#development

i made a short post about this, one sec

ah nvm, not completely relevant

in short, whatever you build as a deb file will have the contents installed with rootfs being the initial dir by default

so if you want files in /var/jb, then make the same folders alongside the DEBIAN one

to build a deb, use dpkg-deb -b directory

@naive kraken (just for a little background, i have never made/devolved anything for iOS, so pleas excuse my unknowing of how it all works, and my not knowing of how apps are launched) but would it be possible to create a tweak that locks app w face id lik bioprotect, that even in safe mode/jailed mode still either locks that or just make it crash when trying to launch it? or bioprotect could be updated. Also like you could select which apps get this like feature applied to them. Also would this be possible on TS?

definitely not possible with trollstore, no idea about the rest

oh ok, thx

dyld being open source is very useful. Many file formats have a published specification, RFC, ISO/IEC, etc in addition to a reference implementation. Was wondering if there was an official or unofficial file format specification for Mach-O?

Okay thanks

ok

ask @grave sparrow to update it

if he doesnt reply, just keep pinging him

👍

Make a jailbreak tweak and inject the deb in the app you want ig?

Like modify the way it launches so that Inorder to launch the app like sm verification has to happen w a tweak like bio protect and if the verification fails the app would just crash when trying to open or just not open completely

@ocean raptor is anyone going to do the fork stuff?

Didn't you ask this a few days ago

well I asked for progress and you said nothing has been done

and now im asking if anything ever will be done

Nothing will be done

It's literally impossible

it's very possible

go ahead

patch bash

do it

either by replicating what fork does in userspace or doing the implementing the xina solution of converting the binary to a dylib in a more broad way

neither of those are something that procursus can do

that is part of the jailbreak

amy is asking me to replace fork() with posix_spawn()

hm I see

i mean sure, it could be possible to intercept an app launch with a biometric prompt
but you'd have to sideload (and decrypt) every app you'd want that for

which is both tedious and quite annoying because setting up apps again is no fun and when they have updates it's even worse

Exactly, that's why I say it's not possible

the issue is not some API

the issue is that dyld or whatever does not allow dlopening binaries anymore I think

Or something along the lines of that, idk for sure

based

https://tenor.com/view/based-uh-hello-based-department-based-department-american-psycho-patrick-bateman-gif-22458382

Zefram v1.0 @hasty ruin @grave sparrow

(now in AMD drivers)

https://media.discordapp.net/attachments/933428639620542474/1067152949211574332/caption.gif

fr

https://media.discordapp.net/attachments/933428639620542474/1067152949211574332/caption.gif

Isn't the only way you're fully fixing fork to have a PPL Bypass

Why? fork should happen purely in the kernel, no?

idk

why would it work on trust level 7 then

and not on 6

Is trustlevel stuff in open source xnu?

I think it must be something subtle that broke, probably not even intended by apple

good one

It's "Open Source" in the KDK

in fairness the kdk has a shitload of debug info so you put that in ida freeware and its basically source

the issue is that the forked process can load anything but the main binary I think

So when you call fork and it's expected to jump to inside the main binary in the child it fails

but if the main binary is just something that dlopens the dylibfied real binary and that then calls fork, it works

my plans have been foiled

also every modern OS but yea

and removing MH_PIE doesn't work (at least on arm64e Mac)

but removing MH_PIE isn't an option anyway

It's not default on FreeBSD yet

It will be on 14

modern

Or x86_64 at least

freebsd is for people stuck in the 90s

like it or not linux won

So if I want to debug fork not working, how would I do that?

I need to make $500 quick

Sadly pimping out @grave sparrow's mom is not profitable since nobody wants to pay for that

get some silicone implants

give bjs for a day

problem solved

I am a minor 😐

dont tell him that

move to japan

then repeat steps above

philipines

(there are many pedophiles there)

that costs $

gotta spend money to make money!!

which you'll make back

fr

fr

fr

other alternatives include: springboard tweaks

mcdonalds for a week

I thought about making snapchat hacks

at 15$/hr

I already have a job

not 2?

this is bidens america

everyone has 2 jobs

buy TWTR

I wan to make $500, not lose $500

maybe I should make a crypto scam

procursus miner wen

I wonder what the most profitable tweak is...

