>: Attempting to perform checkm8 on 7000 11...
 - [02/06/20 14:42:47] <Info>: Checking if device is ready
 - [02/06/20 14:42:47] <Verbose>: == Checkm8 Preparation stage ==
 - [02/06/20 14:42:47] <Info>: Setting up the exploit (this is the heap spray)
 - [02/06/20 14:42:47] <Verbose>: == Checkm8 Setup stage ==
 - [02/06/20 14:44:26] <Verbose>: Deterministic approach doesn't seem to work, attempting to do a probabilistic run
 - [02/06/20 14:44:26] <Info>: Right before trigger (this is the real bug setup)
 - [02/06/20 14:44:26] <Verbose>: Entered initial checkm8 state after 16384 steps, issuing DFU abort..
 - [02/06/20 14:44:26] <Verbose>: DFU device connected: 67cd908398c26
 - [02/06/20 14:44:26] <Verbose>: == Checkm8 Trigger stage ==
 - [02/06/20 14:44:26] <Verbose>: Checkmate!
 - [02/06/20 14:44:27] <Verbose>: DFU device connected: 67cd908398c26
 - [02/06/20 14:44:27] <Verbose>: == Checkm8 Trying to run payload... ==
 - [02/06/20 14:44:27] <Verbose>: If everything went correctly, you should now have code execution.
 - [02/06/20 14:44:27] <Verbose>: DFU device connected: 67cd908398c26
 - [02/06/20 14:44:27] <Info>: Exploiting
 - [02/06/20 14:44:27] <Verbose>: Attempting to perform checkm8 on 7000 11...
 - [02/06/20 14:44:27] <Info>: Checking if device is ready
 - [02/06/20 14:44:27] <Verbose>: == Checkm8 Preparation stage ==
 - [02/06/20 14:44:28] <Info>: Setting up the exploit (this is the heap spray)
 - [02/06/20 14:44:28] <Verbose>: == Checkm8 Setup stage ==
 - [02/06/20 14:46:05] <Error>: [EXPLOIT:!] Failed issuing transaction abort (error code: -28)
 - [02/06/20 14:46:05] <Error>: Exploit failed! (error code: -21)
 - [02/06/20 14:46:05] <Error>: Unable to perform checkm8: ffffffff (error code: -21)
Viktova commented 4 years ago

compile this and you'll be good. tested and worked

https://github.com/libimobiledevice/libirecovery

good luck

K4rakara commented 4 years ago

I experienced the same issue after compiling and installing libirecovery :/

JKakaofanatiker commented 4 years ago

Same problem. I'll switch to unc0ver.

IceCryptonym commented 4 years ago

I'm not sure if my issue was related but I did get stuck into a loop. For me, oddly enough, it works after re-downloading checkra1n.

JKakaofanatiker commented 4 years ago

Does the issue also occur if you enable Safe Mode? Yes.

Ok... Safemode works for me

adit11093 commented 4 years ago

fix the usbmux error 79 please i cant jelbreak my iphone

K4rakara commented 4 years ago

fix the usbmux error 79 please i cant jelbreak my iphone If you can't jailbreak using your normal PC, I recommend using BootRa1n to create a bootable USB.

JKakaofanatiker commented 4 years ago

Bootra1n doesn't work (same error)

K4rakara commented 4 years ago

Odd.. I'd check your bios settings then, there may be something preventing low-level access to USB devices.

joelnedev commented 4 years ago

I was able to jailbreak this exact device with this exact setup, bootra1n in the same usb slot and the same cable in the same usb slot, and also my sister's device. (We both have iPad Gen 5/iPad 6,11). Now I'm getting this error when trying to get back into jailbroken state.

JKakaofanatiker commented 4 years ago

Restoring rootFS helps. I jailbroke again after and installed all my tweaks again. No probrems.

mughal1664 commented 3 years ago

fix the usbmux error -79 please i cant jelbreak my iPad air 2