https://tenor.com/view/fish-fishkiss-sad-deppressing-gif-24854276

you and who

honestly in situations where you need it, you can do something like objc void initStuff() { %init(stuff); }

nobody anymore .

i just assumed it would should if you init outside of a constructor

I figure if you know you really do need it, you'll know to do that

struct PE_Video {
    unsigned long   v_baseAddr;     /* Base address of video memory */
    unsigned long   v_rowBytes;     /* Number of bytes per pixel row */
    unsigned long   v_width;        /* Width */
    unsigned long   v_height;       /* Height */
    unsigned long   v_depth;        /* Pixel Depth */
    unsigned long   v_display;      /* Text or Graphics */
    char            v_pixelFormat[64];
    unsigned long   v_offset;       /* offset into video memory to start at */
    unsigned long   v_length;       /* length of video memory (0 for v_rowBytes * v_height) */
    unsigned char   v_rotate;       /* Rotation: 0:normal, 1:right 90, 2:left 180, 3:left 90 */
    unsigned char   v_scale;        /* Scale Factor for both X & Y */
    char            reserved1[2];
#ifdef __LP64__
    long            reserved2;
#else
    long            v_baseAddrHigh;
#endif
};


typedef struct PE_state {
    boolean_t       initialized;
    PE_Video        video;
    void            *deviceTreeHead;
    void            *bootArgs;
    vm_size_t       deviceTreeSize;
} PE_state_t;

i want PE_state.video.v_baseAddr

7cbc0

i ended up just modifying logos source

lmao

fair enough

okay this chat is getting too stupid

well that's the workaround to, well, not do that

so glad no one saw what i edited.

agree

Why are Furries rent free in your head.

0xFFFFFFF00797CC40 - 0xFFFFFFF00797CBB8 =
0x0

i dont think thats true

THATS WHAT YOU SAID

unless it is?

huh

your math skills are astonishing

its a calculator

so what does that mean

it’s 7cbc0

this is why you use python to calc them

so whats my offset, like kslide + [what]

FFFFFFF00797CBC0, 00797CBC0, like what

first one

0xaa55

i’m just not typing it all

what

so get_kernel_slide() + 0xFFFFFFF00797CBC0

well whatever the file offset is

oh snap

yeah

true

yeah sheps smart

that’s the virtual address

com.apple.kernel:__text:FFFFFFF0084549DC

yeah that

yeah that

idk i don’t do ios kernel stuff

neither do i

lmao

0xfffffff007004000 + get_kernel_slide() + 0xFFFFFFF00797CBC0

the value you want is FFFFFFF00797CBC0

idk how to refer to that relative to slide

wait

so

com.apple.kernel:__text:FFFFFFF0084549DC STR X9, [X8,#(xmmword_FFFFFFF00797CBC0 - 0xFFFFFFF00797CBB8)]

thats the asm line

am i doing the hex after __text

or the xmmword

you don’t need the static base then you can just do slide + that address then

or you can do the static base + slide + 0x978BC0

same thing

(((static kernel base address)^2 * file offset) - (file offset + kernel slide))^2

ill do this

ok i wont do that

im not tripping i just dont know what im doing

well ur the asian correct us pls

idk im not sure

idk how to check

imagine dragons

best artist in the world

not really

they’re ok tho

yeah idk wym by field

like what it translates to in the struct?

idk how to figure that out

shep just told me what baseAddr was

ok technically it should be PE_state.video.v_width

if my assumption guess is correct

hooray

i shall lyk if this works

so exactly what i said

lol

what i say shep is smart

i didn’t

i don’t need to rely on it when i can see in the ida screenshot that it’s the correct address

so is what you sent still upholding

hooray

https://media.discordapp.net/attachments/408207400395472906/1123686235609768007/BoyKisserBlunt.gif

then again it’s me and capt..

both ret-rds

are we

#define PE_STATE_STRUCT 0x978BB8
#define FRAMEBUFFER_OFFSET 0x8
#define KERNEL_BASE 0xfffffff007004000

uint64_t get_fb_addr(uint64_t kslide) {
    return kread64(KERNEL_BASE + PE_STATE_STRUCT + FRAMEBUFFER_OFFSET + kslide);
}

yea true

so that

edit

...

