#development

i was thinking that

but howd u do it

what u add?

Some funnies

But I want a refund

cuz not generating haptics

oh L

audio yap yap 4life

yeah fr

No

We gonna switch to my class shit

it's a lot easier

💀

no its not

it is ????

its more work

Seriously what is that

prefs stuff

That is bad practice if I've ever seen it

what else should i do ?

how supprising

?

C sytle array maybe? Just asking

dk what that is

Use swift

good idea

also @tight carbon I got it to compile but there is no feedback for 0 1 and a lot of others

you have to add this to compile the code without errors

** @interface _UITapticEngine : NSObject

• (void)actuateFeedback:(NSInteger)count;
  @end

@interface UIDevice ()

• (_UITapticEngine )_tapticEngine;
  @end*

P.S I demonstrated a private api just like that and I don't encourage to use it. Instead just use UIImpactFeedbackGenerator

I did exactly this, tho nothing plays

private api is evil lol

lmao

after moved vars to .h file an cleaned up comment 1225 -> 1025 or sm

should i put like my main grouods into different .xm files?

that would also help break up the vars

also can i put vars in %groups ?

@acoustic imp Also I should probably teach you what macros are

macro keys?

or like methods/funcs u run to do shi

Ok I'm gonna explain u come dms

anyone know how to get flexing in carplay

i need flex

u gota do sm like flex in the app on ur phone then there sm like thing thats ther

ETHN did dm

most coherent sentance

@radiant idol suggestion: you should add a search menu to Onesettings

it’ll be easier to navigate if yk

@visual meadow #1124097974256025690 message

im not in there anymore

I love #unknown

is it the testing channel

or

Best channel

probably

once i actually have energy to program

im so burnt out atm

can relate

@acoustic imp what channel is that

um one sec

or just ping me in there

artfull

oh

is that a thread or channel

channel

damn

@shut stag add me

static void (* orig_DBDashboardHomeViewController_viewDidLoad)(DBDashboardHomeViewController* self, SEL _cmd);
static void override_DBDashboardHomeViewController_viewDidLoad(DBDashboardHomeViewController* self, SEL _cmd) {
    orig_DBDashboardHomeViewController_viewDidLoad(self, _cmd);

    // player
    NSURL* url = [GcImagePickerUtils videoURLFromDefaults:kPreferencesIdentifier withKey:kPreferenceKeyCarPlayWallpaper];
    if (!url) {
        return;
    }

    carPlayPlayerItem = [AVPlayerItem playerItemWithURL:url];

    carPlayPlayer = [AVQueuePlayer playerWithPlayerItem:carPlayPlayerItem];
    [carPlayPlayer setPreventsDisplaySleepDuringVideoPlayback:NO];
    [carPlayPlayer setMuted:YES];

    carPlayPlayerLooper = [AVPlayerLooper playerLooperWithPlayer:carPlayPlayer templateItem:carPlayPlayerItem];

    carPlayPlayerLayer = [AVPlayerLayer playerLayerWithPlayer:carPlayPlayer];
    [carPlayPlayerLayer setVideoGravity:AVLayerVideoGravityResizeAspectFill];
    [carPlayPlayerLayer setFrame:[[[self view] layer] bounds]];

    [[[self view] layer] insertSublayer:carPlayPlayerLayer atIndex:0];

    [[AVAudioSession sharedInstance] setCategory:AVAudioSessionCategoryAmbient error:nil];
    
    if (carPlayPlayer) {
        [carPlayPlayer play];
    }
}```

well im trying to get eneko working on carplay

this is what i have rn

and the video plays, just i cant see it

dude that ain’t even the right server

damn

the artfull channel is in a completely different server

he made it sound like it was in this one

buddy

that's ETHN's server

smh

what does that even mean

Idk, I said ETHN

"did dm"

what

Idr

I was “typing fast”

you always type fast

anyone though

guys im quircky so I'm not going to use logos and use the substrate api instead 🤓 ☝️

no

thats what eneko did

i hate them for that btw

oh

but aanyways

do you know lol

no

the video plays i just

yk

dont see it lol

Unknown

me rn

what is this tweak

bounty tweak

DMs

🤓 ☝️

@grave sparrow maybe you know

@grave sparrow maybe you know

Nightwind just jealous because they only know ObjC 😢

Isn't it easier to create a custom config so that the logos does not call @selector at the compile time?)

fr

holy shit 17.0 to 17.3 jailbreak

this is a regular null-terminated string and obviously @selector is called by default at the time of recompilation to substrate. Now we go back to the beginning and due to the fact that @selector is called and not С sel_registerName or NSSelectorFromString, hikari does not encrypt methods and so that it can do this, it is enough to register the whole thing in a dynamic table by calling sel_registerName. To be honest, I'm not sure about sel_registerName, but I can say with confidence that instead of the default configs provided when setting the LOGOS_DEFAULT_GENERATOR flag, can create your own by replacing the @selector inserts with NSSelectorFromString

I know that's why I turned to iCraze knowing that he uses hikari

though i'm not using sel_registerName for obfuscation here

i just need to get the selector based on a string at runtime

icraze

shepgoba

who named they kid shepgoba

idk

its wild

is there a way to make HBLinkTableCell load from the filesystem

or should i just subclass HBLinkTableCell

anyone know a way to bypass the file limit for unity dumper?

