.../XcodeDefault.xctoolchain/usr/bin/lipo: can't open input file: dyld.fat (No such file or directory)

[michaeldvinci]

Alright so everything seems to be working pretty well up until this point. I have 2 main issues...

--first--

Where do I find a copy of OpenSSH as a .tar - do i get it from their main website, if so the mobile version? Or should I use wget and rename as .tar, then change to bootstrap.tar? If you could give me a quick rundown of the process, that'd be awesome

--secondly--

After restore and reboot, I press [Enter] but then I see this:

Mounting DDI... Couldn't mount DDI. Not an issue if Xcode's running, an issue if it isn't. Fetching symbols... [+] Device connected: iPhone4,1, iOS 8.4.1. [] Receiving /usr/lib/dyld... [] Received 0.21 MB of 0.21 MB (100%). [+] Done receiving /usr/lib/dyld. fatal error: /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/lipo: can't open input file: dyld.fat (No such file or directory) [+] Device connected: iPhone4,1, iOS 8.4.1. [_] Receiving /System/Library/Caches/com.apple.dyld/dyld_shared_cachearmv7... [] Received 408.49 MB of 408.49 MB (100%). run.sh: line 58: 2974 Segmentation fault: 11 ./bin/fetchsymbols -f "$(./bin/fetchsymbols -l 2>&1 | (grep armv7 || abort ) | tr ':' '\n'|tr -d ' '|head -1)" tmp/cache Compiling jailbreak files... Extracting /System/Library/Frameworks/IOKit.framework/Versions/A/IOKit at 0x296f000 into cache.IOKit Extracting /System/Library/Frameworks/IOKit.framework/IOKit at 0x296f000 into cache.IOKit Extracting /usr/lib/system/libsystem_kernel.dylib at 0x1050a000 into cache.libsystem_kernel.dylib fatal error: /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/lipo: can't open input file: dyld.fat (No such file or directory) 2015-11-05 11:40:28.859 main[3045:75293] cs_size = 4e0 Assertion failed: (lsrs_r0_2_popr4r5r7pc), function main, file main.m, line 538. ./make.sh: line 6: 3045 Abort trap: 6 ./main

Can I get a quick play-by-play of how to resolve something like this? I'm extremely interested in getting this working for a personal project and would love to properly execute the run.sh

[kpwn]

You need to download a cydia bootstrap tar, an openssl deb, openssh deb. Sudo su, create some temp directory, extract all of these in said directory, do find . | grep patcyh | while read a; do > "$a"; done, now rm sbin/reboot, nano sbin/reboot, enter

#!/bin/sh
<path to launchctl in cyida bootstrap> load /Library/LaunchDeamons/<name of the openssl launchdeamon plist>
exit 0

create a tar.gz of everything, put it in data/bootstrap.tar.gz

[michaeldvinci]

I'm obviously doing all this on my mac and replacing in data/bootstrap.tar.gz before I run run.sh, correct?

[kpwn]

Yes.

[michaeldvinci]

Awesome, alright thank you so much for the help - will test and get back !

[kpwn]

Also, for the lsrs_r0_2_popr4r5r7pc issue: yalu only supports arm64 devices at the moment. Due to odysseusota's 8.4.1 support there's been people working on an armv7 port for it.

[kpwn]

idea is to run the jailbreak app until it doesn't kernel panic, when it doesn't the kernel untether will have worked and the tar will be extracted. sbin/reboot is used to start ssh because you can trigger an execve on it w/ uid=0 with idevicediagnostics restart on your mac

[michaeldvinci]

ugh so my iPhone 4S isn't a viable tester? darn

[michaeldvinci]

also, am I allowed to ask where the best location to find the bootstrap tar is?

[kpwn]

I suggest qwupz.me/Cydia-8.4r3-Raw.txz - remember to remove patcyh files. if you don't you'll brick your phone.

[spotlightishere]

That URL gives a 403 forbidden error.

[michaeldvinci]

Lol I don't have permission for that one!

[kpwn]

Sorry. Had a chmod issue w/ scp. Try again.

[kpwn]

Also remember that the cydia bootstrap will install cydia. I don't suggest running it.

[michaeldvinci]

Awesome thank you a ton!

I need to run to work, but I'll definitely jump back to testing this when I get home and get back to you!

[kpwn]

After you have SSH you need to install the untether via ssh. I have some free time now, so I can help you do that myself if you need.

[michaeldvinci]

I'll go as far as I can after work until I feel like I'm out of my league, the help youve given me already is outstanding and extremely appreciated.