^

really?

thats such a boring tweak though

bro was able to buy packix with carbridge money though

facts

can't imagine packix cost much though

gonna make bridgecar

and sell it on chariz

then eventually buy chariz

50% of carbridge owners dont know what a jailbreak is

so I need a tweak that people who don't know what jailbreaking is will look for

hmmm

I don't care about piracy

I used to pirate tweaks

me when I pirated instalauncher from HYI

before I knew what piracy was

first tweak i bought was bioprotect XS

HYI and bite my apple

shit aint work

copypog*

I wonder what the first tweak I bought was...

Springtomize I think

used the money from my piracy app store to stop pirating tweaks

very based

remember when someone bought xarold for 2k and just shut it down

I need altstore money

you dont even get anything for it i swear

the altstore beta ipa is on his github

bro is getting $10k/m for writing a wrapper around ldid

which doesnt even work*

I should steal kabir's supercharge and sell it on patreon

kabir, I promise I will not do that

this is a joke

@nimble parcel

intjtroll

and the wrapper around open source emulator cores

dont forget that part

so I need to write a gui 😭

porting zoomb0i to ios for $10/month

ok so I'm going to ask some people the one thing that they wish their phone could do and then write a tweak to do that so I can capitalize on stupid people

fr

don’t forget to @available it for iOS 13.0!!!

fr

unsafe

i need to make a paid tweak

fr

std::vector

cummers

nobody will pay for quickactions 2 (and I really hate it) so I need to find a new tweak idea

i legit have 0 source of income

or anything

to milk all the stupid jailbreak people dry

^^^

fr

I have a source of income

https://cdn.discordapp.com/emojis/912021126304116806.webp?size=96&quality=lossless

average #development

(prostitution)

thats all @marble perch

no, I have a job

(prostitution)

job? in a discord called r/jb? no way

Intel i5-2415M (4) @ 2.900GHz

r/Jailbreak*

🤓

kirb, if you give me $1000 I will fix chariz for you

add iphoneos-arm64 support

@primal perch didnt you say youd give me money if i maintained birdpoop for you

kirb, if you give me $1000 I will do literally nothing for you I just want money

the opposite

actually

pay me like 500$ and you can have all rights and ownership to it

i will acknowledge Australia existence

update it, resell it, etc

same thing as buying a broken down cheap car

put in the labor and youll profit

thats what I want

make sure to host on Pluto repo for maximum profit

a car

(They don’t pay tax)

you dont

you simply dont include drm

nah you spend like a day on basic drm to protect week 1 sales

or you do what IDA does and make it so expensive that anyone who buys it wouldnt dare share their binaries

so all the leaks cant be trusted in terms of malware

Cydia up auto shares them

cydia up

oh real

fr the only reason I want $500 is so I can buy a lego set and not feel guilty about not spending the money I get from my job on a car

🗿

ida?

true

where is cydia up ida

Like actually we have the best role colour

me especially

True

simply open source zefram

i wouldnt pay for captware

:p

why would you care about piracy?

fr

anybody who pirates would not buy it

zefram cycake edition wen

a pirated copy is not a lost sale

it does restrict the amount of people that use it, as some percentage of people are paranoid about malware

probably not a lot

but some

fr

the us government is so terrible with financial planning

if you’re that paranoid about malware, you shouldn’t jailbreak

is paranoid
uses ios

4head

Fr

aka the apple data farm

why hasn't someone made a pdf editor that's better than acrobat

eta never

lets make one

capt lets make one in fermiui

sell it for 50$ one time

people will happily pay that if it means no adobe bullshit

actually $69

nicer number

can I get in on that action

yeah first we just need to finish fermiui

on the plus side when its done it will support freebsd

(it's os agnostic)

abstracting away the events to a second layer

so all the rendering code can just be dropped in

but its the same binary

simply (ab)use virtual methods

fr

FreeBSD uses X

great rn the event and windowing is just SDL2

which supports wayland and X

so it would work

everytime i go to work on it i remember i need to write the hardware accelerated backend and that requires learning opengl

so then i go to learn opengl and get bored/confused and do something else

repeat

Just support one OS

And spin up a VM for each view on incompatible OSes

👍

docker

dicker

lock.shield.fill
lock.circle.fill
lock.square.fill
lock.rectangle.on.rectangle.fill

void AppDelegate::ApplicationWillFinishLaunchingWithOptions(FermiUI::Application *application, void *launchOptions) {
    // fr
}

void AppDelegate::ApplicationDidFinishLaunchingWithOptions(FermiUI::Application *application, void *launchOptions) {
    const Rect mainFrame = RectMake(0, 0, WINDOW_WIDTH, WINDOW_HEIGHT);
    
