Merge remote-tracking branch 'kpwn/master'

Author: pollito05

.github/ISSUE_TEMPLATE.md

@@ -0,0 +1,12 @@
+This is not a support forum or generic mailing list.
+
+This form is exclusively for reporting issues caused directly by the inner workings of yalu.
+
+Direct your jailbreaking questions to one of these fine communities:
+
+* https://reddit.com/r/jailbreak
+* http://www.jailbreakqa.com/
+
+Issues, which are not related to yalu's code, may be closed without comment. Do NOT post about: Cydia, tweak, respring/bootloop or app issues UNLESS you have evidence that they are caused by an error in the jailbreaking software itself.
+
+(Delete this bit after reading, and replace it by "I read the issue posting guidelines.")

LICENSE

@@ -0,0 +1,13 @@
+            DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
+                    Version 2, December 2004
+
+ Copyright (C) 2004 Sam Hocevar <[email protected]>
+
+ Everyone is permitted to copy and distribute verbatim or modified
+ copies of this license document, and changing it is allowed as long
+ as the name is changed.
+
+            DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
+   TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
+
+  0. You just DO WHAT THE FUCK YOU WANT TO.

README.md

@@ -1,2 +1,76 @@
 # yalu102
-incomplete iOS 10.2 jailbreak for 64 bit devices by qwertyoruiopz and marcograssi
+
+![Yalu logo](https://github.com/kpwn/yalu102/blob/master/yalu102/Assets.xcassets/AppIcon.appiconset/[email protected]?raw=true)
+
+A "work in progress" iOS jailbreak for 64-bit devices created by [qwertyoruiopz](https://twitter.com/qwertyoruiopz) and [marcograssi](marcograss).
+
+Please use the "Issues" tab for **code related** issues only. If you need support please search on [/r/jailbreak](https://reddit.com/r/jailbreak) before posting a question there.
+
+## Supported Devices and iOS versions
+
+| Device | Version |
+|---------|----------|
+| iPad Pro  | iOS 10.0.0 -> iOS 10.2 |
+| iPhone 6S  | iOS 10.0.0 -> iOS 10.2 |
+| iPhone SE  | iOS 10.0.0 -> iOS 10.2 |
+| iPhone 5S  | iOS 10.0.0 -> iOS 10.2 |
+| iPad Air| iOS 10.0.0 -> iOS 10.2 |
+| iPad Mini 2| iOS 10.0.0 -> iOS 10.2 |
+| iPhone 6  | iOS 10.0.0 -> iOS 10.2 |
+| iPad Mini 3| iOS 10.0.0 -> iOS 10.2 |
+| iPad Air 2| iOS 10.0.0 -> iOS 10.2 |
+| iPad Mini 4 | iOS 10.0.0 -> iOS 10.2 |
+| iPod touch (6G)  | iOS 10.0.0 -> iOS 10.2 |
+
+### Planned Support:
+
+In the near future, the jailbreak will support the following devices:
+
+| Device | Version |
+|---------|----------|
+| iPhone 7  | iOS 10.0.0 -> iOS 10.1.1 |
+
+**Note, the iPhone 7 is only supported till iOS 10.1.1**