[qfdk]

Thanks for your Cydia-8.4r3-Raw.txz, I have packaged a zip Bootstrap.tgz with OpenSSL&OpenSSH and sbin/reboot 2 weeks ago :X When i tried to run jailbreak, my phone will restart, after that i have used idevicediagnostics restart to reboot my 5S, but it seems that the SSH doesn't work :X, so i must use the Cydia with My Bootstrap.tgz or just the app doesn't work ? i think we must delete

./private/var/lib/dpkg/info/com.saurik.patcyh.extrainst_
./private/var/lib/dpkg/info/com.saurik.patcyh.list
./private/var/lib/dpkg/info/com.saurik.patcyh.postrm

./usr/lib/libpatcyh.dylib must be deleted too ?

[michaeldvinci]

Yeah you should definitely delete patcyh -- use this when compiling\

find . | grep patcyh | while read a; do > "$a"; done

look up at this post

[qfdk]

I have used this command "delete and create a file with the same name or create file null" find . | grep patcyh | while read a; do rm $a; touch $a; done

But for this ./usr/lib/libpatcyh.dylib? Is it should be DELETE ?

[michaeldvinci]

yeah that command where it says

do rm $a

will remove anything that is like %patcyh%

I don't know specifically about that dylib, sorry man

[michaeldvinci]

hey qfdk, can you link me to the openssh.deb and openssl.deb you are using, I want these tests to be in unison

[michaeldvinci]

!/bin/sh

"path to launchctl in cyida bootstrap" load /Library/LaunchDeamons/"name of the openssl launchdeamon plist" exit 0

alright, so I have the temp folder with everything in it...I'm trying to locate these two files though... any ideas? SCREENSHOT

[qfdk]

OK, Download

i have packaged it with script reboot placed in sbin, but it NOT include Cydia, your must put the Cydia in this package, i will work on it tonight it will response your question :)

[kpwn]

The openssh / openssl debs don't include /bin/sh etc. The cydia bootstrap does. So extract cydia bootstrap and remove /Applications/Cydia.app just to be on the safe side.

[michaeldvinci]

how come yours doesn't have the openssh or openssl debs included?

[kpwn]

Because he extracted them. His one is correct AFAICT

[michaeldvinci]

awesome, ok I'll play with that then ! Thanks!

EDIT: OK! that makes a ton of sense.

So once the untether is installed without patcyh, can you install a version of cydia for testing or is that still going to cause a crash??

[kpwn]

permissions seem wrong on that tar. not sure if it's going to be an issue but eh

[qfdk]

http://apt.saurik.com/debs/ you can find *.deb

I have modified the file run.sh and i fixed the problem of file not find and the code can be compile. I run the app, but it has a crash, i tied serval time for this....

I fetchsymbols with armv7, i can run the app and i got the log like this

yalubreak iso841 - Kim Jong Cracks Research
Credits:
qwertyoruiop - sb escape & codesign bypass & initial kernel exploit
panguteam: kernel vulns
windknown: kernel exploit & knows it's stuff
_Morpheus_: this guy knows stuff
jk9356: kim jong cracks anthem
JonSeals: crack rocks supply (w/ Frank & haifisch)
ih8sn0w: <3
posixninja: <3
xerub <3
its_not_herpes because thanks god it wasnt herpes
eric fuck off
Kim Jong Un for being Dear Leader.
RIP TTWJ / PYTECH / DISSIDENT
SHOUT OUT @ ALL THE OLD GANGSTAS STILL IN THE JB SCENE
HEROIN IS THE MEANING OF LIFE

BRITTA ROLL UP [no its not pythech!] 
[i] iomasterport: 0x0000070b / gasgauge user client: 0x0000050b
jk++
ret: 28dea000
ret: 00000000
ret: 0000000d
yalubreak iso841 - Kim Jong Cracks Research
Credits:
qwertyoruiop - sb escape & codesign bypass & initial kernel exploit
panguteam: kernel vulns
windknown: kernel exploit & knows it's stuff
_Morpheus_: this guy knows stuff
jk9356: kim jong cracks anthem
JonSeals: crack rocks supply (w/ Frank & haifisch)
ih8sn0w: <3
posixninja: <3
xerub <3
its_not_herpes because thanks god it wasnt herpes
eric fuck off
Kim Jong Un for being Dear Leader.
RIP TTWJ / PYTECH / DISSIDENT
SHOUT OUT @ ALL THE OLD GANGSTAS STILL IN THE JB SCENE
HEROIN IS THE MEANING OF LIFE