    #if DEBUG_UI_FRAMEWORK
    Fermi::DebugUIStartViewController *vc = new Fermi::DebugUIStartViewController(mainFrame);
    #else
    Fermi::StartViewController *vc = new Fermi::StartViewController(mainFrame);
    #endif

    FermiUI::Window *window = new FermiUI::Window("Fermi", vc, mainFrame);
    window->Show();

    vc->Release();
    window->Release();
}```

fr

scoob

fr

we just have a shitty checkbox cus we're lazy

we'll pay you $0/hr to add them

4.00 MB of binary code though including all the libraries

not bad

electron: best i can do is 150

and its only half dead

the last commit was

2 weeks ago

where can I find libiconv.2.dylib for armv7?

just the dylib

I can't find it in the default pangu packages

probably doesn't exist lol

saurik's bootstrap sucked balls

dork nerd

didn't ask

yeah tbh

so how can I get tar working? in an ssh ramdisk

make a better ramdisk

nah

but in all seriousness, if I don't have the file, how am I supposed to make it better?

I already added a bunch of missing stuff, but I still need this lib

by shipping a bootstrap with the ramdisk

duh

like what bootstrap

substrate?

that doesn't include much either

use whatever morpheus has
binbag has tar and should support armv7

yet the file exists somehow and is in one of the packages downloaded by cydia on a fresh install afaik

skull

or just grab the entire binpack
it has fat binaries

cause you probably need more than just tar

nope just tar lol

I mean the dependencies are all there already

since I put them in the ramdisk

I put binbag in my ramdisk, will see if it works

libiconv.2.dylib is part of the dyld_shared_cache

the dsc in ramdisks is missing some libraries to make it smaller

I could probably just copy the one from retail ios then

nevermind haha I had a brainfart

in fact dsc doesn't seem to be present at all lol

any way to extract just libiconv.2.dylib?

i still advocate for statically linked binaries

helps with whatever this headache is

yeah but relying on dsc in a ramdisk?

💀

what do you propose I do

i already told you what to do

does binbag rely on any bins?

no

or dsc?

it's like busybox

alright

where can I get the 32 bit version?

I don't think it's on the original website

unless i'm meant to use the applewatch version lol

uhh, i don't even know if arrmv7k will run but apparently that's just 32-bit armv7

so it wouldn't hurt to try

well it doesn't run, just tested

damn

bad architecture

is there a tool to extract dylibs from the dsc?

does anyone know how i might go about making a deb archive without ar or dpkg

look at dm.pl

good news, it's archived
https://web.archive.org/web/20171207111110/http://newosxbook.com/tools/iosbinpack.tgz (well, the binpack is)

nice for 32 bit?

all my homies hate perl

actually has to be if it's from 2015

should be

k

this doesn't really help since there's no tar 💀

binbag would have been nice since it was nice and contained

let me take a look at how ssh _rd handles things

bro where are you looking

it's in usr/bin

a symlink to bsdtar in the same dir

oh yeah

i'm tired tbh

how does ssh_rd work anyways? doesn't have any built-in patchers

well it's a script, other binaries do the patching

obviously

i'm talking about like packed in generic patche like iboot32patcher

"not a Debian archive" my ass

it calls it

lol

oh alright

what source file is this

that's nathan's sshrd script

the 64bit checkm8 one

oh

not talking about that

talking about og sh-rd by msftguy

i'm getting desperate, might just bust out the windows 7 laptop

ah i'm looking over it

it uses xpwn i think
syringe is used for loading it

sounds about right

and i guess a lot of patches are just done manually with fuzzy_patcher

yeah, fuzzy patcher is used for the syringe stuff

since they made a java gui there's a sort of bridge

debian package format is clearly explained lel

i even made my own explanation for someone else

just make sure you aren't missing DEBIAN or anything in it

yea i know i have the actual format down

im just struggling with compressing it into the actual archive

right now i have packing working by compressing the data and control archives and then using ar to make the deb

but i wanna remove the ar dependency

don't tell me you're going to make a basic version of tar/ar

maybe i will maybe i wont

see, dpkg depends on libs for compression but tar itself is just called since there's no lib (officially)

right

ideally i was trying to find a way to create a deb archive using only tar

from scratch

you need ar as well

ugh

thats annoying

because that's what the deb format is

i can extract a deb with tar

just not make it

bsdtar is fine too

but ye

bsdtar can make an ar?

I thought tar only did tar and ar only did ar

dpkg depends on tar

yeah but that might just be for the stuff inside?