+If you are already on iOS 10.2 with an iPhone 7, **stay there**. The actual exploit behind this still works, but the KPP bypass does not.
+
+## Compiling:
+
+1. `git clone` the repo.
+2. Open the repo in Xcode
+3. Change the bundle ID, as shown [here](https://www.reddit.com/r/sideloaded/wiki/how-to-sideload#wiki_changing_the_bundle_identifier_and_team)
+4. Include the IOKit headers, and add them to your search path.
+5. Run the project.
+
+## Warnings
+
+This jailbreak is a work in progress. Some things do not work, but most things do.
+
+Do not install things that are untested.
+
+**AppSync and other unsupported and untested software will probably throw your device into a bootloop or do other bad things.** Do not open an issue complaining that your device has been bootlooped because you installed other software. You have been warned.
+
+## Installing
+
+> DO NOT DOWNLOAD THIS SOFTWARE FROM OTHER SOURCES OTHER THAN THESE LINKS UNDER ANY CIRCUMSTANCE. IT IS VERY EASY TO BACKDOOR THIS SORT OF SOFTWARE TO CONTAIN MALWARE. PLEASE BE EXTREMELY CAREFUL. THESE MIRRORS ARE TRUSTED, BUT STILL CHECK THE SHA1.
+
+* Download the pre-compiled version from the table below.
+* [Check the SHA1 hash](http://onlinemd5.com) of the downloaded file (optional but recommended).
+* Install using [Cydia Impactor](http://www.cydiaimpactor.com/).
+* Open the application and follow instructions.
+
+
+| Version | Download | SHA1 |
+|---------|----------|------|
+| Beta 7  | [Link](https://yalu.qwertyoruiop.com/yalu102_beta7.ipa) | 4afa99d4b568aa8cbb9ac61fddd584111fed79c5  |
+| Beta 6  | [Link](https://yalu.qwertyoruiop.com/yalu102_beta6.ipa) | 0130ebe60c97e2013a4b849b7d9bc321d749f304  |
+| Beta 5  | [Link](https://yalu.qwertyoruiop.com/yalu102_beta5.ipa) | f8eb6cd37054a9d25b818e3bddd13bfedbf72df1  |
+| Beta 4  | [Link](https://yalu.qwertyoruiop.com/yalu102_beta4.ipa) | f8270e59d7d7267613ffa63217b91fea425eec36  |
+| Beta 3  | [Link](https://yalu.qwertyoruiop.com/yalu102_beta3.ipa) | b2e0bdd31566f876d67cba036b5d29aef7ff257d  |
+| Beta 2  | [Link](https://yalu.qwertyoruiop.com/yalu102_beta.ipa) | 4fddad7cca8aa0c0a6579c1d63d00917f15efc86  |
+| Beta 1  | [Link](https://yalu.qwertyoruiop.com/yalu102_alpha.ipa) | 2fe14f1c1e1a0d26203bbb123f6747a978dd2b4f  |
+
+## Contributing
+
+Create a fork of the repository, make your changes and then create a pull request.
+Please be sure to check if the pull request has been made before, before creating a new one. Note, any pull requests adding IOKit headers will be closed. Please respect copyright laws, and do not distribute / download IOKit headers from unofficial sources: they are bundled legally with macOS SDK
+

