API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Feb 15th, 2019
92
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 23.68 KB | None | 0 0
raw download clone embed print report
  1. 2019-02-16 11:34:39.575251+0900 voucher_swap[315:8931] Unknown class TitleLabel in Interface Builder file.
  2. 2019-02-16 11:34:42.807173+0900 voucher_swap[315:8931] [MC] System group container for systemgroup.com.apple.configurationprofiles path is /private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles
  3. 2019-02-16 11:34:42.808893+0900 voucher_swap[315:8931] [MC] Reading from public effective user settings.
  4. 2019-02-16 11:34:44.093393+0900 voucher_swap[315:8931] [Snapshotting] Snapshotting a view (0x101402ed0, _UIReplicantView) that has not been rendered at least once requires afterScreenUpdates:YES.
  5. 2019-02-16 11:34:45.311559+0900 voucher_swap[315:8931] [Snapshotting] Snapshotting a view (0x10143a6a0, _UIReplicantView) that has not been rendered at least once requires afterScreenUpdates:YES.
  6. 4K device //<- detects 4K devices and show this.
  7. Exploit selected: v3ntex. //<- selected v3ntex and starts exploit.
  8. kern=Darwin Kernel Version 18.0.0: Tue Aug 14 22:07:17 PDT 2018; root:xnu-4903.202.2~1/RELEASE_ARM64_T7000
  9. real pipecnt=0x500
  10. service: 5a03
  11. client: 14827, (os/kern) successful
  12. newSurface: (os/kern) successful
  13. stuffport: 7807, (os/kern) successful
  14. mach_port_insert_right: (os/kern) successful
  15. mach_msg: (os/kern) successful
  16. herp derp
  17. task_swap_mach_voucher: (os/kern) successful
  18. port_address=0xfffffff07b964c38
  19. fake_voucher_idx=6314
  20. fake_voucher_jdx=22
  21. Shifted Port!
  22. kport.ip_kobject=0xfffffff07ba64700
  23. sprayed pipecnt=0x500
  24. targetVoucher->iv_port=0xfffffff07ba64000
  25. final buf realloc :o
  26. reallocate_buf: (os/kern) successful
  27. replacing real_port_to_fake_voucher...
  28. old real_port_to_fake_voucher=4220419
  29. new real_port_to_fake_voucher=4483843
  30. p->ip_srights=100
  31. gfakeport_idx=121
  32. useport_addr=0xfffffff07b964b90
  33. Attempting read
  34. test=0x6580000002
  35. realport_addr=0xfffffff072bfca00
  36. itk_space=0xfffffff072ad2c00
  37. self_task=0xfffffff0739642a0
  38. IOSurfaceRootUserClient_port=0xfffffff07266e370
  39. IOSurfaceRootUserClient_addr=0xfffffff0752691c0
  40. IOSurfaceRootUserClient_vtab=0xfffffff017754d40
  41. Kernel base: 0xfffffff017204000
  42. Kernel Magic: 0xfeedfacf
  43. Kernel slide: 0x10200000
  44. Our task port: 0xfffffff074c7b7e0
  45. Kernel vm_map: 0xfffffff070b7e7c8
  46. Our ip_receiver: 0xfffffff071a10030
  47. Updating port for tfp0...
  48. Did we get tfp0?
  49. Attempting kalloc
  50. Allocated? 0xfffffff000890000
  51. Attempting write
  52. Read back: 0x4141414141414141
  53. Building safer tfp0
  54. fake_kernel_task_kaddr: fffffff000890000
  55. read fake_task_refs: d00d
  56. about to test new tfp0
  57. kernel read via second tfp0 port worked?
  58. 0x0000000000420000
  59. 0x0000000000000000
  60. 0xfffffff070b888e0
  61. 0xfffffff070b88840
  62. Built safer tfp0: 446a03!
  63. Cleaning up...
  64. some kernel:
  65. CF FA ED FE 0C 00 00 01 00 00 00 00 02 00 00 00 | ................
  66. 16 00 00 00 58 11 00 00 01 00 20 00 00 00 00 00 | ....X..... .....
  67. 19 00 00 00 28 02 00 00 5F 5F 54 45 58 54 00 00 | ....(...__TEXT..