BRITTA ROLL UP [no its not pythech!] 
[i] iomasterport: 0x0000070b / gasgauge user client: 0x0000050b
jk++
ret: 22a68000
ret: 00000000
found overlapping object
ret: 00000048
yalubreak iso841 - Kim Jong Cracks Research
Credits:
qwertyoruiop - sb escape & codesign bypass & initial kernel exploit
panguteam: kernel vulns
windknown: kernel exploit & knows it's stuff
_Morpheus_: this guy knows stuff
jk9356: kim jong cracks anthem
JonSeals: crack rocks supply (w/ Frank & haifisch)
ih8sn0w: <3
posixninja: <3
xerub <3
its_not_herpes because thanks god it wasnt herpes
eric fuck off
Kim Jong Un for being Dear Leader.
RIP TTWJ / PYTECH / DISSIDENT
SHOUT OUT @ ALL THE OLD GANGSTAS STILL IN THE JB SCENE
HEROIN IS THE MEANING OF LIFE

BRITTA ROLL UP [no its not pythech!] 
[i] iomasterport: 0x0000070b / gasgauge user client: 0x0000050b
jk++
ret: 22a68000
ret: 00000000
ret: 0000000d

I got the same things with #30 exploit failed . Can you give me some tips or just try to run... until i can see 5-6 RET? Thx

[michaeldvinci]

It seems as though nothing is working anymore... do I need to restore to 8.4.1 again and start fresh? It seems to not be able to find anything now... regardless of download path

Mounting DDI... ERROR: stat: ./data/DeveloperDiskImage.dmg: No such file or directory Couldn't mount DDI. Not an issue if Xcode's running, an issue if it isn't. Fetching symbols... Error. Exiting... [+] Device connected: iPhone4,1, iOS 8.4.1. [-] Can not connect to com.apple.dt.fetchsymbols service. fatal error: /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/lipo: can't open input file: dyld.fat (No such file or directory) Error. Exiting... [+] Device connected: iPhone4,1, iOS 8.4.1. [-] Can not connect to com.apple.dt.fetchsymbols service. Compiling jailbreak files... fatal error: /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/lipo: can't open input file: dyld.fat (No such file or directory) fatal error: /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/lipo: can't open input file: dyld.fat (No such file or directory) fatal error: /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/lipo: can't open input file: dyld.fat (No such file or directory) error: /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/lipo: unknown architecture specification flag: in specifying thin operation: -thin /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/lipo: known architecture flags are: any little big ppc64 x86_64 x86_64h arm64 ppc970-64 ppc i386 m68k hppa sparc m88k i860 veo arm ppc601 ppc603 ppc603e ppc603ev ppc604 ppc604e ppc750 ppc7400 ppc7450 ppc970 i486 i486SX pentium i586 pentpro i686 pentIIm3 pentIIm5 pentium4 m68030 m68040 hppa7100LC veo1 veo2 veo3 veo4 armv4t armv5 xscale armv6 armv6m armv7 armv7f armv7s armv7k armv7m armv7em arm64v8 fatal error: /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/lipo: Usage: /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/lipo [input_file] ... [-arch input_file] ... [-info] [-detailed_info] [-output output_file] [-create] [-arch_blank ] [-thin ] [-remove ] ... [-extract ] ... [-extract_family ] ... [-verify_arch ...] [-replace ] ... mv: rename dyld to dyld.fat: No such file or directory /Users/USER/yalu/run.sh: line 128: /Users/USER/yalu./bin/jtool: No such file or directory /Users/USER/yalu/run.sh: line 129: /Users/USER/yalu./bin/jtool: No such file or directory fatal error: /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/lipo: can't open input file: dyld.fat (No such file or directory) /Users/USER/yalu/run.sh: line 136: cd: /Users/USER/yalu./data/dyldmagic: No such file or directory /Users/USER/yalu/run.sh: line 137: ./make.sh: No such file or directory Copying files to device... /Users/USER/yalu/run.sh: line 141: ./bin/afcclient: No such file or directory /Users/USER/yalu/run.sh: line 142: ./bin/afcclient: No such file or directory /Users/USER/yalu/run.sh: line 143: ./tmp/bootstrap.tar: No such file or directory /Users/USER/yalu/run.sh: line 144: ./bin/afcclient: No such file or directory /Users/USER/yalu/run.sh: line 145: ./bin/afcclient: No such file or directory .Tap on the jailbreak icon to crash the kernel (or 0wn it if you're in luck!) da225-02-13569:~ USER$

[qfdk]

ERROR: stat: ./data/DeveloperDiskImage.dmg

you must verify if the $ddi exists ...