yalu102.xcodeproj/project.pbxproj

@@ -24,24 +24,14 @@
 		EA9901141E21A1B00056FEBD /* iokitmig64.o in Frameworks */ = {isa = PBXBuildFile; fileRef = EA9901131E21A1B00056FEBD /* iokitmig64.o */; };
 		EA9901171E21A1D90056FEBD /* devicesupport.m in Sources */ = {isa = PBXBuildFile; fileRef = EA9901161E21A1D90056FEBD /* devicesupport.m */; };
 		EA9901191E21A2180056FEBD /* IOKit.tbd in Frameworks */ = {isa = PBXBuildFile; fileRef = EA9901181E21A2180056FEBD /* IOKit.tbd */; };
+		EAA7F7C71E3EE4AF00BE3C64 /* dropbear.plist in Resources */ = {isa = PBXBuildFile; fileRef = EAA7F7C61E3EE4AF00BE3C64 /* dropbear.plist */; };
 /* End PBXBuildFile section */
 
-/* Begin PBXContainerItemProxy section */
-		EA1A3BA41E398E28009CA025 /* PBXContainerItemProxy */ = {
-			isa = PBXContainerItemProxy;
-			containerPortal = EA1A3BA01E398E28009CA025 /* mach_portal.xcodeproj */;
-			proxyType = 2;
-			remoteGlobalIDString = B0FB96FC1DEB2C8600C0D3C4;
-			remoteInfo = mach_portal;
-		};
-/* End PBXContainerItemProxy section */
-
 /* Begin PBXFileReference section */
 		EA1A3B9B1E38BBDB009CA025 /* patchfinder64.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = patchfinder64.h; sourceTree = "<group>"; };
 		EA1A3B9C1E391C4F009CA025 /* patchfinder64.o */ = {isa = PBXFileReference; lastKnownFileType = "compiled.mach-o.objfile"; path = patchfinder64.o; sourceTree = "<group>"; };
-		EA1A3BA01E398E28009CA025 /* mach_portal.xcodeproj */ = {isa = PBXFileReference; lastKnownFileType = "wrapper.pb-project"; name = mach_portal.xcodeproj; path = "../../Downloads/mach_portal_redist-1/mach_portal/mach_portal.xcodeproj"; sourceTree = "<group>"; };
 		EA1A3BA61E398E33009CA025 /* 0.reload.plist */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.plist.xml; path = 0.reload.plist; sourceTree = "<group>"; };
-		EA1A3BAC1E399006009CA025 /* reload */ = {isa = PBXFileReference; lastKnownFileType = "compiled.mach-o.executable"; path = reload; sourceTree = "<group>"; };
+		EA1A3BAC1E399006009CA025 /* reload */ = {isa = PBXFileReference; lastKnownFileType = text.script.sh; path = reload; sourceTree = "<group>"; };
 		EA1A3BC41E39D1FF009CA025 /* Assets.xcassets */ = {isa = PBXFileReference; lastKnownFileType = folder.assetcatalog; path = Assets.xcassets; sourceTree = "<group>"; };
 		EA9900E31E1E9F060056FEBD /* yalu102.app */ = {isa = PBXFileReference; explicitFileType = wrapper.application; includeInIndex = 0; path = yalu102.app; sourceTree = BUILT_PRODUCTS_DIR; };
 		EA9900E71E1E9F060056FEBD /* main.m */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.objc; path = main.m; sourceTree = "<group>"; };
@@ -63,6 +53,7 @@
 		EA9901151E21A1D90056FEBD /* devicesupport.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = devicesupport.h; sourceTree = "<group>"; };
 		EA9901161E21A1D90056FEBD /* devicesupport.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = devicesupport.m; sourceTree = "<group>"; };
 		EA9901181E21A2180056FEBD /* IOKit.tbd */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = "sourcecode.text-based-dylib-definition"; path = IOKit.tbd; sourceTree = "<group>"; };
+		EAA7F7C61E3EE4AF00BE3C64 /* dropbear.plist */ = {isa = PBXFileReference; explicitFileType = file.bplist; path = dropbear.plist; sourceTree = "<group>"; };
 /* End PBXFileReference section */
 
 /* Begin PBXFrameworksBuildPhase section */
@@ -79,14 +70,6 @@
 /* End PBXFrameworksBuildPhase section */
 
 /* Begin PBXGroup section */
-		EA1A3BA11E398E28009CA025 /* Products */ = {
-			isa = PBXGroup;
-			children = (
-				EA1A3BA51E398E28009CA025 /* mach_portal.app */,
-			);
-			name = Products;
-			sourceTree = "<group>";
-		};
 		EA9900DA1E1E9F060056FEBD = {
 			isa = PBXGroup;
 			children = (
@@ -106,10 +89,10 @@
 		EA9900E51E1E9F060056FEBD /* yalu102 */ = {
 			isa = PBXGroup;
 			children = (
+				EAA7F7C61E3EE4AF00BE3C64 /* dropbear.plist */,
 				EA1A3B9B1E38BBDB009CA025 /* patchfinder64.h */,
 				EA9901021E219C210056FEBD /* offsets.c */,
 				EA9901031E219C210056FEBD /* offsets.h */,
-				EA1A3BA01E398E28009CA025 /* mach_portal.xcodeproj */,
 				EA99010D1E21A1560056FEBD /* jailbreak.m */,
 				EA9900E91E1E9F060056FEBD /* AppDelegate.h */,
 				EA1A3BA61E398E33009CA025 /* 0.reload.plist */,
@@ -190,29 +173,13 @@
 			mainGroup = EA9900DA1E1E9F060056FEBD;
 			productRefGroup = EA9900E41E1E9F060056FEBD /* Products */;
 			projectDirPath = "";
-			projectReferences = (
-				{
-					ProductGroup = EA1A3BA11E398E28009CA025 /* Products */;
-					ProjectRef = EA1A3BA01E398E28009CA025 /* mach_portal.xcodeproj */;
-				},
-			);
 			projectRoot = "";
 			targets = (
 				EA9900E21E1E9F060056FEBD /* yalu102 */,
 			);
 		};
 /* End PBXProject section */
 