yeah

correct

scoob

mostly

ah yeah that’s where the captware meme started

boot loops

i dont remember that but i’ll believe it ig

crazeware tho

shepware (doesn’t exist)

lazy as hell

#define WHITE 0xffffffff
#define BLACK 0x00000000
#define PE_STATE_STRUCT 0x978BB8
#define FRAMEBUFFER_OFFSET 0x8
#define KERNEL_BASE 0xfffffff007004000

#include "iso_font.h"

uint64_t get_fb_addr(void) {
    return kread64(KERNEL_BASE + PE_STATE_STRUCT + FRAMEBUFFER_OFFSET + ((struct kfd*)_kfd)->perf.kernel_slide);
}

void write_char(char c, int col) {
    uint64_t addr = get_fb_addr();

    for (int y = 0; y < 15; y++) {
        int val = iso_font[c * 16 + y];

        for (int x = col; x < col + 8; x++) {
            if ((val & (1 << (x - col)))) {
                kwrite64(addr + (x * 4) + (y * 256), WHITE);
            } else {
                kwrite64(addr + (x * 4) + (y * 256), BLACK);
            }
        }
    }
}

void write_string(char *str, int len) {
    for(int i = 0; i < len; i++) {
        write_char(str[i], i * 8);
    }
}

copied some prime billy ellis code, and it did not work

it didnt panic

but

nothing got displayed on le screen

so im starting to think

that

framebuffer

dont exist anymore

see if the pointer is valid for starters

Aug  6 23:26:45 eyePhone kfd[7812] <Notice>: [kfd] [i] fb: 0x8f7104000

idk see what it is i guess

well that’s something

one of the addresses ever

yeah

capt

figure out which offset it is

for the width of the screen

like 0x8 is the base addr

wait, is 'start of struct' start of PE_Info or PE_Video

idk try filling it all with red or on a loop if that’s the lowest level framebuffer is it being overwritten each frame

does the kernel fb naturally go on top

thats what i meant

so

PE_State

not info

my b

is it different than the fb everything else renders on top of

capt incorperated

    boolean_t       initialized;
    PE_Video        video;
    void            *deviceTreeHead;
    void            *bootArgs;
    vm_size_t       deviceTreeSize;
} PE_state_t;```

0x8 is the start of the PE_Video struct then

ya

struct PE_Video {
    unsigned long   v_baseAddr;     /* Base address of video memory */
    unsigned long   v_rowBytes;     /* Number of bytes per pixel row */
    unsigned long   v_width;        /* Width */
    unsigned long   v_height;       /* Height */
    unsigned long   v_depth;        /* Pixel Depth */
    unsigned long   v_display;      /* Text or Graphics */
    char            v_pixelFormat[64];
    unsigned long   v_offset;       /* offset into video memory to start at */
    unsigned long   v_length;       /* length of video memory (0 for v_rowBytes * v_height) */
    unsigned char   v_rotate;       /* Rotation: 0:normal, 1:right 90, 2:left 180, 3:left 90 */
    unsigned char   v_scale;        /* Scale Factor for both X & Y */
    char            reserved1[2];
#ifdef __LP64__
    long            reserved2;
#else
    long            v_baseAddrHigh;
#endif
};```

oh wait

i see wym

bc since its the first field

you dont need to add anything

yes

it would be 0x0

mhm

yeah we’re like mathematicians we skip over steps we know are redundant

“ok well we’ll just jump to here since that’s a given “

completely different equation

so if i wanted to get v_width, it would be sizeof(unsigned long) * 2?

assuming alignment is correct yes

which it should be

you can confirm it tho in the ida screenshot

and there is no assumption in the f5 code

i just don’t wanna scroll up

pretty sure it was tho

Boom tan tan tu tan toogaloogi, fo ut to but a ban ban on a toogi, when pull up it olla tan tan on a doogi 🗣️🔥🔥🔥🔥

so the struct does exist in the memory (and is populated with vals)

uint64_t v_height = 0xfffffff007004000 + kslide + 0x978BB8 + 0x8 + (sizeof(unsigned long) * 2);
printf("[i] v_width: 0x%llx\n", v_height);
printf("[i] kread64 v_width: 0x%llx\n", kread64(v_width));

Aug  6 23:39:25 eyePhone kfd[389] <Notice>: [kfd] [i] addr: 0xfffffff01a634bd0
Aug  6 23:39:25 eyePhone kfd[389] <Notice>: [kfd] [i] kread64 v_width: 0x492

