#development

in a script

lmao

i decided to be lazy and just use the .app folder name because they're usually the same

output is consistent so i just trimmed by 24 characters (.app/Contents/Info.plist) at an index of 14 which is everything after /Applications/
i made another variable for the trim length, just not in this screenshot

Shadow

It must be real

it would be fine though as long as both don't die at the same time

This is exactly what I was using on 15.1.1 but it's patched in 15.2 I think

Idk about open source jailbreakds, I wrote my own one that can just do krw via XPC and handoff full stable krw to any process that wants it

but KRW alone is mostly useless on 15.2 and up anyways

idk if it's worth it to try that on 15.4.1
getting stable rw and immediately quitting oobPCI would make the jailbreak stable-ish ig? For the pac and ppl bypasses, we could look at how fugu hands those to iDownload?

weightBufs has stable kr on 15.4.1

because I'm pretty sure they PAC'd stuff on IOSurface, gotta look at simo36's presentations

nothing is handed to iDownload afaik it directly tells oobPCI what to do

oof

is it possible to programmatically install an AppStore app w a jb

yes

not going to be easy though

Essentially all you have to do is get the IPA downloaded in tmp directory then call out to installd

Technically you could look at how https://github.com/majd/ipatool manages to get the IPA

As long as the account you're downloading from is the same as the logged in one on the phone

Has anyone here messed with ESP8266s and round LCDs that use the GC9A01 driver chip ? Having some issues connecting one up to a WEMOS D1 Mini clone

Using Santander lib you can also run ApplicationsManager.shared.installApp(ipaURL, bundle: bundleId)

I need to find out why Get My Shortcuts > Choose from List > Get Object of Type WFWorkflowRecord crashes Shortcuts on 13.5.1

I know the cause of the crash (WFContentCollection addItem: is called when nil, I know since attached code below fixes the crash) so now to figure out why tf it's called when nil

%hook WFContentCollection
-(void)addItem:(id)arg0 {
 if (arg0) { //if not null
  %orig(arg0);
 }
}
%end

WFGetClassAction (from ActionKit) seems to use [WFContentCollection addObject: named:] (from ContentKit) which I'm pretty confused by since addObject:named: only calls addItem: once, not in a loop, and after debugging seems like a ton of addItem: calls were made without recalling it, and I don't think [[WFContentItem itemWithObject: named:] calls the addItem: method either

// WFContentCollection
-(void)addObject:(id)arg0 named:(id)arg1 {
    [self addItem:[WFContentItem itemWithObject:arg0 named:arg1]];
}

do the rest of the commands nerd

which one

sad for still using lzma

society if frida ios worked on more than 12 devices globally

society if you STFU

https://tenor.com/view/future-ram-ranch-gif-18120355

society if you get banned again

untrue

you all missed me so bad

nope

https://cdn.discordapp.com/attachments/688124600269144162/1065046700147888188/future.png society if discord better

wait wdym

where does frida not work?

• doesnt work on any CS jb
• gives me a different error each time on my checkra1n and u0 ios 14 devices
• works half of the time on ios 15 palera1n

seems to only be reliable on old u0 🗿

and arm macOS

worked on my checkra1n device and u0 across multiple versions

wyd

debug it then

pls tell me that icraze actually knows how to use frida

whats the error anyway

changes every 5 mins

most common is just connection closed

cs jbs are bad i guess

sometimes get failed to attach and a list of registers

That is weird frida worked fine when i was using Taurine but I got off Taurine before CS started backporting ios 15 stuff to libhooker

i mean, i had odysseyra1n but idk if that counts

it's really only libhooker there but everything kernel is checkra1n

it does not

the libhooker stack there is completely different

I imagine it is LH issue more than anything related to those jailbreaks but I can be wrong

true

it is a libhooker issue

frida might try to get tfp0

and that only works on old u0 + checkm8 jailbreaks

well, my suggestions are just ensuring that frida is latest, making use of the gadget, or trying frida-server (with iproxy if usb) instead of attaching over usb normally

i don't think it would bother you for the developer dmg if it had kernel r/w

why?
well

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>com.apple.springboard.debugapplications</key>
    <true/>
    <key>com.apple.backboardd.launchapplications</key>
    <true/>
    <key>com.apple.backboardd.debugapplications</key>
    <true/>
    <key>com.apple.frontboard.launchapplications</key>
    <true/>
    <key>com.apple.frontboard.debugapplications</key>
    <true/>
    <key>seatbelt-profiles</key>
    <array>
        <string>debugserver</string>
    </array>
    <key>com.apple.private.logging.diagnostic</key>
    <true/>
    <key>com.apple.security.network.server</key>
    <true/>
    <key>com.apple.security.network.client</key>
    <true/>
    <key>com.apple.private.memorystatus</key>
    <true/>
    <key>com.apple.private.cs.debugger</key>
    <true/>
</dict>
</plist>

the developer dmg should container a debugserver exec that has these entitlements

why is file importer saying invalid file when i try to get the data yet it shows a valid url?