  68. 00 00 00 00 00 00 00 00 00 40 20 17 F0 FF FF FF | .........@ .....
  69. 00 80 49 00 00 00 00 00 00 00 00 00 00 00 00 00 | ..I.............
  70. 00 80 49 00 00 00 00 00 05 00 00 00 05 00 00 00 | ..I.............
  71. 06 00 00 00 00 00 00 00 5F 5F 63 6F 6E 73 74 00 | ........__const.
  72. 00 00 00 00 00 00 00 00 5F 5F 54 45 58 54 00 00 | ........__TEXT..
  73. 00 00 00 00 00 00 00 00 E0 5A 20 17 F0 FF FF FF | .........Z .....
  74. 88 CD 21 00 00 00 00 00 E0 1A 00 00 05 00 00 00 | ..!.............
  75. 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
  76. 00 00 00 00 00 00 00 00 5F 5F 63 73 74 72 69 6E | ........__cstrin
  77. 67 00 00 00 00 00 00 00 5F 5F 54 45 58 54 00 00 | g.......__TEXT..
  78. 00 00 00 00 00 00 00 00 68 28 42 17 F0 FF FF FF | ........h(B.....
  79. 2F 82 24 00 00 00 00 00 68 E8 21 00 00 00 00 00 | /.$.....h.!.....
  80. 00 00 00 00 00 00 00 00 02 00 00 00 00 00 00 00 | ................
  81. 00 00 00 00 00 00 00 00 5F 5F 6F 73 5F 6C 6F 67 | ........__os_log
  82. 00 00 00 00 00 00 00 00 5F 5F 54 45 58 54 00 00 | ........__TEXT..
  83. 00 00 00 00 00 00 00 00 97 AA 66 17 F0 FF FF FF | ..........f.....
  84. FF 0D 03 00 00 00 00 00 97 6A 46 00 00 00 00 00 | .........jF.....
  85. 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
  86. 00 00 00 00 00 00 00 00 5F 5F 66 69 70 73 5F 68 | ........__fips_h
  87. 6D 61 63 73 00 00 00 00 5F 5F 54 45 58 54 00 00 | macs....__TEXT..
  88. 00 00 00 00 00 00 00 00 96 B8 69 17 F0 FF FF FF | ..........i.....
  89. 20 00 00 00 00 00 00 00 96 78 49 00 00 00 00 00 | ........xI.....
  90. 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
  91. 00 00 00 00 00 00 00 00 5F 5F 69 6E 66 6F 5F 70 | ........__info_p
  92. 6C 69 73 74 00 00 00 00 5F 5F 54 45 58 54 00 00 | list....__TEXT..
  93. 00 00 00 00 00 00 00 00 B6 B8 69 17 F0 FF FF FF | ..........i.....
  94. ED 04 00 00 00 00 00 00 B6 78 49 00 00 00 00 00 | .........xI.....
  95. 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
  96. 00 00 00 00 00 00 00 00 5F 5F 74 68 72 65 61 64 | ........__thread
  97. 5F 73 74 61 72 74 73 00 5F 5F 54 45 58 54 00 00 | _starts.__TEXT..
  98. 00 00 00 00 00 00 00 00 A4 BD 69 17 F0 FF FF FF | ..........i.....
  99. 58 02 00 00 00 00 00 00 A4 7D 49 00 02 00 00 00 | X........}I.....
  100. 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
  101. 00 00 00 00 00 00 00 00 19 00 00 00 38 01 00 00 | ............8...
  102. 5F 5F 44 41 54 41 5F 43 4F 4E 53 54 00 00 00 00 | __DATA_CONST....
  103. 00 C0 69 17 F0 FF FF FF 00 80 1D 00 00 00 00 00 | ..i.............
  104. 00 80 49 00 00 00 00 00 00 80 1D 00 00 00 00 00 | ..I.............
  105. 03 00 00 00 03 00 00 00 03 00 00 00 00 00 00 00 | ................
  106. 5F 5F 6D 6F 64 5F 69 6E 69 74 5F 66 75 6E 63 00 | __mod_init_func.