0x492 -> 1170

how to write to the framebuffer without kernel r/w: uivew.backgroundColor

gm

can i cast to PE_Video

to make this easier?

yea

just read it all to a struct on your end but it’d be a copy obviously

so you can’t write to it the same way

@gentle grove

True

Zfuck

Weird way to spell zefram

But accurate

@grave sparrow @primal perch

uint64_t v_width = 0xfffffff007004000 + kslide + 0x978BB8 + 0x8 + (sizeof(unsigned long) * 2);
printf("[i] v_width: 0x%llx\n", v_width);
printf("[i] kread64 v_width: 0x%llx\n", kread64(v_width));

kwrite64(v_width, 0x249);

panic

No remington in my closet since my closet is in California but I should get one to forget her

you can borrow mine after

boot args are protected by KTRR

yalu1011 mitigation

fields of PE_State/PE_Video are considered boot args?

Nice KTRR

i fear that they are

additionally, I think I was writing 64 when it should’ve been 32

Idk if that has anything to do with it

But

That’s a thing

doesn’t really matter

is that like a recent thing?

no

like implemented in iOS x.x

then how was billy Ellis able to do it on iOS 8/9

I forget what version

KTRR was introduced in the iPhone 7

Is this game trying to detect a jailbreak with this? lol

unfortunate

greenpoision

they failing so hard cuz they not using /ApplicationS 💀

im gonna patch that out

blackra1n
limera1n
greenpois0n
LMAO

but whats in /private/var/lib/apt/ ?

Something actually used

linux stuff?

Stuff for the package manager

thought so

/private/preboot

this is the classic list (that doesn’t work since iOS 13) apps keep copying for some reason

lmao @ redsn0w.app on the phone, that was never a thing

pretty old https://ijunkie.com/download-redsn0w/

is it now sandboxed or what changed with ios 13?

do you have a link?

i wonder how many kreads would panic on 17 beta 1

💀

bruh why would they use sth from 2013. its just so bad

prob seg fault after first attemp

segway

stackoverflow is not hepfglu.;

copy pasting does nogt w0rk

yea i don't think anything useful is coming out of this

all im getting are kernel data aborts

https://cdn.discordapp.com/emojis/1091008216160292966.webp?size=48&name=trolley~3&quality=lossless

told u 🙂

does perf not working explain the unreliability?

Oooo

SPTM VIOLATION_ILLEGAL_RETYPE

so is SPTM going to limit any semblance of 17.0b1 being viable for A15+

is sptm a new mitigation?

never heard of it sorry

https://proteas.github.io/ios/2023/06/09/some-quick-and-discrete-notes-on-sptm.html

A15 and 16 mitigation on 17 and above

Damn

Nice SPTM

oh my god no way

😂

Yeah

💀

That sucks

Is 16.6b2 still signed

Nope

I checked

lol

Anyway kreading and kwriting is worse than b2

can't even kclose because that uses kwrite

💀

rip jailbreaking fr

maybe some offsets changed

i'm not using perf.h

don't have the offsets atm

other parts use offsets

oh yea

got a cool log tho

is this for kwrite

Yes

you could probably bypass it

Dunno how xd

well then

Now we don't need ppl bypass anymore on iOS 17+/A15+, that's good.

enjoy iOS 17

Fr

SPTM is so much worse

It’s crazy how bad it is

Jailbreaking is dead on A15+

f

Idk what it does more than ppl

PPL bypasses are the easiest part of a jailbreak

just no one is willing to look into it

neither am I

not without kcall

you don't need kcall

but you need to be creative

All stuff done by PPL before is now done by SPTM so I really don't think what specific benefit it has over PPL

check out that panic

I can send the ips sec

kfd’s strategy doesn’t work because the types in those mapped pages don’t match

it’s like firebloom in xnu

if this is actually it idk how exploits can be possible

so SPTM is a response to physical uaf's?