just did a device reset + jb'd with c1
Failed to attach: unable to attach to the specified process

it just never works for me

are you just using frida -U or the server with frida -H

fr

just assuming if you can read memory arbitrarily (including kernel memory) then you probably wouldn't need to manually debug
but that sounds far more unstable then just using debugserver lol

just realised it now fails to install

same error as this #jailbreak message

(libzstd1 is installed)

elu

fresh c1 install

can i have your strap

What is fakecursus

how do i use hookf to hook this function i found in ida

if the function header is __int64 __fastcall EMDetectorJailbreakStatus(int *a1)

MSFindSymbol and then init(boop = symbol)

%hookf

Ew

%hookf (int, EMDetectorJailbreakStatus, int *a1) {
    NSLog(@"EMDetectorJailbreakStatus called");
    return %orig;
}

%ctor {
    %init(EMDetectorJailbreakStatus = MSFindSymbol(NULL, "_EMJailbreakDetector"));
}

Oh is that Amy's proxy thing

that?

No

Hookf has been around for yonks

It’s for nerds who don’t know to use mshookfunction

Don’t use NULL as the search image!

thats what the docs say!

The docs are wrong then!

!

do i include the int *a1

No

The search image is the path to the dylib ur searching

@indigo peak for the MSFindSymbol argument, use _dyld_get_image_header(0)

MSImageRef = image header pointer

image 0 = the app you’re injected into

this won’t work on ellekit injector but yea

@grim sparrow this is correct right?

%hookf (int, EMDetectorJailbreakStatus) {
    NSLog(@"EMDetectorJailbreakStatus called");
    return %orig;
}

%ctor {
    %init(EMDetectorJailbreakStatus = MSFindSymbol((MSImageRef)_dyld_get_image_header(0), "_EMJailbreakDetector"));
}

@tepid olive this is correct right?

yes

doesnt work

Lmao

wait

just dlsym it

question

you don’t need msfindsymbol

so the function isnt in the main apps binary

its in a framework

Oh you fool!

thank you!

i forgot about that!

That was not specified!!!

dude

so

i know!!!!

iterate over every index of dyld_get_image_count

try to msfindsymbol with every index

Alternatively just NSBundle frameworkTitled:

eventually you’ll get it. print the _dyld_get_image_name()

and get the path that way

he doesn’t know the framework name

i do

okay then dlopen that

or use this code, which is faster and better

dlsym(dlopen(nil, RTLD_LAZY), symbolname)

make sure to remove the first underscore in the symbol name for dlsym

and symbol name is the binary name in the framework

it’s the function name

oh shit

remove the first underscore

make sure

dlsym(dlopen(nil, RTLD_LAZY), EMDetectorJailbreakStatus)

ok

so

yeah that will work

so i set the var in the ctor to that?

yes

%hookf (int, EMDetectorJailbreakStatus) {
    NSLog(@"EMDetectorJailbreakStatus called");
    return %orig;
}

%ctor {
    %init(EMDetectorJailbreakStatus = dlsym(dlopen(nil, RTLD_LAZY), EMDetectorJailbreakStatus));
}

that function name has to be a string

why isn’t it in quotes

otherwise ur good

i forgot

lmao

What.

At least it doesn’t inject in every process

Wait no this breaks on most jailbreaks

It's broken

Which is funny

@grave sparrow your patch introduced a regression

test this please

diff --git a/ldid.cpp b/ldid.cpp
index d031709..8067e70 100644
--- a/ldid.cpp
+++ b/ldid.cpp
@@ -116,7 +116,7 @@
 
 bool flag_w(false);
 bool flag_U(false);
-std::string password;
+std::string password = "";
 std::vector<std::string> cleanup;
 bool flag_H(false);
 
@@ -1826,7 +1826,7 @@ class Stuff {
             exit(1);
         }
 
-        if (!flag_U) {
+        if (PKCS12_verify_mac(value_, "", 0) == 0 && !flag_U) {
             char passbuf[2048];
             UI_UTIL_read_pw_string(passbuf, 2048, "Enter password: ", 0);
             password = passbuf;

no

it should not prompt for a password if the password is blank

that is how ldid has always worked

prompting for passwords is something that we added in procursus ldid

@grave sparrow did it work, yes or no?

I don't have a p12 with a password to test it

wait

what was wrong with how it was

why did you change it

LDFLAGS=-rpath /opt/procursus/lib

DYLD_FALLBACK_LIBRARY_PATH=/opt/procursus/lib ./ldid

don't tell me what to do

last time I did that you introduced a regression

I am a minor 🧍‍♂️

from testing it obviously

did you seriously think I was going to tag a new release without testing

ok, I didn't see any other issues...

whose ready for a bunch of bad signatures! https://github.com/ProcursusTeam/ldid/releases/tag/v2.1.5-procursus7

@grave sparrow i don’t think flexdeceypt works on iOS 15

@grave sparrow captinc

fr

Will it be reasonable to install Linux on iphone?

possible, sometimes
reasonable, probably not

@grave sparrow

ft

fr

Yes

.