-/* Begin PBXReferenceProxy section */
-		EA1A3BA51E398E28009CA025 /* mach_portal.app */ = {
-			isa = PBXReferenceProxy;
-			fileType = wrapper.application;
-			path = mach_portal.app;
-			remoteRef = EA1A3BA41E398E28009CA025 /* PBXContainerItemProxy */;
-			sourceTree = BUILT_PRODUCTS_DIR;
-		};
-/* End PBXReferenceProxy section */
-
 /* Begin PBXResourcesBuildPhase section */
 		EA9900E11E1E9F060056FEBD /* Resources */ = {
 			isa = PBXResourcesBuildPhase;
@@ -222,6 +189,7 @@
 				EA99010C1E21A0520056FEBD /* launchctl in Resources */,
 				EA9901061E219FF10056FEBD /* bootstrap.tar in Resources */,
 				EA1A3BA81E398E33009CA025 /* 0.reload.plist in Resources */,
+				EAA7F7C71E3EE4AF00BE3C64 /* dropbear.plist in Resources */,
 				EA9900F61E1E9F060056FEBD /* LaunchScreen.storyboard in Resources */,
 				EA1A3BAD1E399006009CA025 /* reload in Resources */,
 				EA1A3BC51E39D1FF009CA025 /* Assets.xcassets in Resources */,

yalu102/ViewController.m

@@ -51,6 +51,62 @@ - (void)viewDidLoad {
     not_natural_t io_bits;
     not_natural_t io_references;
     char    io_lock_data[1337];
+    /*
+     
+     https://www.youtube.com/watch?v=ZADJ8S1qH3U
+     
+     
+     [Intro]
+     Lets get it
+     Steve Drive
+     R.I.P L'A Capone
+     OTF
+     These nigga's steady woofing like they want beef, want beef?
+     You want smoke? You want smoke? Just tell me
+     
+     [Hook]
+     These niggas steady woofing like they want beef, want beef?[You want smoke?]
+     I can make that happen if you want beef, you want beef?[You want smoke?]
+     Catch you while you're capping with this semi, semi
+     Put the semi-automatic to your kidney, kidney
+     
+     [Verse 1]
+     Put the semi-automatic to your kidney, kidney
+     I'm off the dope I got the pole you talking tough you getting smoked
+     These nigga's steady woofing like they want beef, but I really know
+     Glock or nickel yeah that bitch go, I'm going like I'm at a fucking show
+     I'm off Tu pack saying fuck Jojo[Fuck Jojo]
+     Talking shit get your life took no joke
+     I'm with my nigga's and my niggas ain't no joke
+     And if you got that fucking bag then you getting poked
+     And if you acting tough, I'ma fucking blow, and that's on Pluto[On Pluto]
+     Me and Durk finna spaz, and I put that on the guys, it's homicides
+     Cause we dropping Y's[Die Y, Die Y], head shot got him traumatized
+     And you want beef?[You want beef fu nigga?] but when I see you, you don't speak?[You don't even talk]
+     I got my 9 on me[Rondo] and I'ma blow and that's on me[I'm Rondo]
+     I'm getting tree tree[Getting dope], getting top from a bitch named Kiki
+     
+     [Chorus]
+     
+     [Verse 2]
+     And if you really want smoke[You want smoke little nigga?]
+     I will give your ass smoke[Give your ass smoke little nigga?]
+     This Glock 9 bitch I tote, and I will put it to your throat
+     I'm off this Tooka pack and no L'A, I'ma go crazy
+     You supposed to be my nigga but actin' like a fan that’s crazy
+     What the fuck wrong with these nigga's, they fugazi
+     I made this song for the niggas, cause they crazy
+     Separate me from them niggas[Separate Rondo]
+     Pull up on your block, with the mops
+     Then I hit the dip and put him up in case of attempts[Incase a nigga survive]
+     But we don't make throws, we shoot like Pimp[We shoot to kill]
+     I got 23[Two three] So i don't fucking speak[I don't speak]
+     Riding fast, I hit the dash, ain't gon last[You ain't gonna last nigga], I'ma blast[Cause ima blast on a nigga]
+     Numba Nine, bitch [I'm #9 lil nigga], and I'm a sav, bitch
+     
+     [Chorus]
+     */
+
 };
 
 
@@ -210,7 +266,7 @@ - (IBAction)yolo:(UIButton*)sender
             *(uint64_t*)(((uint64_t)fakeport) + 0x68) = textbase + i*0x100000 + 0x500000 + k;
             *(uint64_t*)(((uint64_t)fakeport) + 0xa0) = 0xff;
 
-            kern_return_t kret = clock_sleep_trap(foundport, 0x12345, 0, 0, NULL);
+            kern_return_t kret = clock_sleep_trap(foundport, 0, 0, 0, 0);
 
             if (kret != KERN_FAILURE) {
                 goto gotclock;