WOOOO MORE MITIGATIONS

also how will you bypass something in iBoot

real

All the fun sits in the 4. SecureROM, SEPROM, iBoot, and sepOS

Sepos Is my current task

I’m willing to look into it but I have 0 idea what I’m doing 🗿

which is actively demonstrated by my difficulties last night trying to find a struct in the kcache

Why would I look at kernel, kernel is stupid, kernel has fucking block syntax

Fucking block syntax god damnit

Kernel is open source use this to your advantage to find functions the struct is accessed in via strings etc

yeah but it took forever to find strings that lined up

like I found a string that I thought would work, found the function it was in (oss and kcache) and then the struct I needed just wasn’t referenced in that function

like it was on the kernel source, but when I checked in Ida it wasn’t there

This is fake right

Ope nvm

other way around I think

@faint timber my brother in christ

https://cdn.discordapp.com/attachments/1132446004554252309/1138151722393550888/image.png

when will this be fixed

on god 🔥

plz update libimobiledevice in ur bootstrap 🔥

silly question but how do i get alerdis color picker like installed into theos?

i thought that was included by default

@lime pivot Is Alderis still not included by default?

well

it is

capt is just stupid

its in $THEOS/vender

right

this is all you have to do

yeah you just have to add it as a library since its added into theos already

it's Alderis.framework

CaptCPT back at it again

the dev had it like this DockIndicators_LIBRARIES = colorpicker and the file it wants it AlderisColorPicker.h not Alderis.h

https://github.com/LacertosusRepo/Open-Source-Tweaks/tree/master/DockIndicators

yup the lib is libcolorpicker for backwards compatibility

@grave sparrow it also wants this AlderisSDKCompatibility.h which i cant find on the alderis github

nvm

im blind

https://hbang.github.io/Alderis/

yes, im jsut blind lol

me when i read the docs

me when i read the docs

cephei and alderis have really good docs

the docs tell you how to install it? well for like swift or sm

i recommend you read them

yes the docs tell you how to install it

for everything

youre a little mentally handicapped so its okay for you

https://hbang.github.io/Alderis/ this right?

accurate

i know its okay

@lime pivot no worries abt this, but is this just us being goofy or is this actually broken https://github.com/hbang/libcephei/issues/63

actually broken, didn't get a chance to finish my solution yet

how tf do i fix tihmstars amazing code

trying to build libinsn

skulley

lol

@faint timber reverse proxy working

just started restore

and it says it started now

lets see if it actually restores now

what the hell are you doing rebuilding everything

@faint timber yeah proxy working

now

it got passed where it failed

yah nothing needed to be rebuilt

just needed to fix idr

my fault

Got working dump entitlements for iOS 16 (for test purpose),
Dopamine's DEREntitlementsDecode function works. but some apps not?

Now write entitlements

Then, PPL will be "say hello 🤗"

and get panic

nah just tell PPL “bye bye 👋”

easy fix tbh

true

#development message

true

True

i will keep it a secret

thank you for ghost pinging me

Is there any way for me to put an IOS simulator in my vscode window? ideally as a widget of some kind

i looked at extensions but couldnt really find anything

thank you @tepid olive

you're welcome

why did the string just magically disappear on iOS 17 😭

because PPL doesn’t exist on 17?

Isn't SPTM only on A15+

older devices would still use ppl right?

yeah

Oh right

i have the 14 pro ipsw

💀

lol

how do u get a file/folder in the documents directory in obj c?

https://stackoverflow.com/questions/272544/

@unkempt magnet interesting commit?

https://github.com/wh1te4ever/kfd/commits/main

@unkempt magnet sorry for dumb question :
kfd
Undefined symbol: _IORegistryEntryFromPath

Undefined symbol: _kIOMasterPortDefault
?

Import iOKit.framework

thank you 🙂

https://garynil.tw/2017/01/298/tutorial-import-iokit-framework-into-xcode-project/

@unkempt magnet for it to build i needed to change kIOMasterPortDefault to kIOMainPortDefault

wtf

apple woke

no slaves

false

i get these 4 errors while trying to build whi1te4ever's kfd fork

The first 2 you need to add your account the other three mean those functions are missing

It could be a missing reference to a file

I mean it's better than them just asking for the ipa prebuilt

@grave sparrow

rate

in objc

no swift

how to make better

Add a link to my nickname

yeah i didnt know how to do that

so i couldnt figure out how to make a label to the side of a switch like that

autolayout cringe

do your own calculations

Ugly code

bet

wait

man

then no

are you Sure

No, maths is

Schrodinger's ass eat, you eating the best ass of your life, but your eyes are closed and you dont know who it is, do you open your eyes?
could be capt, could be hot woman, could be joseph stalins dead corpse

keep them mfs closed

(I don’t want it to be capt)

i get what you mean

took a second to think ab it

lmao

https://media.discordapp.net/attachments/688121419980341282/1026441316621615134/attachment.gif

