#development

personally I feel like the dopamine and trollstore themselves make sense as (L)GPL and XPF, choma, etc as BSD, MIT, etc

I ended up using
#pragma pack(push,1)
#pragma pack(pop)
around every struct

thanks

🙏

can also do it like this

struct my_struct2 {
  uint64_t data1;
  uint8_t data2[71];
} __attribute__((packed, aligned(1)));

what are your thoughts on proper c documentation?
like is there even a standard?

feel like half the time the compiler decides it own standard lmao

no I mean like actual documentation

i think a lot of people use doxygen

not sure if thats c++ only though

yeah its c as well

afaik doxygen is what most people use

seems complicated, too many options to choose from with doxygen, also \ vs @?

also confusing because theres some automatic things but they are java labeled? @gentle grove

Wdym

eg: JAVADOC_AUTOBRIEF

i think they do the same

and why to use \ over @ or @ over \

i think javadoc is doxygen or something

like the same osftware

or maybe very similar

sounds like just for ease of grepping

or user preference

https://media.discordapp.net/attachments/778628328911274026/1235102261416431637/image0.jpg?ex=6633261e&is=6631d49e&hm=26735dd4ce90d4ebc510371396c63f129cfeff62679d6a367ab43543601187f0& thoughts on app design

How long do you guys think it'll be until GitHub fixes the mobile website

a few years

no cause fuck gpl

based

i think even with the protobox patch it's still not possible to reach launchd from the webcontent sandbox

you mean on palera1n? that's weird I thought it was going to be a launch constraint

Exception Type: EXC_GUARD (SIGKILL)
Exception Subtype: GUARD_TYPE_MACH_PORT
Exception Message: MSG_FILTERED on mach port 1799 (guarded with 0x0000000000000000)
Exception Codes: 0x0000000000000707, 0x0000000000000000
Termination Reason: GUARD 2305843558969509639

sign a binary with entitlements like these

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>com.apple.private.security.container-required</key>
    <true/>
    <key>seatbelt-profiles</key>
    <array>
        <string>com.apple.WebKit.WebContent</string>
    </array>
</dict>
</plist>

that's annoying

so based

This tbh

I noticed sending a mach message works, it's when you specify a local port for launchd to respond to where it breaks

msg->hdr.msgh_bits = MACH_MSGH_BITS(MACH_MSG_TYPE_MAKE_SEND, MACH_MSG_TYPE_MAKE_SEND_ONCE); // works
msg->hdr.msgh_bits = MACH_MSGH_BITS(MACH_MSG_TYPE_COPY_SEND, MACH_MSG_TYPE_MAKE_SEND_ONCE); // crashes
msg->hdr.msgh_bits = MACH_MSGH_BITS(MACH_MSG_TYPE_MOVE_SEND, MACH_MSG_TYPE_MAKE_SEND_ONCE); // crashes
msg->hdr.msgh_bits = MACH_MSGH_BITS(MACH_MSG_TYPE_MAKE_SEND_ONCE, MACH_MSG_TYPE_MAKE_SEND_ONCE); // works
msg->hdr.msgh_bits = MACH_MSGH_BITS(MACH_MSG_TYPE_MOVE_SEND_ONCE, MACH_MSG_TYPE_MAKE_SEND_ONCE); // works
msg->hdr.msgh_bits = MACH_MSGH_BITS(MACH_MSG_TYPE_MOVE_RECEIVE, MACH_MSG_TYPE_MAKE_SEND_ONCE); // works

I don't understand enough about mach to determine whether there is a way to get around it

fair enough

Me when the exploit I wanted to use was GPL :

Hey is disabling SIP required to use task_for_pid on macOS ?

depends on the entitlements of the victim

it’s most certainly not required if the victim has com.apple.security.get-task-allow

I can try and resign the executable with get-task-allow

com.apple.security.get-task-allow

that’s the entitlement on macOS

Wait the binary is not even signed

looks like macos does not like that entitlement

proof

Getting a zsh: killed

make sure it’s not arm64e

it's apple m1 chip

no I mean

on a mac

the binary

and make sure it’s not platform 2 (iOS) binary

Oh

it is arm64e

Am I fucked ?

||@opal ridge||

you can debug the x86_64 slice

Even on arm64 ?

rosetta ig

correct

plus

where do you even get the arm64e java

Unless

you are debugging the shim

in which case

/usr/bin/java is a shim

Oh I am debugging /usr/bin/java

I want to somehow attach to it

and load a library inside of it

wow debugging a shim binary

What even is a "shim binary" 😭 ?

