Thank you to the guys at HEGE supporting Badcaps [ HEGE ] [ HEGE DEX Chart ]

Announcement

Collapse
No announcement yet.

Macbook M1 bypass FMM / EFI Unlock

Collapse
This topic is closed.
X
X
Collapse
 
  • Page of 18
  • Filter
  • Time
  • Show
Clear All
new posts
Previous 1 6 7 8 9 10 11 12 13 14 15 16 17 18 template Next
    #301
    Re: Macbook M1 bypass FMM / EFI Unlock

    Originally posted by nomade View Post
    Has anybody tried to startup a locked M1 with a working OS installed on external drive?
    Maybe someone could share a image of a running MACOS installation for M1 to try it myself.

    Thanks in advance and thanks to everybody for sharing your knowledge.

    I already tried it and it didn't work friend. I have already looked at many options.

    Cheers!!!

    Comment

      #302
      Re: Macbook M1 bypass FMM / EFI Unlock

      i found this video on youtube, it may help you guys.

      https://youtu.be/I9QOZLY1WHA

      Comment

        #303
        Re: Macbook M1 bypass FMM / EFI Unlock

        Originally posted by ethiogsm View Post
        Anyhow I’ve got all decrypted ssh logs and files of mina emc checkm8 and iremove T2 bypasses
        i can't send you a personal id and thanks to the mod for the reply, you can upload some b64 to understand better? i'll very appreciate if you can!

        If someone can bypass a t2 and use mina program, every single command could be intercepted via wireshark.

        Just enable the snif on usb and after save the pcap file. I'll check. In the mobile activationd shared i dont find any mod. I just checked this morning and this is strange. I don't find the original version of this mobileactivationd from old ibridge firmware.
        Last edited by genhack; 11-09-2022, 04:45 AM. Reason: missing quote.

        Comment

          #304
          Re: Macbook M1 bypass FMM / EFI Unlock

          Originally posted by nomade View Post
          Has anybody tried to startup a locked M1 with a working OS installed on external drive?
          Maybe someone could share a image of a running MACOS installation for M1 to try it myself.

          Thanks in advance and thanks to everybody for sharing your knowledge.
          I tried the latest release of linux. web, offline, live. none of this worked

          Comment

            #305
            Re: Macbook M1 bypass FMM / EFI Unlock

            Originally posted by genhack View Post
            I'm working on, i can't find the original mobileactivationd version for understand where they make the patch. But, i have an idea and in the free time i work on python program, i think this can work easy with a macbook just bypassed. So just for proof of t2 can be pwn:

            J40aap key latest bridgeos.

            IBSS:
            IV: 120402A7168E7AAAC1F94C6A5D58F8F1,
            key: 5C1E07A0EA5A8F48D09FA568182172CA74880896761CFA6992006558CDD9981D

            IBEC:
            IV: 6909A0A0D9675B5BAEFB9ECFAA00386C,
            key: C7DA39AF1DB80189C27F5D3A39C01F13D4FD7C7B6453DAADE018DC6188BAD24A


            About diagnostic i have no idea how you can boot m1n1 with security on. If you wonna make this a bit of sense send me a pvt thanks.
            I'm not sure you're allowed to send/receive PMs here.

            Comment

              #306
              Re: Macbook M1 bypass FMM / EFI Unlock

              Originally posted by curiositymaster View Post
              I'm not sure you're allowed to send/receive PMs here.
              Not allowed at all. We can use b64 into zip file i think.
              Last edited by genhack; 11-09-2022, 11:33 AM.

              Comment

                #307
                Re: Macbook M1 bypass FMM / EFI Unlock

                Other theories I have, someone knows how to install darwinOS boot or freebsd. I want to try by these means that you recommend?

                Cheers!

                Comment

                  #308
                  Re: Macbook M1 bypass FMM / EFI Unlock

                  Originally posted by fshadow View Post
                  i'm not gonna expose it right now, because it is huge hole in macos security and seems like nobody know it. at first i'll post a vidio next week with poc without ditails, next i'll contact apple bug bounty(i know it's weak) , next... anyway i'll get profit and then i'll tell u
                  Have news?