planning on reverse engineering a specific app built in unity but the file is too big?
asked around and people said they just changed the maximum file size limit

but its only really simple to do that if im on pc but im on mac rn
and the only way to use it is through the website

someone said u can still bypass it
wondering if there is a way to install on mac instead of using the website
and if there isnt a way to install wondering if i can bypass the limit on the web version

subclass

use the actual il2cpp dumper and not whatever online shit this is LMFAO

i mean il2cppdumper probably works in wine

probably

it'd work fine with mono even

not wine

yeah most unity related stuff tends to work fine with mono or wine lol

at least in my experience

also just noticed why he's uploading the ipa 💀 there's no way the main executable is 2 gigabytes lol

seems like that tool will work with the ipa anyway

ah

idk how much ipas are compressed

but if it's 2gb then that's still crazy

just zip i think?

yeah

@naive kraken Dopamine settings tab crashes if I try to open it - iPhone 7, 15.4.1

it got announced way quicker than I expected

W Opa

fr

Just a question though, how come ChOma was in the credits?

Does dopamine use ChOma?

It's the basis of the kernel patchfinder

Ah

Cool

Dopamine
^
|
Xpf
^
|
Choma

What’s XPF?

XNU PatchFinder

Cool

@implementation JellyLinkCell

- (instancetype)initWithStyle:(UITableViewCellStyle)style reuseIdentifier:(NSString *)reuseIdentifier specifier:(PSSpecifier *)specifier {
    self = [super initWithStyle:UITableViewCellStyleSubtitle reuseIdentifier:reuseIdentifier specifier:specifier];

    NSLog(@"self.iconImage: %@", self.iconImage);

    return self;
}

- (UIImage *)iconImage {
    UIImage *icon = [UIImage imageNamed:self.specifier.properties[@"iconFileName"] inBundle:[NSBundle bundleForClass:[self class]] compatibleWithTraitCollection:nil];
    NSLog(@"icon: %@", icon);
    return icon;
}

- (BOOL)shouldShowIcon {
    return YES;
}

- (void)loadIconIfNeeded {
    [self setIconImage:[self iconImage]];
}

@end

Nice

not working

lmao

like it works

but when specificers are reloaded

@granite frigate dopamine 2 on Antoine’s anniversary.. we are eating good

SO REAL.............

🔥

@radiant idol

it flashes when specificers reload

Smh

bruh

weird

tictacjb rt

😭

whatd you say i didnt see

I assume you're jailbroken already

right?

real

/usr/lib/TweakInject.dylib is loaded

oh

this is when ur jailbroken with something that sets CS_PLATFORM_BINARY on all processes

dopamine thinks it's jailbroken then

but it's not

well technically is

but it can't get the root path

I will make it fall back I guess

lol my ipad just sharted itself

@naive kraken

something got called that should never get calle

WTF

IT WIPED MY BOOTSTRAP

L

BRO

guess i have to get all my tweaks again

Dude its all gone

it’s almost like people have been saying remove all serotonin/bootstrap before jailbreaking

Hey

crazy fr

Guess what

I did

Im not saying it removed that

oh ok i’m dumb

It got rid of the dopamine one

ignore

It decided to reinstall itself

pack alert

https://tenor.com/view/packwatch-gif-22219180

this is a late landa side effect

(i still have no trollstore or jailbreak)

when does 17.0 get to eat

Yes and then the fact where dopamine wiped the current bootstrap loo

user error

🧌

@empty spade sup, you seem to have left some debug logs on latest Alpine release build

Out of curiosity, how hard is it to take apart an iPhone and just write a custom bootrom?

less hard

yes

more impossible

quite literally

look up what rom means

@naive kraken hey it seems dopamine keeps re extracting the bootstrap every single time i rejailbreak

Well the ROM must have been produced somehow. It had to have been written to at least once.

Hmm showing up in console/antoine? Figured building with final package stripped debug symbols

yes

just [+] ALPINE DEBUG: Loading into -> com.apple.findmy

congrats you’re correct

not really a big issue

but good luck doing it again

What if we straight up swap out the ROM with a different one?

once again

look up what rom means

you literally can't

Yeah, just curious how it was left in, Havoc won’t accept debug packages

kfd unreliability

idk, it's listed as 1.4

Read-only?

no

yes!

it can't

Yes it did

no

It literally did it twice

Bro

it didn't

it just picked a new dir

IT DID

ok

the old one still exists

I get that any particular ROM chip might be unwritable, but what keeps me from taking out rom chip 1 and putting in rom chip 2? I'm not actually writing anything if I do it that way.

I see

But like

Why did it pick a new dir

BREAKING: Nathan does not understand the concept of rootless bootstrapping

because your previous bootstrap was from something that's not dopamine 1.x

Didn't realize

which is unsupported

I removed the serotonin bootstrap completely

i mean sure just build your own soc with a custom rom and replace it

I didnt have dopamine 1.x either

yeah

and it’d work

then it will pick a new one

Wait I never said to replace the ENTIRE SOC; only the rom

it’s embedded into the soc

you don’t just “replace the rom”

Apple why do you do this to us -_-

Yeah it keeps picking a new one

Every single tome

Time

Also I doubt that "ROM" is completely immutable. Like if I throw the thing into a volcano, it would definitely have different data afterwards.

