kpwn
.../XcodeDefault.xctoolchain/usr/bin/lipo: can't open input file: dyld.fat (No such file or directory)
Alright so everything seems to be working pretty well up until this point. I have 2 main issues...
--first--
Where do I find a copy of OpenSSH as a .tar - do i get it from their main website, if so the mobile version? Or should I use wget and rename as .tar, then change to bootstrap.tar? If you could give me a quick rundown of the process, that'd be awesome
--secondly--
After restore and reboot, I press [Enter] but then I see this:
Mounting DDI... Couldn't mount DDI. Not an issue if Xcode's running, an issue if it isn't. Fetching symbols... [+] Device connected: iPhone4,1, iOS 8.4.1. [] Receiving /usr/lib/dyld... [] Received 0.21 MB of 0.21 MB (100%). [+] Done receiving /usr/lib/dyld. fatal error: /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/lipo: can't open input file: dyld.fat (No such file or directory) [+] Device connected: iPhone4,1, iOS 8.4.1. [] Receiving /System/Library/Caches/com.apple.dyld/dyld_shared_cache_armv7... [] Received 408.49 MB of 408.49 MB (100%). run.sh: line 58: 2974 Segmentation fault: 11 ./bin/fetchsymbols -f "$(./bin/fetchsymbols -l 2>&1 | (grep armv7 || abort ) | tr ':' '\n'|tr -d ' '|head -1)" tmp/cache Compiling jailbreak files... Extracting /System/Library/Frameworks/IOKit.framework/Versions/A/IOKit at 0x296f000 into cache.IOKit Extracting /System/Library/Frameworks/IOKit.framework/IOKit at 0x296f000 into cache.IOKit Extracting /usr/lib/system/libsystem_kernel.dylib at 0x1050a000 into cache.libsystem_kernel.dylib fatal error: /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/lipo: can't open input file: dyld.fat (No such file or directory) 2015-11-05 11:40:28.859 main[3045:75293] cs_size = 4e0 Assertion failed: (lsrs_r0_2_popr4r5r7pc), function main, file main.m, line 538. ./make.sh: line 6: 3045 Abort trap: 6 ./main
Can I get a quick play-by-play of how to resolve something like this? I'm extremely interested in getting this working for a personal project and would love to properly execute the run.sh
You need to download a cydia bootstrap tar, an openssl deb, openssh deb.
Sudo su, create some temp directory, extract all of these in said directory, do find . | grep patcyh | while read a; do > "$a"; done, now rm sbin/reboot, nano sbin/reboot, enter
#!/bin/sh
<path to launchctl in cyida bootstrap> load /Library/LaunchDeamons/<name of the openssl launchdeamon plist>
exit 0
create a tar.gz of everything, put it in data/bootstrap.tar.gz
I'm obviously doing all this on my mac and replacing in data/bootstrap.tar.gz before I run run.sh, correct?
Awesome, alright thank you so much for the help - will test and get back !
Also, for the lsrs_r0_2_popr4r5r7pc issue: yalu only supports arm64 devices at the moment. Due to odysseusota's 8.4.1 support there's been people working on an armv7 port for it.
idea is to run the jailbreak app until it doesn't kernel panic, when it doesn't the kernel untether will have worked and the tar will be extracted. sbin/reboot is used to start ssh because you can trigger an execve on it w/ uid=0 with idevicediagnostics restart on your mac
also, am I allowed to ask where the best location to find the bootstrap tar is?
I suggest qwupz.me/Cydia-8.4r3-Raw.txz - remember to remove patcyh files. if you don't you'll brick your phone.
Also remember that the cydia bootstrap will install cydia. I don't suggest running it.
Awesome thank you a ton!
I need to run to work, but I'll definitely jump back to testing this when I get home and get back to you!
After you have SSH you need to install the untether via ssh. I have some free time now, so I can help you do that myself if you need.
I'll go as far as I can after work until I feel like I'm out of my league, the help youve given me already is outstanding and extremely appreciated.