@grave sparrow

what.

ui so good

bro accidentally used SwiftUI

better?
@grave sparrow

@grave sparrow do you like Joe Biden

should i add a : next to the switch labels?

no

Add static kernel base: [0-]
Add KASLR slide: [-0]

anyone who adds colons to uiswitch labels are psychos

what else could i do

to make better

do i scale the buttons text up to be larger with the button size increase

i have committed war crimes with this code

why

also you do realize that

NSFileManager *const fileManager = [NSFileManager defaultManager];

exists

true

(it was mostly the font)

u cant u have to symlink it

it isnt readable

im trying to learn dictionaries

That's not what I mean

fuck switch i love else ifs

what I mean is that you wrote the same code a lot of times

ye

so true

im rewriting it but i have no hecking clue how strings work in obj c

i hate this language so much

chatgpt told me to do that with the string and its clearly wrong

char * is not a NSString

i dont think thats a language problem then

^

the syntax is bad

%s is for char *
%@ is for NSString *

(%@ is for objects, not just NSString, but it was easier to say)

tweak is a char*

@grave sparrow

this feels off

idk why

grama phone sized lmao

ohhhhhh

is this what u do?

show enabledTweaks

enabled tweaks is a parameter

NSDictionary *const keyMapping = @{
    @"0" : @"",
    @"1" : @"",
    @"2" : @"A B C",
    @"3" : @"D E F",
    @"4" : @"G H I",
    @"5" : @"J K L",
    @"6" : @"M N O",
    @"7" : @"P Q R S",
    @"8" : @"T U V",
    @"9" : @"W X Y Z"
};

for (int i = 0; i < numTweaks; i++) {
    NSString *tweak = [NSString stringWithUTF8String:enabledTweaks[i]];
    NSString *letters = keyMapping[tweak];

    if (letters) {
        NSString *filePath [folderPath stringWithFormat:@"PasscodeKey-%@.png", tweak];
    }
}

but

do you have a recommended width/height ratio?

that wont work

oh ok

hold on then

nono i got it

continuous corner radius

please

what radius is that

25?

no it's a special property

oh?

lemme find how you do it

I keep forgetting

button.layer.cornerCurve = .continuous

in swift

kCACornerCurveContinuous in objc

ah well there you go

do that then

@grave sparrow

yes

that looks good

is the write screen too busy?

wdym

move the hex text a bit from the left side othe text boxes

idk if that makes sense

can i even do that?

its a UITextField

probably

but I don't know how to do that

also why is the background black

textView.textContainerInset

like the viewcontroller's bg?

yes

I'd make it the default

wdym, like show you what happens to the button when pressed?
like color changing and whatever/

oh

lmao

specifically for the write?

or for both write and read

no bozo

move the button down

for just the write mode

or move the button down for both read and write mode

alr

why doesnt my symlink work ae

errno 17

@grave sparrow @radiant idol now the UI looks good, do you even DARE look at the code

I'm scared

what's with the switch statement using different formatting

appropriate response

idk i was copying iflooder source code

textView.text = @"0x0000000000000000";

set the placeholder

not text

placeholder 😄

https://github.com/qwertyuiop1379/Tweaks/blob/cd9ad3b71ba4b6687307411ff31a054eaa19f805/iflooder/Tweak.x#L111

scob

theres a built in placeholder thing?

https://developer.apple.com/documentation/uikit/uitextfield/1619621-placeholder?language=objc

HUH

since when

iOS 2

wtf

how

where

i didnt see that

you've 100% seen it before

in apps

https://cdn.discordapp.com/emojis/839643820488523886.webp?size=48&name=frCoal&quality=lossless

iCraze actually helping people

in like every search bar ever

this is insane

ALWAYS

@hasty ruin ohghhhh do you wanna know what is is

i was using UITextView

not UITextField

https://cdn.discordapp.com/emojis/839643820488523886.webp?size=48&name=frCoal&quality=lossless

is there a difference????

massive

it's like textarea vs input in html

uugh

now i have to redo this

what the heck man

u doing uikit?

yeah

W

swiftui mids

https://tenor.com/view/i-saw-w-gus-fring-gus-gustavo-deleted-gif-25440636

https://tenor.com/view/i-saw-w-gus-fring-gus-gustavo-deleted-gif-25440636

we saw you capt

who gave you dev role

i figured it out

im good at this i swear

and why did u question that but not this?