shim

it's not the real binary

it's a shim

https://dictionary.cambridge.org

oh ok 😭

https://en.wikipedia.org/wiki/Shim_(computing) better exp

Thanks

do y'all got app ideas

@developers please developers

App that shows the NSLog output

🙄

an app which makes tweaks for me

It's called Mterminal

too much effort

https://vxtwitter.com/uwukko/status/1785692709761495120?s=46

https://vxtwitter.com/elonmusk/status/1785357913634042012?s=46

@primal perch what is Elon saying fr

what'd i do?

what if we added async/await to assembly

just consume cpu cycles

async? Now they have to add plumbing!

ever heard of a jet and a bucket

who needs pipes

trueeeee

Made an api in python for bing copilot ai

Ok

Congratulations, you poured time and effort into interfacing with the worst thing on planet earth

Based

Copilot is good

https://vxtwitter.com/chompie1337/status/1785389019309777257

yea it's free gpt4

why would you not like it

unless you just hate AI in which case that's fair

any news?

any news?

"diagnosed" as if this wasnt public information already

@placid kraken

i may be stupid but is there any reason an Intents extension ignores applied entitlements

i give it persona-mgmt and it says spawn status 1 (no entitlement)

i did but it didnt make a difference

is gay a disease ? 🤨

can anyone explain what im doing wrong why is it not appending the response data into user codeable..?

these

+ (NSString *)hexStringFromColor:(UIColor *)color {
    CGFloat red, green, blue, alpha;
    [color getRed:&red green:&green blue:&blue alpha:&alpha];

    int redInt = (int)(red * 255.0);
    int greenInt = (int)(green * 255.0);
    int blueInt = (int)(blue * 255.0);
    int alphaInt = (int)(alpha * 255.0);

    return [NSString stringWithFormat:@"#%02X%02X%02X%02X", redInt, greenInt, blueInt, alphaInt];
}

+ (UIColor *)colorFromHexString:(NSString *)hexString {
    NSString *cleanString = [hexString stringByReplacingOccurrencesOfString:@"#" withString:@""];

    if (cleanString.length == 6) {
        cleanString = [cleanString stringByAppendingString:@"FF"];
    } else if (cleanString.length != 8) {
        return nil;
    }
    
    unsigned int rgbaValue = 0;
    NSScanner *scanner = [NSScanner scannerWithString:cleanString];
    [scanner scanHexInt:&rgbaValue];
    
    CGFloat red = ((rgbaValue & 0xFF000000) >> 24) / 255.0;
    CGFloat green = ((rgbaValue & 0x00FF0000) >> 16) / 255.0;
    CGFloat blue = ((rgbaValue & 0x0000FF00) >> 8) / 255.0;
    CGFloat alpha = (rgbaValue & 0x000000FF) / 255.0;
    
    return [UIColor colorWithRed:red green:green blue:blue alpha:alpha];
}

mfw relationship is null

i cant append into nil?

if relationship is null, your program will crash

it doesnt i get no errors besides the one i print

until the day

btw you meant the api response relationship is null

because it clearly isnt it gets printed in the log

but the day it is null or anything, you'd crash

im so confused so what causing it not append the value onto relationships array

I see... pretty similar, though I'd recommend you to use the functions from the lib, as your current implementation of hexStringFromColor is buggy for colors with weird colorSpaces (had to find that out myself as well)

sileo has an Intents extension?

What even is intents extensions

Oh yeah I have that working

btw @placid kraken https://github.com/MrGcGamer/LibGcUniversalDocumentation/issues/7

I know how to do that

The intents extension is pretending it doesn't have persona-mgmt

help ?

i already figured out how to do that though

- (PSSpecifier *)generateSpecifierWithName:(NSString *)name parsedName:(NSString *)parsedName hexColor:(NSString *)hexColor {
    PSSpecifier *specifier = [PSSpecifier preferenceSpecifierNamed:parsedName
                                                            target:self
                                                                set:@selector(setPreferenceValue:specifier:)
                                                                get:@selector(readPreferenceValue:)
                                                             detail:nil
                                                               cell:PSLinkCell
                                                               edit:nil];