Please i need help about getting alert when user touches the statusbar please (ios 15)

I have even asked chat gpt :D

But I can't still do this

Obj-C or Swift doesn't matter

Really i need help <@&355177530061357057>

If you can help me you will be real geniuses™️

our role does not cover development assistance but im sure theres someone that would be happy to help

Hi, we troubleshoot stuff, generally don’t develop

well, get developing!

But someone in here will probably help you, just wait it out

I would send an image but can’t

Ok

#development message

go from there

Ok really thx

Still don’t know how to do that

then learn the basics first

Ok i have learned the basics

But I tried like 20 ways and ask the AI, but still don’t work

that is not learning.

Ok then what is learning

Just send me some guides or something

I have 4 year experiemce with programming, but yeah i’m new to obj-c

Do you know how to write code

Pinned message in this channel

https://kodeycodesstuff.tech/guide not found

I have created few easy tweaks

I have openssh theos setup

@hasty ruin

https://icrazeios.com/kodey-tweak-guide

Looks good thx

Wtf they embed now?

not for me?

what you see

I'm on android skull

bruh

not even canary has it

@warped berry-user

oops

Wait I'm an idiot

I forgot i had aliucord

I haven't seen a message link in ages

wait

genius used modded client

It's not like ios where the token is plain text skull

what is your token?

mfa.ODgzNDEyNjE0Njk5NDQ2MjgzIGRvaW5neW91cmRhZA==

Thanks 👍

Base64 decode everything after the .

skull

tokens don’t even start with mfa

It wasn't serious

another zefram code leak

how do you even get that speed

It’s not slow

How fast is iterating every symbol

Try it

CoreFoundation is an early image

The last images will take very long to get to

That is the problem

you need to find the image first

then go from there

I highly doubt going over all symbols in the dsc is neccessary

not a thing, all symbol finders can find the objc_direct methods

yea true

like objc_direct is supposed to completely remove all mentions of the method, make it act like an unexported C function, but apple then faced the issue that they want proper logs and unexported C functions aren't exactly easy to decipher, so they put in fake objc method names as symbols in the DSC so that crash logs are still symbolicated

all objc_direct methods in the DSC have symbols

and an example would be -[CFPrefsDaemon handleSourceMessage:replyHandler:] in CoreFoundation

(this is the symbol name)

just be like me and check substitute source code

i’ll do that

the code is really cryptic and has a bunch of unneeded things I think

but idk for sure

ah I think you can probably get the location to search at from the library loaded at runtime

They do (or at least did) if you had 2fac auth on,

how can i get push notifications on my app without a dev account?

like how altstore and the clipboard app do

push notifications work fine
they just break when it's an app store app i think

its not for an app store app

but i cant enable the compatibility even

i dont have a developer account

you don't need a paid dev account for notifs, you just gave examples of apps that have it

you can do local notifications

how

i have the code to send the notification but it doesnt work

https://developer.apple.com/documentation/usernotifications

read

oh

people in #development when they have to read docs instead of people writing code for them

im still confused

unless im missing something

i did register for notifications when the app is open but it doesnt end up asking the user to enable them

i do this on open but nothing happens: UNUserNotificationCenter.current().requestAuthorization(options: [.alert, .badge, .sound]) { (success, error) in }

skill issue

h

is there some capability i need to enable that im missing

hey, @upper hull can you look in dms? i have a question about trollsotre on the tv

trollstore

yea

@wind ravine here is how you do it correctly

system("uinotify -b \"wow a notification\" \"notification title\"");

rate my code

1-10

https://twitter.com/JeroenFrijters/status/1615204074588180481?s=20&t=YPcXmv0Mc4-i58JecxlomQ

🥰

i wonder what intern wrote this

its good

They're using xamarin aren't they

Smh

yeah

i think

yeah xamarin

did you add notifications entitlement

oh wait i think you may need dev acc for that

idk

hi

no

i found the issue

what was it

i did a big stupid

i can tell

i wasnt calling the app delegate

so the command to ask for notif permissions never even showed up in the first place

rf

bro i was reading your picture @wind ravine

and then it just went

bam

apple should drop swift and use rust

my bad

unironically

idk

you can delete

apple should drop swift and use rust

100%

@grave sparrow ok yeah the performance issues r gone

Why

Just use dlsym

The shared cache header doesn't change

Why would you parse in a remote process

Why would you need to update your fork dude

This is about the shared cache

don't even fucking joke about that

I don’t get it

Definitely not

im not even joking

Seek help

Therapy

the extra slowness

i did it wasnt worth the effort

i agree

nor cost

typealias FileHandleC = UnsafeMutablePointer<FILE>
extension FileHandleC {
    @inline(__always)
    func readData(ofLength count: Int) -> UnsafeMutableRawPointer {
        let alloc = malloc(count)
        fread(alloc, 1, count, self)
        return alloc!
    }
    