the worst thing is that font

just use swift

sounds like skill issue

what is with ppl using objc yet still using c functions

NS shit

c >>>

obj c has L syntax

the nextstep curse

yes c is better but if youre using the language use its methods

c + msgsend

@hasty ruin hooray 🎉

mf said sendmsg

i changed to the other one

view to field

W

i tried

i love sendmsg

all hail objc api

swift ruining my brain

it start back in 2010

iphone os 3 swift

ios 8 was extremely buggy

was also the first version to support swift

@hasty ruin bro ruining all context 😡

drop swift, rust, c+, etc. code in windows command prompt

ios 16 was extremely buggy

was also the first version to have swiftui running at all times

batch:

pwsh:

windows command prompt my favorite scripting language

apple rly thought ios 13 swiftui was good enough to drop

apple rly thought swiftui was good enough to drop

apple rly thought

apple

.

swiftui users trying to code a UI without swift package manger

i have only ever tried to compile one swiftui app

and it failed every time

because xcode said something was too long

uwu

swiftui users trying to compile it on windows

lemme download the 73 dependencies quick

swiftui users trying to compile it

js mfs

python mfs

swiftui users trying to compile

nah python is chill don't diss

valid

swiftui users

swift users trying to get bitches

c mfs wen libc got them covered

objc mfs when the runtime is fucking insane

objc++ users when they exist

I mean...

we do

objc++ is stupid

how so

because it is

the only reason it exists is so u can link some obscure c++ lib

ig

tihmstars goto lang

Tihmware

nah we are like let me download 2000 dependacies and they each have their own 2000 dependancies

tihmstar codes in dependency++

bro literally creates a dependency for two functions

Abolish libgeneral

Holy shit

Objective-C# :)

waiting for the liblibgeneral release

NOOOO

libstunzeed next

libgeneral

libkok3shi

libkok3shi.a

libkpplessfunny.dylib

wen

s0n

its been very stable

it will need decrypted kcache tho

or use tihmstar offsetfinder

ios 10 has decrypted kernel

It's a method that can't be used in ios 9

decompressed is better word

true

i can make small patch finder

would be faster anyway

needs hgsp4 as well ofc

Can it find patch points faster than 500ms?

likely

cool

whole jb at like 1.2 seconds (but no optimization rn)

bypass method is around 500-650ms range

For libkok3shi,
exploit: 90ms
kfind+kpatch: 500ms
(with kppbypass: + 300ms)
restart: 1 sec~

how 32bit speed?

Not tested with 32bit

kexploit will be a little slower.

i got it down to 90ms on 32bit now

32bit takes a long time to restart

gc spray was slow

saurikware

why need ldrestart? just ios 9 moment?

compatibility with pangu9.
Also because I want to inject mobilesubstrate and then reload the whole process

ah make sense

In the case of 32bit, it is unavoidable that it will be slow

It's because of the specs of devices

at least exploit doesnt panic 70% of the time

99.9% success with libkok3shi
The conditions for panic are very limited.

never had panic, just very rarely a failed to leak task port

like 1/250 times

I think it will be a little slower, but if i dump the kernel and search using the find_kernel_task function instead of using the task structure, the chances of panic are even lower.

hum

that is only when debugging with xcode though

In my code it is infinitely close to 0

need fix mine then

Well, just think over and over until succeed

real

you can trigger gc without needing gc spray

mach_zone_force_gc()

shut up capt

have you seen a rust project?

sadly yes

once and only once

that's a lot of cargo

guys did i do this right

import modules from "./modules";
import { storages } from "@handlers/state";

const { React } = modules.common;

/**
 * @description Implements raw statefulness to a storage key-value pair.
 * @param {string} key - The key to access from the storage.
 * @param {storages} store - The store to get the value from with the key provided
 * @return {get, set} - Getting and setting the LocalStorage value statefully.
 */
export const useStorageValue = <T extends any>(key: string, store: keyof typeof storages) => {
    const [value, setValue]: [T, (arg: T | ((previous: T) => T)) => void] = React.useState(storages[store].get(key))

    React.useLayoutEffect(() => {
        storages[store].set(key, value);
    }, [value]);

    return [value, setValue] as const;
}

look great

omg

thanks lemon

phenomenal

“You need to build all of my libraries libraries.”

the project didn't support that

@unkempt magnet can you merge kern offsets branch for easier offset integration for other devices? It makes maintaining forks with more offsets hard with incompatible offset form

hai rosie

https://gekk.info/articles/traceroute.htm

haiiiii :33

To add libraries, for example hook kit, i need to put the .h and the .tpc or whatever its called inside the lib folder of theos right? Or am i understanding something wrong?