Thanks for your Cydia-8.4r3-Raw.txz,
I have packaged a zip Bootstrap.tgz with OpenSSL&OpenSSH and sbin/reboot 2 weeks ago :X
When i tried to run jailbreak, my phone will restart, after that i have used idevicediagnostics restart to reboot my 5S, but it seems that the SSH doesn't work :X, so i must use the Cydia with My Bootstrap.tgz or just the app doesn't work ?
i think we must delete
./private/var/lib/dpkg/info/com.saurik.patcyh.extrainst_
./private/var/lib/dpkg/info/com.saurik.patcyh.list
./private/var/lib/dpkg/info/com.saurik.patcyh.postrm
./usr/lib/libpatcyh.dylib must be deleted too ?
Yeah you should definitely delete patcyh -- use this when compiling\
find . | grep patcyh | while read a; do > "$a"; done
look up at this post
I have used this command "delete and create a file with the same name or create file null"
find . | grep patcyh | while read a; do rm $a; touch $a; done
But for this ./usr/lib/libpatcyh.dylib? Is it should be DELETE ?
yeah that command where it says
do rm $a
will remove anything that is like %patcyh%
I don't know specifically about that dylib, sorry man
hey qfdk, can you link me to the openssh.deb and openssl.deb you are using, I want these tests to be in unison
#!/bin/sh "path to launchctl in cyida bootstrap" load /Library/LaunchDeamons/"name of the openssl launchdeamon plist" exit 0
alright, so I have the temp folder with everything in it...I'm trying to locate these two files though... any ideas? SCREENSHOT
OK, Download
i have packaged it with script reboot placed in sbin, but it NOT include Cydia, your must put the Cydia in this package, i will work on it tonight it will response your question :)
The openssh / openssl debs don't include /bin/sh etc. The cydia bootstrap does. So extract cydia bootstrap and remove /Applications/Cydia.app just to be on the safe side.
awesome, ok I'll play with that then ! Thanks!
EDIT: OK! that makes a ton of sense.
So once the untether is installed without patcyh, can you install a version of cydia for testing or is that still going to cause a crash??
permissions seem wrong on that tar. not sure if it's going to be an issue but eh
http://apt.saurik.com/debs/
you can find *.deb
I have modified the file run.sh and i fixed the problem of file not find and the code can be compile.
I run the app, but it has a crash, i tied serval time for this....
I fetchsymbols with armv7, i can run the app and i got the log like this
yalubreak iso841 - Kim Jong Cracks Research
Credits:
qwertyoruiop - sb escape & codesign bypass & initial kernel exploit
panguteam: kernel vulns
windknown: kernel exploit & knows it's stuff
_Morpheus_: this guy knows stuff
jk9356: kim jong cracks anthem
JonSeals: crack rocks supply (w/ Frank & haifisch)
ih8sn0w: <3
posixninja: <3
xerub <3
its_not_herpes because thanks god it wasnt herpes
eric fuck off
Kim Jong Un for being Dear Leader.
RIP TTWJ / PYTECH / DISSIDENT
SHOUT OUT @ ALL THE OLD GANGSTAS STILL IN THE JB SCENE
HEROIN IS THE MEANING OF LIFE
BRITTA ROLL UP [no its not pythech!]
[i] iomasterport: 0x0000070b / gasgauge user client: 0x0000050b
jk++
ret: 28dea000
ret: 00000000
ret: 0000000d
yalubreak iso841 - Kim Jong Cracks Research
Credits:
qwertyoruiop - sb escape & codesign bypass & initial kernel exploit
panguteam: kernel vulns
windknown: kernel exploit & knows it's stuff
_Morpheus_: this guy knows stuff
jk9356: kim jong cracks anthem
JonSeals: crack rocks supply (w/ Frank & haifisch)
ih8sn0w: <3
posixninja: <3
xerub <3
its_not_herpes because thanks god it wasnt herpes
eric fuck off
Kim Jong Un for being Dear Leader.
RIP TTWJ / PYTECH / DISSIDENT
SHOUT OUT @ ALL THE OLD GANGSTAS STILL IN THE JB SCENE
HEROIN IS THE MEANING OF LIFE
BRITTA ROLL UP [no its not pythech!]