    @discardableResult @inline(__always)
    func seek(toFileOffset offset: UInt64) -> UnsafeMutablePointer<FILE> {
        var pos: fpos_t = .init(offset)
        fsetpos(self, &pos)
        return self
    }
    
    @inline(__always)
    var offsetInFile: UInt64 {
        var pos: fpos_t = 0
        fgetpos(self, &pos)
        return .init(pos)
    }
    
    @inline(__always)
    func close() {
        fclose(self)
    }
}

force inline

trol

now i need help getting an mp3 file to convert to an m4a file on the fly

ive searched for solutions and haven't really found anything other than something for swift 4 (doesn't work anymore) and AudioKit which doesn't allow me to convert to m4a

AVAssetExportSession is probably your best bet

just looking at github

and that's AVFoundation btw

no idea where to go from there

https://developer.apple.com/documentation/avfoundation/avassetexportsession

https://developer.apple.com/documentation/avfoundation/avurlasset
https://developer.apple.com/documentation/avfoundation/avassetexportsession
https://developer.apple.com/documentation/avfoundation/avassetexportpresetapplem4a

pretty sure you can get everything from these

there was an attempt at a swift ffmpeg implementation but that was 7 years ago, so uhh

NO WAY IT WORKED FIRST TRY

void mp3ToM4A(NSURL *mp3, NSURL *output) {
  AVURLAsset *asset = [AVURLAsset assetWithURL:mp3];
  AVAssetExportSession *outputSession = [[AVAssetExportSession alloc] initWithAsset:asset presetName:AVAssetExportPresetAppleM4A];
  outputSession.outputFileType = AVFileTypeAppleM4A;
  outputSession.outputURL = output;
  [outputSession exportAsynchronouslyWithCompletionHandler:^(void) {
    switch(outputSession.status) {
      case AVAssetExportSessionStatusCompleted:
        NSLog(@"Successfully converted mp3 to m4a");
      case AVAssetExportSessionStatusFailed:
        NSLog(@"Failed to convert to mp3 to m4a: %@", outputSession.error);
      default:
        break;
    }
  }
}

that would prob work on objc

no clue

o i did mine in swift

idk swift

me neither

https://cdn.discordapp.com/attachments/934606253873827931/1065473844648882217/image.png

capt when performing

performing in a band concert

(he doesn't perform)

ED at your age is sad get that shit checked out by urologist bro

PIED

(porn induced ED)

duality of #dev

L

Censorship >>

mf

fr

how fix

im using phpmyadmin and tryna connect locally

Sir this is McDonald’s

will corrupting the mobilegestalt plist cause it to regenerate?

is xcode fucked up ? https://yan.hypixel.pro/🐤🎾🚱🕛🐛👩🏦🎽🕚🕖💕↔🐯🌓📥❕

?

like idk that's my first tweak

so

i just want some heklp 😭

yeah

ah!

it works fine

lol

You can have emoji domains

yh

there's one country which allows emojis in domains

for 2k i think

soooo

d'you know why it's doing that ?

Just use Punycode fr

I don’t do swift

okay

imma just leave it like that then

i like women

that’s crazy

Does anyone know anything about SecCodeSignerCreate from Apple? Is there any reason developers use ldid over that, since that's native to iOS and directly from Apple?

@hasty ruin

I have read the guide that you sent me and it's the same that the guide I have read in the past, so is there any more in-depth or harder guide?

I had a colleague send it to me, and it seemed interesting, just thought i'd ask around

Because this is too easy, and I want to be better at this before I'll go into real tweak development

Go ahead, port Security.framework to Linux

That makes way more sense, actually

Replace the code to get the key from the keychain with getting it from a p12 file too

What happens when apple adds new codesigning requirements that older Security.frameworks don't support?

Are you going to backport Security.framework?

We've been working on SideStore for a while, and everything's being done on-device with iOS, I just wasn't sure if it was viable compared to just sticking with ldid/AltSign. Thank you guys for the insight!

i know trivial stuff, unlike you guys lol

Write captsign than

Riley did it, why can't you? hehe

Riley did jackshit

Kabir with supersign is the real goat

Doesn't require a computer at all

No it doesn't

It doesn't use ldid either

oh yeah, speaking of codesign, apple does tend to mess with that a lot over the years

Objc is not portable

how does his even work when his ldid fork is all messed up

Riley's?

and yeah they've changed codesigning requirements like 5 times in the last 3 years