  107. 5F 5F 44 41 54 41 5F 43 4F 4E 53 54 00 00 00 00 | __DATA_CONST....
  108. 00 C0 69 17 F0 FF FF FF 20 02 00 00 00 00 00 00 | ..i..... .......
  109. 00 80 49 00 03 00 00 00 00 00 00 00 00 00 00 00 | ..I.............
  110. 09 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
  111. 5F 5F 6D 6F 64 5F 74 65 72 6D 5F 66 75 6E 63 00 | __mod_term_func.
  112. 5F 5F 44 41 54 41 5F 43 4F 4E 53 54 00 00 00 00 | __DATA_CONST....
  113. 20 C2 69 17 F0 FF FF FF 18 02 00 00 00 00 00 00 | .i.............
  114. 20 82 49 00 03 00 00 00 00 00 00 00 00 00 00 00 | .I.............
  115. 0A 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
  116. 5F 5F 63 6F 6E 73 74 00 00 00 00 00 00 00 00 00 | __const.........
  117. 5F 5F 44 41 54 41 5F 43 4F 4E 53 54 00 00 00 00 | __DATA_CONST....
  118. 40 C4 69 17 F0 FF FF FF C0 76 1D 00 00 00 00 00 | @.i......v......
  119. 40 84 49 00 04 00 00 00 00 00 00 00 00 00 00 00 | @.I.............
  120. 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
  121. 19 00 00 00 E8 00 00 00 5F 5F 54 45 58 54 5F 45 | ........__TEXT_E
  122. 58 45 43 00 00 00 00 00 00 40 87 17 F0 FF FF FF | XEC......@......
  123. 00 C0 27 01 00 00 00 00 00 00 67 00 00 00 00 00 | ..'.......g.....
  124. 00 C0 27 01 00 00 00 00 05 00 00 00 05 00 00 00 | ..'.............
  125. 02 00 00 00 00 00 00 00 5F 5F 74 65 78 74 00 00 | ........__text..
  126. 00 00 00 00 00 00 00 00 5F 5F 54 45 58 54 5F 45 | ........__TEXT_E
  127. 58 45 43 00 00 00 00 00 00 40 87 17 F0 FF FF FF | XEC......@......
  128. 48 84 27 01 00 00 00 00 00 00 67 00 0E 00 00 00 | H.'.......g.....
  129. 00 00 00 00 00 00 00 00 00 04 00 80 00 00 00 00 | ................
  130. 00 00 00 00 00 00 00 00 69 6E 69 74 63 6F 64 65 | ........initcode
  131. 00 00 00 00 00 00 00 00 5F 5F 54 45 58 54 5F 45 | ........__TEXT_E
  132. 58 45 43 00 00 00 00 00 48 C4 AE 18 F0 FF FF FF | XEC.....H.......
  133. 8C 07 00 00 00 00 00 00 48 84 8E 01 02 00 00 00 | ........H.......
  134. 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
  135. 00 00 00 00 00 00 00 00 19 00 00 00 E8 00 00 00 | ................
  136. 5F 5F 4C 41 53 54 00 00 00 00 00 00 00 00 00 00 | __LAST..........
  137. 00 00 AF 18 F0 FF FF FF 00 40 00 00 00 00 00 00 | .........@......
  138. 00 C0 8E 01 00 00 00 00 00 40 00 00 00 00 00 00 | .........@......
  139. 03 00 00 00 03 00 00 00 02 00 00 00 00 00 00 00 | ................
  140. 5F 5F 6D 6F 64 5F 69 6E 69 74 5F 66 75 6E 63 00 | __mod_init_func.
  141. 5F 5F 4C 41 53 54 00 00 00 00 00 00 00 00 00 00 | __LAST..........
  142. 00 00 AF 18 F0 FF FF FF 08 00 00 00 00 00 00 00 | ................
  143. 00 C0 8E 01 03 00 00 00 00 00 00 00 00 00 00 00 | ................
  144. 09 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
  145. 5F 5F 6C 61 73 74 00 00 00 00 00 00 00 00 00 00 | __last..........
  146. 5F 5F 4C 41 53 54 00 00 00 00 00 00 00 00 00 00 | __LAST..........
