palera1n
palera1n copied to clipboard
palera1n
Problem creating fakefs
Device
iPad 6
Version
iOS 17.4.1
Passcode?
- [ ] Passcode is enabled.
Start going into detail..
Host: Macbook Pro 2017 / macOS Ventura 13.6.5 Device: iPad 6 / iOS 17.4.1
Executing 'palera1n -c -f' following a DFU restore on an iPad 6 running 17.4.1 results in either a hang or an error that suggests that a fakefs already exists. "cannot create fakefs over an existing one".
Interestingly, the error appears on device after unplugging it from USB. If I do not unplug the device, it appears to hang (forever?)
I then tried executing 'palera1n --force-revert -cf' which resulted in an error - (I have typed up an extract of the log):
mount(...)
hfs: mounted palera1n on device disk3
mounting loader
IOServiceOpen: 0
disk4
mount(...)
hfs: mounted palera1nloader on device disk4
found apfs volume role: 0x0002
this operation is not permitted. (this apfs volume role is not recovery role [0x0002 != 0x0004])
cannot delete fakefs disk1s8: 53 (os/kern) denied by security policy
Assertion failed: (0), function create_remove_fakefs, file fakefs.c, line 271.
Rootless mode appears to work correctly.
Additional logs:
`palera1n -c -f -Vv':
# == palera1n-c ==
#
# Made by: Nick Chan, Ploosh, Samara, Mineek, staturnz, kok3shidoll
#
# Thanks to: pythonplayer123, llsc12, Nebula, tihmstar, nikias
# (libimobiledevice), checkra1n team (Siguza, axi0mx, littlelailo
# et al.), Procursus Team (Hayden Seay, Cameron Katri, Keto et.al)
- [05/07/24 22:11:51] <Info>: Waiting for devices
- [05/07/24 22:11:51] <Verbose>: Normal mode device connected
- [05/07/24 22:11:51] <Info>: Entering recovery mode
- [05/07/24 22:11:56] <Verbose>: Normal mode device disconnected
- [05/07/24 22:12:01] <Verbose>: Recovery mode device XXXREMOVEDXXX connected
- [05/07/24 22:12:02] <Info>: Press Enter when ready for DFU mode
Get ready (0)
Hold home + power button (2) - [05/07/24 22:12:12] <Verbose>: Recovery mode device disconnected
Hold home + power button (0)
Hold home button (3) - [05/07/24 22:12:21] <Verbose>: DFU mode device XXXREMOVEDXXX connected
- [05/07/24 22:12:21] <Info>: Device entered DFU mode successfully
- [05/07/24 22:12:21] <Info>: About to execute checkra1n
#
# Checkra1n 0.1337.2
#
# Proudly written in nano
# (c) 2019-2023 Kim Jong Cracks
#
#======== Made by =======
# argp, axi0mx, danyl931, jaywalker, kirb, littlelailo, nitoTV
# never_released, nullpixel, pimskeks, qwertyoruiop, sbingner, siguza
#======== Thanks to =======
# haifisch, jndok, jonseals, xerub, lilstevie, psychotea, sferrini
# Cellebrite (ih8sn0w, cjori, ronyrus et al.)
#==========================
- [05/07/24 22:12:21] <Verbose>: Starting thread for Apple TV 4K Advanced board
- [05/07/24 22:12:21] <Info>: Waiting for DFU mode devices
- [05/07/24 22:12:21] <Verbose>: DFU mode device found
- [05/07/24 22:12:21] <Info>: Checking if device is ready
- [05/07/24 22:12:21] <Verbose>: Attempting to perform checkm8 on 8010 11
- [05/07/24 22:12:21] <Info>: Setting up the exploit
- [05/07/24 22:12:21] <Verbose>: == checkm8 setup stage ==
- [05/07/24 22:12:21] <Verbose>: Entered initial checkm8 state after 1 steps
- [05/07/24 22:12:21] <Verbose>: Stalled input endpoint after 8 steps
- [05/07/24 22:12:22] <Verbose>: DFU mode device disconnected
- [05/07/24 22:12:22] <Verbose>: DFU mode device found
- [05/07/24 22:12:22] <Verbose>: == checkm8 trigger stage ==
- [05/07/24 22:12:22] <Info>: Checkmate!
- [05/07/24 22:12:22] <Verbose>: Device should now reconnect in download mode
- [05/07/24 22:12:23] <Verbose>: DFU mode device disconnected
- [05/07/24 22:12:30] <Info>: Entered download mode
- [05/07/24 22:12:30] <Verbose>: Download mode device found
- [05/07/24 22:12:30] <Info>: Booting PongoOS...
- [05/07/24 22:12:32] <Info>: Found PongoOS USB Device
- [05/07/24 22:12:32] <Verbose>: Executing PongoOS command: 'fuse lock'
- [05/07/24 22:12:32] <Verbose>: Executing PongoOS command: 'sep auto'
- [05/07/24 22:12:35] <Verbose>: Uploaded 118080 bytes to PongoOS
- [05/07/24 22:12:35] <Verbose>: Executing PongoOS command: 'modload'
- [05/07/24 22:12:35] <Verbose>: Executing PongoOS command: 'palera1n_flags 0x4000005'
- [05/07/24 22:12:35] <Verbose>: Executing PongoOS command: 'rootfs'
- [05/07/24 22:12:35] <Verbose>: Uploaded 45047 bytes to PongoOS
- [05/07/24 22:12:35] <Verbose>: Executing PongoOS command: 'ramdisk 524288'
- [05/07/24 22:12:35] <Verbose>: Uploaded 2809039 bytes to PongoOS
- [05/07/24 22:12:35] <Verbose>: Executing PongoOS command: 'overlay'
- [05/07/24 22:12:35] <Verbose>: Executing PongoOS command: 'xargs wdt=-1 rootdev=md0'
- [05/07/24 22:12:35] <Verbose>: Executing PongoOS command: 'bootx'
- [05/07/24 22:12:35] <Info>: Booting Kernel...
- [05/07/24 22:12:35] <Info>: Please wait up to 10 minutes for the fakefs to be created.
- [05/07/24 22:12:35] <Info>: Once the device reboots into recovery mode, run again without the -c (Create FakeFS) option to jailbreak.
Familiarity with palera1n
- [X] I am familiar with palera1n and how to use it!
Familiarity with CLI
- [X] I am familiar with the command-line!
Palera1n beta 9 for iPadOS 17 does not support the creation for rootful, I would recommend you try and just do palera1n -l as thats the only supported option.
As for the issues you're encountering, a failsafe is being triggered as it thinks the fakefs location is at /var/mobile.. because obviously you wouldn't want to overwrite a system partition. It would end up badly, so it just fails.
Hi! could you please try the nightly builds here? https://cdn.nickchan.lol/palera1n/c-rewrite/artifacts/main/420/binaries/
Setup fakefs: ./palera1n -cf --cli
Setup bindfs: ./palera1n -Bf --cli
Boot rootful: ./palera1n -f --cli
Remove rootful: ./palera1n -f --force-revert --cli
^ these are builds which have those issues fixed, would recommend you try them!