He also never added resigning support to the app so once the supercharge app expires you have to reinstall it with a computer... that's simple though, just needs to be added to the UI

you can over the same wifi network

I'm talking about supercharge

oh

Not altstore

Is ldid that bad? I'm very confused

imagine getting gnustep for libobjc 💀

what's not to love about some agpl saurik code

yeah it's really bad

Not to brag or anything

@grave sparrow use ipsw macho sign

yeah that

L bozo

I haven't looked too much into signing, most of the AltStore code functions fine, it's just been reimplementing AltServer code on-device that's been suck

But redoing AltSign would be nice for the future

I can't believe you would say that about @amber bone's baby

You probably don't even have it starred on GitHub

Yeah, cause capt code is so much better than saurik code

lets see type century source then

I'm not so sure

capt when he adds a flag but no documentation

baby saurik

...

except saurik actually comments his code

and when he doesn't, it's usually readable

you're bad at both

Remind me in like 8 hours

I have lots of notes

I just got the weirdest feeling of déjà vu.

yeah, very strange

https://blacktop.github.io/ipsw/docs/guides/macho#macho-sign

Nah it’s VERY therapeutic

coming from someone that works with arm64 asm

or just make a naked function, use asm inside it and have the compiler do the heavy lifting

it is but if youre pre assembling already then its easy and you dont need to do i/o args

asm("br x8")

fly emirates

wait... that actually exists on iOS?

The person I heard it from said it was on iOS

That's weird, I always assumed it only existed on macOS

It’s all on their open source site, so presumably it could be ported over to iOS, no?

Idk any reqs, on mobile rn, but..

that source code is terribly out of date afaik

It could only be on macOS, idk. Ofc no real documentation anywhere, so who really knows besides Apple

Since we’ve been looking into redoing the signing for SideStore, it’d all be done from iOS anyway, so we’re not too worried about crossplatform support, but that does make sense from everyone else here saying similar.

What is sidestore

well for what it's worth stuff signed with codesign does not work for me because of the ios 15 signing changes

only ldid works

Update macOS

I'm on latest

and always have been

??

also latest xcode

AltStore fork we’ve been working on. Basically AltStore without AltServer that only needs WireGuard to function jailed, hehe

Codesign is part of macOS, not Xcode for some reason too

but whatever I do, every time I use codesign, no matter what arguments I use / don't use, I always get posix_spawn error 85

Wireguard

Like the wireguard app?

Why do you need that?

At least it’s an App Store app

To trick lockdown into talking to us on device

Why don't you just create your own vpn profile

lockdown doesn’t accept loopback, but it accepts it through VPN if it comes from 10.7.0.1, lmao

bro just use sideloadly to install ipsws

sign it yourself

Wdym?

no

We wanna support free users, so we use a specific WireGuard config. Paid accounts could prob have it directly in SideStore, but we haven’t touched that at all

Use a vpn profile so that you don't need to use wireguard

for what

I think we’re using WireGuard’s protocols to do the trickery, so we’d need it in some capacity for everything functions. Though I’ve never looked into iOS profiles for VPNs

mobile or macOS

Wireguard requires an app

Use IKEv2/IPSEC/whatever so that you don't need an app

what does it look like now

what should the UI have

@grave sparrow finish procursus 3

For probreak

Now take the fugu15 exploit chain and convert to arm64

Why? You can use probreak on all those devices

Cause of sep

official ™️ procursus bootstrapper

It has a real name you know

Procursus 3

That's the official name

Not to be confused with procursus or procursus 2

it needs PAC to work

?? No, it's swiftUI

whar

Really? Interesting

you'd have to somehow use oobPCI as the kernel exploit only
and i think there's some asm for ppl and pac

trolling

i don't know what i'm talking about skull

the ppl and pac stuff are just extensions of oobpci really
ofc you need kernel r/w for those but that's what oobpci is for

in reality you'd just have to drop the other bypasses out of the chain and fuck with offsets, these aren't logic bugs like fugu14

Wouldn’t the pac bypass just do nothing

you're still messing with memory

so probably not nothing

true

@grave sparrow hook a C function for me thats in a framework that i know the name of

in logos

not zefram

bc i know youd do that

void updateJailbreakDeviceFlag()
{
  jailbreakDevice = 1;
}```

yes

_updateJailbreakDeviceFlag __text 00000000000BC378 00000010 R . . . . . T .

do i put void updateJailbreakDeviceFlag() at the top of the file

don’t do %orig lmao

you have to?

i think

theos complains

error: use of undeclared identifier 'updateJailbreakDeviceFlag'

Undefined symbols for architecture arm64e:
  "_updateJailbreakDeviceFlag"

if i add void updateJailbreakDeviceFlag();

void *updateJailbreakDeviceFlag = NULL;
%hookf(void, updateJailbreakDeviceFlag) {
    NSLog(@"fat cock");
    %orig;
}

compiles but doesnt work

@grave sparrow does hookf work if the function is in a framework and not in the main binary