                  Comment

                    #309
                    Re: Macbook M1 bypass FMM / EFI Unlock

                    thank you @curiositymaster, i replaced mobileactivantiond on a 2020 2251 model but no success, unfortunately

                    Comment

                      #310
                      Re: Macbook M1 bypass FMM / EFI Unlock

                      Originally posted by radicalsolutions View Post
                      thank you @curiositymaster, i replaced mobileactivantiond on a 2020 2251 model but no success, unfortunately
                      The only solution is sniff the usb during the whole process for t2 device.

                      Comment

                        #311
                        Re: Macbook M1 bypass FMM / EFI Unlock

                        Originally posted by genhack View Post
                        The only solution is sniff the usb during the whole process for t2 device.
                        ive got tons of logs like this also the files
                        Code:
                        Listening For Requests...
[!] Exception: cannot read property 'implementation' of undefined
Executed On Device -> mount -o rw,union,update /
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> echo > /.emcteam_bp
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> mv /private/var/mobile/Media/Downloads/exongrifter /usr/bin/
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> chmod 777 /usr/bin/exongrifter
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> exongrifter -emc device
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> rm -rf /private/var/mobile/Library/Logs/mobileactivationd/*
Command Timeout -> 0xe597ecfa0c787e29
REQUEST TYPE ->POST
URL -> [url]https://*******/bringDevice.php[/url]
string is -> emc_macos_info=QmNIWm9rSkFBQURRRC9MQTJNcWp0WEJIRTJhU056SElSSGJ4OWZlYzRweHREYnJkeXN1U0ljZTB1U2hUQXNSTUtQMVZDaDhaU2NYMmRpZUdBYXZuMXNoZEwxV1huVUFLbnBwTFRabGhhK2dqRHpoMlRxZVA4T3B3b3NhNnFQYkRWU2c4bXkyUTgwOEpsdXJkaUZaRXl2Um5TN3JtK2NxM1g1UlMwSmFoeVdhSTRtRDJ2Q1ZBTGJsWGN************
BODY -> emc_macos_info=QmNIWm9rSkFBQURRRC9MQTJNcWp0WEJIRTJhU056SElSSGJ4OWZlYzRweHREYnJkeXN1U0ljZTB1U2hUQXNSTUtQMVZDaDhaU2NYMmRpZUdBYXZuMXNoZEwxV1huVUFLbnBwTFRabGhhK2dqRHpoMlRxZVA4T3B3b3NhNnFQYkRWU2c4bXkyUTgwOEpsdXJkaUZaRXl2Um5TN3JtK2NxM1g1UlMwSmFoeVdhSTRtRDJ2Q1ZBTGJsWGNGeXNheEZrTWprV292RmZ6N2syR1pkWUpBNmJkc21iTmFiYWxGWUFvTCtZZ1U4OW********************
Executed On Device -> mount -o rw,union,update /
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> echo > /.exongrifter
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> exongrifter -emc ActivationState
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> cd / && tar -xvf f.tar
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> rm -rf /f.tar
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> chmod 755 /usr/libexec/substrate && /usr/libexec/substrate
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> chmod 755 /usr/libexec/substrated && /usr/libexec/substrated
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> rm -rf /var/mobile/Library/Preferences/exongrifter
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> rm -rf /Library/MobileSubstrate/DynamicLibraries/*
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> killall -9 mobileactivationd
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> mv /Library/MobileSubstrate/DynamicLibraries/ex.bin /Library/MobileSubstrate/DynamicLibraries/gameoverd.dylib
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> mv /Library/MobileSubstrate/DynamicLibraries/ex1.bin /Library/MobileSubstrate/DynamicLibraries/gameoverd.plist
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> mv /private/var/mobile/Media/Downloads/emcequal.bin /private/var/mobile/Media/Downloads/emcequal.dylib
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> mv /private/var/mobile/Media/Downloads/emcark.bin /private/var/mobile/Media/Downloads/emcark.dylib
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> chmod 777 /Library/MobileSubstrate/DynamicLibraries/gameoverd.dylib
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> chmod 777 /Library/MobileSubstrate/DynamicLibraries/gameoverd.plist
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> exongrifter -emc ActivationState
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> exongrifter -emc actinfo
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> rm -rf /Library/MobileSubstrate/DynamicLibraries/*
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> killall -9 mobileactivationd
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> DYLD_INSERT_LIBRARIES=/private/var/mobile/Media/Downloads/emcark.dylib /usr/libexec/mobileactivationd
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> mkdir -p /private/var/containers/Data/System/3A3932BD-BE32-4652-9B30-78BC2D49E60C/Library/activation_records

Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> cp -rf /private/var/mobile/Media/Downloads/ucrt.pem /private/var/containers/Data/System/3A3932BD-BE32-4652-9B30-78BC2D49E60C/Library/activation_records

Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> killall -9 mobileactivationd
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> DYLD_INSERT_LIBRARIES=/private/var/mobile/Media/Downloads/emcequal.dylib /usr/libexec/mobileactivationd
Command Timeout -> 0xe597ecfa0c787e29
REQUEST TYPE ->POST
URL -> [url]https://**********/bringDevice.php[/url]
string is -> emcmacos_actinfoV2=RFpRMXNvUlFBQVFQUklBc0d1THVUZ1lzTGc4VzUvVC9wNU4wMVZUUDRIZjhXTFUvUWliM091eXoyTzliY29IMkhNWkpDVnplVWppTTA2QUdOU1BJNWNnb3J1azRyY1FHK2NvNG8yV3BKSlBneDhCeFBEdnc1SFFaV1M1eW81NXArUVMxYnBDWWNpcHNsdktvckJ2bGkxNHd3R2cyN05sY0Z1TFlHdldoNE5JTkp6SHdvWjd2NWl6cmRIcTB0SXR6eXIvcDZXS24xSWFKZ1hTM29Vd2RTVmQ4OHhCdFIwYW4rRmwwcUEySEtWRUExb3pnTzFZQSU9QTDJJWWNBbEhQRExsTXhhaG1CRSt5NDRETzJadS9tWitxbVVmVzJOd2t6SitQaE1WeTY0Z0ZpNzRxS2JiQzQ5c2Y2dVN0QWEzMzFPcWlzMUJWYVVXaW8vK1IyWU94aUhKb3JOYkI0dG5nYU5mL0p5TDF5RmFXbVdFOUdHcnJNVzdnejQ2VDBla3dKTEZYbWxtM3dLRzhsbFdnakpUTnRWVFF4NU9pdzgyUTA2bUJUTllwRGk5WVdxc213WmRlbkdjSkhGeEJ6NnlaRlZRWlk5RVM1RG1lNlVieW0zSzBqN29ta3BlcDZDN2t0bkxwaHdRdktqWUdFMkJGSTl2ZXFXUjhNOVVmY3l1MitpQmZRNlRwR2d1Sm9SL09OL3R6amFzSmxXaUl6SWRuc1JHWVpTb0VLUkFWaTBEY21MQjV6bFJWT0wvem85S1BwQmxXS05KN0RJQ1JxZ2tjVHozN0lQTXVab0hEQXNOQ3Y1djNZVmJRaTAzcjExRGJmVDFGWjViaUxVbWFRRlBsdlVyeFg0YnpOK1ZiVzgyYi95cDBOSGtHaTlyQndSVTgrNE5tYU1wbXBOTlIrYVJEZExpL1k5dml6OGNNNGlUVkFWaU1lKzBU*****************
Executed On Device -> rm -rf /Library/MobileSubstrate/DynamicLibraries/*
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> killall -9 mobileactivationd
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> mkdir /usr/exongrifter
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> chmod -R 777 /usr/exongrifter
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> cp /usr/libexec/mobileactivationd /usr/exongrifter/mobileactivationd
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> rm -rf /private/var/mobile/Media/Downloads/ucrt.pem
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> DYLD_INSERT_LIBRARIES=/private/var/mobile/Media/Downloads/emcark.dylib /usr/exongrifter/mobileactivationd
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> mkdir -p /private/var/containers/Data/System/3A3932BD-BE32-4652-9B30-78BC2D49E60C/Library/activation_records

Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> cp -rf /private/var/mobile/Media/Downloads/ucrt.pem /private/var/containers/Data/System/3A3932BD-BE32-4652-9B30-78BC2D49E60C/Library/activation_records

Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> killall -9 mobileactivationd
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> exongrifter -emc ActivationState
Command Timeout -> 0xe597ecfa0c787e29
                        Last edited by SMDFlea; 11-10-2022, 03:25 PM. Reason: private info

                        Comment

                          #312
                          Re: Macbook M1 bypass FMM / EFI Unlock

                          Hey guys, would be nice if you share some information, ideas, tools, hints or something on how T2 (M1) could be bypassed, so we also could contribute.

                          Regards.

                          Comment

                            #313
                            Re: Macbook M1 bypass FMM / EFI Unlock

                            Has anyone try to play around changing Serial number on T2 after jailbreak like this?
                            Attached Files

                            Comment

                              #314
                              Re: Macbook M1 bypass FMM / EFI Unlock

                              Originally posted by ethiogsm View Post
                              ive got tons of logs like this also the files
                              Code:
                              Listening For Requests...
[!] Exception: cannot read property 'implementation' of undefined
Executed On Device -> mount -o rw,union,update /
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> echo > /.emcteam_bp
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> mv /private/var/mobile/Media/Downloads/exongrifter /usr/bin/
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> chmod 777 /usr/bin/exongrifter
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> exongrifter -emc device
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> rm -rf /private/var/mobile/Library/Logs/mobileactivationd/*
Command Timeout -> 0xe597ecfa0c787e29
REQUEST TYPE ->POST
URL -> [url]https://*******/bringDevice.php[/url]
string is -> emc_macos_info=QmNIWm9rSkFBQURRRC9MQTJNcWp0WEJIRTJhU056SElSSGJ4OWZlYzRweHREYnJkeXN1U0ljZTB1U2hUQXNSTUtQMVZDaDhaU2NYMmRpZUdBYXZuMXNoZEwxV1huVUFLbnBwTFRabGhhK2dqRHpoMlRxZVA4T3B3b3NhNnFQYkRWU2c4bXkyUTgwOEpsdXJkaUZaRXl2Um5TN3JtK2NxM1g1UlMwSmFoeVdhSTRtRDJ2Q1ZBTGJsWGN************
BODY -> emc_macos_info=QmNIWm9rSkFBQURRRC9MQTJNcWp0WEJIRTJhU056SElSSGJ4OWZlYzRweHREYnJkeXN1U0ljZTB1U2hUQXNSTUtQMVZDaDhaU2NYMmRpZUdBYXZuMXNoZEwxV1huVUFLbnBwTFRabGhhK2dqRHpoMlRxZVA4T3B3b3NhNnFQYkRWU2c4bXkyUTgwOEpsdXJkaUZaRXl2Um5TN3JtK2NxM1g1UlMwSmFoeVdhSTRtRDJ2Q1ZBTGJsWGNGeXNheEZrTWprV292RmZ6N2syR1pkWUpBNmJkc21iTmFiYWxGWUFvTCtZZ1U4OW********************
Executed On Device -> mount -o rw,union,update /
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> echo > /.exongrifter
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> exongrifter -emc ActivationState
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> cd / && tar -xvf f.tar
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> rm -rf /f.tar
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> chmod 755 /usr/libexec/substrate && /usr/libexec/substrate
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> chmod 755 /usr/libexec/substrated && /usr/libexec/substrated
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> rm -rf /var/mobile/Library/Preferences/exongrifter
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> rm -rf /Library/MobileSubstrate/DynamicLibraries/*
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> killall -9 mobileactivationd
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> mv /Library/MobileSubstrate/DynamicLibraries/ex.bin /Library/MobileSubstrate/DynamicLibraries/gameoverd.dylib
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> mv /Library/MobileSubstrate/DynamicLibraries/ex1.bin /Library/MobileSubstrate/DynamicLibraries/gameoverd.plist
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> mv /private/var/mobile/Media/Downloads/emcequal.bin /private/var/mobile/Media/Downloads/emcequal.dylib
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> mv /private/var/mobile/Media/Downloads/emcark.bin /private/var/mobile/Media/Downloads/emcark.dylib
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> chmod 777 /Library/MobileSubstrate/DynamicLibraries/gameoverd.dylib
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> chmod 777 /Library/MobileSubstrate/DynamicLibraries/gameoverd.plist
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> exongrifter -emc ActivationState
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> exongrifter -emc actinfo
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> rm -rf /Library/MobileSubstrate/DynamicLibraries/*
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> killall -9 mobileactivationd
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> DYLD_INSERT_LIBRARIES=/private/var/mobile/Media/Downloads/emcark.dylib /usr/libexec/mobileactivationd
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> mkdir -p /private/var/containers/Data/System/3A3932BD-BE32-4652-9B30-78BC2D49E60C/Library/activation_records

Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> cp -rf /private/var/mobile/Media/Downloads/ucrt.pem /private/var/containers/Data/System/3A3932BD-BE32-4652-9B30-78BC2D49E60C/Library/activation_records

Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> killall -9 mobileactivationd
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> DYLD_INSERT_LIBRARIES=/private/var/mobile/Media/Downloads/emcequal.dylib /usr/libexec/mobileactivationd
Command Timeout -> 0xe597ecfa0c787e29
REQUEST TYPE ->POST
URL -> [url]https://**********/bringDevice.php[/url]
string is -> emcmacos_actinfoV2=RFpRMXNvUlFBQVFQUklBc0d1THVUZ1lzTGc4VzUvVC9wNU4wMVZUUDRIZjhXTFUvUWliM091eXoyTzliY29IMkhNWkpDVnplVWppTTA2QUdOU1BJNWNnb3J1azRyY1FHK2NvNG8yV3BKSlBneDhCeFBEdnc1SFFaV1M1eW81NXArUVMxYnBDWWNpcHNsdktvckJ2bGkxNHd3R2cyN05sY0Z1TFlHdldoNE5JTkp6SHdvWjd2NWl6cmRIcTB0SXR6eXIvcDZXS24xSWFKZ1hTM29Vd2RTVmQ4OHhCdFIwYW4rRmwwcUEySEtWRUExb3pnTzFZQSU9QTDJJWWNBbEhQRExsTXhhaG1CRSt5NDRETzJadS9tWitxbVVmVzJOd2t6SitQaE1WeTY0Z0ZpNzRxS2JiQzQ5c2Y2dVN0QWEzMzFPcWlzMUJWYVVXaW8vK1IyWU94aUhKb3JOYkI0dG5nYU5mL0p5TDF5RmFXbVdFOUdHcnJNVzdnejQ2VDBla3dKTEZYbWxtM3dLRzhsbFdnakpUTnRWVFF4NU9pdzgyUTA2bUJUTllwRGk5WVdxc213WmRlbkdjSkhGeEJ6NnlaRlZRWlk5RVM1RG1lNlVieW0zSzBqN29ta3BlcDZDN2t0bkxwaHdRdktqWUdFMkJGSTl2ZXFXUjhNOVVmY3l1MitpQmZRNlRwR2d1Sm9SL09OL3R6amFzSmxXaUl6SWRuc1JHWVpTb0VLUkFWaTBEY21MQjV6bFJWT0wvem85S1BwQmxXS05KN0RJQ1JxZ2tjVHozN0lQTXVab0hEQXNOQ3Y1djNZVmJRaTAzcjExRGJmVDFGWjViaUxVbWFRRlBsdlVyeFg0YnpOK1ZiVzgyYi95cDBOSGtHaTlyQndSVTgrNE5tYU1wbXBOTlIrYVJEZExpL1k5dml6OGNNNGlUVkFWaU1lKzBU*****************
Executed On Device -> rm -rf /Library/MobileSubstrate/DynamicLibraries/*
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> killall -9 mobileactivationd
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> mkdir /usr/exongrifter
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> chmod -R 777 /usr/exongrifter
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> cp /usr/libexec/mobileactivationd /usr/exongrifter/mobileactivationd
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> rm -rf /private/var/mobile/Media/Downloads/ucrt.pem
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> DYLD_INSERT_LIBRARIES=/private/var/mobile/Media/Downloads/emcark.dylib /usr/exongrifter/mobileactivationd
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> mkdir -p /private/var/containers/Data/System/3A3932BD-BE32-4652-9B30-78BC2D49E60C/Library/activation_records

Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> cp -rf /private/var/mobile/Media/Downloads/ucrt.pem /private/var/containers/Data/System/3A3932BD-BE32-4652-9B30-78BC2D49E60C/Library/activation_records

Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> killall -9 mobileactivationd
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> exongrifter -emc ActivationState
Command Timeout -> 0xe597ecfa0c787e29
                              Nice cacth this is what we need. The process is the same like ios. I understand the whole process so we need just make a backup of this, ssh work on mine t2. Can you attach full log (moderator edit the full log) and backup this file/folder:

                              /private/var/containers/Data/System/3A3932BD-BE32-4652-9B30-78BC2D49E60C/Library/activation_records

                              /usr/exongrifter/

                              /usr/bin/exongrifter

                              Thank you

                              For macEfi if you need a valid serial and mac, i can provide you. I never test it.
                              Last edited by genhack; 11-13-2022, 05:24 AM.

                              Comment

                                #315
                                Re: Macbook M1 bypass FMM / EFI Unlock

                                and someone tried to unlock a2338 using t203?

                                Comment

                                  #316
                                  Re: Macbook M1 bypass FMM / EFI Unlock

                                  M1 MacBooks are completely different to the T2 Intel based Macs, so this won't work.

                                  Comment

                                    #317
                                    Re: Macbook M1 bypass FMM / EFI Unlock

                                    this architecture is so many years old. and still no solution.

                                    Comment

                                      #318
                                      Re: Macbook M1 bypass FMM / EFI Unlock

                                      Originally posted by nomade View Post
                                      Has anybody tried to startup a locked M1 with a working OS installed on external drive?
                                      Maybe someone could share a image of a running MACOS installation for M1 to try it myself.

                                      Thanks in advance and thanks to everybody for sharing your knowledge.
                                      Originally posted by 777monah777 View Post
                                      and someone tried to unlock a2338 using t203?

                                      If you show me how I can try.

                                      Comment

                                        #319
                                        Re: Macbook M1 bypass FMM / EFI Unlock

                                        It is impressive how far you have come. I would like to understand it better to be able to support you and would like to know how you got a bash shell and the logs.

                                        Comment

                                          #320
                                          Re: Macbook M1 bypass FMM / EFI Unlock

                                          hi guys, i have macbook pro 14 m1 pro 1tb on icloud lock. Yesterday I took it to use as a power bank (because I had no light at home), it was discharged.
                                          Today, I put it on charge and after turning it on, it showed me something like familiar I want to connect to which disk (although there was not one disk), to be honest, I don't remember what I selected in the top menu and then it went to recovery.
                                          What is interesting is that there is no Wi-Fi icon and I can only connect via a Type-C ethernet cable
                                          Can someone give me some advice, I will be very grateful

                                          Comment

                                          Previous 1 6 7 8 9 10 11 12 13 14 15 16 17 18 template Next
                                          Working...
                                          X