Macbook M1 bypass FMM / EFI Unlock

Collapse
This topic is closed.
X
X
Collapse
 
  • Page of 10
  • Time
  • Show
Clear All
new posts
Previous 1 2 3 4 5 6 7 8 9 10 template Next
  • 777monah777
    replied
    Re: Macbook M1 bypass FMM / EFI Unlock

    and someone tried to unlock a2338 using t203?

      Leave a comment:

    • genhack
      replied
      Re: Macbook M1 bypass FMM / EFI Unlock

      Originally posted by ethiogsm
      ive got tons of logs like this also the files
      Code:
      Listening For Requests...
[!] Exception: cannot read property 'implementation' of undefined
Executed On Device -> mount -o rw,union,update /
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> echo > /.emcteam_bp
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> mv /private/var/mobile/Media/Downloads/exongrifter /usr/bin/
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> chmod 777 /usr/bin/exongrifter
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> exongrifter -emc device
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> rm -rf /private/var/mobile/Library/Logs/mobileactivationd/*
Command Timeout -> 0xe597ecfa0c787e29
REQUEST TYPE ->POST
URL -> [url]https://*******/bringDevice.php[/url]
string is -> emc_macos_info=QmNIWm9rSkFBQURRRC9MQTJNcWp0WEJIRTJhU056SElSSGJ4OWZlYzRweHREYnJkeXN1U0ljZTB1U2hUQXNSTUtQMVZDaDhaU2NYMmRpZUdBYXZuMXNoZEwxV1huVUFLbnBwTFRabGhhK2dqRHpoMlRxZVA4T3B3b3NhNnFQYkRWU2c4bXkyUTgwOEpsdXJkaUZaRXl2Um5TN3JtK2NxM1g1UlMwSmFoeVdhSTRtRDJ2Q1ZBTGJsWGN************
BODY -> emc_macos_info=QmNIWm9rSkFBQURRRC9MQTJNcWp0WEJIRTJhU056SElSSGJ4OWZlYzRweHREYnJkeXN1U0ljZTB1U2hUQXNSTUtQMVZDaDhaU2NYMmRpZUdBYXZuMXNoZEwxV1huVUFLbnBwTFRabGhhK2dqRHpoMlRxZVA4T3B3b3NhNnFQYkRWU2c4bXkyUTgwOEpsdXJkaUZaRXl2Um5TN3JtK2NxM1g1UlMwSmFoeVdhSTRtRDJ2Q1ZBTGJsWGNGeXNheEZrTWprV292RmZ6N2syR1pkWUpBNmJkc21iTmFiYWxGWUFvTCtZZ1U4OW********************
Executed On Device -> mount -o rw,union,update /
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> echo > /.exongrifter
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> exongrifter -emc ActivationState
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> cd / && tar -xvf f.tar
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> rm -rf /f.tar
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> chmod 755 /usr/libexec/substrate && /usr/libexec/substrate
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> chmod 755 /usr/libexec/substrated && /usr/libexec/substrated
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> rm -rf /var/mobile/Library/Preferences/exongrifter
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> rm -rf /Library/MobileSubstrate/DynamicLibraries/*
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> killall -9 mobileactivationd
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> mv /Library/MobileSubstrate/DynamicLibraries/ex.bin /Library/MobileSubstrate/DynamicLibraries/gameoverd.dylib
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> mv /Library/MobileSubstrate/DynamicLibraries/ex1.bin /Library/MobileSubstrate/DynamicLibraries/gameoverd.plist
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> mv /private/var/mobile/Media/Downloads/emcequal.bin /private/var/mobile/Media/Downloads/emcequal.dylib
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> mv /private/var/mobile/Media/Downloads/emcark.bin /private/var/mobile/Media/Downloads/emcark.dylib
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> chmod 777 /Library/MobileSubstrate/DynamicLibraries/gameoverd.dylib
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> chmod 777 /Library/MobileSubstrate/DynamicLibraries/gameoverd.plist
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> exongrifter -emc ActivationState
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> exongrifter -emc actinfo
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> rm -rf /Library/MobileSubstrate/DynamicLibraries/*
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> killall -9 mobileactivationd
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> DYLD_INSERT_LIBRARIES=/private/var/mobile/Media/Downloads/emcark.dylib /usr/libexec/mobileactivationd
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> mkdir -p /private/var/containers/Data/System/3A3932BD-BE32-4652-9B30-78BC2D49E60C/Library/activation_records

Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> cp -rf /private/var/mobile/Media/Downloads/ucrt.pem /private/var/containers/Data/System/3A3932BD-BE32-4652-9B30-78BC2D49E60C/Library/activation_records

Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> killall -9 mobileactivationd
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> DYLD_INSERT_LIBRARIES=/private/var/mobile/Media/Downloads/emcequal.dylib /usr/libexec/mobileactivationd
Command Timeout -> 0xe597ecfa0c787e29
REQUEST TYPE ->POST
URL -> [url]https://**********/bringDevice.php[/url]
string is -> emcmacos_actinfoV2=RFpRMXNvUlFBQVFQUklBc0d1THVUZ1lzTGc4VzUvVC9wNU4wMVZUUDRIZjhXTFUvUWliM091eXoyTzliY29IMkhNWkpDVnplVWppTTA2QUdOU1BJNWNnb3J1azRyY1FHK2NvNG8yV3BKSlBneDhCeFBEdnc1SFFaV1M1eW81NXArUVMxYnBDWWNpcHNsdktvckJ2bGkxNHd3R2cyN05sY0Z1TFlHdldoNE5JTkp6SHdvWjd2NWl6cmRIcTB0SXR6eXIvcDZXS24xSWFKZ1hTM29Vd2RTVmQ4OHhCdFIwYW4rRmwwcUEySEtWRUExb3pnTzFZQSU9QTDJJWWNBbEhQRExsTXhhaG1CRSt5NDRETzJadS9tWitxbVVmVzJOd2t6SitQaE1WeTY0Z0ZpNzRxS2JiQzQ5c2Y2dVN0QWEzMzFPcWlzMUJWYVVXaW8vK1IyWU94aUhKb3JOYkI0dG5nYU5mL0p5TDF5RmFXbVdFOUdHcnJNVzdnejQ2VDBla3dKTEZYbWxtM3dLRzhsbFdnakpUTnRWVFF4NU9pdzgyUTA2bUJUTllwRGk5WVdxc213WmRlbkdjSkhGeEJ6NnlaRlZRWlk5RVM1RG1lNlVieW0zSzBqN29ta3BlcDZDN2t0bkxwaHdRdktqWUdFMkJGSTl2ZXFXUjhNOVVmY3l1MitpQmZRNlRwR2d1Sm9SL09OL3R6amFzSmxXaUl6SWRuc1JHWVpTb0VLUkFWaTBEY21MQjV6bFJWT0wvem85S1BwQmxXS05KN0RJQ1JxZ2tjVHozN0lQTXVab0hEQXNOQ3Y1djNZVmJRaTAzcjExRGJmVDFGWjViaUxVbWFRRlBsdlVyeFg0YnpOK1ZiVzgyYi95cDBOSGtHaTlyQndSVTgrNE5tYU1wbXBOTlIrYVJEZExpL1k5dml6OGNNNGlUVkFWaU1lKzBU*****************
Executed On Device -> rm -rf /Library/MobileSubstrate/DynamicLibraries/*
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> killall -9 mobileactivationd
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> mkdir /usr/exongrifter
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> chmod -R 777 /usr/exongrifter
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> cp /usr/libexec/mobileactivationd /usr/exongrifter/mobileactivationd
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> rm -rf /private/var/mobile/Media/Downloads/ucrt.pem
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> DYLD_INSERT_LIBRARIES=/private/var/mobile/Media/Downloads/emcark.dylib /usr/exongrifter/mobileactivationd
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> mkdir -p /private/var/containers/Data/System/3A3932BD-BE32-4652-9B30-78BC2D49E60C/Library/activation_records

Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> cp -rf /private/var/mobile/Media/Downloads/ucrt.pem /private/var/containers/Data/System/3A3932BD-BE32-4652-9B30-78BC2D49E60C/Library/activation_records

Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> killall -9 mobileactivationd
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> exongrifter -emc ActivationState
Command Timeout -> 0xe597ecfa0c787e29
      Nice cacth this is what we need. The process is the same like ios. I understand the whole process so we need just make a backup of this, ssh work on mine t2. Can you attach full log (moderator edit the full log) and backup this file/folder:

      /private/var/containers/Data/System/3A3932BD-BE32-4652-9B30-78BC2D49E60C/Library/activation_records

      /usr/exongrifter/

      /usr/bin/exongrifter

      Thank you

      For macEfi if you need a valid serial and mac, i can provide you. I never test it.
      Last edited by genhack; 11-13-2022, 05:24 AM.

        Leave a comment:

      • ethiogsm
        replied
        Re: Macbook M1 bypass FMM / EFI Unlock

        Has anyone try to play around changing Serial number on T2 after jailbreak like this?
        Attached Files

          Leave a comment:

        • nomade
          replied
          Re: Macbook M1 bypass FMM / EFI Unlock

          Hey guys, would be nice if you share some information, ideas, tools, hints or something on how T2 (M1) could be bypassed, so we also could contribute.

          Regards.

            Leave a comment:

          • ethiogsm
            replied
            Re: Macbook M1 bypass FMM / EFI Unlock

            Originally posted by genhack
            The only solution is sniff the usb during the whole process for t2 device.
            ive got tons of logs like this also the files
            Code:
            Listening For Requests...
[!] Exception: cannot read property 'implementation' of undefined
Executed On Device -> mount -o rw,union,update /
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> echo > /.emcteam_bp
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> mv /private/var/mobile/Media/Downloads/exongrifter /usr/bin/
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> chmod 777 /usr/bin/exongrifter
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> exongrifter -emc device
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> rm -rf /private/var/mobile/Library/Logs/mobileactivationd/*
Command Timeout -> 0xe597ecfa0c787e29
REQUEST TYPE ->POST
URL -> [url]https://*******/bringDevice.php[/url]
string is -> emc_macos_info=QmNIWm9rSkFBQURRRC9MQTJNcWp0WEJIRTJhU056SElSSGJ4OWZlYzRweHREYnJkeXN1U0ljZTB1U2hUQXNSTUtQMVZDaDhaU2NYMmRpZUdBYXZuMXNoZEwxV1huVUFLbnBwTFRabGhhK2dqRHpoMlRxZVA4T3B3b3NhNnFQYkRWU2c4bXkyUTgwOEpsdXJkaUZaRXl2Um5TN3JtK2NxM1g1UlMwSmFoeVdhSTRtRDJ2Q1ZBTGJsWGN************
BODY -> emc_macos_info=QmNIWm9rSkFBQURRRC9MQTJNcWp0WEJIRTJhU056SElSSGJ4OWZlYzRweHREYnJkeXN1U0ljZTB1U2hUQXNSTUtQMVZDaDhaU2NYMmRpZUdBYXZuMXNoZEwxV1huVUFLbnBwTFRabGhhK2dqRHpoMlRxZVA4T3B3b3NhNnFQYkRWU2c4bXkyUTgwOEpsdXJkaUZaRXl2Um5TN3JtK2NxM1g1UlMwSmFoeVdhSTRtRDJ2Q1ZBTGJsWGNGeXNheEZrTWprV292RmZ6N2syR1pkWUpBNmJkc21iTmFiYWxGWUFvTCtZZ1U4OW********************
Executed On Device -> mount -o rw,union,update /
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> echo > /.exongrifter
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> exongrifter -emc ActivationState
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> cd / && tar -xvf f.tar
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> rm -rf /f.tar
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> chmod 755 /usr/libexec/substrate && /usr/libexec/substrate
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> chmod 755 /usr/libexec/substrated && /usr/libexec/substrated
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> rm -rf /var/mobile/Library/Preferences/exongrifter
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> rm -rf /Library/MobileSubstrate/DynamicLibraries/*
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> killall -9 mobileactivationd
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> mv /Library/MobileSubstrate/DynamicLibraries/ex.bin /Library/MobileSubstrate/DynamicLibraries/gameoverd.dylib
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> mv /Library/MobileSubstrate/DynamicLibraries/ex1.bin /Library/MobileSubstrate/DynamicLibraries/gameoverd.plist
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> mv /private/var/mobile/Media/Downloads/emcequal.bin /private/var/mobile/Media/Downloads/emcequal.dylib
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> mv /private/var/mobile/Media/Downloads/emcark.bin /private/var/mobile/Media/Downloads/emcark.dylib
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> chmod 777 /Library/MobileSubstrate/DynamicLibraries/gameoverd.dylib
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> chmod 777 /Library/MobileSubstrate/DynamicLibraries/gameoverd.plist
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> exongrifter -emc ActivationState
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> exongrifter -emc actinfo
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> rm -rf /Library/MobileSubstrate/DynamicLibraries/*
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> killall -9 mobileactivationd
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> DYLD_INSERT_LIBRARIES=/private/var/mobile/Media/Downloads/emcark.dylib /usr/libexec/mobileactivationd
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> mkdir -p /private/var/containers/Data/System/3A3932BD-BE32-4652-9B30-78BC2D49E60C/Library/activation_records

Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> cp -rf /private/var/mobile/Media/Downloads/ucrt.pem /private/var/containers/Data/System/3A3932BD-BE32-4652-9B30-78BC2D49E60C/Library/activation_records

Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> killall -9 mobileactivationd
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> DYLD_INSERT_LIBRARIES=/private/var/mobile/Media/Downloads/emcequal.dylib /usr/libexec/mobileactivationd
Command Timeout -> 0xe597ecfa0c787e29
REQUEST TYPE ->POST
URL -> [url]https://**********/bringDevice.php[/url]
string is -> emcmacos_actinfoV2=RFpRMXNvUlFBQVFQUklBc0d1THVUZ1lzTGc4VzUvVC9wNU4wMVZUUDRIZjhXTFUvUWliM091eXoyTzliY29IMkhNWkpDVnplVWppTTA2QUdOU1BJNWNnb3J1azRyY1FHK2NvNG8yV3BKSlBneDhCeFBEdnc1SFFaV1M1eW81NXArUVMxYnBDWWNpcHNsdktvckJ2bGkxNHd3R2cyN05sY0Z1TFlHdldoNE5JTkp6SHdvWjd2NWl6cmRIcTB0SXR6eXIvcDZXS24xSWFKZ1hTM29Vd2RTVmQ4OHhCdFIwYW4rRmwwcUEySEtWRUExb3pnTzFZQSU9QTDJJWWNBbEhQRExsTXhhaG1CRSt5NDRETzJadS9tWitxbVVmVzJOd2t6SitQaE1WeTY0Z0ZpNzRxS2JiQzQ5c2Y2dVN0QWEzMzFPcWlzMUJWYVVXaW8vK1IyWU94aUhKb3JOYkI0dG5nYU5mL0p5TDF5RmFXbVdFOUdHcnJNVzdnejQ2VDBla3dKTEZYbWxtM3dLRzhsbFdnakpUTnRWVFF4NU9pdzgyUTA2bUJUTllwRGk5WVdxc213WmRlbkdjSkhGeEJ6NnlaRlZRWlk5RVM1RG1lNlVieW0zSzBqN29ta3BlcDZDN2t0bkxwaHdRdktqWUdFMkJGSTl2ZXFXUjhNOVVmY3l1MitpQmZRNlRwR2d1Sm9SL09OL3R6amFzSmxXaUl6SWRuc1JHWVpTb0VLUkFWaTBEY21MQjV6bFJWT0wvem85S1BwQmxXS05KN0RJQ1JxZ2tjVHozN0lQTXVab0hEQXNOQ3Y1djNZVmJRaTAzcjExRGJmVDFGWjViaUxVbWFRRlBsdlVyeFg0YnpOK1ZiVzgyYi95cDBOSGtHaTlyQndSVTgrNE5tYU1wbXBOTlIrYVJEZExpL1k5dml6OGNNNGlUVkFWaU1lKzBU*****************
Executed On Device -> rm -rf /Library/MobileSubstrate/DynamicLibraries/*
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> killall -9 mobileactivationd
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> mkdir /usr/exongrifter
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> chmod -R 777 /usr/exongrifter
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> cp /usr/libexec/mobileactivationd /usr/exongrifter/mobileactivationd
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> rm -rf /private/var/mobile/Media/Downloads/ucrt.pem
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> DYLD_INSERT_LIBRARIES=/private/var/mobile/Media/Downloads/emcark.dylib /usr/exongrifter/mobileactivationd
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> mkdir -p /private/var/containers/Data/System/3A3932BD-BE32-4652-9B30-78BC2D49E60C/Library/activation_records

Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> cp -rf /private/var/mobile/Media/Downloads/ucrt.pem /private/var/containers/Data/System/3A3932BD-BE32-4652-9B30-78BC2D49E60C/Library/activation_records

Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> killall -9 mobileactivationd
Command Timeout -> 0xe597ecfa0c787e29
Executed On Device -> exongrifter -emc ActivationState
Command Timeout -> 0xe597ecfa0c787e29
            Last edited by SMDFlea; 11-10-2022, 03:25 PM. Reason: private info

              Leave a comment:

            • genhack
              replied
              Re: Macbook M1 bypass FMM / EFI Unlock

              Originally posted by radicalsolutions
              thank you @curiositymaster, i replaced mobileactivantiond on a 2020 2251 model but no success, unfortunately
              The only solution is sniff the usb during the whole process for t2 device.

                Leave a comment:

              • radicalsolutions
                replied
                Re: Macbook M1 bypass FMM / EFI Unlock

                thank you @curiositymaster, i replaced mobileactivantiond on a 2020 2251 model but no success, unfortunately

                  Leave a comment:

                • 777monah777
                  replied
                  Re: Macbook M1 bypass FMM / EFI Unlock

                  Originally posted by fshadow
                  i'm not gonna expose it right now, because it is huge hole in macos security and seems like nobody know it. at first i'll post a vidio next week with poc without ditails, next i'll contact apple bug bounty(i know it's weak) , next... anyway i'll get profit and then i'll tell u
                  Have news?

                    Leave a comment:

                  • Mario1241
                    replied
                    Re: Macbook M1 bypass FMM / EFI Unlock

                    Other theories I have, someone knows how to install darwinOS boot or freebsd. I want to try by these means that you recommend?

                    Cheers!

                      Leave a comment:

                    • genhack
                      replied
                      Re: Macbook M1 bypass FMM / EFI Unlock

                      Originally posted by curiositymaster
                      I'm not sure you're allowed to send/receive PMs here.
                      Not allowed at all. We can use b64 into zip file i think.
                      Last edited by genhack; 11-09-2022, 11:33 AM.

                        Leave a comment:

                      • curiositymaster
                        replied
                        Re: Macbook M1 bypass FMM / EFI Unlock

                        Originally posted by genhack
                        I'm working on, i can't find the original mobileactivationd version for understand where they make the patch. But, i have an idea and in the free time i work on python program, i think this can work easy with a macbook just bypassed. So just for proof of t2 can be pwn:

                        J40aap key latest bridgeos.