Have you considered the possibility that this is a skill issue

i have an idea

no i have an idea

just use MSFindSymbol

yeah

void *updateJailbreakDeviceFlag = NULL;
%hookf(void, updateJailbreakDeviceFlag) {
    NSLog(@"[Tweak] fat cock");
    %orig;
}


%ctor {
    MSImageRef image = MSGetImageByName("@rpath/CoreComponent.framework/CoreComponent");
    if (!image) {
        NSLog(@"[Tweak] Failed to find CoreComponent");
        return;
    }

    updateJailbreakDeviceFlag = MSFindSymbol(image, "_updateJailbreakDeviceFlag");
    if (!updateJailbreakDeviceFlag) {
        NSLog(@"[Tweak] Failed to find updateJailbreakDeviceFlag");
        return;
    }
    NSLog(@"[Tweak] Found updateJailbreakDeviceFlag at %p", updateJailbreakDeviceFlag);

    %init;
}

Found updateJailbreakDeviceFlag at %p runs

but fat cock doesn't

Don't use logos

Simple

Logos is deprecated

what ab mshookfunction

Logos is deprecated

fr

yea you can it's literally the example on theos.dev

figuring it out

anyone wanna buy me some meth

but it's bad because it will call MSFindSymbol with NULL as the first argument

which is slow af

I'm dumb

When doing it like in the screenshot you can obviously pass in whatever image you want

But there was another syntax where you could put the string into the hookf and it would call MSFindSymbol(NULL, string)

aite sending you my paypal info

like %hookf(BOOL, "_MGGetBoolAnswer", CFStringRef string) <= that's the one you want to avoid at all costs

void updateJailbreakDeviceFlag();
%hookf(void, updateJailbreakDeviceFlag) {
    NSLog(@"[Tweak] fat cock");
    %orig;
}

%ctor {
    MSImageRef image = MSGetImageByName("@rpath/CoreComponent.framework/CoreComponent");
    if (!image) {
        NSLog(@"[Tweak] Failed to find CoreComponent");
        return;
    }

    void* updateJailbreakDeviceFlagPtr = MSFindSymbol(image, "_updateJailbreakDeviceFlag");
    if (!updateJailbreakDeviceFlag) {
        NSLog(@"[Tweak] Failed to find updateJailbreakDeviceFlag");
        return;
    }
    NSLog(@"[Tweak] Found updateJailbreakDeviceFlag at %p", updateJailbreakDeviceFlag);

    %init(updateJailbreakDeviceFlag = updateJailbreakDeviceFlagPtr);
}

this should work, it's basically what i do

except i just put MSFindSymbol directly in init

nope

what app is this

and are you sure the function is even being called

no its not compiling

not not working

this?

what's the error

address of function 'updateJailbreakDeviceFlag' will always evaluate to 'true' [-Werror,-Wpointer-bool-conversion]
    if (!updateJailbreakDeviceFlag) {

but if i fix that error

  "_updateJailbreakDeviceFlag", referenced from:```

the fuck

Go on

send the entire fixed file

i'll try compiling here

because i fixed the typos on my end and it compiles for me

Haha

Bear with

https://raw.githubusercontent.com/elihwyma/Aemulo/stable/AemuloApp/Aemulo/UI/Theme Manager/ThemeManager.swift?token=GHSAT0AAAAAAB4HV2MM2F67DKWIDMO4OUCKY6J347A

backgroundColor and secondaryBackgroundColor are your friend

secondaryBackgroundColor is ur view background and backgroundColor is your cell background

If you use a dynamic provider it automatically updates when user switches light mode/dark mode

So you don’t need to worry about listening for that change

What?

I forgot you had access

I don’t care lmao

It’s the most simple file in the project

i have the file

😄

brb pirating Aemulo ThemeManager.swift

No

TintColor is the tint colour

Like the UISwitch colour

secondaryBackground is vc background

background is cell background

It is on newer versions

On older versions you had to fiddle with it manually

Tbh I should be converting theme manager to an enum

I started aemulo a long time ago

Just make a UITableViewCell

Bear with

AemuloApp/Aemulo/UI/Base Views/BaseTableViewController.swift

let cell = self.reusableCell(withStyle: .default, reuseIdentifier: "Aemulo.DefaultCell")
cell.accessoryType = .disclosureIndicator
switch indexPath.row {
case 0:
cell.textLabel?.text = String(localizationKey: .HARDWARE_INFO)
default: fatalError("Literally Impossible")
}
return cell

dear liberal

Hello Cameren!

hello gaymy

It’s not an exact match

It’s dumb

Plus not backwards compat

That aemulo class was originally built for iOS 11

Everything ur trying to do is actually documented

@naive kraken Hi, regarding the Twitter mention about how autofill isn't working w/ Bitwarden installed via TrollStore, I saw this in the syslog:
In a pastebin b/c a lot of output: https://pastebin.com/2qB9kbzW

Is this an indication that the plugin just won't work?
It does mention that the "Requestor lacks required entitlement" so idk if this is some entitlement issue, or just that the plugin can't work

(Also I think someone misspelled acquire as "aquire" lol)

sick

Why would you trollstore install Bitwarden?

