Habemus Libertatem!

Important news

Re: Habemus Libertam!

Postby Dimachete » Thu Dec 21, 2017 8:17 pm

Some users have tried forks. I for example tried coolstars fork. Do we have to prepare some how or get rid of any files installed by these forks?
Coolstars fork installed ssh. Should I remove?

A: There are so many forks by so many two bit GitHub cloners who do so blindly, I can't tell you which are good and which are bad. Generally, Ian Beer's exploit isn't reliable when run more than once (on rare occasions, twice), so you'll have to decide fork vs. mine. At any rate, I modify / only to "/jb" and not anywhere else in filesystem.
Dimachete
 
Posts: 6
Joined: Thu Dec 21, 2017 8:13 pm

Re: Habemus Libertam!

Postby Dimachete » Thu Dec 21, 2017 8:51 pm

I already decided to use yours that’s why I want to get rid of anything that could conflict. I guess everything should be the same but the ssh client was dropbear.
Dimachete
 
Posts: 6
Joined: Thu Dec 21, 2017 8:13 pm

Re: Habemus Libertam!

Postby Wingzero » Fri Dec 22, 2017 7:52 am

Have you tested debugserver already? I have been trying to make it work. Now with your help(jtool --sign platform), I can finally launch debugserver, but when it tries to listen to any port from outside IP, it will exit. If It just needs to listen to localhost:port, it will be fine. I'm not sure what's the issue. But since there is no arm64 LLDB, we still need debugserver to be able respond to mac LLDB.
Wingzero
 
Posts: 54
Joined: Thu Jul 27, 2017 2:35 am

Re: Habemus Libertam!

Postby Roman » Fri Dec 22, 2017 9:12 am

You are super, Morpheus! can't wait to get that 11.1.2 jailbroken!!
Roman
 
Posts: 3
Joined: Sat Mar 04, 2017 11:50 am

Re: Habemus Libertatem!

Postby firecracker » Mon Dec 25, 2017 4:50 am

I just ran LiberTV 1.1 on my ATV4, got the we're done here message, thank you!.

You're welcome

Are automatic updates now disabled without me having to manually SSH in to my ATV? Also are they disabled after reboot in a non-jailbroken state?

Yes. Check your AppleTV's /etc/hosts - you'll see 127.0.0.1 mesu.apple.com # added by Libertas.

So that's persistent.
firecracker
 
Posts: 3
Joined: Thu Mar 09, 2017 10:53 pm

Re: Habemus Libertatem!

Postby septium » Tue Dec 26, 2017 11:13 am

Does corerupt-style shellcode injection work in LiberIOS 1.0 for sandboxed apps?
What about lldb + re-entitled debugserver?
septium
 
Posts: 33
Joined: Thu May 04, 2017 10:04 am

Re: Habemus Libertatem!

Postby morpheus » Tue Dec 26, 2017 12:18 pm

Yes on both.
morpheus
Site Admin
 
Posts: 697
Joined: Thu Apr 11, 2013 6:24 pm

Re: Habemus Libertatem!

Postby something » Wed Dec 27, 2017 1:44 am

Thanks for the jailbreak Mr. Levin. I successfully ran the app on one device and have a question regarding execve. If I attempt to build a custom binary (something similar to the core rupture tool, reads mmap from a process and dumps contents) I am unable to launch it since kernel kills the binary with
Code: Select all
Sandbox: hook..execve() killing <unsigned>[pid=955, uid=0]: only launchd is allowed to spawn untrusted binaries
. I assume execve call is executed by bash to launch the binary. Is it correct to assume an additional step is to be delivered by Cydia (or an additional functionality still to be released) to allow bypassing of such restriction? If I am wrong, could you please point me to the right direction?

Kind Regards.

please post in right forum and read FAQ
something
 
Posts: 12
Joined: Wed Dec 27, 2017 1:35 am

Previous

Return to Fresh off the press

Who is online

Users browsing this forum: No registered users and 2 guests