Execve Assembly Shellcode for AARCH64 iOS Darwin

Question

Recently I have been trying to explore iOS command shell programming. I could successfully write a simple Assembly "Hello World" program as follows:

.global _main
.align 2

.text
_main:

   mov x0, 1
   mov x2, 14
   adr x1, hello_txt
   mov x16, 4
   svc 0


   mov x16, 1
   svc 0

hello_txt: .ascii "Hello, World!\n"

Then I started to try writing execve shellcode based on syscall values: https://thog.github.io/syscalls-table-aarch64/latest.html based on this sample: https://github.com/johnjohnsp1/shellcode-1/blob/master/os/linux/arm64/execve.s

.global _main
.align 2
.text

_main:
     // execve("/bin/sh", NULL, NULL);
     adr    x0, sh         // x0 = "/bin/sh"
     eor    x1, x1, x1     // x1 = NULL
     eor    x2, x2, x2     // x2 = NULL
     mov    x16, 221      // x16 = execve
     svc    0

sh:
     .ascii "/bin/sh\0"

Unfortunately the program doesn't get shell. I tried /bin/ls etc. yet couldn't it neither have worked.

I later on called execve from inside a C program, it successfully runs /bin/ls yet doesn't run /bin/bash. It seems iOS doesn't allow calling /bin/bash from system or execve.

My question; is there any way around with this? Or how can I progress more? Thank you so much.

UPDATE

Thanx to Siguza's feedback I could have a working Assembly shellcode (on jailbroken device):

     .global _main
     .align 2
     .text

_main:
     // execve("/bin/sh", NULL, NULL);
     adr    x0, sh         // x0 = "/bin/sh"
     eor    x1, x1, x1       // x1 = NULL
     eor    x2, x2, x2     // x2 = NULL
     mov    x16, 59      // x16 = execve
     svc    0

sh:
     .ascii "/bin/bash\0"

Answer 1

You're using Linux syscall numbers on a non-Linux kernel.
Execve is 59 under XNU (source).

But unless you're in a jailbroken environment, you will neither have /bin/ls or /bin/bash, nor will the sandbox let you execve anything.