Closed jhorvitz124 closed 7 months ago
Patchfinding System Info: 0xfffffff00a365168 <- kernelSymbol.cdevsw 0xfffffff00a3a0330 <- kernelSymbol.perfmon_devices 0xfffffff007802900 <- kernelSymbol.pv_head_table 0x0000000000000019 <- kernelConstant.T1SZ_BOOT 0xfffffff007f1c2cc <- kernelSymbol.vn_kqfilter 0xfffffff007824a80 <- kernelSymbol.vm_last_phys 0xfffffff00a39f780 <- kernelSymbol.vm_first_phys_ppnum 0xfffffff00a39f778 <- kernelSymbol.vm_page_array_ending_addr 0xfffffff007802978 <- kernelSymbol.vm_page_array_beginning_addr 0xfffffff00784fe40 <- kernelSymbol.gPhysBase 0xfffffff007824010 <- kernelSymbol.cpu_ttep 0xfffffff007d8ed4c <- kernelSymbol.kalloc_data_external 0xfffffff007ecc3b4 <- kernelSymbol.perfmon_dev_open 0x0000000000000040 <- kernelStruct.vm_map.pmap 0xfffffff007840e90 <- kernelSymbol.ppl_trust_cache_rt 0xfffffff007837440 <- kernelSymbol.mach_kobj_count 0xfffffff00784fe48 <- kernelSymbol.gPhysSize 0x0000000000000002 <- kernelConstant.kernel_el 0xfffffff007004000 <- kernelConstant.staticBase 0x0000000000000530 <- kernelStruct.proc.struct_size 0xfffffff007824a78 <- kernelSymbol.vm_first_phys 0x000000000000022c <- kernelConstant.nsysent 0xfffffff0078028f8 <- kernelSymbol.pp_attr_table 0x0000000000000080 <- kernelConstant.mach_trap_count 0x0000000000000300 <- kernelStruct.task.itk_space 0x0000000000000004 <- kernelConstant.PT_INDEX_MAX 0xfffffff0078039b8 <- kernelSymbol.ptov_table 0x0000007000000000 <- kernelConstant.ARM_TT_L1_INDEX_MASK 0xfffffff00a3be608 <- kernelSymbol.allproc 0xffffff8000000000 <- kernelConstant.pointer_mask 0xfffffff00784e028 <- kernelSymbol.gVirtBase 0xfffffff007d8f37c <- kernelSymbol.kfree_data_external System Info libjailbreak: 0x0000000000000038 <- kernelStruct.pt_desc.ptd_info 0x0000000000000008 <- kernelStruct.pmap.ttep 0x0000000000000020 <- kernelStruct.ipc_space.table 0x0000000000000018 <- kernelStruct.proc.proc_ro 0xfffffff007802900 <- kernelSymbol.pv_head_table 0xfffffff00a365168 <- kernelSymbol.cdevsw 0xfffffff00a3a0330 <- kernelSymbol.perfmon_devices 0x0000000000000019 <- kernelConstant.T1SZ_BOOT 0x0000000000000028 <- kernelStruct.trustcache.struct_size 0x00000000000000c8 <- kernelStruct.pmap.type 0x0000000000000010 <- kernelStruct.vm_map_links.min 0x000000000000006c <- kernelStruct.ucred.svgid 0x0000000000000020 <- kernelStruct.ucred.svuid 0x0000000000000020 <- kernelStruct.filedesc.ofiles_start 0x0000000000000068 <- kernelStruct.proc_ro.mach_trap_filter_mask 0x00000000000000d8 <- kernelStruct.proc.fd 0x0000000000000040 <- kernelStruct.proc.svgid 0x000000000000003c <- kernelStruct.proc.svuid 0xfffffff00a39f778 <- kernelSymbol.vm_page_array_ending_addr 0xfffffff007802978 <- kernelSymbol.vm_page_array_beginning_addr 0xfffffff007824a80 <- kernelSymbol.vm_last_phys 0xfffffff00a39f780 <- kernelSymbol.vm_first_phys_ppnum 0xfffffff007824010 <- kernelSymbol.cpu_ttep Exploiting Kernel (kfd, landa) 0xfffffff00784fe40 <- kernelSymbol.gPhysBase 0xfffffff007d8ed4c <- kernelSymbol.kalloc_data_external 0xfffffff007f1c2cc <- kernelSymbol.vn_kqfilter 0x0000000000000010 <- kernelStruct.pt_desc.pmap 0x0000000000000008 <- kernelStruct.vm_map_links.next 0x0000000000000040 <- kernelStruct.vm_map.pmap 0x0000000000000018 <- kernelStruct.ipc_entry.struct_size 0x0000000000000068 <- kernelStruct.ucred.rgid 0x000000000000001c <- kernelStruct.ucred.ruid 0x000000000000025c <- kernelStruct.proc.flag 0x0000000000000010 <- kernelStruct.proc.pptr 0x0000000000000008 <- kernelStruct.proc.list_prev 0xfffffff007837440 <- kernelSymbol.mach_kobj_count 0xfffffff007840e90 <- kernelSymbol.ppl_trust_cache_rt 0xfffffff00784fe48 <- kernelSymbol.gPhysSize 0xfffffff007ecc3b4 <- kernelSymbol.perfmon_dev_open 0x0000000000000002 <- kernelConstant.kernel_el 0x0000000000000008 <- kernelStruct.trustcache.prevptr 0x00000000000000b4 <- kernelStruct.vm_map.flags 0x0000000000000060 <- kernelStruct.task.threads 0x0000000000000070 <- kernelStruct.proc_ro.mach_kobj_filter_mask 0x0000000000000530 <- kernelStruct.proc.struct_size 0xfffffff007824a78 <- kernelSymbol.vm_first_phys 0x000000000000022c <- kernelConstant.nsysent 0xfffffff007004000 <- kernelConstant.staticBase Bypassing PPL (dmaFail) Building Phys R/W Primitive Cleaning Up Exploits Elevating Privileges Updating BaseBin Loading BaseBin TrustCache Initializing Jailbreak Environment Jailbreak failed with error: Error Domain=JBErrorDomain Code=-11 "Spawning jbctl failed with error code 85" UserInfo={NSLocalizedDescription=Spawning jbctl failed with error code 85}
enable dev mode
opa334
commented
7 months ago opa334
commented
7 months ago
Patchfinding System Info: 0xfffffff00a365168 <- kernelSymbol.cdevsw 0xfffffff00a3a0330 <- kernelSymbol.perfmon_devices 0xfffffff007802900 <- kernelSymbol.pv_head_table 0x0000000000000019 <- kernelConstant.T1SZ_BOOT 0xfffffff007f1c2cc <- kernelSymbol.vn_kqfilter 0xfffffff007824a80 <- kernelSymbol.vm_last_phys 0xfffffff00a39f780 <- kernelSymbol.vm_first_phys_ppnum 0xfffffff00a39f778 <- kernelSymbol.vm_page_array_ending_addr 0xfffffff007802978 <- kernelSymbol.vm_page_array_beginning_addr 0xfffffff00784fe40 <- kernelSymbol.gPhysBase 0xfffffff007824010 <- kernelSymbol.cpu_ttep 0xfffffff007d8ed4c <- kernelSymbol.kalloc_data_external 0xfffffff007ecc3b4 <- kernelSymbol.perfmon_dev_open 0x0000000000000040 <- kernelStruct.vm_map.pmap 0xfffffff007840e90 <- kernelSymbol.ppl_trust_cache_rt 0xfffffff007837440 <- kernelSymbol.mach_kobj_count 0xfffffff00784fe48 <- kernelSymbol.gPhysSize 0x0000000000000002 <- kernelConstant.kernel_el 0xfffffff007004000 <- kernelConstant.staticBase 0x0000000000000530 <- kernelStruct.proc.struct_size 0xfffffff007824a78 <- kernelSymbol.vm_first_phys 0x000000000000022c <- kernelConstant.nsysent 0xfffffff0078028f8 <- kernelSymbol.pp_attr_table 0x0000000000000080 <- kernelConstant.mach_trap_count 0x0000000000000300 <- kernelStruct.task.itk_space 0x0000000000000004 <- kernelConstant.PT_INDEX_MAX 0xfffffff0078039b8 <- kernelSymbol.ptov_table 0x0000007000000000 <- kernelConstant.ARM_TT_L1_INDEX_MASK 0xfffffff00a3be608 <- kernelSymbol.allproc 0xffffff8000000000 <- kernelConstant.pointer_mask 0xfffffff00784e028 <- kernelSymbol.gVirtBase 0xfffffff007d8f37c <- kernelSymbol.kfree_data_external System Info libjailbreak: 0x0000000000000038 <- kernelStruct.pt_desc.ptd_info 0x0000000000000008 <- kernelStruct.pmap.ttep 0x0000000000000020 <- kernelStruct.ipc_space.table 0x0000000000000018 <- kernelStruct.proc.proc_ro 0xfffffff007802900 <- kernelSymbol.pv_head_table 0xfffffff00a365168 <- kernelSymbol.cdevsw 0xfffffff00a3a0330 <- kernelSymbol.perfmon_devices 0x0000000000000019 <- kernelConstant.T1SZ_BOOT 0x0000000000000028 <- kernelStruct.trustcache.struct_size 0x00000000000000c8 <- kernelStruct.pmap.type 0x0000000000000010 <- kernelStruct.vm_map_links.min 0x000000000000006c <- kernelStruct.ucred.svgid 0x0000000000000020 <- kernelStruct.ucred.svuid 0x0000000000000020 <- kernelStruct.filedesc.ofiles_start 0x0000000000000068 <- kernelStruct.proc_ro.mach_trap_filter_mask 0x00000000000000d8 <- kernelStruct.proc.fd 0x0000000000000040 <- kernelStruct.proc.svgid 0x000000000000003c <- kernelStruct.proc.svuid 0xfffffff00a39f778 <- kernelSymbol.vm_page_array_ending_addr 0xfffffff007802978 <- kernelSymbol.vm_page_array_beginning_addr 0xfffffff007824a80 <- kernelSymbol.vm_last_phys 0xfffffff00a39f780 <- kernelSymbol.vm_first_phys_ppnum 0xfffffff007824010 <- kernelSymbol.cpu_ttep Exploiting Kernel (kfd, landa) 0xfffffff00784fe40 <- kernelSymbol.gPhysBase 0xfffffff007d8ed4c <- kernelSymbol.kalloc_data_external 0xfffffff007f1c2cc <- kernelSymbol.vn_kqfilter 0x0000000000000010 <- kernelStruct.pt_desc.pmap 0x0000000000000008 <- kernelStruct.vm_map_links.next 0x0000000000000040 <- kernelStruct.vm_map.pmap 0x0000000000000018 <- kernelStruct.ipc_entry.struct_size 0x0000000000000068 <- kernelStruct.ucred.rgid 0x000000000000001c <- kernelStruct.ucred.ruid 0x000000000000025c <- kernelStruct.proc.flag 0x0000000000000010 <- kernelStruct.proc.pptr 0x0000000000000008 <- kernelStruct.proc.list_prev 0xfffffff007837440 <- kernelSymbol.mach_kobj_count 0xfffffff007840e90 <- kernelSymbol.ppl_trust_cache_rt 0xfffffff00784fe48 <- kernelSymbol.gPhysSize 0xfffffff007ecc3b4 <- kernelSymbol.perfmon_dev_open 0x0000000000000002 <- kernelConstant.kernel_el 0x0000000000000008 <- kernelStruct.trustcache.prevptr 0x00000000000000b4 <- kernelStruct.vm_map.flags 0x0000000000000060 <- kernelStruct.task.threads 0x0000000000000070 <- kernelStruct.proc_ro.mach_kobj_filter_mask 0x0000000000000530 <- kernelStruct.proc.struct_size 0xfffffff007824a78 <- kernelSymbol.vm_first_phys 0x000000000000022c <- kernelConstant.nsysent 0xfffffff007004000 <- kernelConstant.staticBase Bypassing PPL (dmaFail) Building Phys R/W Primitive Cleaning Up Exploits Elevating Privileges Updating BaseBin Loading BaseBin TrustCache Initializing Jailbreak Environment Jailbreak failed with error: Error Domain=JBErrorDomain Code=-11 "Spawning jbctl failed with error code 85" UserInfo={NSLocalizedDescription=Spawning jbctl failed with error code 85}