  147. 08 00 AF 18 F0 FF FF FF 00 00 00 00 00 00 00 00 | ................
  148. 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
  149. 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
  150. 19 00 00 00 28 02 00 00 5F 5F 4B 4C 44 00 00 00 | ....(...__KLD...
  151. 00 00 00 00 00 00 00 00 00 40 AF 18 F0 FF FF FF | .........@......
  152. 00 40 00 00 00 00 00 00 00 00 8F 01 00 00 00 00 | .@..............
  153. 00 40 00 00 00 00 00 00 03 00 00 00 03 00 00 00 | .@..............
  154. 06 00 00 00 00 00 00 00 5F 5F 74 65 78 74 00 00 | ........__text..
  155. 00 00 00 00 00 00 00 00 5F 5F 4B 4C 44 00 00 00 | ........__KLD...
  156. 00 00 00 00 00 00 00 00 00 40 AF 18 F0 FF FF FF | .........@......
  157. CC 17 00 00 00 00 00 00 00 00 8F 01 02 00 00 00 | ................
  158. 00 00 00 00 00 00 00 00 00 04 00 80 00 00 00 00 | ................
  159. 00 00 00 00 00 00 00 00 5F 5F 63 73 74 72 69 6E | ........__cstrin
  160. 67 00 00 00 00 00 00 00 5F 5F 4B 4C 44 00 00 00 | g.......__KLD...
  161. 00 00 00 00 00 00 00 00 CC 57 AF 18 F0 FF FF FF | .........W......
  162. DB 07 00 00 00 00 00 00 CC 17 8F 01 00 00 00 00 | ................
  163. 00 00 00 00 00 00 00 00 02 00 00 00 00 00 00 00 | ................
  164. 00 00 00 00 00 00 00 00 5F 5F 63 6F 6E 73 74 00 | ........__const.
  165. 00 00 00 00 00 00 00 00 5F 5F 4B 4C 44 00 00 00 | ........__KLD...
  166. 00 00 00 00 00 00 00 00 A8 5F AF 18 F0 FF FF FF | ........._......
  167. 68 00 00 00 00 00 00 00 A8 1F 8F 01 03 00 00 00 | h...............
  168. 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
  169. 00 00 00 00 00 00 00 00 5F 5F 6D 6F 64 5F 69 6E | ........__mod_in
  170. 69 74 5F 66 75 6E 63 00 5F 5F 4B 4C 44 00 00 00 | it_func.__KLD...
  171. 00 00 00 00 00 00 00 00 10 60 AF 18 F0 FF FF FF | .........`......
  172. 08 00 00 00 00 00 00 00 10 20 8F 01 03 00 00 00 | ......... ......
  173. 00 00 00 00 00 00 00 00 09 00 00 00 00 00 00 00 | ................
  174. 00 00 00 00 00 00 00 00 5F 5F 6D 6F 64 5F 74 65 | ........__mod_te
  175. 72 6D 5F 66 75 6E 63 00 5F 5F 4B 4C 44 00 00 00 | rm_func.__KLD...
  176. 00 00 00 00 00 00 00 00 18 60 AF 18 F0 FF FF FF | .........`......
  177. 08 00 00 00 00 00 00 00 18 20 8F 01 03 00 00 00 | ......... ......
  178. 00 00 00 00 00 00 00 00 0A 00 00 00 00 00 00 00 | ................
  179. 00 00 00 00 00 00 00 00 5F 5F 62 73 73 00 00 00 | ........__bss...
  180. 00 00 00 00 00 00 00 00 5F 5F 4B 4C 44 00 00 00 | ........__KLD...
  181. 00 00 00 00 00 00 00 00 20 60 AF 18 F0 FF FF FF | ........ `......
  182. 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
  183. 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 | ................
  184. 00 00 00 00 00 00 00 00 19 00 00 00 78 02 00 00 | ............x...
  185. 5F 5F 44 41 54 41 00 00 00 00 00 00 00 00 00 00 | __DATA..........
  186. 00 80 AF 18 F0 FF FF FF 00 80 18 00 00 00 00 00 | ................
  187. 00 40 8F 01 00 00 00 00 00 40 0F 00 00 00 00 00 | .@.......@......