It's on the App Store

And open source

Just open a PR

Cause Fugu15 broke my AppStore lol

Why do people use fugu15?? It doesn't even give tweaks

Or just install Bitwarden before jailbreaking????????

Just for fun idk
I obviously know not to go around rm -rf’ing things
It just broke outta nowhere

No it’s broken even in stock

just use ipatool then install the ipa

Idk if that’ll work I can’t even use like sideloadly

Errors out

there's no way that installd itself is broken

wtf

use normal install with sideloadly

since the app is signed

Sec I have a screenshot

Same in the syslog

I think it’s less of an App Store being broken thing and more of installing apps itself

so that happens with any app?

Really? Thought this would be indicative of an error

well my idea was to try an app store signed app

and see if it would install

since trollstore has to call installd too

Is ipatool macOS only or cross platform?

macOS only atm

Ah ok, I’m on windows

there's plenty of third party software with app store downloaders i think

ideviceinstaller?

that just installs them

So theoretically that would work?

Oh downloader

Nvm

blue shields, anytrans
they both can grab ipa files from the store

Do you have a link to blue shields? All I can find are blue cross blue shield links lmao

that's the [redacted] tool
the chinese one with the 3

lol

Oh ok

Do you know of any that would be accepted to talk about here lol

Well anytrans

I’ll see if I can get it to work

uhhh i dont think it does, thats the whole point

it makes an app container then just uicaches it

could be wrong

No you're right lol

The fuck

Someone needs to teach them inlining

why can’t they inline that

that would be slower anyway

inlining would be slower?

what

How

for one i thought you were talking about outlining so mb

two it can be

because of code size bloat

and L1 cache misses

Bro

To call the function you need an instruction

The function is one instruction

Also the function call will not be cached

So what does it matter

Fly Emirates

arm is an abstract ISA

there are arm chips that are dogshit
see: qualcomm

ok valid

muh 865 doe

mediatek and samsung exynos you should look at

if you value freedom more than raw performance android still has a market but nobody would willingly choose the worse chip all else equal

@primal perchal

nfr

he is 15

too old for you?

gay furry thing

yes hello hi

fr

:3

:3

im 18

wtf you stole years from jaidan or sum

yall used to be the same age i swear

"i should go write a modern implementation of substrate"

https://tenor.com/view/clone-clones-buzz-lightyear-toy-story-gif-21609842

substrate and modern cannot be in the same sentence bro

i will only be supporting x86-64

intel iphone 🙏

iphone simulator

i tried and got like basic add and movs implemented then realized this sucks

young people chat

the x86 encoding is not designed for human understanding lets just say that

density above all else

me and shep wen

@primal perch@grave sparrow

refly emirates

📖

yeah, i said it :3

dwayne the cock johnson

:3

https://tenor.com/view/the-rock-surprised-hand-shakes-head-shocked-gif-26479804

Set the tableview type to inset grouped

That’s the default height, you don’t need to override that

https://developer.apple.com/documentation/uikit/uitableviewdatasource/1614994-tableview

If you use inset grouped as the type

And then this method

Wait

Where in settings is it centred

Might have to look into private methods

(it's not a good one)

Ok that’s not too bad actually

radio? don't those views exist already with the check marks and stuff

Intersting, will look into this later

Disclosure indicator and didSelectRow

@grave sparrow intjcapt

do swiftui then its the same

Anyone know how to pull an icon from LSApplicationProxy

I called iconDataForVariant and converted the NSData to base64

but that didn't do it

Yes

Wait, maybe not

I know how to get it from a bundle Id

I just saw _applicationIconImageForBundleIdentifier

Going to try now

No

On UIImage

anyone can develop me a tweak taking btc live price?

@tepid olive yeah sure. i’ll do it for 1 btc

ill do it for half of one

i’ll do it for a fourth

Why would we do it for free?

Would it be possible to cause a softbrick when unjailbroken, or enable password when unjailbroken. Could be useful to for checkrain on iPhone X, combined with simulating a fake lockscreen when jailbroken.

hmm not really an option lol

But theoretically causing a softbrick shouldn’t be that difficult right? The hard part is to deactivate it when jailbroken.

I mean if your doing something like a tehtered downgrade, this is basically how it functions anyways

does anyone know why tf this happens despite the setter method supposedly being added?

screenshot of code is what logos.pl spits out

this issue only happens on xina

every other property seems to be fine

and i cannot reproduce this issue at all, so im at a loss

xina

oh

The mistake was developing for something that is half assed

dude literally the only crash reports i get are from xina users and they send me all these fucking logs with absolutely 0 symbols

it’s so annoying 💀

I know theres a programmatic way to invoke the swipe handler

like

to make all the actions show

the easiest way is probably just make the handler for the swipe action call a function

and then just call that function from the uimenu

yeah

make it a separate method that both things call

you shouldnt rely on your swipe action handler to do your uimenu stuff

bad design

yep

make a view model

real

another xina user

had the tweak fully disabled

and it was still crashing

even though it just returns from the constructors if it's disabled

so no hooks were even being loaded

and nothing was going on besides checking preferences

combined with the fact its impossible to debug anything on xina

sick

nfr

hire ios_euphoria to make it

unfortunate

can i see @grave sparrow ?