And then i need to link to them inside of the makefile?

you put the headers in the header folder

and the lib in the libs folder

how to center div

plz help

div{
float: center;
}

I'm trying to use Frida on iOS 14.0.1 with Taurine, and whenever I try to do anything with it over USB (even a simple frida-ps), my phone instantly reboots. Any reasons why, and are there any alternatives to Frida?

If a device requests an ApImg4Ticket for an OTA update before rebooting to install the update, how does the value of the SEPNonce after the reboot match the one in the ticket if there’s no NVRAM variable to set the SEPNonce?

#taurine message

An old alternative is http://www.cycript.org/. But I never tested it and idk if arm64(e) can support it.

<center><div></div></center>

are you trying to say it's not 1996 anymore

its 1995

cmon capt

Windows 95

Windows 45

Windows 1

Why

Margin auto

Center doesn’t center just the div

So you can’t manually align elements inside the div if it’s a child tag of a parent tag within a center tag

display: flex

Is it possible to load LookinServer into SpringBoard?
Im getting an Signing error :/

https://tenor.com/view/november5th-doc-brown-back-to-the-future-we-have-to-go-back-gif-12827295

Pp

quinn the eskimo

They never specified child elements :P

dude is fucking everywhere

every comment on that site is from eskimo

true

TRUE

the only time i can think of it not having any child elements is if it's <p> or <span>
and if there's no pseudo elements

https://docs.rs/bulletproof/latest/bulletproof/

is there any way to trigger govertment emergency alert with jb?

Make taurine great again using kfd,
definitely so fast on my 6s than cicuta_virosa

wow that’s great

Special thanks to @naive kraken, contribute kfd project for arm64.

👀

Run it on 14.8 @unkempt magnet

wonder how far back kfd works

omw to run tns with kfd

bouta replace libtiff with kfd

opa's fork's kfd works without static offsets, right?

ooo he added an offset finder

yes

thx!

I tried it now and it seems to be very stable

kok3shi13 with ktrr bypass wen

where is the KTRR bypass

ask sig

i managed to get kopen to work before it paniced immediately https://cdn.discordapp.com/emojis/1085060228241969192.webp?size=48&name=sadge~2&quality=lossless

makes sense, SPTM is a Monitor

it checks periodically

you can probably race it

can't see the latest panic log wtf

it's another kernel data abort

idk it's weird because half the time i get sptm panics then the other half are unrelated

unless it's a race like you said

I tried running this on 14.4 arm64e

it dies here

turns out it dies there on arm64 14.4+ too

check the 1481 src and see if it different

ok now my ipad hang on apple logo

great

ok it finally booted

jesus

I looked mineek just deleted amfi swift

log the pointer

head?

if so, 0x0000000116160000

?

that is aligned

wth

then what do i do

fix it

bro

how would i know

idk how this works but adding usleep(1000) to kread/write just... stopped the panic

might be unrelated though idk

As soon as the sleep ends it'll panic

nope

i kclosed successfully

Real I guess

yea but i tried doing something in between and it died

https://cdn.discordapp.com/emojis/1039305974583930890.webp?size=48&name=trolley~2&quality=lossless