The .deb itself is ar format

skull

i like how tar can unarchive ar too though

yea thats what had me hopeful

yeah i don't think there's a way around ar

i can unarchive but not archive

thats so stupid

i mean, if ar isn't on your system already then there's a problem

it's so basic by now

yeah thats true

but i hate dependencies

thats why i made this whole deb unpacker / packer in the first place

it's a depend you're expected to have just about everywhere

except windows

realistically dpkg's manipulation features are available on most systems but i still dont like it

figure out how GCC uses ar

because that's the format of objects

apparently

i dont think anything about this project would work on windows anyway

To create an archive from files class1.o, class2.o, class3.o, the following command would be used:

ar rcs libclass.a class1.o class2.o class3.o

Unix linkers, usually invoked through the C compiler cc, can read ar files and extract object files from them, so if libclass.a is an archive containing class1.o, class2.o and class3.o, then

cc main.c libclass.a

or (if libclass.a is placed in standard library path, like /usr/local/lib)

unless u used WSL

yeah but that's read

not creation

yeah butnsee if there's aibrary they have

A library

and if there is then make some c bindings

and then have fun maintaining that

and habign cross platform support

there's probably nothing to maintain after it's done

it's simple af

it's archaic software for a reason

I mean for if there's an ar C library

you would need to make some c bindings

and then that's a big floodgate

yea im probably just gonna stick to using ar tbh

it's reinventing the wheel

fr

what

to implement ar in such a way

pointless

looking at theos' docs it needs WSL or gsc anyway

so realistically if i use ar it will be instantly cross compatible with any machine that can compile with theos

oh also what's wrong with like https://pypi.org/project/unix-ar/ or something

im cool with that

I mean its the proper way to do stuff technically

2019

?

i understand using a lib for something like python
but ar is probably as basic as having a shell

if you don't have it, wyd

last updated in 2019

so?

does anyone know if dm.pl just calls ar too

i can look but im not at my pc rn

what's DM.pl

theos' version of what im making

send link

semi-port of dpkg in perl

https://github.com/theos/dm.pl

vs https://github.com/luzproject/pydeb

granted dm.pl is a command and pydeb is a library but its the same concept

oh its perl

🤮

I'm pretty sure Perl is just gonna use all commands

i dislike perl idk why

https://github.com/theos/dm.pl/blob/4d3e455f632f77bbf500e03c3670b7cd951f546f/dm.pl#L113

ok cool

what about making the tar archives

Is that anywhere there

like control.tar.whatever

oh its literally right there

my bad

so it uses a library for tar compression and just calls ar

ohhhh

i get it now

Apk

ok

ik what im gonna do

no that's moy it

not

@next wadi pretty sure they just literally implemented the ar format manually or something?

I recognize the header

from earlier today

looks like it

look at print_ar_record

cpt

common lzma L

xz better

i'd make zstd the default comp

but

its not installed by default yet

plus its new

@next wadi hey read the comment here trol

maybe zstd isn't in spec

:trol;

nvm

yeah good luck with that

That comment is out of dats

ignore that

no it is

i tested with procursus dpkg

on my mac

zstd (with .zst extension, supported since dpkg 1.21.18),

when was that dokg version

you mean

1.21.17

with .zs extension

1.21.18

lmao

Darwin file moment

no

it said zst in the deb(5)

sooooo

same with bz2

no just zst

its zstd

why

nfr

what's that got to do with anything

what about lzma and lz4

both cant be lz

simple

it can't just be 2/)35634#

2 letters

therefore Darwin file command is wrong

shut up

no one cares

and no one is naming it .zstd either

yea regardless that was a dumb ass bug

and a pretty big one too boba

I cant believe they hadnt noticed

that is a very minor bug

you're a minor bug

I'm not a bug

says who

@next wadi @grave sparrow @faint stag gn

gn

@gentle grove @next wadi @faint stag

1. ar and tar are super simple formats
2. bsdtar is just uses libarchive which supports every format you can imagine
   https://manpagehub.com/FreeBSD-13.0/libarchive-formats.5

https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=ebc2c3def335ac391b010323ab65a302648f3ec7

January 10th

Speaking of which, I need to update dpkg on pro again

gn

gorn gorn gorn gorn gorn

I'm guessing you would call fork from a CoreTrust signed binary on either xina, Fugu15 or just with TrollStore and Filza (note that the fork issue only affects arm64e)

is anyone able to compile this in xcode so I can side load the ipa onto my phone (and on my watch)? only the "watchOS" branch has the app that I want but unfortunately I don't have a computer to compile it rn. tysm! https://github.com/brandonplank/flappybird/tree/watchOS