I just hope that one day we manage to actually edit it somehow

Pipe dream for sure, but would be huge

just get a microscope or smth

a needle the size of sperm and a steady hand

everything's possible

seee brooooo

it keeps deciding to bootstrap again

I wonder if individual gamma photons could work

Radiation can destroy data

2.0.1 seems to have a major regression

ah yes

https://github.com/opa334/Dopamine/commit/276d97a40550184ee2e9fb02c8d008feec253e05

probably that

bro

no its probably the other line

nvm i was right

Yea palera1n rootful (which it detects)

I had a wrong idea of what the issue was and changed that to a if (strlen(...))

but then when I actually realized what was up I removed it again but somehow forgot to readd the exclamation mark

super dumb

anyone knows why my tweak does not work on dopamine?

i noticed this too

i have a lock screen seconds tweak

what tweak

it doesnt work either

my tweak

it modifies lock screen time stuff

i have a lock screen seconds tweak and it doesn't work either

@naive kraken do you want to try it

huh weird

i can send you the src in dms

it fr doesnt work

tbf dopamine 2 just came out

so there's bound to be bugs and stuff

for example, i ran dopamine 2 on my iPhone 7 and it got stuck on Applying bootstrap or something like that

then it tried to reboot userspace

it just ended up turning off and the power button was broken for 5 minutes

then it randomly started working, no clue why that happened lol

oh

it worked

@visual meadow i had to add arm64e to ARCHS

ok alr

nathan had to do that too

what a suprise

lol

Migrating from serotonin (by the book) I only got dopamine to work in 2.0.0 and after updating cant get it to work. (Crashes in kernel phase)

crashes?

if it's a panic, reboot try again

Kernel panic i guess

Okay

Worked. Also a suggestion about choicy for what its worth i think it would be better if you could disable injection for all applications and then start enabling individually (roothide applist style). You can technically still do this manually but there are a lot of apps so it would take time.

isn't that already there?

just set the list to allow (whitelist) instead of deny

Thats for global/springboard no ?

anyone tried orion tweaks, both of mine are causing springboard to crash

Also is it me or respring in dopamine app doesnt work

i was going from memory there
probably is just for that list

the one causes a respring loop too

are you using the device in your name

on that version

no

ok then what are you using

13 on 16.1

?

you do know that orion was created for 13-14.x

right?

it worked just fine on serotonin + bootstrap

and says 14 - 16 in version support

unless you mean orion (swift) tweaks

this is development

ugh i forgot

yeah i did.. mb

wait what swift tweaks are you even trying to use

my own

well if springboard is crashing it would be helpful to get a log

i have this one open sourced
https://github.com/RUGMJ/PinBeGone

don't do drugs

how can i do that on linux tho

respectable

the device generates the crash log

doesn't matter what os you're on

from what i've read i need console.app

that just parses them

you don't need console

i've been using a remote logger in my tweaks but they're not hooking it at all so

where are they found

i'll scp them out

just use krashkop

wait is Dopamine 2's dmaFail the same as the pplrw.m gist?

looks very similar

yes, dmafail is the PPL Bypass

not showing anything for the whole day

alright

struct shit_map

ignore

meant to search that

then look for springboard logs in
settings > privacy > analytics

i forgot the actual path to the logs here though

also nothing there

there’s one but i’ve put it into safe mode more than that so i think it’s unrelated

the time stamp backs that up

ohh i know what it is i’ve been building as arm64e still

i haven’t installed the legacy support

that didn’t help, i’ll rebuild as arm64 when i get home

do they clear tweak prefs when installing from a different source

none of my jade or alpine prefs carried over

also where does sileo keep its repo list

i would rather not go back to serotonin to export that

roothide keeps everything in jbroot remember

that includes prefs

if you removed the bootstrap then there's no way to get those

yea but i looked in /var/mobile/Library/Preferences and found all the prefs from all my tweaks i had on roothide

i still have jbroot on my dopamine install so i can see the tweaks i had

are those actual files or symlinks

lol

theyre actual files

jbroot/Library/Preferences is empty

that's supposed to be empty
jbroot is like a rootfs clone so it's supposed to be jbroot/var/mobile/Library/Preferences

ok well all my prefs are here

cool

now to find the repo list of all the repos i had on roothide

#include <Foundation/Foundation.h>
#import <UIKit/UIKit.h>



@interface CSActivityItemContentView : UIView
@property UIColor *backgroundColor;
@end

%hook CSActivityItemContentView

- (UIColor *)backgroundColor {
    return [UIColor colorWithRed:100.0/255.0 green:196.0/255.0 blue:102.0/255.0 alpha:1.0];
}

%end```
does anyone know why this isn't working

in flex it shows the color as green

If I set the color in flex it actually goes to green

does anyone have an OSS tweak that shows a ui alert in like, a postinst/postrm file?

appsync unified

anyway

your postrm/postinst doesn't have to a script

it can be a binary, hence why calling an alert can be done

oh hm interesting

just realised swift student challenge ends next week

im dogshit at swiftui I HAVE NEVER TOUCHED IT

and idk what to make

brilliant

https://github.com/akemin-dayo/AppSync/blob/master/pkg-actions/Makefile

uinotify

uikittools-extra

that should be the way to do it iirc

but that would require a dependency now

for a postinst that's a bit silly

i mean

better than writing a binary postinst to do it

and it would have to be Pre-Depends as it has to be installed first lol

@tepid olive bro I was not expecting your voice to be that deep 😭😭

mf spoke and it was like 10 decibels lower than I was expecting

i don't think you measure pitch in decibels

shhh

you get the idea

i think the word youre looking for is hertz, fiore

https://cdn.discordapp.com/emojis/1085292303628910723.png?size=48&quality=lossless&name=nyaboom&quality=lossless