  188. 03 00 00 00 03 00 00 00 07 00 00 00 00 00 00 00 | ................
  189. 5F 5F 6B 6D 6F 64 5F 69 6E 69 74 00 00 00 00 00 | __kmod_init.....
  190. 5F 5F 44 41 54 41 00 00 00 00 00 00 00 00 00 00 | __DATA..........
  191. 00 80 AF 18 F0 FF FF FF 30 26 00 00 00 00 00 00 | ........0&......
  192. 00 40 8F 01 03 00 00 00 00 00 00 00 00 00 00 00 | .@..............
  193. 09 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
  194. 5F 5F 6B 6D 6F 64 5F 74 65 72 6D 00 00 00 00 00 | __kmod_term.....
  195. 5F 5F 44 41 54 41 00 00 00 00 00 00 00 00 00 00 | __DATA..........
  196. 30 A6 AF 18 F0 FF FF FF C0 25 00 00 00 00 00 00 | 0........%......
  197. 30 66 8F 01 03 00 00 00 00 00 00 00 00 00 00 00 | 0f..............
  198. 0A 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
  199. 5F 5F 64 61 74 61 00 00 00 00 00 00 00 00 00 00 | __data..........
  200. 5F 5F 44 41 54 41 00 00 00 00 00 00 00 00 00 00 | __DATA..........
  201. 00 00 B0 18 F0 FF FF FF A0 E9 06 00 00 00 00 00 | ................
  202. 00 C0 8F 01 0E 00 00 00 00 00 00 00 00 00 00 00 | ................
  203. 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
  204. 5F 5F 73 79 73 63 74 6C 5F 73 65 74 00 00 00 00 | __sysctl_set....
  205. 5F 5F 44 41 54 41 00 00 00 00 00 00 00 00 00 00 | __DATA..........
  206. A0 E9 B6 18 F0 FF FF FF D8 24 00 00 00 00 00 00 | .........$......
  207. A0 A9 96 01 00 00 00 00 00 00 00 00 00 00 00 00 | ................
  208. 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
  209. 5F 5F 66 69 72 6D 77 61 72 65 00 00 00 00 00 00 | __firmware......
  210. 5F 5F 44 41 54 41 00 00 00 00 00 00 00 00 00 00 | __DATA..........
  211. 00 10 B7 18 F0 FF FF FF D0 87 07 00 00 00 00 00 | ................
  212. 00 D0 96 01 0C 00 00 00 00 00 00 00 00 00 00 00 | ................
  213. 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
  214. 5F 5F 63 6F 6D 6D 6F 6E 00 00 00 00 00 00 00 00 | __common........
  215. 5F 5F 44 41 54 41 00 00 00 00 00 00 00 00 00 00 | __DATA..........
  216. 00 A0 BE 18 F0 FF FF FF 98 65 06 00 00 00 00 00 | .........e......
  217. 00 00 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 | ................
  218. 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
  219. 5F 5F 62 73 73 00 00 00 00 00 00 00 00 00 00 00 | __bss...........
  220. 5F 5F 44 41 54 41 00 00 00 00 00 00 00 00 00 00 | __DATA..........
  221. 00 10 C5 18 F0 FF FF FF 98 EF 02 00 00 00 00 00 | ................
  222. 00 00 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 | ................
  223. 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
  224. 19 00 00 00 98 00 00 00 5F 5F 42 4F 4F 54 44 41 | ........__BOOTDA
  225. 54 41 00 00 00 00 00 00 00 00 C8 18 F0 FF FF FF | TA..............
  226. 00 80 01 00 00 00 00 00 00 80 9E 01 00 00 00 00 | ................
  227. 00 80 01 00 00 00 00 00 03 00 00 00 03 00 00 00 | ................
  228. 01 00 00 00 00 00 00 00 5F 5F 64 61 74 61 00 00 | ........__data..
  229. 00 00 00 00 00 00 00 00 5F 5F 42 4F 4F 54 44 41 | ........__BOOTDA
  230. 54 41 00 00 00 00 00 00 00 00 C8 18 F0 FF FF FF | TA..............
  231. 00 80 01 00 00 00 00 00 00 80 9E 01 0E 00 00 00 | ................