How can i make my tweaks complatible with palera1n

anyone knows here how to compress an image by maximum without losing much quality? i have this code but it compresses it to 2kb or either 3kb but not 1kb which i really need due to MacDirtyCow limitations

        let targetSize: Int = 1024
        
        // Determining the best compression algorithm using binary search
        var minQuality: Float = 0.0
        var maxQuality: Float = 1.0
        var midQuality = (minQuality + maxQuality) / 2
        
        // Variables to store the compressed data and the size of the compressed data
        var compressedData: Data?
        var compressedSize: Int = Int.max
        
        while minQuality < maxQuality && compressedSize > targetSize {
            midQuality = (minQuality + maxQuality) / 2
            compressedData = UIImage(data: data)?.jpegData(compressionQuality: CGFloat(midQuality))
            compressedSize = compressedData?.count ?? 0
            
            // Check if the current compression is lossless or lossy
            if compressedSize > targetSize {
                maxQuality = midQuality
            } else {
                minQuality = midQuality
            }
        }
        
        // Saving the compressed data to the specified path
        do {
            try compressedData?.write(to: URL(fileURLWithPath: path))
        } catch {
            UIApplication.shared.alert(title: "Error", body: "Failed to compress image!", withButton: true)
        }
    }```

webp or heic might work. webp compresses better than png or jpeg and can do lossless or lossy with transparency, while heic is lossy only ie a replacement for jpeg

you may need to use external libraries (libwebp, not sure what exists for heic) to encode to them, though

iOS 15+ can decode both though

ok ill try with webp

Have palera1n installed. Phone died. Do I have to reset back to factory and redo the whole jailbreak again?

no

ask in #jailbreak next time

or #palera1n

hi, i'm trying to sideload a tweak that uses mshookmemory, how do i make it work

do i have to enable jit or is there a better way

you can’t I think

I think you have to have JIT

would altjit make it work?

no idea

If you sideload normally, you will need to enable JIT in some way. The most common method is to attach a debug server to the application while it's running - JITStreamer, AltStore, and Jitterbug all use this with their Jit enabling functions. The only downside to this method is that you are required to be connected to a WiFi network in order to enable JIT.
from pojav

not convenient

what kind of memory are you hooking

Do you absolutely need to runtime patch the executables pages? You can't patch the binary and then sideload it?

Got my category parser working

Integrating target class lookup with dyld info bindings was a pain

ah well

i want to patch an instruction to branch to a function in my tweak file

app's __text segment

I'm not sure about the sideloading pipeline you're using, but that sounds like sounds like a static patch you could do to the binary before you sideload it

yeah it does, i'm just unsure what the address of my function would be

How do you get its address when you want to use mshookmemory?

if i patch it into the ipa i should be able to locate it then patch the binary right?

i just pass the address

yeah that's what I mean, you can patch the IPA

well if you have the address your disassembler should show you the file offset and you can patch it on-disk

i'll give it a shot, thanks

You're welcome 👍🏼

that sounds legitimate and convincing

@lament mica

who tf is named gilbert 💀

@hasty ruin Nexus took too long to release

(iOS 15)

palera1n user 🤮

/s

https://tenor.com/view/see-you-soon-gif-18010036

never

like fermi

i need help

                guard let subtypeData = try? JSONSerialization.jsonObject(with: data, options: []) else {
                    print("Couldn't decode json data")
                    return
                }

works on some devices but not all

like it works on iphone 8 but not on iphone 6s plus on simulator

the data is there it just cant decode the json data

West Nevada

Yeah

@_cdecl("tweak_entry")
public func tweak_entry() {
    
    NSLog("[COCHA] Hello world!")
    
    // MARK: - Load hooking library
    
    loadSubstrate()
    
    // MARK: - Start hooks
    
    initialize()
}

trolly

how tf

this is crazy

thank you!!

