akusio / kernbypass-public Goto Github PK

iPhone 11 Pro Max with iOS 13.5 and jail broken with latest unc0ver.
iPad 5th gen with iOS 13.5 and jail broken with checkra1n.
KernBypass installed from akusio.github.io
Terminal commands ran in NewTerm w/o any error.

Using this for Pokémon Go, which works fine. However I can’t buy any pokecoins.

I only get this message on top:

Hi

I am using iPhone XS Max (iOS 12.2) and while trying to install the package, I got this error

dpkg: dependency problems prevent configuration of jp.akusio.kernbypass:
 jp.akusio.kernbypass depends on firmware (>= 13.0); however:
  Version of firmware on system is 12.2.

If I were to use apt, I would get a similar message

 jp.akusio.kernbypass : Depends: firmware (>= 13.0) but 12.2 is installed

How do I try and install the package in iOS 12.x? Any advice is appreciated.

As said in the title I'm on an iPhone 8 Plus with iOS 13.5, jailbroken using unc0ver version 5.0.1. I'm getting the following output when following steps 1 and 2 from the readme:

From time to time Kernbypass stops working and I have to do the 4 steps again:

In terminal, run su and type your password.
Run changerootfs & (don't forget "&").
Run disown %1
Done. The changerootfs is now a daemon.

After that it works perfectly again. Could you fix this or could someone make a script file for me, that I could run when this happens?

So it doesn’t seem to work for me on iOS 13.3 iPhone XR. When I try to uninstall it and reboot when I open Cydia again, the package is still installed for whatever reason.

When entering “changerootfs &” in NewTerm 2 or MTerminal, Cr4shed says that changerootfs crashed and returns this crash log: https://pastebin.com/F7m3BZZS I tried running “disown %1” even after “changerootfs &” failed and “disown %1” completes successfully. I’m on 13.5, iPhone 7 Plus, running checkra1n via BootRa1n v0.10.2.

Pokémon Go Version 1.141.2 is crashing instant on app launch. With version 1.141.1 it was working perfectly.

Slack application still detects jailbreak.
iOS 13.5 on iPhone X.

It doesn’t work with Pokémon Go Version 1.141.2 but it worked 100% fine with Pokémon Go Version 1.141.1, any help or a fix for this I’d appreciated.

The process com.apple.mobilesoftwareupdate.cleanup Is using a lot of battery since installing this tweak. Included screenshot of the previous 24 hours usage from the process.

Hey there, I’m on iOS 13.3.1 iPhone X, running changerootfs & just hangs (see screenshot).

C4shed also detects changrootfs right when the command is executed.

This tool is unable to bypass JB detection even checking of the '/' is performed.
Original snapshot is mounted
orig-fs@/dev/disk0s1s1 on /private/var/MobileSoftwareUpdate/mnt1 (apfs, local, nosuid, read-only, journaled)
but checking the files in /usr/lib doesn't work.

The changerootfs tool is able to get notifications

changerootfs[1023:9365] receive notify {
    Pid = 1061;
}
vp = 0xffffffe003925078, usecount = 61444, iocount = 61442

but further kernel patching to change root has no effect.
The app still tries to access
/dev/disk0s1s1 on / (apfs, local, nosuid, union, journaled, noatime)

I think the problem is in the offsets which can be different from version to version of iOS

static const uint32_t off_p_pid = 0x68;
static const uint32_t off_p_pfd = 0x108;
static const uint32_t off_fd_rdir = 0x40;
static const uint32_t off_fd_cdir = 0x38;
static const uint32_t off_vnode_iocount = 0x64;
static const uint32_t off_vnode_usecount = 0x60;

It doesn't work at least on iPhone 8 (D201AP), iOS 13.4.1

How to solve this?

After yesterday’s event, Fortnite has suddenly started to start detecting Jailbreak even with kernbypass turned on..!
The detection kicks in 10-15 seconds after landing on the main island..!

app still detects jb even after reinstall

Hardlinking of the /private/var folder into the /private/var/MobileSoftwareUpdate/mnt1/private/var mirrors all files.
It makes impossible to hide, say Cydia metafiles, package management system (apt, dpkg).
/private/var/lib/cydia/ -> /private/var/MobileSoftwareUpdate/mnt1/private/var/lib/cydia/

        if(access(FAKEROOTDIR"/private/var/containers", F_OK) != 0){
            
            printf("hardlink /private/var\n");
            
            copy_file_in_memory(FAKEROOTDIR"/private/var", "/private/var");
            
            //set_vnode_usecount(get_vnode_with_chdir("/private/var/MobileSoftwareUpdate/mnt1/private/var"), 0xffff);
            
        }

The JB detection based on checking /private/var/lib/cydia/ will still be able to detect jailbroken device.

Here’s the picture & here’s the log for the UAF.

https://drive.google.com/file/d/1SVwGmbwu5u5da-I6A4x-_DvXf4OqnhNy/view?usp=drivesdk

iphone xs max on 13.5 unc0ver v5.0.1

e.g.: /private/var/mobile/Library/Caches/com.saurik.Cydia

somehow it doesn't work anymore. no matter how many times I reinstalled it or even restore rootfs and jailbreak my phone again. it just doesn't work.

can't used cycript when installed KernBypass and open in demo app.

Any apps that i turn on bypass for hangs on the loading screen and then crashes to the springboard.

Apps enabled in KernBypass seem to get stuck on the loadscreen (splash screen) and then crash after a while.
iPhone 8+, 13.2.2, using checkra1n jailbreak.
Tested on: Nintendo Switch Online, Animal Crossing: Pocket Camp & various apps that don't need jb bypass. Same issue for all.

Cr4shed did report a changerootfs crash when doing the stuff in terminal. Not sure if normal or not but here is some info from that:
Exception type: EXC_BAD_ACCES (SIGSEGV)
Exception subtype: KERN_INVALID_ADDRESS: 0x40
VM Protection: 0x40 is not in any region.

If I can be helpful in any way feel free to message me.

tested on iphone x on ios 13.3 jailbroken with checkra1n and using the latest santander app from the appstore. santander tries to open but crashes

my account banned today they detect the jailbreak any solution

After rejaillbreaking started freezing apps for some odd reason.

Any chance you can make it work with Caixabank Sign?

https://apps.apple.com/es/app/caixabank-sign/id1328811481?l=en

When I first installed kernbypass, ran the command and then I reinstalled the BDO Personal Banking banking app. It launched!!! And it worked. Now 24hrs after I can't get pass their JB detection anymore.
I read that maybe it's because of LDrestart so I ran the daemon again with the same command. And I can't get it working now..