diff --git a/lapse.mjs b/lapse.mjs index 4309b35..7f571eb 100644 --- a/lapse.mjs +++ b/lapse.mjs @@ -1603,8 +1603,9 @@ async function patch_kernel(kbase, kmem, p_ucred, restore_info) { kmem.write64(sysent_661.add(8), sy_call); // .sy_thrcnt = SY_THR_STATIC kmem.write32(sysent_661.add(0x2c), sy_thrcnt); - sessionStorage.setItem('jbsuccess', 1); - alert("kernel exploit succeeded!"); + localStorage.ExploitLoaded="yes" + sessionStorage.ExploitLoaded="yes"; + //alert("kernel exploit succeeded!"); } @@ -1696,20 +1697,20 @@ export async function kexploit() { await init(); const _init_t2 = performance.now(); - if(sessionStorage.getItem('binloader')){ - runBinLoader(); - return new Promise(() => {}); - } + if (localStorage.ExploitLoaded === "yes" && sessionStorage.ExploitLoaded!="yes") { + runBinLoader(); + return new Promise(() => {}); + } + // If setuid is successful, we dont need to run the kexploit again try { - if (sysi('setuid', 0) == 0) { - log("Not running kexploit again."); - runBinLoader(); - return; + chain.sys('setuid', 0); } } - catch (e) {} + catch (e) { + localStorage.ExploitLoaded = "no"; + } // fun fact: // if the first thing you do since boot is run the web browser, WebKit can @@ -1803,13 +1804,13 @@ function malloc32(sz) { return ptr; } function array_from_address(addr, size) { -var og_array = new Uint32Array(0x1000); -var og_array_i = mem.addrof(og_array).add(0x10); -mem.write64(og_array_i, addr); -mem.write32(og_array_i.add(0x8), size); -mem.write32(og_array_i.add(0xC), 0x1); -nogc.push(og_array); -return og_array; + var og_array = new Uint32Array(0x1000); + var og_array_i = mem.addrof(og_array).add(0x10); + mem.write64(og_array_i, addr); + mem.write32(og_array_i.add(0x8), size); + mem.write32(og_array_i.add(0xC), 0x1); + nogc.push(og_array); + return og_array; } kexploit().then(() => {