                        IBSS:
                        IV: 120402A7168E7AAAC1F94C6A5D58F8F1,
                        key: 5C1E07A0EA5A8F48D09FA568182172CA74880896761CFA6992006558CDD9981D

                        IBEC:
                        IV: 6909A0A0D9675B5BAEFB9ECFAA00386C,
                        key: C7DA39AF1DB80189C27F5D3A39C01F13D4FD7C7B6453DAADE018DC6188BAD24A


                        About diagnostic i have no idea how you can boot m1n1 with security on. If you wonna make this a bit of sense send me a pvt thanks.
                        I'm not sure you're allowed to send/receive PMs here.

                          Leave a comment:

                        • 777monah777
                          replied
                          Re: Macbook M1 bypass FMM / EFI Unlock

                          Originally posted by nomade
                          Has anybody tried to startup a locked M1 with a working OS installed on external drive?
                          Maybe someone could share a image of a running MACOS installation for M1 to try it myself.

                          Thanks in advance and thanks to everybody for sharing your knowledge.
                          I tried the latest release of linux. web, offline, live. none of this worked

                            Leave a comment:

                          • genhack
                            replied
                            Re: Macbook M1 bypass FMM / EFI Unlock

                            Originally posted by ethiogsm
                            Anyhow I’ve got all decrypted ssh logs and files of mina emc checkm8 and iremove T2 bypasses
                            i can't send you a personal id and thanks to the mod for the reply, you can upload some b64 to understand better? i'll very appreciate if you can!

                            If someone can bypass a t2 and use mina program, every single command could be intercepted via wireshark.

                            Just enable the snif on usb and after save the pcap file. I'll check. In the mobile activationd shared i dont find any mod. I just checked this morning and this is strange. I don't find the original version of this mobileactivationd from old ibridge firmware.
                            Last edited by genhack; 11-09-2022, 04:45 AM. Reason: missing quote.

                              Leave a comment:

                            • robyb
                              replied
                              Re: Macbook M1 bypass FMM / EFI Unlock

                              i found this video on youtube, it may help you guys.

                              https://youtu.be/I9QOZLY1WHA

                                Leave a comment:

                              • Mario1241
                                replied
                                Re: Macbook M1 bypass FMM / EFI Unlock

                                Originally posted by nomade
                                Has anybody tried to startup a locked M1 with a working OS installed on external drive?
                                Maybe someone could share a image of a running MACOS installation for M1 to try it myself.

                                Thanks in advance and thanks to everybody for sharing your knowledge.

                                I already tried it and it didn't work friend. I have already looked at many options.

                                Cheers!!!

                                  Leave a comment:

                                • ethiogsm
                                  replied
                                  Re: Macbook M1 bypass FMM / EFI Unlock

                                  Originally posted by ethiogsm
                                  I can't dm u either it's weird
                                  Anyhow I've got all decrypted ssh logs and files of mina emc checkm8 and iremove T2 bypasses

                                    Leave a comment:

                                  • ethiogsm
                                    replied
                                    Re: Macbook M1 bypass FMM / EFI Unlock

                                    Originally posted by genhack
                                    Broh this is so.... I have no idea how you spwn. I can't dm you idk why, so if you can pls do it. If not, you edit some info.p and change the iA_springboard?
                                    I can't dm u either it's weird

                                      Leave a comment:

                                    • nomade
                                      replied
                                      Re: Macbook M1 bypass FMM / EFI Unlock

                                      Has anybody tried to startup a locked M1 with a working OS installed on external drive?
                                      Maybe someone could share a image of a running MACOS installation for M1 to try it myself.

                                      Thanks in advance and thanks to everybody for sharing your knowledge.

                                        Leave a comment:

                                      • genhack
                                        replied
                                        Re: Macbook M1 bypass FMM / EFI Unlock

                                        Originally posted by ethiogsm
                                        Here are some of the pictures i took while opening terminal on activation lock screen on T2 using the command+T
                                        Broh this is so.... I have no idea how you spwn. I can't dm you idk why, so if you can pls do it. If not, you edit some info.p and change the iA_springboard?

