Checkm8 is timing-sensitive. Solution: This is normal. Run ./ipwndfu -p up to 20 times in a row. It will eventually succeed. Avoid using USB hubs. Connect the device directly to your Mac.
If vulnerable, you’ll see:
If the timing of the exploit misses its window, the device may simply reboot normally. Put the device back into DFU mode manually and re-run the script immediately. What Can You Do Next? Pwndfu Mac
If a user forgets their Apple ID credentials on a locked T2 Mac, Pwndfu allows technicians to bypass the "Find My" service and the activation screen. 2. Bypassing Firmware Passwords Checkm8 is timing-sensitive
[+] Found device in DFU mode [+] Setting up USB environment... [+] Overwriting heap pointers... [+] Sending payload... [+] Device is now in PWNDFU mode! Use code with caution. It will eventually succeed
Entering this mode requires a specialized USB-C cable and a "checkm8" compatible tool.