probably

Whats the go to jb bypass nowadays

well um

thats not fun

For example: instagram

it's just https://sparkdev.me
spark moved the repo files to the root a while back

oh ok

the website is still /repo

i was STRUGGLING to talk i was so nervous so i didnt sound good 😭

tbh i had to step in considering he was tryna avoid the literal FAQ of the software so whatever

he was doin a lot of yapping

@hasty ruin are you gonna release your keyboard tweak now that dopamines out

does dopamine have uikittools by default (i dont use dopamine)

where are snowboard themes stored ughhhh

so much stuff

I believe so

https://cdn.discordapp.com/emojis/1030624831118524417.gif?size=48&quality=lossless&name=MenheraDogSob&quality=lossless

bet

I don’t remember installing it and I have it installed

Sooooo

derootifier-whitename.deb

.

i mean couldve been a depends

by opa logic this is a yes

whatever uikit is simple

I’ll just queue delete and see what gets removed with it 🤷‍♂️🤷‍♂️

oh yeah i guess

ok there’s your answer

PAWSOME

but what command in uikittools are you trying to use

cause some are in the extra package

nah i just need uialert and uiopen

oh ok

ty

is it just me or is havoc dying

(what purchase i already own it)

havoc is going on and off rn

whats !t unbootstrap

!t unbootstrap

ah

me when i did none of that and dopamine works fine

i shall do that once i get all my prefs transferred

so far i already did

with most of my tweaks

hmmmm i wonder if flora works everywhere now

no

It won’t

injected apps will cease to launch :3

at least they SHOULD because they wont really work when not bootstrapped. you're also leaving a bunch of files in /var, and unless you use the exact same setup you run the risk of random incompatibilities, not to mention theres still unused files so

oh ok

gosh i hope i dont need anything else

time to painstakingly disable every app from the app list

i have almost all of them enabled

......

why?

ok well less than i thought

but most of the apple apps are

oh alright

fonts and colors

no ive seen some horrible people enable like everything. will kill storage and p much make ur phone a brick when it reboots lol

i see

I’m ab to pull my mac out on the train and start coding

just don't miss your stop

I’m the second to last stop

lmfao

I have another hour according to my ETA

vscode on da train

i have returned

this time without bootstrap

i just need my havoc tweaks but its broken

🙏

jellyfish reborn 👀

nope

finally

👀👁️

I love trains, really miss that from the UK

Wow is that my tweak?

?

[[timeshift]]

Modifies the Lock Screen time stuff

what ios

Like all of the ones I tried

well this is 16

It's built for rootless

its probably not gonna work on 16

I think someone said it worked on 17

It also works on iOS 7

My device used to support dopamine 2.0 but I upgraded

this seems like it would be really peaceful

error while building project and you become angry? look to your side there’s a bunch of trees and birds and grass

real

most annoying part was having to use my phone as a hotspot for any googling

but it did kill the time on the train tho

still like 2 stops away but I’m stopping for now

fixed 2 bugs 🙏

Can I %init a hook(s) after springboard loads? (Aka can I %init hooks outside the %ctor?)

whats this standard called

i found it a while ago but i forgot what its called

for defining datetimes

EEEE mmmm dd itself? or just the concept in general

idk but i found a documentation page a while ago showing all the different things you can do for a datetime

for example, MMM is Feb, MMMM is February

yeah

if you wrap text in single quotes it can be displayed as plain text etc

idk if it was an apple api

is it seriously dependant on language

no I don't think so

its just for helium, a trollstore app which i assume is written in swift

'ISO 8601 standard'

for swift at least

https://www.loc.gov/standards/datetime/iso-tc154-wg5_n0038_iso_wd_8601-1_2016-02-16.pdf

https://wikipedia.org/wiki/ISO_8601

great thanks

so basically if i want to make my tweak support only 16+ then i make firmware (>= 16.0)?

yes

Havoc down?

Yes

😢

I need krashkop 😪

beautiful

do you guys know where i can get statusbarsupport

because its not in [[statusbarsupport]]

ive tried

its not in the repo

https://hastebin.skyra.pw/guxezolawu.rust

from my orion tweak, worked fine on bootstrap + serotonin

Hey do you know how to make a theos application and compile to a tipa?

uh, on what platform?

linux, macos or iOS?

macOS

you can just follow the theos instructions then

It does not say what to do to compile it to a ipa

search google for ipabuild.sh site:github.com and just pick one lol

but do you need theos for making an ipa anyway?

you could also just use xcode

Don’t want to

why not

hm fair ig

@naive kraken can you add me back, need to ask something important (i promise it'll be worth your time)

add you back to what

the testing thread?