<3

how

tell me

so?

what is it

t’es

yes

has anyone ever gotten gdb working on macos

WAIT I GOT IT WORKING

i just had to keep trying to run it

and it eventually stopped hanging

finally 2 years later i got it working

fr

use the llvm debugger

no

because gdb

idk i just want both

im trying to make sure i know the commands in both though

wtf lldb has color in disassemble on macos

wait no i ran gdb im stupid

gdb backtrace is shitty on macos for some reason

fr

but on linux theyre both equal

actually lldb gives more lines of code context

and has better commands

@grave sparrow you are right

ok now to actually debug this bug

thought it was because i wasnt initializing code but i guess not

OH YEAH the other thing

error: summary string parsing error

meanwhile gdb doesnt have that issue

i need to add -fstandalone-debug for lldb to like it

guess ill just have to do that

oh yeah i forgot that im not even returning anything from this method

oh i gugess its clang not lldb that was messing it up

i am aware of this but funny how gcc doesnt warn about

i dont

i just like gdb more + it pisses you off

fr

yes

why like gdb more

oh also remember me complaining about lldb not supporting up arrow, it turns out 2 days ago that got fixed on the arch package

https://github.com/archlinux/svntogit-packages/commit/fe4e5430f16f77fed6c73a1c101bfc1b7abea28b

funny

why do people do this

i literally do not understand

Where

gameseagull

https://github.com/donato-fiore/GameSeagull/issues

it is nearly 12am and i'm watching videos about things i already know about @grave sparrow
i should just skip to the assessment fr

What's an operating system?

WHO LET HIM COOK 🔥 🔥 🔥 🔥 🔥 🔥

Bro thinks he's smart

a kernel and a userspace

0x7C 0x20 0x7C 0x7C 0x20 0x7C 0x7C 0x20 0x7C 0x5F

Go ahead, explain that joke

Does that just say that capt is a mentally slow being?

The virgin caps on the virgin

Friendly fire right there

Sounds to me like you're just too stupid to understand it

cus it was my first introduction to debuggers

i am biased

just like i was raised on macos and then windows so i dont like linux

I like gdb's tui

its also the most common debugger in the industry

sorry apple folks but once again your standard is irrelevant outside of *OS

got in to 3ds cfw and guess what? supported debugger was gdb

that is an option

one that is generally met with distaste once you have assignments for <some other OS>

LLVM is the default on every BSD

see: capt complaining here

wholesome

lldb is pretty nice though

I've been using it on linux

(Except some strange architectures that gcc 4 has to be used on with openBSD)

youve certainly done the most of it

especially now that it has libedit so I can use arrow keys and tab complete

real OS

mac

Windows 10 dawg

💪

CentOS is great...

Debian is the best Linux distro hands down though

does lldb work fine on windows too

https://tenor.com/view/facts-brother-true-smoke-gif-23157983

i am once again watching gorn

fun fact: openBSD includes llvm, gcc 3.3.6 and 4.2.1

as opposed to foot-writing it?

Because llvm doesn't support some weird architectures

llvm bad

Wtf I have GCC 12 on my macbook

gcc good

And some architecture got dropped in gcc 4

And anything after gcc 4.2.1 is GPLv3

risc-v is better

x86 is better

risc-v with cheri >>>>>

if ur gonna ditch x86 might as well get a open license

arm is only slightly better

I want a Cheri computer

in terms of licensing

bobacpu

its capt so

is RISC the same as risc-v

i would take the opinions with a healthy dose of salt

/j

partially

that makes a lot more sense

Capt is allergic to good opinions

wtf is that

Ceduced insutrction set

wait what even is the C at the end

dated terminology grouping ISAs into complex instruction sets (CISC) and reduced instruction sets (RISC)

in practice arm is borderline cisc now

oh complex

that's a word

Should I buy the alibab Roma

It's the first risc-v laptop

only if you feel like beta testing

https://media.discordapp.net/attachments/688121419980341282/1068800942692122644/image0.gif

https://media.discordapp.net/attachments/933428639620542474/1067152949211574332/caption.gif

i agree

is there a way to extract a specific dylib from a 32 bit dyld_shared_cache?

I need it for a ramdisk, which obviously can't fit the whole cache

there aren't any dyld extractors that produce fully reusable binaries yet

any way to trim the dsc?

or just use the tar command without dsc 😆

because that's all I really need

otherwise, I need libiconv.2.dylib

kumtool

@old geyser kum

is there a way to use the dyld cache from the main system in the ramdisk?

BRO

JUST COMPILE TAR WITHOUT ICONV

that works!?

I mean out of the two dylib dependencies it has I would expect them to be useful

https://github.com/libarchive/libarchive

Hell if you just need to extract a ustar uncompressed tarball all you need is https://github.com/libarchive/libarchive/blob/master/contrib/untar.c

Which has 0 dependencies

alright

this tool doesn't have symbols for armv7

it's tar bro I don't get why it has to be so complicated

What does that mean

Make sure you're using a sdk that has armv7

or rather it can't compile for armv7

Wrong

what sdk are you talking about?

iOS sdk

iphoneos is not good?