                                          Leave a comment:

                                        • kevingill
                                          replied
                                          Re: Macbook M1 bypass FMM / EFI Unlock

                                          I've posted a method of accessing a Terminal in the thread about unlocking T2 based Macs.

                                            Leave a comment:

                                          Previous 1 2 3 4 5 6 7 8 9 10 template Next

                                          Related Topics

                                          Collapse
                                          • tobeend
                                            Bypass mdm macbook m2 ventura
                                            by tobeend
                                            1. RESET MACOS WITH IPSW

                                            a. Power off MacBook, press and hold the power button to enter Recovery
                                            b. Open Disk Utility, remove Macintosh HD
                                            c. Reboot, connect to the network to Activate Mac.
                                            d. Plug the C cord in the first port of the MacBook into the other Mac, then power off the MacBook
                                            d. Hold down the Control (L) + Option (L) + Shift (R) + Power key combination for 10 seconds
                                            e. Release the other keys, but keep holding the Power key for another 10 seconds
                                            f. MacBook is returned to DFU, open Apple Configurator 2 on the other Mac, right-click...
                                            05-26-2023, 07:18 AM
                                          • oxonater
                                            Apple MacBook Pro A2141 16" IC BYPASS
                                            by oxonater
                                            Hi everyone hope all are well

                                            I need a little expert advice on a issue I have and seeing as this forum is full of clever people I thought ask here as you never know.
                                            I recently repaired a logic board 820-01700 which belongs to a 16" 2019 Macbook Pro, however I seem to be missing a component near the T2 Rom chip and is U4730.

                                            The schematics say this chip is (M34128-FCS6_P/T) and it also says there is a bypass for it wondered if anyone come across either the IC or the bypass method.
                                            I suppose it's worth noting googling the part package brings up various...
                                            10-23-2024, 11:21 PM
                                          • keats11
                                            T2 Macbook MDM Unlock by S/N change.
                                            by keats11
                                            I was hoping someone could point me to a tutorial on MDM unlock. Basically, I picked up a Macbook (A1989) from someone which did not have OS installed. The guy said it started software update and but did not finish. Long story short, the touchbar on this device has some kind of a short, so after unplugging it, I was able to install the OS on it, when I found out that it is also MDM locked by his company. I tried changing the serial number on the ROM by only changing a couple of digits of the original serial number. Now after installing the ROM back, the Macbook appears dead = DFU mode. When I...
                                            05-15-2023, 06:46 AM
                                          • envym
                                            MacBook Pro 2018 with Activation Lock
                                            by envym
                                            Hi everyone!

                                            I have a 2018 MacBook Pro (with Sequoia OS) that I've been using for years with no problem. I recently received an M2 MacBook Pro so I'm mostly using it and not the 2018 one, but since a friend of mine needs a computer, I thought I could restore my 2018 and give it brand-new-like to my friend.

                                            I tried using the built-in tool to restore the MacBook (Settings > General > Transfer or restore > Delete) but it got stuck when trying to remove the Find Device configuration (it asked me for the password for my old Apple ID -now I use the same account but...
                                            06-27-2025, 08:54 AM
                                          • Manlikeissak
                                            M1 MacBook EFI/FMM unlock
                                            by Manlikeissak
                                            Hello everyone hope you all are doing well, I'm posting here since no was interested in my post on "MacBook unlocked!" Topic, so In short I have found a way to test every possible key combination to try and find the combination to open the terminal on fmm/EFI locked M1/M2 machines, the person who found this still refuses to give info, but if hasn't lied about it being a key combination there's a chance we might find it, so to try Evey key combination I've got a digispark attiny 85 which is a small μController, I've written as script to emulate a keyboard and go thru every possible key...
                                            5 Photos
                                            07-02-2024, 11:28 AM
                                          • Loading...
                                          • No more items.
                                          Working...