kpwn / yalu102

incomplete iOS 10.2 jailbreak for 64 bit devices by qwertyoruiopz and marcograssi
Do What The F*ck You Want To Public License
1.77k stars 554 forks source link

Apple Mach-O Linker Error #476

Open bob-2017 opened 7 years ago

bob-2017 commented 7 years ago

I read the issue posting guidelines.

Hello people, after fixing issues with IOKit (I had to change stuff like #import <IOKit/IOKitlib.h> to #import "IOKit/IOKitlib.h") I am now encountering 27 errors called Mach-O linker error, i.e ""_whole_dump" referenced from: Jailbreak.o in _exploit"

Now, i have already gone through all the issues with Mach-O in them, and have had no luck. I have changed the architechture to arm64 and all the other things mentioned with no luck at all.

P0siti0n45 commented 7 years ago

@bob-2017 just use the precompiled ipas

bob-2017 commented 7 years ago

@P0siti0n45 I am trying to modify and tweak the jailbreak so the precompiled IPA isn't going to be of much use

P0siti0n45 commented 7 years ago

@bob-2017 What exactly are you trying to do?

bob-2017 commented 7 years ago

Attempting (Take note of the operative word "attempting") to make it fully untethered.

endercypher commented 7 years ago

Will you release it if you make it untethered?

bob-2017 commented 7 years ago

Yes but that is only if

bob-2017 commented 7 years ago

And I should also mention that I did have trouble when importing IOKit I had trouble so I just dragged the folder (Not a .framework) into the frameworks folder of xcode

bob-2017 commented 7 years ago

If it helps anyone, here is my copy of it:

Yalu102.zip

uspasojevic96 commented 7 years ago

I'll send you mine, you will need to change paths probably but it compiles

endercypher commented 7 years ago

Anything new @bob-2017 @uspasojevic96 let me know as soon as possible also @uspasojevic96 is yours a untethered as then fully untethered version of Yalu102?

jakeajames commented 7 years ago

Untethering doesn't work like that. You make a Cydia package that pre-patches the kernel and runs the exploit on each boot

bob-2017 commented 7 years ago

Hello @uspasojevic96 , sorry for the late response, i got a bit caught up in life. If you could send me your copy that would be GREAT. Thanks

endercypher commented 7 years ago

Hey so @bob-2017 do you have something like a bootrom exploit to patch the Kernel upon boot?

endercypher commented 7 years ago

Also @uspaojevic96 would you please send us your copy of Yalu102 and the source code and compiled IPA and is it a fully untethered? Even if it's not I'd still like to have it to look at please and use thanks!

uspasojevic96 commented 7 years ago

Sure mate, i was busy with college, i will when i get home

endercypher commented 7 years ago

@uspasojevic96 is your source code and your Yalu version Untethered?

uspasojevic96 commented 7 years ago

No, there us no way to nuke kernel in that way atm

jakeajames commented 7 years ago

@bob-2017 @uspasojevic96 @king4q No one here has an idea of what they're talking about. You, the bob guy, if you can't add headers to a project you clearly don't even know what an untether is. And just so you know you don't have to modify (or "tweak") the application for an untether. You clearly have no idea of what your talking about

uspasojevic96 commented 7 years ago

I know what am i talking about, there needs to be exploit that can be ran during boot, meaning that there needs to be some sort of injection into kernel when its jailbroken, but that is impossible due to Apple having enhanced protection for kernelspace, the way this exploit works is by manipulating hanging pointer bug until you have enough hanging pointers from IPC, the offsets are needed so it can be decided where they start

jakeajames commented 7 years ago

@uspasojevic96 not talking about you, but about the bob guy

bob-2017 commented 7 years ago

@jakeajames When I make stuff in c++ and i import the headers, IT IMPORTS. When I do the same in python with librarys, IT IMPORTS. When I do it in swift with frameworks, IT IMPORTS. Now, with objective-C, I am not saying that I am amazing at it but I have got a decent knowledge and I can learn fast. If I made a mistake, THEN SO BE IT. I am a human, and humans make mistakes. And I do know what an untether is, it is when a jailbroken device can power off and on at will without losing the jailbreak. This bit here:

struct load_command* lc = vmk+1;
    for (int k=0; k < vmk->ncmds; k++) {

        if (lc->cmd == LC_SEGMENT_64) {
            struct segment_command_64* sg = lc;
            NSLog(@"seg: %s", sg->segname);
            if (sg->vmaddr < min) {
                min = sg->vmaddr;
            }
            if (sg->vmaddr + sg->vmsize > max) {
                max = sg->vmaddr+sg->vmsize;
            }
        }

        lc = ((char*)lc) + lc->cmdsize;
    }

    NSLog(@"%llx - %llx", min, max);

    char* kdump = malloc(max-min);

Is the bit that creates the pointers, isn't it? The malloc(max-min) at the end allocates the pointers between the maximum and minimum memory addresses (i.e. between 0x00000 and 0x0F67A). So don't say that I don't know what I am talking about because I do have a decent knowledge about it

KILLCAMPER commented 7 years ago

@bob-2017 keep up the good work hope you do this and make it more stable for Air 2 users and iPad mini 4 users

bob-2017 commented 7 years ago

@KILLCAMPER thanks for the support :D 👍 😄

bob-2017 commented 7 years ago

Also @uspasojevic96 , can you please send me your copy ASAP. thanks :D 😃

Sam1370 commented 7 years ago

Any way I can get a copy of that copy, I'm getting the linker error too @bob-2017 @uspasojevic96

bob-2017 commented 6 years ago

@uspasojevic96 please share your copy of it.

bob-2017 commented 6 years ago

Oh and also seeing that Ian beer made that exploit, everything should be much easier