You need an older sdk

One that supports armv7 still

will the one from theos work?

for 9.3?

Should yes

-isysroot path/to/iPhoneOS9.3.sdk

with xcrun? or what tool

Use your brain please

you know what, after looking through the source of the tool, I don't even think it does what I want it to

so we went from just using an existing static tar to building it without the lib you've been searching for

bro make up your mind

@ocean raptor

How do you obtain root with palera1n?

setuid

Bruh capt was that really funny? So sad to hear something like this from you

🤷‍♂️

Is this sarcasm or what?

Do you guys have heart? put yourself in these people's situation

Do you think this is also funny?

This?

This?

@shut stag this is not freedom of speech some peoples shouldnt exist here because they have knowledge about jailbreak or because they’re old… I’m so upset to see this discord like this….

Aight

@turbid osprey kasmerlere bak

Yes I am aware of what’s happening

Sen neredeydin kral iyi misin

I am 500km away

vefat edenler var akrabalardan canı yanıyor insanın

Bruh capt was that really funny? So sad to hear something like this from you

Wow I hope you guys won’t live the same situation with hurricanes

Bruh capt was that really funny? So sad to hear something like this from you

as a native floridian I can assure you that hurricanes are funny

Lol

Still toxic scene

I just only asked for help to retweet but it’s the payback thanks heartless human beings

Internet will save you all, by repeating after me piece of humans

@turbid osprey kasmer kalktaklara gel ya hahahaah

@grave sparrow @primal perch I finally found a good profitable idea

on-device local song manager

for unjailbroken

I know how to do it too

I don’t give a fuck

This is absolutely stupid but I wonder if you can have custom shortcut actions with CoreTrust vuln + MacDirtyCow

You could probably make a modified ActionKit binary to have a custom shortcuts action, and modify WFActions.plist in WorkflowKit to use your custom class, and CoreTrust ActionKit so it's signed

Replacing system files isn't the best but since changes to rootFS disappear on reboot with SSV, it should fix itself anyway

mimport jailed?

yes

don't forget the tag editor

album artist is the bane of my existence

fr tagging shit so that it is properly recognized by macOS or iOS is such a pain in the ass

I'm about to just store a date as a string

what has 2 legs and is underwater?

i mean i pirated metadatics on mac

use epoch

ez

oooh I gotta check that out now

thanks for the suggestion

what?

Florida man after a hurricane

accurate

without losing any precision though, its microsecond accuracy because I guess that's what rust chrono does

and parsing the string is the issue not the actual data type

I wonder if you can edit this file to privilege escalate

std::chrono::parse doesn't even exist for some reason, even on cpp20

ghidra

lied oops

forgot

I'm disassembling a lot of binaries inside libexec

ill search

1 sec

@grave sparrow pipelined

/usr/libexec/pipelined

but that's where it was introduced

cpp20

https://en.cppreference.com/w/cpp/chrono/parse

lol

yeah apparently the stdlib just isn't up to date with standard

ofc it's out of date lol

lmao

💀

2020

what the fuck

https://github.com/gcc-mirror/gcc/blob/master/libstdc%2B%2B-v3/include/std/chrono

parse isn't even there bruhhh

nor is it there for llvm17

Is it possible to crash locationd using xpc?

Ian Beer's method doesn't work with identifier com.apple.locationd

am I missing something obvious here?

if so, I have a working method of deleting folders owned by root

works with mdc

I can probably just wrap the date.h dependency tbh

using meson

Can someone explain what this is?

It's a private framework

Completely unrelated to the pegasus malware

thats what the government wants you to think

:3

peg sus malware

90

C0 03 5F D6 ard

addard

wtf joe back

the real joe

joe

biden

joe

HOLY MOLY

gm joe

now get M2 and get 0.4 seconds

true

unironically

it probably could

threading ez dubs any%

std::thread

haiii

accepting donations for my contributions to the jailbreaking community

main contributions include: trolling, shitposting, and the source of many groans from memes

nobody donates

procursus only gets $10 from patreon

all of which goes to our mastodon server

it's funny

you have people with thousand dollar phones

but they don't spare a dime

i stole my phone

same

@grave sparrow i dont think i can overwrite the load path

all the strings i CAN overwrite in ida have "__csstring:...." before it

the paths have HEADER:....