;;p

swiftui: cant do it wrong if you can barely do anything to begin with

@grave sparrow what "lang" are you doing it in

objc, swift, swiftui

xamarin

such a slay 💅 💯 👑

the best.

swift

rare triangle L

rare triangle L

capt when he uses non standard #import in C and gets marked down

https://tenor.com/view/rage-angry-gif-25976706

if you have a single .c file in zefram with #import ur fired

oh god

thats just as bad as GNU c

#import is great

but its not C

i would be happy to see it in C2x

but until then i am using #include and include guards

someone find a way to wipe a folder using dirtycow

someone find a way to get @grave sparrow's mother to stop sucking my dick with a dirty mouth

i don't think you can just replace with zeros bruh

Bro thinks gcc is irrelevant

Capt is too far up apple's ass to be saved

He probably thinks Xcode is the best ide ever too

capt needs his xcodebuild and xcrun

fr

Balls

most sane apple fanboy

How could I get my tweak to add a new element such as a gif?

we love fortran!!! (until flang works)

flang when it just runs exec f99

Wen eta llvm-go

We already have gccgo

don't tell blacktop

What we really need is gcc-rs

Cause the current llvm based rust doesn't support a bunch of architectures

Because llvm doesn't support them

But of course gcc supports them all

Fun fact

fact fun

OpenBSD has llvm, gcc 4, and gcc 3

Write your own crypto library

wolfssl

Balls

Use mbedtls

doesn't macos have another SSL lib

Bearssl

But it's very stripped

I thought it was boringssl

Oh

I don't remember...

Probably

yeah openssl

big boy

openssl3 in fact

no

it has liberalssl

how many liberals does it take to screw in a lightbulb

it's actually 1 dumbass

couldn't tell you since Joe Brandon is chillin

has anyone's app tried to implement ian beer's dirtycow code?

@grave sparrow write an abstraction so that you can easy swap out any ssl library

Like how curl does

ive been looking into it to try to implement it into my app but im not exactly sure what to do with the page thing

i dont know c so idk what is really going on

it doesn't seem like it would work for what i want to do without some major modifications

FR

@grave sparrow Did you ever test tweaks on iOS with Zefram

Lol

???

checkm8

nerd

No

SwiftUI

Why are you making a Mac UI

Lol

dont do it in swift ui

see: ventura

This is crazy

Don’t make macOS ui

Or ask evelyn to do it

https://tenor.com/view/cad-bane-star-wars-the-clone-wars-bounty-hunter-gif-16253068

record gorn

for uh

$0.10/h

how's that sound

not right

wtf

0.08?

im not a haitian seamstress bro

i need more than that

hmm

20c

per h

how tf do you get a cent symbol

do you even use it

or just say c

2 cents per second a

72$/hr for gorn is pretty bad anyway

the butt pain would not be worth it

oral?

shep is considering

GORN ORN

whats taters precious

just missing the heroin needles

its joever

Fugu15: Am I a joke to you?

that's what I would say too

but the truth is I just don't want to deal with swift

??

yes

capt int

everything except for oobPCI

is Swift

and that's only C because DriverKit does not support Swift

based

based bc capt is mad

White people going extinct is not bad

what kind

idiots?

Not possible, there's too many

bozo

whats up

That’s illegal.

what are you trying to do

like

have you called addSubview?

because you're trying to create a constraint between views that can't see each other

they need to be in the same hierarchy

evidently

port it you wont

port it again you wont

i had to make a basic app in two hours and I thought it was a good idea for the first hour to try and use the objc runtime to use it only without knowing it that much

its the same thing

nfr

slightly different wrapper around coregraphics

nah appkit is aids

it's just unnecessarily bad

i feel like you're trying to pin something in the tab pane to the tab view itself

don't do that, that's illegal

the alternative is to remove all your auto layout code and just use interface builder

wtf

fyi even when trying via anytrans (w/ dummy apple ID) it still gave an error
Something seems to be a little broken lol

oof

yea idk

ahh signing out and in of my apple account now requires redownloading of all my pictures

oh that was fast

i cant figure out why it keeps erroring here

ian's poc

it works when i hide the home bar but crashes when i hide the dock

even tho im doing the exact same thing

nah aint no way

triangle posted something taht wasnt a meme again

is this bait

it has to be

no im just stupid

comic sans

i dont understand why it works for some stuff but not others

yes because its easier to read