[schnabelnator]

I stil can't get further than @michaeldvinci in the OP. I am trying it on an iPhone 5 with @qfdk bootstrap but the lipo error is still unresolved unfortunately...

Mounting DDI...
Couldn't mount DDI. Not an issue if Xcode's running, an issue if it isn't.
Fetching symbols...
[+] Device connected: iPhone5,2, iOS 8.4.1.
[*] Receiving /usr/lib/dyld...
[*] Received 0.21 MB of 0.21 MB (100%).
[+] Done receiving /usr/lib/dyld.
fatal error: /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/lipo: can't open input file: dyld.fat (No such file or directory)
[+] Device connected: iPhone5,2, iOS 8.4.1.
[*] Receiving /System/Library/Caches/com.apple.dyld/dyld_shared_cache_armv7s...
[*] Received 411.69 MB of 411.69 MB (100%).
[+] Done receiving /System/Library/Caches/com.apple.dyld/dyld_shared_cache_armv7s.
Compiling jailbreak files...
Extracting /System/Library/Frameworks/IOKit.framework/Versions/A/IOKit at 0x2990000 into cache.IOKit
Extracting /System/Library/Frameworks/IOKit.framework/IOKit at 0x2990000 into cache.IOKit
Extracting /usr/lib/system/libsystem_kernel.dylib at 0x1072b000 into cache.libsystem_kernel.dylib
fatal error: /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/lipo: can't open input file: dyld.fat (No such file or directory)
2015-11-11 01:13:24.357 main[11365:1532615] cs_size = 4e0
Generated exploit dylib
Copying files to device...
Uploaded 3454176 bytes to PhotoData/KimJongCracks/Library/PrivateFrameworks/GPUToolsCore.framework/GPUToolsCore
Uploaded 92912 bytes to drugs
Uploaded 0 bytes to PhotoData/KimJongCracks/bootstrap.tar
Uploaded 324288 bytes to PhotoData/KimJongCracks/tar
Tap on the jailbreak icon to crash the kernel (or 0wn it if you're in luck!)
Loviss-MacBook-Air:yalu Lovis$ 

[Andir00t]

Hello everybody ! To get rid of the error: fatal error: /Applications/Xcode.app/Contents ... Correct lines in the script run.sh (section # Mount ddi)

from lipo -info dyld.fat | grep arm64 >/dev/null && ./bin/fetchsymbols -f "$(./bin/fetchsymbols -l 2>&1 | (grep arm64 || abort ) | tr ':' '\n'|tr -d ' '|head -1)" tmp/cache64 to lipo -info ./tmp/dyld.fat | grep arm64 >/dev/null && ./bin/fetchsymbols -f "$(./bin/fetchsymbols -l 2>&1 | (grep arm64 || abort ) | tr ':' '\n'|tr -d ' '|head -1)" tmp/cache64 and lipo -info dyld.fat | grep arm64 >/dev/null && ( to lipo -info dyld | grep arm64 >/dev/null && (

If an error occurs: zcat: can not stat: ./data/bootstrap.tgz, correct line zcat ./data/bootstrap.tgz> ./tmp/bootstrap.tar to gunzip -c ./data/bootstrap.tgz> ./.tmp/bootstrap.tar

In the end result

Mounting DDI... Couldn't mount DDI. Not an issue if Xcode's running, an issue if it isn't. Fetching symbols... [+] Device connected: iPhone5,2, iOS 8.4.1. [] Receiving /usr/lib/dyld... [] Received 0.21 MB of 0.21 MB (100%). [+] Done receiving /usr/lib/dyld. [+] Device connected: iPhone5,2, iOS 8.4.1. [_] Receiving /System/Library/Caches/com.apple.dyld/dyld_shared_cachearmv7s... [] Received 411.69 MB of 411.69 MB (100%). [+] Done receiving /System/Library/Caches/com.apple.dyld/dyld_shared_cache_armv7s. Compiling jailbreak files... Extracting /System/Library/Frameworks/IOKit.framework/Versions/A/IOKit at 0x2990000 into cache.IOKit Extracting /System/Library/Frameworks/IOKit.framework/IOKit at 0x2990000 into cache.IOKit Extracting /usr/lib/system/libsystem_kernel.dylib at 0x1072b000 into cache.libsystem_kernel.dylib 2015-11-10 10:08:20.867 main[1972:27978] cs_size = 4e0 Generated exploit dylib Copying files to device... Uploaded 3454176 bytes to PhotoData/KimJongCracks/Library/PrivateFrameworks/GPUToolsCore.framework/GPUToolsCore Uploaded 92912 bytes to drugs Uploaded 8151040 bytes to PhotoData/KimJongCracks/bootstrap.tar Uploaded 324288 bytes to PhotoData/KimJongCracks/tar Tap on the jailbreak icon to crash the kernel (or 0wn it if you're in luck!) Mac-Admin:yalu-master admin$ ./idevicediagnostics restart