?

no just accept friend req

oh

im dumb

🧌

he’s so invested into dopamine he forgot how to have a social life

(he’s a real jailbreak developer now)

Real

Well interesting according to my reports you are the same, but not a jailbreak developer curious

according to my reports I wasn’t talking to you

Fiore is either coding or working out

I’m a trusted source of information

I don't believe the 2nd part

working out the best times to continue coding

Streak fr

Okay

So real

@sonic totem you're better than opa (don't tell them I said that)

:)

@sonic totem you're better than opa (don't tell them I said that)

Where’s night winds guide

so i um kinda fucked my jb install by installing a rootful tweak derootified

it respring loops

idk where its stored so i cant uninstall it

its not in /var/jb/Library/MobileSubstrate/DynamicLibraries

nvm it is

https://cdn.discordapp.com/emojis/900129974063857804.gif?size=48&quality=lossless&name=SilvLoading&quality=lossless

use apt

ssh in and apt remove

idk how to do that lol

Why did you name your jailbreak dopamine?

sudo apt remove com.your.tweak

okok

or dpkg -r (dunbleID)

ok well i fucked up everything lol

i tried to rebootstrap to get root to delete the file from there

it deleted my jb folder and now dopamine gets stuck on the apple logo when jailbreaking

i love

so much

at least its not a bootloop because i can still force reboot to get to a non jailbroken state

but idk what to do now

maybe ill clear the jb and rejb altogether

clean slate

that was a stupid idea

fuck i cant even do anything now because havoc is offline

no libgcuniversal for me

yayyyyyyyyy

ok @naive kraken hear me out

"jailbreak with tweak injection disabled" when

odyssey had this i think

already exists?

holy shit i just realised

im actually blind

💣

umm do I clean clean everything?

Fr

Someone should really share it

If they have

im kinda just waiting for havoc

shouldnt be down for too much longer its been like 5 hours

at least everything on the website is back

but auth is still fucked

nevermind the website died again

Thank god

@naive kraken can you think of any reason why my tweak which works on Dopamine 1.x and palera1n no longer can save preferences with Dopamine 2.x? I’m using ROOT_PATH_NS like this: ROOT_PATH_NS(@"/var/mobile/Library/Preferences/blah.plist")

I’m just using writeToFile with NSDictionary

The only thing I can think of is this device previously had palera1n on it, but looks like other tweaks are saving preferences there just fine

But those might have been created via NSUserDefaults or some other standard api

Hey, so, I was trying to see if perhaps TrollStar could work inside Swift Playgrounds, since that would provide a computer-less installation method for iPads

so I started with porting libkfd to Swift, I started with the PhysPuppet vulnerability since it's the simplest

I came up with this Swift code: https://gist.github.com/JJTech0130/846b92cb0d9bb195f090bfacefd6d8b4
but it crashes at step 2, when it tries to vm_map with the weird arguments, it returns kret = 4 ((os/kern) invalid argument)

@naive kraken At a loss here. Normally I jb with palera1n rootful (iPhone 7 15.4.1). Rebooted and tried jb with dopamine 2 (using 2.0.4) to test Legizmo and it panics consistently after respringing/userspace rebooting (not sure what it does). Only produces a panic-base

shared_region_pager_data_return

that sounds PPL related?

idk this is not my area

no

it's a rarely occuring panic that has been experienced

i'm not entirely sure what the cause is tho

no jinx pls

LOL

well i can trigger it consistently

apparently

did you set up legizmo

or does it happen even before setting it up

no i cant even

get past the respring

it happens during respring

ok so testable without an apple watch i guess

maybe

The legizmo test was just bc people are reporting the alpha rootless build says

Bad Deb

bad deb means it was on icloud drive

move it off of icloud drive

noted

this has been a thing for months idk how people are still experiencing it

why does it even say that

idk something to do with the file provider access

it works fine when installed through filza or whatever

still no panic-full

just a panic-base

strange

https://tenor.com/view/nvidia-graphics-card-gif-15030686106937744416

but can it run Chat with RTX

static BOOL tweakEnabled;

void preferencesChanged(){
    NSDictionary *prefs = [[NSUserDefaults standardUserDefaults] persistentDomainForName:@"org.haxi0.lunarprefs"];

    textAlignmentKey = (prefs && [prefs objectForKey:@"textAlignmentKey"] ? [[prefs valueForKey:@"textAlignmentKey"] integerValue] : 0 ); // PSSegmentCell
    tweakEnabled = (prefs && [prefs objectForKey:@"tweakEnabled"] ? [[prefs valueForKey:@"tweakEnabled"] boolValue] : YES );
}

%ctor{
    preferencesChanged();

    CFNotificationCenterAddObserver(CFNotificationCenterGetDarwinNotifyCenter(), NULL, (CFNotificationCallback)preferencesChanged, CFSTR("org.haxi0.lunarprefs.prefschanged"), NULL, CFNotificationSuspensionBehaviorDeliverImmediately);
}```
The tweakEnabled thing is not staying on, what am I doing wrong?

Root plist:

<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
    <dict>
        <key>items</key>
        <array>
            <dict>
                <key>cell</key>
                <string>PSSwitchCell</string>
                <key>default</key>
                <true/>
                <key>label</key>
                <string>Enable Tweak</string>
                <key>key</key>
                <string>tweakEnabled</string>
                <key>PostNotification</key>
                <string>org.haxi0.lunarprefs.prefschanged</string>
            </dict>
            <dict>
                <key>cell</key>
                <string>PSGroupCell</string>
                <key>label</key>
                <string>Text alignment</string>
            </dict>
            <dict>
                <key>cell</key>
                <string>PSSegmentCell</string>
                <key>default</key>
                <integer>0</integer>
                <key>label</key>
                <string>Text alignment</string>
                <key>validTitles</key>
                <array>
                    <string>Left</string>
                    <string>Center</string>
                    <string>Right</string>
                </array>
                <key>validValues</key>
                <array>
                    <integer>0</integer>
                    <integer>1</integer>
                    <integer>2</integer>
                </array>
            </dict>
        </array>
        <key>title</key>
        <string>Lunar Preferences</string>
    </dict>
</plist>```

did you forget defaults

erm mb i was following nightwind's tutorial

how do i set defaults then?

i mean quite literally the "defaults" key

oh okay

Look at the original code ?

