Toggle sidebar

Hacking Question Payload loader for iOS?

  • Thread starter Thread starter Enovale
  • Start date Start date
  • Views Views 82,530
  • Replies Replies 222
  • Likes Likes 1
mologie said:
Hi gents, /r/jailbreak linked me to this thread. We've been working on the same problem in the past few weeks and with the iOS 11.3.1 jailbreak release I could finally complete and test mine. I'll post a write-up on my blog and link to it in this thread soon-ish.

@JustBrandonT I gave your PoC a try on my iPad with iOS 11.3.1, but found that it simply crashes the device while nothing happens on the Switch's end, so there may still be room for collaboration to create one implementation that works on all iOS versions. Ideally I'd aim to support iOS 9 to iOS 11, as these seem to be the most common jailbroken iOS versions out there that can be supported with reasonable effort.
Click to expand...

Hey, I'm also visiting /r/jailbreak. Just saw that the 11.4.1 b3 jailbreak is out. I'm going to downgrade my iPhone-X and jailbreak and see how it goes.

Edit: Just jailbroke my iPhone-X on 11.4 b3.

Couldn't jailbreak the iPhone 6S so it's stuck on 10.3.3 jailbroken still. =]
 
Last edited by JustBrandonT,
I am ready to go

463128FC-619C-4DC9-8803-2FC9EB9A55FA.jpeg
 
Im interested in testing this too, on jailbroken 11.3.1, iPhone 7+. Stalling out for a while before I install a trinket.
 
Hmm.. I just tested on iOS 11.4 b3.. Does NOT work!
It seems that the Electra and other jailbreaks does NOT grant root permissions like the DoubleH3lix jailbreak and that you'd have to explicitly request root permissions. I've tried it but the app will crash on launch trying to request permissions with:

https://github.com/coolstar/electra/blob/master/docs/getting-started.md

but again, it will crash on launch with access violation.. Not sure how else to get root for the app. Because of this, libusb and any raw USB access with throw "Out of Resources" error.. IE: aka root access. In other words, it will "read" the USB port but cannot write.
 
I'm looking for testers for my app that I demo'd in the above video. It works on iOS 11.3.1 on my iPad Air 1, but I'd be interested to hear about other configurations prior to the public release. A jailbreak is required. It supports loading any payload (Hekate, SX OS, etc.) by importing it via the GUI, can quickly switch between payloads via 'boot profiles,' and can boot Lakka/Coreboot/Linux.

Since I don't have enough posts yet here to receive PMs (just signed up) and PMs are a mess to organize anyway, please send me an email with your:
  • Device model
  • iOS version
  • OTG adapter type
and I'll get back to you with download info. You can find my email in the footer of mologie.github.io/blog/

NOTE: If you're reading this just now and the current date is ≥ 2018-07-14 then don't send an e-mail, because the testing phase is likely over already :)

Thanks!
 
  • Like
Reactions: ConorsFlying, coned_miro and ccprodigy
An unofficial OTG cable w/ lightning power is failing with error:

Error: Payload write failed at offset 4096 with code e00002d6
 
Just got done doing a bunch of tests. This is a FANTASTIC piece of utility!

It works flawlessly on: iphone 7 10.1.1 with mach_portal+extra_recipe, iphone X on 11.3.1 with electra vfs (haven't needed to reboot to try mp+tcp, shouldn't be any different anyways), ipad pro 1st Gen on 10.2 with yalu, and ipad mini 2 on 10.2.1 with doubleh3lix. I am using the apple usb 3.0 adapter, and in case anyone was unsure or confused, this does not need to have power routed to it. It simply needs to sit between the cable going from the switch to the phone/tablet.

The payload selector works totally fine even without the files app itself on ios10 (it allows browsing icloud drive and google drive so I simply uploaded the payloads to gdrive once and transferred, made profiles for each payload on every device). SXOS, hekate 2.3 and hekate 3.2 all load perfectly fine, several times on each payload without a single error.

It's worth noting that even if nxloader on android does the same thing, I was impressed by both how quickly and automatically the payloads were being launched. The toggle for whether to send a payload automatically is a nice touch. If you have autoRCM enabled, you can select the new payload, simply power down the switch and within a few seconds your selected payload will be sent as soon as RCM gets toggled due to autoRCM. Choosing reboot to RCM or power down in hekate while connected to the switch is a 3-5 second process to have a new payload sent to the switch.

Also, despite having to use the usb 3.0 adapter, this is totally fine because the only "better" alternative (if it worked) would be to carry my only usb-c to lightning cable, which I leave the expensive power brick for at home anyways. I hardly ever use the usb3 adapter so that can just travel with the switch and I can use any of the ten or so lightning-usb cables I have instead!
 
There is a public release for the utility now. I've created a new thread for visibility in this forum section. Thanks to all the testers for your feedback!

Project website: mologie.github.io/nxboot/
 
mologie said:
There is a public release for the utility now. I've created a new thread for visibility in this forum section. Thanks to all the testers for your feedback!

Project website: mologie.github.io/nxboot/
Click to expand...

Any chance of iOS 9.3.3 support?
 
I got this USB C cable from my mayflash Controller Dongle. Can i host a payload with jailbroken iphone with that and a normal Lightning cable?
 

Attachments

  • image.jpg
    image.jpg
    1.8 MB · Views: 356

Site & Scene News

Go to forum More news

Popular threads in this forum

Dusk for switch (TLoZ Twilight Princess port)

Homebrew  New Homebrew "Foil Server"?

Homebrew  Full List of N64 Recompilation Switch ports

Hacking  WiFi chip failing and can't boot. is it possible to enable Airplane Mode by editing system save files directly?

Homebrew Tutorial Translation Project  CS2SX — Write Nintendo Switch Homebrew in C#

Homebrew  Sonic Unleashed Recompiled (Homebrew Port)

Is it fixable

Hacking Emulation  Switch Prod Keys downloading from sites okay?