  232. 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
  233. 00 00 00 00 00 00 00 00 19 00 00 00 38 01 00 00 | ............8...
  234. 5F 5F 50 52 45 4C 49 4E 4B 5F 49 4E 46 4F 00 00 | __PRELINK_INFO..
  235. 00 80 C9 18 F0 FF FF FF 00 00 0B 00 00 00 00 00 | ................
  236. 00 00 A0 01 00 00 00 00 00 00 0B 00 00 00 00 00 | ................
  237. 03 00 00 00 03 00 00 00 03 00 00 00 00 00 00 00 | ................
  238. 5F 5F 6B 6D 6F 64 5F 69 6E 66 6F 00 00 00 00 00 | __kmod_info.....
  239. 5F 5F 50 52 45 4C 49 4E 4B 5F 49 4E 46 4F 00 00 | __PRELINK_INFO..
  240. 00 80 C9 18 F0 FF FF FF 98 05 00 00 00 00 00 00 | ................
  241. 00 00 A0 01 03 00 00 00 00 00 00 00 00 00 00 00 | ................
  242. 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
  243. 5F 5F 6B 6D 6F 64 5F 73 74 61 72 74 00 00 00 00 | __kmod_start....
  244. 5F 5F 50 52 45 4C 49 4E 4B 5F 49 4E 46 4F 00 00 | __PRELINK_INFO..
  245. 98 85 C9 18 F0 FF FF FF A0 05 00 00 00 00 00 00 | ................
  246. 98 05 A0 01 03 00 00 00 00 00 00 00 00 00 00 00 | ................
  247. 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
  248. 5F 5F 69 6E 66 6F 00 00 00 00 00 00 00 00 00 00 | __info..........
  249. 5F 5F 50 52 45 4C 49 4E 4B 5F 49 4E 46 4F 00 00 | __PRELINK_INFO..
  250. 38 8B C9 18 F0 FF FF FF 9B E9 0A 00 00 00 00 00 | 8...............
  251. 38 0B A0 01 00 00 00 00 00 00 00 00 00 00 00 00 | 8...............
  252. 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
  253. 19 00 00 00 98 00 00 00 5F 5F 50 52 45 4C 49 4E | ........__PRELIN
  254. 4B 5F 54 45 58 54 00 00 00 40 20 14 F0 FF FF FF | K_TEXT...@ .....
  255. 00 00 00 00 00 00 00 00 00 00 AB 01 00 00 00 00 | ................
  256. 00 00 00 00 00 00 00 00 03 00 00 00 03 00 00 00 | ................
  257. 01 00 00 00 04 00 00 00 5F 5F 74 65 78 74 00 00 | ........__text..
  258. 00 00 00 00 00 00 00 00 5F 5F 50 52 45 4C 49 4E | ........__PRELIN
  259. 4B 5F 54 45 58 54 00 00 00 40 20 14 F0 FF FF FF | K_TEXT...@ .....
  260. 00 00 00 00 00 00 00 00 00 00 AB 01 00 00 00 00 | ................
  261. 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
  262. 00 00 00 00 00 00 00 00 19 00 00 00 98 00 00 00 | ................
  263. 5F 5F 50 4C 4B 5F 54 45 58 54 5F 45 58 45 43 00 | __PLK_TEXT_EXEC.
  264. 00 80 D4 18 F0 FF FF FF 00 00 00 00 00 00 00 00 | ................
  265. 00 00 AB 01 00 00 00 00 00 00 00 00 00 00 00 00 | ................
  266. 03 00 00 00 03 00 00 00 01 00 00 00 04 00 00 00 | ................
  267. 5F 5F 74 65 78 74 00 00 00 00 00 00 00 00 00 00 | __text..........
  268. 5F 5F 50 4C 4B 5F 54 45 58 54 5F 45 58 45 43 00 | __PLK_TEXT_EXEC.
  269. 00 80 D4 18 F0 FF FF FF 00 00 00 00 00 00 00 00 | ................
  270. 00 00 AB 01 00 00 00 00 00 00 00 00 00 00 00 00 | ................