with @qfdk bootstrap.tgz ssh does not start. Maybe someone has a work bootstrap ?

[qfdk]

@Andir00t @schnabelnator My bootstrap.tgz is only OpenSSH&OpenSSL but it does't have a Cydia, You must ADD the Cydia in the same package. Have you got any log? Look at the log. For bootstrap.tgz, you must make it yourself. For me i think just the exp doesn't work. For * (No such file or directory)* I have fixed this problem #34

[Andir00t]

@qfdk please tell me how to view the log? Do you have a bootstrap, with cydia ?

[qfdk]

I suggest qwupz.me/Cydia-8.4r3-Raw.txz - remember to remove patcyh files. if you don't you'll brick your phone.

@Andir00t So you can find the Cydia, to make the bootstrap.tgz please read our conversation. #30 To view the log, you can find via Linux or use some tools like itools. The log name is kjc_jb.log Merci d'avancer

[Andir00t]

@qfdk How do I get to kjc jb.log (/ var / mobile / Media / kjc jb.log) if I can not access the device via ssh ?

Maybe I do not understand

[qfdk]

To view the log, you can find via Linux or use some tools like itools.

If the jailbreak code execute, il will create this file. or you can wait for @kpwn to get some official response.

[schnabelnator]

@qfdk I thought one should NOT add cydia to the bootstrap but install it later via ssh. or should i just leave the cydia.app out of the bootstrap but let it copy the other files?

[schnabelnator]

So now I am getting no errors on the mac side (http://pastebin.com/HMNYUPdt) but I can't get my phone to crash! Everytime I try it with the app the screen goes black for a few seconds (statusbar still visible) and then it crashes to the homescreen. One time it crashed the phone (restarted) but it didn't install anything and the log didnt even show the crash... here is the log from the last few times i have been trying: http://pastebin.com/15VRwb5n I am using @qfdk bootstrap but put Cydia-8.4r3-Raw.txz in there (deleted patchy files and cydia.app) what am I doing wrong?

[kpwn]

It is not supposed to restart the phone fwiw. I suggest watching the output of idevicesyslog while running the app.

2015-11-11 15:28 GMT+01:00 schnabelnator notifications@github.com:

So now I am getting no errors on the mac side ( http://pastebin.com/HMNYUPdt) but I can't get my phone to crash! Everytime I try it with the app the screen goes black for a few seconds (statusbar still visible) and then it crashes to the homescreen. One time it crashed the phone (restarted) but it didn't install anything and the log didnt even show the crash... here is the log from the last few times i have been trying: http://pastebin.com/15VRwb5n I am using @qfdk https://github.com/qfdk bootstrap but put Cydia-8.4r3-Raw.txz in there (deleted patchy files and cydia.app) what am I doing wrong?

— Reply to this email directly or view it on GitHub https://github.com/kpwn/yalu/issues/32#issuecomment-155797087.

[Andir00t]

1. put the folders of Cydia-8.4r3-Raw + openssh + openssl in bootstrap.tgz
2. run.sh (script run without errors)
3. tap jailbreak app (screen goes black for a few seconds)
4. idevicediagnostics restart

As a result, kjc_jb.log:

yalubreak iso841 - Kim Jong Cracks Research Credits: qwertyoruiop - sb escape & codesign bypass & initial kernel exploit panguteam: kernel vulns windknown: kernel exploit & knows it's stuff Morpheus: this guy knows stuff jk9356: kim jong cracks anthem JonSeals: crack rocks supply (w/ Frank & haifisch) ih8sn0w: <3 posixninja: <3 xerub <3 its_not_herpes because thanks god it wasnt herpes eric fuck off Kim Jong Un for being Dear Leader. RIP TTWJ / PYTECH / DISSIDENT SHOUT OUT @ ALL THE OLD GANGSTAS STILL IN THE JB SCENE HEROIN IS THE MEANING OF LIFE

BRITTA ROLL UP [no its not pythech!] [i] iomasterport: 0x0000070b / gasgauge user client: 0x0000050b jk++ ret: 203e3000 ret: 00000000 found overlapping object ret: 00000048

connect via ssh does not work = ( why ?!

