ios issues

[SpinnySpiwal]

iphone 13 16.6 beta 1 freezes and then outputs some text but it never proceeds to userspace reboot

[KpwnZ]

By some text you mean? Send it here otherwise we cannot do anything.

[SpinnySpiwal]

[*] ready to start
[*] Post exploitation by xia0o0o0o
[*] sysname: Darwin
[*] nodename: Spiwal's iPhone
[*] release: 22.6.0
[*] version: Darwin Kernel Version 22.6.0: Tue May  9 06:16:18 PDT 2023; root:xnu-8796.140.12.502.1~12/RELEASE_ARM64_T8110
[*] machine: iPhone14,5
[*] iOS Version: 16.6.0
[!] !!! iOS 16.6 support is experimental, you may encounter issues !!!
[DEBUG] landa start
[DEBUG] finish puaf
[DEBUG] finish krkw
[+] kernel slide = 0x0
[+] kernel base = 0xfffffff007004000
[+] current_proc = 0xffffffe92a2d61f0
[+] current_task = 0xffffffe92a2d6920
[+] current_map = 0xffffffe625f1dcc0
[+] current_pmap = 0xfffffff0c76e1f38
[+] kernel_task = 0xffffffe92658f690
[+] kernel_map = 0xffffffe53ff12680
[+] kernel_pmap = 0xfffffff0149c00e8
[*] start post exploitation
[*] init offset
[!] trying to access 0xef9120683ff8c420, (
	0   escape                              0x00000001047bf1b8 kread_sem_open_kread_u64 + 136
	1   escape                              0x00000001047bf0f8 kread_sem_open_kread + 104
	2   escape                              0x00000001047ad0c8 kread + 88
	3   escape                              0x00000001047a07c8 kread64 + 44
	4   escape                              0x00000001047a0564 ipc_entry_lookup + 108
	5   escape                              0x00000001047a0644 port_name_to_ipc_port + 24
	6   escape                              0x00000001047ca9a8 find_kernel_slide + 164
	7   escape                              0x00000001047cab80 post_exp + 152
	8   escape                              0x00000001047a1d50 __33-[ViewController logButtonTapped]_block_invoke + 40
	9   libdispatch.dylib                   0x000000019349d320 C3D10610-5D2D-3C08-876D-BAEC0BBE4A8C + 8992
	10  libdispatch.dylib                   0x000000019349eeac C3D10610-5D2D-3C08-876D-BAEC0BBE4A8C + 16044
	11  libdispatch.dylib                   0x00000001934a1f8c C3D10610-5D2D-3C08-876D-BAEC0BBE4A8C + 28556
	12  libdispatch.dylib                   0x00000001934b0944 C3D10610-5D2D-3C08-876D-BAEC0BBE4A8C + 88388
	13  libdispatch.dylib                   0x00000001934b1158 C3D10610-5D2D-3C08-876D-BAEC0BBE4A8C + 90456
	14  libsystem_pthread.dylib             0x00000001ec2f0da0 _pthread_wqthread + 228
	15  libsystem_pthread.dylib             0x00000001ec2f0b7c start_wqthread + 8
)

[SpinnySpiwal]

@KpwnZ

[KpwnZ]

https://www.theiphonewiki.com/wiki/T8110

[SpinnySpiwal]

you're using a form of checkm8?

[SpinnySpiwal]

because if so, please state that clearly lol

[SpinnySpiwal]

like, add a note saying that

[SpinnySpiwal]

https://www.theiphonewiki.com/wiki/T8110

what do you mean? I just found out it isn't a checkm8 jb @KpwnZ

[SpinnySpiwal]

nvm its a11 and below

[KpwnZ]

did you read the readme lol

[SpinnySpiwal]

lrdsnow just said its a11- lol

[jthoward64]

lrdsnow just said its a11- lol

It says "A jailbreak tool for all arm64 devices on iOS 16.0 to iOS 16.6.1"

Just keep an eye on #16 if you want