  271. 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
  272. 19 00 00 00 98 00 00 00 5F 5F 50 52 45 4C 49 4E | ........__PRELIN
  273. 4B 5F 44 41 54 41 00 00 00 80 D4 18 F0 FF FF FF | K_DATA..........
  274. 00 00 00 00 00 00 00 00 00 00 AB 01 00 00 00 00 | ................
  275. 00 00 00 00 00 00 00 00 03 00 00 00 03 00 00 00 | ................
  276. 01 00 00 00 04 00 00 00 5F 5F 64 61 74 61 00 00 | ........__data..
  277. 00 00 00 00 00 00 00 00 5F 5F 50 52 45 4C 49 4E | ........__PRELIN
  278. 4B 5F 44 41 54 41 00 00 00 80 D4 18 F0 FF FF FF | K_DATA..........
  279. 00 00 00 00 00 00 00 00 00 00 AB 01 00 00 00 00 | ................
  280. 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
  281. 00 00 00 00 00 00 00 00 19 00 00 00 98 00 00 00 | ................
  282. 5F 5F 50 4C 4B 5F 44 41 54 41 5F 43 4F 4E 53 54 | __PLK_DATA_CONST
  283. 00 80 D4 18 F0 FF FF FF 00 00 00 00 00 00 00 00 | ................
  284. 00 00 AB 01 00 00 00 00 00 00 00 00 00 00 00 00 | ................
  285. 03 00 00 00 03 00 00 00 01 00 00 00 04 00 00 00 | ................
  286. 5F 5F 64 61 74 61 00 00 00 00 00 00 00 00 00 00 | __data..........
  287. 5F 5F 50 4C 4B 5F 44 41 54 41 5F 43 4F 4E 53 54 | __PLK_DATA_CONST
  288. 00 80 D4 18 F0 FF FF FF 00 00 00 00 00 00 00 00 | ................
  289. 00 00 AB 01 00 00 00 00 00 00 00 00 00 00 00 00 | ................
  290. 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
  291. 19 00 00 00 98 00 00 00 5F 5F 50 4C 4B 5F 4C 4C | ........__PLK_LL
  292. 56 4D 5F 43 4F 56 00 00 00 80 D4 18 F0 FF FF FF | VM_COV..........
  293. 00 00 00 00 00 00 00 00 00 00 AB 01 00 00 00 00 | ................
  294. 00 00 00 00 00 00 00 00 03 00 00 00 03 00 00 00 | ................
  295. 01 00 00 00 04 00 00 00 5F 5F 6C 6C 76 6D 5F 63 | ........__llvm_c
  296. 6F 76 6D 61 70 00 00 00 5F 5F 50 4C 4B 5F 4C 4C | ovmap...__PLK_LL
  297. 56 4D 5F 43 4F 56 00 00 00 80 D4 18 F0 FF FF FF | VM_COV..........
  298. 00 00 00 00 00 00 00 00 00 00 AB 01 00 00 00 00 | ................
  299. 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
  300. 00 00 00 00 00 00 00 00 19 00 00 00 98 00 00 00 | ................
  301. 5F 5F 50 4C 4B 5F 4C 49 4E 4B 45 44 49 54 00 00 | __PLK_LINKEDIT..
  302. 00 80 D4 18 F0 FF FF FF 00 00 00 00 00 00 00 00 | ................
  303. 00 00 AB 01 00 00 00 00 00 00 00 00 00 00 00 00 | ................
  304. 03 00 00 00 03 00 00 00 01 00 00 00 04 00 00 00 | ................
  305. 5F 5F 64 61 74 61 00 00 00 00 00 00 00 00 00 00 | __data..........
  306. 5F 5F 50 4C 4B 5F 4C 49 4E 4B 45 44 49 54 00 00 | __PLK_LINKEDIT..
  307. 00 80 D4 18 F0 FF FF FF 00 00 00 00 00 00 00 00 | ................
  308. 00 00 AB 01 00 00 00 00 00 00 00 00 00 00 00 00 | ................
  309. 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
  310. 19 00 00 00 48 00 00 00 5F 5F 4C 49 4E 4B 45 44 | ....H...__LINKED
  311. 49 54 00 00 00 00 00 00 00 80 D4 18 F0 FF FF FF | IT..............