[kpwn]

found overlapping object ret: 00000048 It should find two overlapping objects. ret: 00000048 means it failed finding the second. which means failure. reboot, retry. I suggest doing a fetchcaches before re-running the jailbreak icon.

2015-11-11 15:35 GMT+01:00 Andiroot notifications@github.com:

1. put the folders of Cydia-8.4r3-Raw + openssh + openssl in bootstrap.tgz
2. run.sh (script run without errors)
3. tap jailbreak app (screen goes black for a few seconds)
4. idevicediagnostics restart

As a result, kjc_jb.log:

yalubreak iso841 - Kim Jong Cracks Research Credits: qwertyoruiop - sb escape & codesign bypass & initial kernel exploit panguteam: kernel vulns windknown: kernel exploit & knows it's stuff Morpheus: this guy knows stuff jk9356: kim jong cracks anthem JonSeals: crack rocks supply (w/ Frank & haifisch) ih8sn0w: <3 posixninja: <3 xerub <3 its_not_herpes because thanks god it wasnt herpes eric fuck off Kim Jong Un for being Dear Leader. RIP TTWJ / PYTECH / DISSIDENT SHOUT OUT @ ALL THE OLD GANGSTAS STILL IN THE JB SCENE HEROIN IS THE MEANING OF LIFE

BRITTA ROLL UP [no its not pythech!] [i] iomasterport: 0x0000070b / gasgauge user client: 0x0000050b jk++ ret: 203e3000 ret: 00000000 found overlapping object ret: 00000048

connect via ssh does not work = ( why ?!

— Reply to this email directly or view it on GitHub https://github.com/kpwn/yalu/issues/32#issuecomment-155798712.

[schnabelnator]

where can i find the idevicesyslog i only see kjc_jb.log or do you mean that? How would I do a fetchcaches? sorry for the noob questions and thank you very much for your support @all !

[qfdk]

I suggest doing a fetchcaches before re-running the jailbreak icon.

Look at #34 i have added fetchsymbols_armv7.sh ...

I try to use idevicesyslog but i got this... I dont think it works :x

and if it crash

problem of signature ?

[schnabelnator]

ok so if i got it right it should work like this: run.sh then tap jailbreak and look for two overlapping objects in kjc_jb.log, if there are not two, --> idevicediagnostics restart, run fetchsymbols and tap jailbreak repeat... Problem is i have restarted my phone like 20 times and it never finds these two objects... Am I doing something wrong?

[kpwn]

I'm not sure if I included a printf for the second object being found. Look for anything that isn't "ret: 00000048".

"ret: ffffff80" and some other hex numbers should work.

2015-11-11 21:29 GMT+01:00 schnabelnator notifications@github.com:

ok so if i got it right it should work like this: run.sh then tap jailbreak and look for two overlapping objects in kjc_jb.log, if there are not two idevicediagnostics restart, run fetchsymbols and tap jailbreak repeat... Problem is i have restarted my phone like 20 times and it never finds these two objects... Am I doing something wrong?

— Reply to this email directly or view it on GitHub https://github.com/kpwn/yalu/issues/32#issuecomment-155901258.

[kpwn]

Hmm. That "invalid signature" looks like you did not get the DDI mounted. Mounting the DDI is needed after each reboot.

2015-11-11 17:17 GMT+01:00 Lee notifications@github.com:

I suggest doing a fetchcaches before re-running the jailbreak icon.

Look at #34 https://github.com/kpwn/yalu/pull/34 i have added fetchsymbols_armv7.sh ...

— Reply to this email directly or view it on GitHub https://github.com/kpwn/yalu/issues/32#issuecomment-155832346.

[qfdk]

its so strange :X in my script i have put the mount_ddi first ... strange after reboot my Mac, there is no problem. i got this 2 times

ret: 22bfc000
ret: 00000000
ret: 0000000d

and 20 times

ret: 21890000
ret: 00000000
found overlapping object
ret: 00000048

It comes randomly .

[schnabelnator]

I really cant get it to crash, always getting "ret: 00000048" or no overlay at all. her is my log from some tries http://pastebin.com/uw4Xe0ge unfortunately i have no idea how to read it.