BugTracker icon indicating copy to clipboard operation
BugTracker copied to clipboard

Published 20 hours ago verified publisher icon checkra1n

Timed out waiting for download mode (-status_exploit_timeout_error) on iOS 17.6(.1) on A10X

Open nexplorer-3e opened this issue 5 months ago • 3 comments

https://github.com/palera1n/palera1n/issues/478 They mentioned the problem may caused by checkra1n but not the rest step they take part in. Below are the logs from 0.1337.2. While Demote looks like working, I have no idea how to test it.

sudo ./checkra1n-linux-arm64 -s -V -v
| - [09/16/24 01:57:59] <Verbose> src/stage1/checkrain.c:413:FoundDevice():
| ----> DFU mode device found
-
| - [09/16/24 01:57:59] <Info> src/stage1/checkrain.c:259:PerformCheckm8():
| ----> Checking if device is ready
-
| - [09/16/24 01:57:59] <Verbose> src/stage1/checkrain.c:259:PerformCheckm8():
| ----> Attempting to perform checkm8 on 8011 10
-
| - [09/16/24 01:57:59] <Info> src/stage1/checkrain.c:272:PerformCheckm8():
| ----> Setting up the exploit
-
| - [09/16/24 01:57:59] <Verbose> src/stage1/checkrain.c:272:PerformCheckm8():
| ----> == checkm8 setup stage ==
-
| - [09/16/24 01:57:59] <Verbose> src/stage1/linux/usb_primitives.c:145:DFUUseAfterFreeRace():
| ----> UaF race: deterministic strategy was successful, g_urb.actual_length: 0x40
-
| - [09/16/24 01:57:59] <Verbose> src/stage1/linux/usb_primitives.c:148:DFUUseAfterFreeRace():
| ----> Entered initial checkm8 state after 1 steps
-
| - [09/16/24 01:57:59] <Verbose> src/stage1/linux/usb_primitives.c:201:DFUMemoryLeakRace():
| ----> Stalled input endpoint after 2 steps
-
| - [09/16/24 01:57:59] <Verbose> src/stage1/checkrain.c:443:LostDevice():
| ----> DFU mode device disconnected
-
| - [09/16/24 01:58:00] <Verbose> src/stage1/checkrain.c:413:FoundDevice():
| ----> DFU mode device found
-
| - [09/16/24 01:58:00] <Verbose> src/stage1/checkrain.c:283:PerformCheckm8():
| ----> == checkm8 trigger stage ==
-
| - [09/16/24 01:58:01] <Info> src/stage1/checkrain.c:290:PerformCheckm8():
| ----> Checkmate!
-
| - [09/16/24 01:58:01] <Verbose> src/stage1/checkrain.c:290:PerformCheckm8():
| ----> Device should now reconnect in download mode
-
| - [09/16/24 01:58:01] <Verbose> src/stage1/checkrain.c:443:LostDevice():
| ----> DFU mode device disconnected
-
| - [09/16/24 01:58:21] <Error> src/stage1/checkrain.c:218:PerformCheckm8_AsyncTimeout_callback():
| ----> Timed out waiting for download mode (error code: -status_exploit_timeout_error)
-

usbmuxd logs and dmesg are in the origin issue, the behavior should be same.

the issus may need to open in the Bugtracker, however there is a similar issue that created long ago with different system version and AMD cpu, while the behavior is same. https://github.com/checkra1n/BugTracker/issues/2337

nexplorer-3e avatar Sep 15 '24 18:09 nexplorer-3e