They’re that way on purpose

Trying to trigger an exploit remember

I’m using UInt max since the original code did -1

A standard process should be able to trigger the exploit, otherwise how could you trigger it from a standard side loaded IPA? (TrollStar)

thank you! worked!

that's just the late kfd random panic I mentioned

So just try again

no, that should work, what process are you doing it in?

what is the right way to respring?

how long was havoc down for

oh great dont tell me chariz is down now

damn appsync unified is broken

Think it’s just broken on 16.5+

weird because it’s not working for me on 16.1

have you tried it?

No I haven’t I just remember asking someone a couple of weeks ago

ah

I think I need to ad hoc sign with Sideloadly?

… or just install with TrollStore and switch app registration back to user

(if something requires trustcache to work properly eg CocoaTop just ldid pseudo sign it back afterwards)

This specific use case is the MobileTimer app but I also try to save from the mobiletimerd daemon in other situations.
I’ll keep playing around and also try to see if I can see anything specific in the logs

ive gotta figure out how to setup ssh to my phone

neither dopamine 1.x nor 2.x guarantee that path is writable out of sandbox btw

maybe that's the problem

you need to use cephei or libSandy for that

Yeah that’s the next thing I was gonna look into. Do you have any good examples of using libSandy?

read it's README

I figured out the issue based on your suggestion

oh so you literally just do this?

int ret = libSandy_applyProfile("SafariPlus_Preferences");
        if(ret == kLibSandyErrorXPCFailure)
        {
            libSandyWorks = NO;
        }

        //int denied = sandbox_check(getpid(), "user-preference-write", SANDBOX_FILTER_PATH | SANDBOX_CHECK_NO_REPORT, "com.opa334.safariplusprefs");
        //NSLog(@"libSandy user pref write: %d", denied);

        //_userDefaults = [[NSUserDefaults alloc] initWithSuiteName:@"com.opa334.safariplusprefs"];
        _userDefaults = [[NSUserDefaults alloc] initWithSuiteName:@"/var/mobile/Library/Preferences/com.opa334.safariplusprefs.plist"];
        [_userDefaults registerDefaults:defaults];

@naive kraken On my iPhone 15.1.1 (still on Dopamine 1.x), /var/jb/var/mobile is owned by mobile:mobile but on the iPhone X where I just installed Dopamine 2.0.3 (coming from palera1n) it’s owned by root:wheel

oh shit that's a bug

I do have another tweak which simply uses NSUserDefaults (just the standard APIs) and that tweak was able to write to that folder

Well, I should also mention: I literally came straight from palera1n, not sure if that’s a valid use case

Or I should have done rootfs restore first

Dopamine 2.x made a new boostrap

Just kinda rolled with it since it worked

Yeah I noticed /var/jb was replaced

@compact swift yep I’d tend to agree that’s the issue as well, if it’s indeed supposed to be owned by mobile:mobile

do I need to chown it recursively?

smh I forgot passing a flag to libarchive

I was gonna check other folders in there

that's what caused this to begin with

I will check if the var/mobile is owned by root and in that case I will recurse it

but if it's already mobile I won't do it again

That sounds like the fix I’d apply, since people might have other stuff in there owned by other users/groups?

Should everything under /var/jb be owned by mobile?

no

only /var/jb/var/mobile

Okay cool, so you don’t need me to check any other folders for permissions? I did notice that sub directories were indeed owned by mobile but that folder itself was by root which is likely why my tweak prefs never get written

nah that's the only one I think

yeah the Preferences folder is being created under mobile by dopamine itself

but the rest is not

@primal perch this was prob your issue

Okay thanks for confirming. So would you say it’s still a “bug” in my tweak to simply write to that folder? Or is it safe to assume that I have write permissions for that folder on any 15/16 jailbreak?

it is safe to assume it's writable

I'm trying to cross-compile for Mac OS on arch gnu/linux with cctools-port, where can i get x86_64-apple-darwin-clang?

configure:6719: x86_64-apple-darwin-clang --version >&5
./configure: line 6721: x86_64-apple-darwin-clang: command not found
configure:6730: $? = 127```

Share menus system wide are misbehaving (ie they dont work at all) anybody else had this before? Its probably not dopamine related because it was working when i installed dopamine first.

@naive kraken maybe you could add like a check before dopamine jailbreaks and if there’s an issue, it jailbreaks with tweaks off and wount let you turn them on till the bug is fixed ?

The mobile root owner bug^

@naive kraken i don't think it's still fixed yet, on normal iOS the /var/mobile folder itself is owned by mobile:mobile
but the procursus one is still owned root:wheel

only the contents of the /var/jb/var/mobile is chown'd to mobile:mobile

That was the issue prior to 2.0.5, when I get some time later I was gonna upgrade and confirm it’s fixed on my device

i already have 2.0.5 though

did you jbupdate or rejailbreak?

you have to truly rejailbreak

oh

lemme reboot then

ok yea that works

oops

tried it 5 times in a row and it happened every time but the last time, where it took about 30 seconds longer to panic and produced a different panic string

that's the same panic again

oh nvm then

thought it was different

but then yea i can trigger the panic consistently

i am being trolled, i tried again and got to the home screen
and then it panicked

same panic string but it's a full panic log now

@naive kraken I confirmed that on 2.0.5 that /var/jb/var/mobile is indeed owned by mobile now (I had to fully reboot and rejailbreak - update environment was not enough). Oddly enough my tweak still isn’t creating my plist file…gotta investigate further I suppose