worked first try, what a win

just use vscode and theos ¯_(ツ)_/¯

no one respects you, capt

real

visual studio is clunky as hell but it works

true

VS

VSC

notepad++

VS
VSC

AutoreleasingUnsafeMutablePointer

@grave sparrow nothing can top this tho

unfathomably based

oh no

burn it

burn it with fire

and this is iOS 10

-(instancetype)initWithVersion:(instancetype)arg1 calendar:(instancetype)arg2 numberingSystem:(instancetype)arg3 months:(instancetype)arg4 standaloneMonths:(instancetype)arg5 shortMonths:(instancetype)arg6 standaloneShortMonths:(instancetype)arg7 tinyMonths:(instancetype)arg8 standaloneTinyMonths:(instancetype)arg9 weekdays:(instancetype)arg10 standaloneWeekdays:(instancetype)arg11 shortWeekdays:(instancetype)arg12 standaloneShortWeekdays:(instancetype)arg13 tinyWeekdays:(instancetype)arg14 standaloneTinyWeekdays:(instancetype)arg15 quarters:(instancetype)arg16 standaloneQuarters:(instancetype)arg17 shortQuarters:(instancetype)arg18 standaloneShortQuarters:(instancetype)arg19 eras:(instancetype)arg20 longEras:(instancetype)arg21 amSymbol:(instancetype)arg22 pmSymbol:(instancetype)arg23 shortDatePattern:(instancetype)arg24 mediumDatePattern:(instancetype)arg25 longDatePattern:(instancetype)arg26 fullDatePattern:(instancetype)arg27 shortTimePattern:(instancetype)arg28 mediumTimePattern:(instancetype)arg29 longTimePattern:(instancetype)arg30 fullTimePattern:(instancetype)arg31 decimalSeparator:(instancetype)arg32 groupingSeparator:(instancetype)arg33 currencyDecimalSeparator:(instancetype)arg34 currencyGroupingSeparator:(instancetype)arg35 plusSign:(instancetype)arg36 minusSign:(instancetype)arg37 exponentialSymbol:(instancetype)arg38 percentSymbol:(instancetype)arg39 perMilleSymbol:(instancetype)arg40 infinitySymbol:(instancetype)arg41 nanSymbol:(instancetype)arg42 decimalPattern:(instancetype)arg43 scientificPattern:(instancetype)arg44 percentPattern:(instancetype)arg45 currencyPattern:(instancetype)arg46 currencyCode:(instancetype)arg47 currencySymbols:(instancetype)arg48;

who knows at this point what apple came up with nowadays

instancetype

LMAO

fr

who decided to do this

wait

lets look at the same header

did they add more args

i wonder

faptain kink

Faptain Kink

I have to use limneos

https://cdn.discordapp.com/emojis/802727758856847400.gif?size=48&name=woeisFade&quality=lossless

oh

surprisingly they didnt

it didnt work for me

on ios 16

header was empty

but whatever

bru

perhaps it mysteriously vanished

ok good they didnt add more

Windows is a nightmare

I tried to compile a C project

A small C project that strictly used ANSI C

Goddamn pain

@tepid olive ok so switching to release build fixes

but

amfi bypass just isnt working

I had someone try on 14.4.2 iphone 7

and it works

im pissed

WSL

True except Linux

Real Linux

there's a makefile

Well

What would I do when it works

on

arm64 14.4.2 but not arm64e 14.4

amfid isnt fulyl bypassed

how do you know it's amfid

Sus

I mean what else would it be

though

amfidebilitate successful bro

what if that is false

how's it false

it just checks if it has sandbox stuff

print("Waiting for amfi to really be debilitated...")
while testUnsandboxedExec() != 0 {
usleep(1000)
}

func testUnsandboxedExec() -> Int32 {
runCmdRaw(cmd: "/taurine/jbexec", args: ["helloWorld"])
}

we know all binaries in /taurine work

but the others dont'

The first tweak to run on taurine kfd should be nexus

- Aaron

nah

it's axon

sorry

Aaron is gonna ban you

@steady nest So what do I do?

you fix it

lol

or you ask CS to fix it

no one has arm64e devices on 14

Crazy

Fr

Actually

The 14.8 Mfs

How would I debug it tho

it dont make sense 😭

hurrrr @steady nest

FUCK

i told you bro

i dmed cs and they answered by just saying Hey

(probably just ghosted me)

oh shit theyre typing

yep

told you my man

it's not amfidebilitate

it is

it's not bro...

i t i s

but the offsets should be the same as arm64 though?

yeah thats the thing

https://github.com/Odyssey-Team/Taurine/blob/825424a24cb22da81644724067e3c2a2fea3a2d2/amfidebilitate/main.swift#L81 only thing i might see is around here

but I don't see how's amfi debilitate

especially not with this lolol

Then what would it be

how is that not amfi

amfidebilitate is not opensource..

https://github.com/Odyssey-Team/Taurine/blob/main/amfidebilitate

Sorry my bad, it's jailbreakd

hows it jbd

yeah

It's jbd that handles the detached code signatures, no?

W

Revive?

it would work if it was objc

i mean sadness for this tho

well

it’s a start

W from star

screenshot the full thing mf

no