which makes sense

because its in the header of the file

i mean

that makes sense

right

wait

look up c strings

__cstring:000000010005D8B6 0000004A C /System/Library/PrivateFrameworks/UserManagement.framework/UserManagement

i just found that

dude

theres

a few dlopen calls

/System/Library/PrivateFrameworks/AppConduit.framework/AppConduit
/System/Library/PrivateFrameworks/NanoRegistry.framework/NanoRegistry
/System/Library/PrivateFrameworks/CompanionSync.framework/CompanionSync
/System/Library/PrivateFrameworks/UserManagement.framework/UserManagement
/System/Library/Frameworks/WatchKit.framework/WatchKit```

all of those

are dlopen

which one tho

one of them

yeah

they all follow this format

id initNRDevicePropertyName()
{
  void *v0; // x0
  id *v1; // x0

  v0 = (void *)NanoRegistryLibrary_frameworkLibrary;
  if ( !NanoRegistryLibrary_frameworkLibrary )
  {
    v0 = dlopen("/System/Library/PrivateFrameworks/NanoRegistry.framework/NanoRegistry", 2);
    NanoRegistryLibrary_frameworkLibrary = (__int64)v0;
  }
  v1 = (id *)dlsym(v0, "NRDevicePropertyName");
  objc_storeStrong((id *)&constantNRDevicePropertyName, *v1);
  _MergedGlobals = NRDevicePropertyNameFunction;
  return objc_retainAutoreleaseReturnValue((id)constantNRDevicePropertyName);
}

__int64 __fastcall initNSStringfromPSYSyncSessionType(__int64 a1)
{
  void *v2; // x0

  v2 = (void *)PairedSyncLibrary_frameworkLibrary;
  if ( !PairedSyncLibrary_frameworkLibrary )
  {
    v2 = dlopen("/System/Library/PrivateFrameworks/PairedSync.framework/PairedSync", 2);
    PairedSyncLibrary_frameworkLibrary = (__int64)v2;
  }
  off_10008E608 = (__int64 (__fastcall *)())dlsym(v2, "NSStringfromPSYSyncSessionType");
  return ((__int64 (__fastcall *)(__int64))off_10008E608)(a1);
}

@grave sparrow can you redo the dylib

:)

@grave sparrow added submodules

# meta
meta:
  # zstd compression
  compression: zstd

# control info
control:
  # package name
  name: TrolleyTools
  # package bundle id
  id: com.jaidan.trolleytools
  # package architecture
  architecture: all
  # package description
  description: TROLLEY BUS DEMO
  # author
  author: Jaidan
  # section
  section: Tweaks
  # version
  version: 1.0.0
  
submodules:
  - C/
  - Swift/

go off

im so based

C/

SO TRUE

ITS JUST THE JOEVAGINA

JOEGINNING

someone w photoshop remake this meme in hd pls

I should make a branch of bobaclient using luz

or gimp if you use l*nux i dont judge

why would text on an image need photoshop lol

what do you use then

https://cdn.7tv.app/emote/63b4d02347bfcac158d528cd/4x.webp

sketch

not good enough imo

did you just downscale it

no

i found the original

ill remake it then thats awful

@grave sparrow I’m gonna work on this tm
But what I have is a start I think
The code does execute fully with no errors, but I’m getting no output from the dylib

its a twitch emote originally so thats why

so 1 of 3 things is happening

who up needing a steam deck

who up steaming they deck

i will donate 399$ (ZWL)

to someone's deck

1. dylib is unsigned so it isn’t run
2. the dlopen I replaced isn’t being launched
3. some other 3rd option

Who up decking they steam

🙋‍♂️

im the GOAT

close enough

I’ll check the syslogs

what should I search for

“Sandbox”?

“permission”

the dylib name?

ofc

impact

@grave sparrow I couldn’t find anything relating to not being able to load

so

it’s prob not being executed

like the string I chose doesn’t get dlopened when I patch

yeah I’ll do that tm

what I’m gonna do tm is on my jb phone make a tweak that nslogs dlopen calls that injects into tccd and I’m gonna kill the process and see what’s being dlopened when it reopens

none of those words are in the bible

what set of manpages should manpagehub.com default to?

coreutils and shells?

no like right now it defaults to macOS

should it default to Debian?

POSIX?

oh you're defaulting to bsd

Debian makes sense ig

big slimy dick

no, I'm defaulting to macOS

where

macos

When I saw someone respond macOS I thought it was capt

anyways

Debian will be the default

sorry liberals

fr

i want to fuck the openbsd pufferfish

Linux

https://media.tenor.com/MFVmqvq6jr4AAAAC/openbsd-puffer-fish.gif

man.archlinux.org is my reference