Maybe I still need to use libSandy..?

i love your username

I switched to physpuppet and it worked

sileo isn't showing up but that's probably a result of my special uicache

https://media.discordapp.net/attachments/1169461256386785290/1200528263026573454/caption.gif?ex=65e23192&is=65cfbc92&hm=2eab182f25b9b27fdaa2948b2540bb250cfff8fd392154d9b8b43c313569920f&=&width=996&height=840

discord tried to load this and crashed tf did you send

ironic

this caused my tweak injected into Discord to delete /var and bootloop me what did you send

L

average rosiecord

its fine because if it was vendetta instead it wouldve caused 3 amber alerts to appear on your phone

tbh vendetta is quite good

well

both are

https://cdn.discordapp.com/emojis/1019692218564489349.webp?size=48&name=trolley~2&quality=lossless

my theme stopped working when i got banned from their discord

how did you get banned

Why do I get this error when trying my tweak on Dopamine 2? The actual tweak doesn't work either.

i annoyed a friend of a moderator

in a private server

💀

OH right it was that thing

i remember now

what the hecking heck

abuse of mod powers

not build for arm64e?

https://tenor.com/view/this-discord-shit-serious-gif-26534537

vendetta's server in a nutshell lmao

its eol now which is sad

If you mean package arch it's arm64

Hello

Hello

packages for dp2 build for arm64 instead of arm64e

you got your answer then

tried make package THEOS_PACKAGE_SCHEME=rootless ARCHS=arm64 but that had no effect

@grim sparrow Happy Birthday!

Happy birthday @grim sparrow

@grim sparrow happy birthday!

are there any weather libraries?

@grim sparrow happy birthday!

Did You Just Break The Chain?

And arm64e smh

Build for both always

libaurora but that one’s busted

There’s that one liten one, ask @tepid olive

Yes but @placid kraken say build for arm64 and not arm64e?

Always build for both

why?

That's what I always thought

Tyty

Tyty

Tyty

Tyty

assuming by arm64e you meant arm64e and not Roothide

Arch’s in the make file are the actual like device arch

A11> arm64 , A12+ is arm64e

ik

@naive kraken writeToFile is indeed returning 0 meaning I can’t write that folder even though Filza says it’s owned my mobile:mobile… 🤔

Again, this same code works on palera1n

And also my 15.1.1 device still on Dopamine 1.x

What’s so confusing is that I just looked through Choicy’s code and it’s literally doing the same thing…ugh

I guess one difference is that my tweak preference reading/writing code is in actually in a library

should i be building for arm64 or 64e for dopamine, im guessing arm64e for A12+ and arm64 for lower

if your talking about tweak architecture

Arm64e is roothide

Arm64 is rootless
Arm is rootful

If your talking about the physical devices

A12+ devices use Arm64e

right

And A7-A11 uses arm64

and cos im on linux i cant build 64e properly

For dopamine you should be building for archs arm64 and arm64e and for rootless (which is iphoneos-arm64 but theos takes care of this, THEOS_PACKAGE_SCHEME=rootless)

yes

and the legacy support package isnt working for me so im kinda screwed

when running make do how does theos know which one to install to my phone tho

it depends on what process is doing it

choicy only writes to it from the prefs bundle

Yo, I have a tweak that targets an AppStore game. When I try to read the _TEXT segment by directly using a pointer (ASLR already bypassed), the game crashes.

anything else just reads from it

I tried using task_for_pid then vm_write instead but I cant even get task_for_pid to work... I return error 5 (os/kern failure)

The game process is obviously not running as root, so can I use these functions? If not, how can I read/write memory of a game with my injected tweak with Dopamine 2.0? Using a pointer would work perfectly before.

if reading is broken then something is wrong on your end

for writing use MSHookMemory

That's a little test function I wrote, I dont understand why I get error 5 (os/kern failure).

kern_return_t ret;
task_t kernel_task;
mach_port_t port = MACH_PORT_NULL;
port = mach_task_self();
    
if (port == MACH_PORT_NULL || port == MACH_PORT_DEAD) {
    showPopup(@"Test", @"Could not get mach_task_self. Returned mach_port_t is MACH_PORT_NULL or MACH_PORT_DEAD");
} else {
    // Get the process id of the game
    int pid = -1;
    pid = getpid();
        
    if (pid == -1) {
        showPopup(@"Test", @"getpid is not working, its still -1");
        return;
    }
        
    ret = task_for_pid(port, pid, &kernel_task);
    
    if (ret != KERN_SUCCESS) {
        showPopup(@"Test", [NSString stringWithFormat:@"Could not get task_for_pid for PID %d. Returned error is %d. mach_error_string : (%s)", pid, ret, mach_error_string(ret)]);
    } else {
        showPopup(@"Test", @"Got task_for_pid for PID. YESSSIR!!");
    }
}

I always get KERN_FAILURE. It's a simple tweak that targets an AppStore game...

I’m trying to write from either the MobileTimer process/app or mobiletimerd daemon. Is this not allowed on Dopamine 2?

My next test I want to try is to write to the file from my tweak directly and not from the library
Edit: nope, still doesn’t work.

Can I modify a tweaks dependencies just from the .deb?

yeah

inside the deb there is a file called control

.txt?