[i] iomasterport: 0x0000070b / gasgauge user client: 0x0000050b
jk++
ret: 22a68000
ret: 00000000
found overlapping object
ret: 00000048
yalubreak iso841 - Kim Jong Cracks Research
Credits:
qwertyoruiop - sb escape & codesign bypass & initial kernel exploit
panguteam: kernel vulns
windknown: kernel exploit & knows it's stuff
_Morpheus_: this guy knows stuff
jk9356: kim jong cracks anthem
JonSeals: crack rocks supply (w/ Frank & haifisch)
ih8sn0w: <3
posixninja: <3
xerub <3
its_not_herpes because thanks god it wasnt herpes
eric fuck off
Kim Jong Un for being Dear Leader.
RIP TTWJ / PYTECH / DISSIDENT
SHOUT OUT @ ALL THE OLD GANGSTAS STILL IN THE JB SCENE
HEROIN IS THE MEANING OF LIFE
BRITTA ROLL UP [no its not pythech!]
[i] iomasterport: 0x0000070b / gasgauge user client: 0x0000050b
jk++
ret: 22a68000
ret: 00000000
ret: 0000000d
I got the same things with #30 exploit failed .
Can you give me some tips or just try to run... until i can see 5-6 RET?
Thx
It seems as though nothing is working anymore... do I need to restore to 8.4.1 again and start fresh? It seems to not be able to find anything now... regardless of download path
Mounting DDI... ERROR: stat: ./data/DeveloperDiskImage.dmg: No such file or directory Couldn't mount DDI. Not an issue if Xcode's running, an issue if it isn't. Fetching symbols... Error. Exiting... [+] Device connected: iPhone4,1, iOS 8.4.1. [-] Can not connect to com.apple.dt.fetchsymbols service. fatal error: /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/lipo: can't open input file: dyld.fat (No such file or directory) Error. Exiting... [+] Device connected: iPhone4,1, iOS 8.4.1. [-] Can not connect to com.apple.dt.fetchsymbols service. Compiling jailbreak files... fatal error: /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/lipo: can't open input file: dyld.fat (No such file or directory) fatal error: /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/lipo: can't open input file: dyld.fat (No such file or directory) fatal error: /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/lipo: can't open input file: dyld.fat (No such file or directory) error: /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/lipo: unknown architecture specification flag: in specifying thin operation: -thin /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/lipo: known architecture flags are: any little big ppc64 x86_64 x86_64h arm64 ppc970-64 ppc i386 m68k hppa sparc m88k i860 veo arm ppc601 ppc603 ppc603e ppc603ev ppc604 ppc604e ppc750 ppc7400 ppc7450 ppc970 i486 i486SX pentium i586 pentpro i686 pentIIm3 pentIIm5 pentium4 m68030 m68040 hppa7100LC veo1 veo2 veo3 veo4 armv4t armv5 xscale armv6 armv6m armv7 armv7f armv7s armv7k armv7m armv7em arm64v8 fatal error: /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/lipo: Usage: /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/lipo [input_file] ... [-arch <arch_type> input_file] ... [-info] [-detailed_info] [-output output_file] [-create] [-arch_blank <arch_type>] [-thin <arch_type>] [-remove <arch_type>] ... [-extract <arch_type>] ... [-extract_family <arch_type>] ... [-verify_arch <arch_type> ...] [-replace <arch_type> <file_name>] ... mv: rename dyld to dyld.fat: No such file or directory /Users/USER/yalu/run.sh: line 128: /Users/USER/yalu./bin/jtool: No such file or directory /Users/USER/yalu/run.sh: line 129: /Users/USER/yalu./bin/jtool: No such file or directory fatal error: /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/lipo: can't open input file: dyld.fat (No such file or directory) /Users/USER/yalu/run.sh: line 136: cd: /Users/USER/yalu./data/dyldmagic: No such file or directory /Users/USER/yalu/run.sh: line 137: ./make.sh: No such file or directory Copying files to device... /Users/USER/yalu/run.sh: line 141: ./bin/afcclient: No such file or directory /Users/USER/yalu/run.sh: line 142: ./bin/afcclient: No such file or directory /Users/USER/yalu/run.sh: line 143: ./tmp/bootstrap.tar: No such file or directory /Users/USER/yalu/run.sh: line 144: ./bin/afcclient: No such file or directory /Users/USER/yalu/run.sh: line 145: ./bin/afcclient: No such file or directory .Tap on the jailbreak icon to crash the kernel (or 0wn it if you're in luck!) da225-02-13569:~ USER$