BugTracker icon indicating copy to clipboard operation
BugTracker copied to clipboard

Published 20 hours ago verified publisher icon checkra1n

Process stuck at "Right before trigger (this is the real bug setup)" and "Checkmate!"

Open martinprad0 opened this issue 1 year ago • 1 comments

Tell us about your setup:

  1. Device: IPhone 8 Plus
  2. IOS: 13.6.1
  3. checkra1n version: 12.4
  4. OS: Fedora Linux 38 (Intel Processor)
  5. Cable: Tried with both Third Party Cable and USB 2.0 cable

What are the steps to reproduce the issue?

  1. Run checkra1n with sudo ./checkra1n -cv
  2. Get the following output:
 - [09/15/23 17:16:59] <Verbose>: DFU device connected: 238aa289b002e
 - [09/15/23 17:16:59] <Info>: Exploiting
 - [09/15/23 17:16:59] <Verbose>: Attempting to perform checkm8 on 8015 11...
 - [09/15/23 17:16:59] <Info>: Checking if device is ready
 - [09/15/23 17:16:59] <Verbose>: == Checkm8 Preparation stage ==
 - [09/15/23 17:17:00] <Info>: Setting up the exploit (this is the heap spray)
 - [09/15/23 17:17:00] <Verbose>: == Checkm8 Setup stage ==
 - [09/15/23 17:17:00] <Verbose>: Disabled probabilistic mode since we encountered a partial xfer
 - [09/15/23 17:17:00] <Verbose>: Deterministic approach was successful!
 - [09/15/23 17:17:00] <Info>: Right before trigger (this is the real bug setup)
 - [09/15/23 17:17:00] <Verbose>: Entered initial checkm8 state after 0 steps, issuing DFU abort..
 - [09/15/23 17:17:00] <Verbose>: DFU device connected: 238aa289b002e
 - [09/15/23 17:17:00] <Verbose>: == Checkm8 Trigger stage ==
 - [09/15/23 17:17:01] <Verbose>: Checkmate!
 - [09/15/23 17:17:26] <Error>: Timed out in state 2, assuming we are back to square one with this device. (error code: -31)
  1. IPhone is now unusable and unresponsive to Button Patterns to get out of DFU Mode
  2. If I run the program again I get the same error, if I run the GUI I get this message:

image

...

What do you expect, and what is happening instead?

To unlock the IPhone, but now it cannot be used (unless I update the OS using ITunes)

Did you see a popup on the device stating it entered "Safe Mode" due to an error?

No, Screen is off

Does the issue also occur if you tick "Safe Mode" in the checkra1n options?

Yes

martinprad0 avatar Sep 15 '23 22:09 martinprad0

hi try this: https://github.com/foxlet/bootra1n/blob/master/README.md

the current live image has an old version of checkra1n, so download the last binary from releases and copy it to voidlinux from another usb drive, then run and cross fingers, it's works for me

gvillegass avatar Nov 20 '23 18:11 gvillegass