Figured it out thanks

Does the game process have to run as root to be able to use task_for_pid? I want to read it's own memory, that shouldnt be necessary

Clash of clans used to work when i disabled its tweaks with choicy. Now it doesn't even if i disable. Shadow bypass also didn't work. I am not sure if there is a dopamine version difference between when it worked and now. Even if there is its probably 2.0.4->2.0.5

Any suggestions welcome especially if you can use clash of clans with dopamine 2

Is there an IDE for iOS (iPadOS) that can access files in /var/mobile? I'm on 16.6 with serotonin

this type of stuff is usually what Cephei / libSandy is for, Dopamine only makes /var/jb readable and executable system wide, not writable

ios does not have an IDE

and probably never will

palera1n might allow it but that's nothing you can assume every jailbreak does

nah they just updated their detection I think

I mean, L* C++ is a thing. I was wondering if there was something similar that could access /var/mobile

Hi guys! I'm trying to find out if there is any chance to run remote debugging on a physical iPhone. To do that I need to start debugserver on iPhone (Xcode somehow can do that). I want to do it without any jailbreak.

I started digging and I tried multiple things like:

xcrun devicectl device process launch -d XYZ /Developer/usr/bin/debugserver
xcrun devicectl device process launch -d XYZ /usr/libexec/debugserver
xcrun devicectl device process launch -d XYZ com.apple.debugserver

but nothing works.

I also tried to check out what tools like ios-deploy do and I found out that they are trying to call private API AMDeviceStartService. However, it looks like it doesn't work anymore. Any ideas isn't it possible anymore with the latest iOS?

Just one day after the new jailbreak launch ? Thats insane i am not even mad in that case props to them lmao

lol

has anyone gotten status bar theming to work on dp2

other than the battery

@naive kraken just a thought, could you add a dopamine theme that uses the wallpaper of the device it’s on. Like safari ?

editing src to do it is probably possible

You can but your phone must be in a non jailbroken state

I can use it with just choicy

(there’s also some patched ipas on github with the detection bypassed)

Thanks risporce 🙏

https://tenor.com/view/tom-and-jerry-tom-phone-call-happy-gif-14720409

I have not a rune version of it

I should make one

no I mean a while back

Then we are back to my point, it worked with dopamine 2 and choicy at first. But maybe because of installing more and more tweaks; now it doesn't. If anybody has a fresh install of dopamine 2 it would be so cool if you tried to open clash of clans after disabling tweak injection with choicy and see if it opens.

It works fine

Yeah probably something on my end then. Thank you

How do you guys read memory on Dopamine from a non-root process?

works fine with tweak injection disabled

Got it, thanks for the explanation. I’ll migrate to one of those solutions (or just use NSUserDefaults directly) since I cannot write to that location from other processes it seems

I will note this worked perfectly fine in 1.x though, which is why I just wanted to double check

Reboot-rejailbreak fixed this

Use libSandy + NSUserDefaults with path

but use the path without /var/jb when you initialize NSUserDefaults, the cfprefsd hook will take care of it

But you need a libSandy extension for both paths

Althouh I might update libSandy for libroot soon

Can’t I just use NSUserDefaults standard apis? I have another tweak that lets me write using the apis without any additional libraries

not from sandboxed processes

But that’s a PreferenceLoader project

seems like im gonna have to implement libsandy into flora now that its running in a full jb

Guessing that has the permissions?

because now none of my prefs work inside of apps

for flora

What’s libSandy for ? Isn’t it for managing sandboxing?

while on serotonin some/most did

the way i see it, its so you can access other things' prefs from the current app

but im not sure

its in the readme, it extends the sandbox

Why would you need it for flora ?

Also, I remember that for prefs you did something really long with observers

You can just add the PostNotification flag on each elements of prefs

because iirc flora reads nil for all prefs when injected into apps so none of the apps are colored

true i found out about that afterwards

That’s odd

yea its weird

it doesnt work in any system apps other than settings

it does work in sileo though surprisingly

Huh ???

That’s very odd

yeah

There is probably an issue somewhere

Idrk

its open source

https://cdn.discordapp.com/emojis/1174615575125823509.png?size=48&quality=lossless&name=cozy&quality=lossless

it reads the current color at function runtime fyi

so that you can switch between simple and advanced mode and switch colors without needing to respring

so its not like it has access to the colors once upon init and then its done

https://github.com/acquitelol/flora/blob/main/Tweak/Flora.x

in flex it supposedly uses systemBlueColor which makes sense

flora themes that ^

whats with the trolley lmfao

made me laugh

https://cdn.discordapp.com/emojis/1019732813941067908.png?size=48&quality=lossless&name=skulley&quality=lossless

explain ‼️ ‼️ ‼️

or else

you can put emojis in remixes

theres nothing more to it

fake news

nope real real for real

get out of here with your tiny homebar

sparkdev why

I just want juice

and royeed

https://cdn.discordapp.com/emojis/1019692218564489349.png?size=48&quality=lossless&name=trolley&quality=lossless

oh.

i couldve hidden it altogether

but i think this is better

how hard is it to publish to chariz i would like to put flora there in a few decades, centuries, millenia

contact Chariz team

ok but like what's the process like, do i just give them a deb? give them the src to sanitize and make sure there's no malware, and let them build it, etc?

i havent really documented my code because it's mostly not hacky and documents itself

I didnt go through this process; they contacted me

so I'm not sure