setuid(0)

[jmukes97]

• iOS version: 11.1.2
• iDevice model: iPhone SE
• electra version: 1.0.4

I am trying to call patch_setuid() and/or platformize_me(). When I do I get an error: Thread 1: EXC_BAD_ACCESS (code=1, address=0x0) I get this error whenever ptr(getpid(), FLAG_PLATFORMIZE); or ptr(getpid()); is called. Here is what I have in my viewcontroller:

#define FLAG_PLATFORMIZE (1 << 1)
#import "ViewController.h"
#include <CoreData/CoreData.h>
#include <dlfcn.h>

void platformize_me() {

void* handle = dlopen("/usr/lib/libjailbreak.dylib", RTLD_LAZY);
if (!handle) return;

// Reset errors
dlerror();
typedef void (*fix_entitle_prt_t)(pid_t pid, uint32_t what);
fix_entitle_prt_t ptr = (fix_entitle_prt_t)dlsym(handle, "jb_oneshot_entitle_now");

const char *dlsym_error = dlerror();
if (dlsym_error) return;

ptr(getpid(), FLAG_PLATFORMIZE);
}

void patch_setuid() {
void* handle = dlopen("/usr/lib/libjailbreak.dylib", RTLD_LAZY);
if (!handle)
    return;

// Reset errors
dlerror();
typedef void (*fix_setuid_prt_t)(pid_t pid);
fix_setuid_prt_t ptr = (fix_setuid_prt_t)dlsym(handle, "jb_oneshot_fix_setuid_now");

const char *dlsym_error = dlerror();
if (dlsym_error)
    return;

ptr(getpid());
}

@interface ViewController ()
@property (weak, nonatomic) IBOutlet UILabel *statuis;

@end

@implementation ViewController

- (IBAction)Go:(id)sender {
    if(setuid(0) == 0){
        _statuis.text=@"Got Root";
    }
    else{
        _statuis.text=@"Failed";
        }
}

- (void)viewDidLoad {
    [super viewDidLoad];
    platformize_me();
    patch_setuid();
// Do any additional setup after loading the view, typically from a nib.
}

- (void)didReceiveMemoryWarning {
    [super didReceiveMemoryWarning];
    // Dispose of any resources that can be recreated.
}

@end

I then move the .app folder from /var/containers/bundles/Application to /Applications then chown root:wheel && chmod 6755 on the binary. The app still immediately crashes because of the two functions in viewDidLoad.