  312. 78 6F 01 00 00 00 00 00 00 00 AB 01 00 00 00 00 | xo..............
  313. 78 6F 01 00 00 00 00 00 01 00 00 00 01 00 00 00 | xo..............
  314. 00 00 00 00 00 00 00 00 02 00 00 00 18 00 00 00 | ................
  315. 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
  316. 0B 00 00 00 50 00 00 00 00 00 00 00 00 00 00 00 | ....P...........
  317. 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
  318. 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
  319. 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
  320. 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
  321. lol //Exploit succeed
  322. Getting root... //tons of errors
  323. [-] mach_vm_read_overwrite returned 268435459: (ipc/send) invalid destination port
  324. [-] could not read address 0x0000000000000000
  325. [-] mach_vm_read_overwrite returned 268435459: (ipc/send) invalid destination port
  326. [-] could not read address 0x00000000000000f7
  327. [-] mach_vm_write returned 268435459: (ipc/send) invalid destination port
  328. [-] could not write address 0x0000000000000027
  329. [-] mach_vm_write returned 268435459: (ipc/send) invalid destination port
  330. [-] could not write address 0x000000000000002f
  331. [-] mach_vm_write returned 268435459: (ipc/send) invalid destination port
  332. [-] could not write address 0x0000000000000017
  333. [-] mach_vm_write returned 268435459: (ipc/send) invalid destination port
  334. [-] could not write address 0x000000000000001b
  335. [-] mach_vm_write returned 268435459: (ipc/send) invalid destination port
  336. [-] could not write address 0x000000000000001f
  337. [+] Overwritten UID to 0 for proc 0xffffffffffffffff
  338. [-] mach_vm_read_overwrite returned 268435459: (ipc/send) invalid destination port
  339. [-] could not read address 0x00000000000000f7
  340. [-] mach_vm_write returned 268435459: (ipc/send) invalid destination port
  341. [-] could not write address 0x000000000000002b
  342. [-] mach_vm_write returned 268435459: (ipc/send) invalid destination port
  343. [-] could not write address 0x0000000000000033
  344. [-] mach_vm_write returned 268435459: (ipc/send) invalid destination port
  345. [-] could not write address 0x0000000000000067
  346. [-] mach_vm_write returned 268435459: (ipc/send) invalid destination port
  347. [-] could not write address 0x000000000000006b
  348. [+] Overwritten GID to 0 for proc 0xffffffffffffffff
  349. UID: 501 //<- It needs to be "UID: 0"
  350. Unsandboxing... //tons of errors
  351. [-] mach_vm_read_overwrite returned 268435459: (ipc/send) invalid destination port
  352. [-] could not read address 0x0000000000000000
  353. [+] Unsandboxed proc 0xffffffffffffffff
  354. [-] mach_vm_read_overwrite returned 268435459: (ipc/send) invalid destination port
  355. [-] could not read address 0x00000000000000f7
  356. [-] mach_vm_read_overwrite returned 268435459: (ipc/send) invalid destination port
  357. [-] could not read address 0x0000000000000077
  358. [-] mach_vm_read_overwrite returned 268435459: (ipc/send) invalid destination port
  359. [-] could not read address 0x000000000000000f
  360. [-] mach_vm_write returned 268435459: (ipc/send) invalid destination port
  361. [-] could not write address 0x000000000000000f
  362. [-] mach_vm_read_overwrite returned 268435459: (ipc/send) invalid destination port
  363. [-] could not read address 0x0000000000000000
  364. [-] mach_vm_read_overwrite returned 268435459: (ipc/send) invalid destination port
  365. [-] could not read address 0x00000000000000f7
  366. [-] mach_vm_read_overwrite returned 268435459: (ipc/send) invalid destination port
  367. [-] could not read address 0x0000000000000077
  368. [-] mach_vm_read_overwrite returned 268435459: (ipc/send) invalid destination port
  369. [-] could not read address 0x000000000000000f
  370. Unsandboxed: 0 //<- It needs to be "Unsandboxed: 1"
  371. Success! //<-Ignore this, This always show up.
  372. Failed to make a backup checker //<- This because failed to unsandbox.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!