    UIImage *originalImage = [UIImage systemImageNamed:@"paintpalette.fill"];
    UIImageSymbolConfiguration *symbolConfiguration = [UIImageSymbolConfiguration configurationWithScale:UIImageSymbolScaleSmall];
    UIImage *paletteImage = [originalImage imageByApplyingSymbolConfiguration:symbolConfiguration];

    [specifier setProperty:[GcColorPickerCell class] forKey:@"cellClass"];
    [specifier setProperty:hexColor forKey:@"fallback"];
    [specifier setProperty:@1 forKey:@"style"];
    [specifier setProperty:parsedName forKey:@"label"];
    [specifier setProperty:BUNDLE_ID forKey:@"defaults"];
    [specifier setProperty:paletteImage forKey:@"iconImage"];
    [specifier setProperty:name forKey:@"key"];

    return specifier;
}

you can do this via code and it works fine for me

lol yeah ill probably do that

TIL

thank you macos

turn off

just saying, as I also liked the idea

my impl is basically identical to one from cephei, so you can just use it as you would for all the other cells

oh where you can assign the image via the plist?

yeah i didnt want to have cephei as a dependency

so i wrote my own version of that lmfao

- (NSArray *)specifiers {
    if (!_specifiers) {
        NSMutableArray *baseSpecifiers = [self loadSpecifiersFromPlistName:@"Root" target:self];
        NSString *value = [preferences objectForKey:@"mode"] ?: @"Simple";

        for (PSSpecifier *specifier in baseSpecifiers) {
            if ([[specifier propertyForKey:@"id"] isEqualToString:@"credits"]) {
                [specifier setProperty:[NSString stringWithFormat:@"© Rosie (acquitelol) 2024 • %@/%@", BUNDLE_ID, PACKAGE_SCHEME] forKey:@"footerText"];
                [specifier setProperty:@YES forKey:@"isStaticText"];
            }

            // Parse icon images as SF Symbols, similar to how Cephei does it but a slightly lighter implementation
            NSDictionary *iconImageSystem = [specifier propertyForKey:@"iconImageSystem"];

            if (!iconImageSystem || ![iconImageSystem objectForKey:@"name"]) continue;

            [specifier setProperty:[UIImage systemImageNamed:[iconImageSystem objectForKey:@"name"]] forKey:@"iconImage"];
        }

        _specifiers = [self getSpecifiersWithValue:value specifiers:baseSpecifiers];
    }

    return _specifiers;
}

its a smaller scale example because you cant set the size or whatever

Yes

but yeah good to know considering i do have libgc as a dependency

yes

the updated docs are already live, if you want to look at them https://github.com/MrGcGamer/LibGcUniversalDocumentation/tree/1.7.0

okie will look soon

does chnaging your device language do a userspace reboot bc i stayed JB ?

(it didint actully change it tho )

respring

wait wtf
searching files in finder also searches text in images
i know they added live text a while back but they never mentioned this lol

oh, respring with apple logo ?

i guess lol

changing to bold is a respring

id say changing language is too?

but logo

I released a few weeks ago that ios spotlight does this too

And I’ve used it nonstop since then

so that’s why spotlight takes so long and crashes so often

@radiant idol this fall back to english right?, (NMV figured it out)

do you need an entitlement to post a notification

like com.whitetailani.bundleid.thingy/Update

or can every process do that

jb or stock?

jb but i can't give entitlements

oh apparently it was added in ventura

NSExtension pain

it was barely mentioned in wwdc 2022

lol

if i could i wouldn't need to post any

i think you need paid dev ents

but my idea is: if i can post notif i can set up a process to watch for said notif, and that can do the task requiring one

No not like a push notification

oh

Like what preference bundles can do

Darwin notification or somethin like that

ask the legizmo guy

what u trying to do, like the end goal

legumes guy

send a notification that i can have a launchdaemon watch for and then it can execute an action

trying to have an Intents extension trigger location spoofing but they don't care abt what entitlements they have

mach_msg will work prolly

can i also communicate data in that or nah

yes

can pass data like a struct or something

lemme grab example

i mean, is that better than just using nsnotificationcenter or something tho

kinda janky and no error handling lmao but something like this

static mach_port_t server_port;

typedef enum {
    CMD_1 = 0,
    CMD_2,
    CMD_3
} some_cmd_t;

typedef struct {
    mach_msg_header_t hdr;
    pid_t pid;
    some_cmd_t cmd;
    int some_value;
    // add whatever else
} some_msg_t;


// server code
void handle_commands(const mach_port_t *port) {
    while (1) {
        bp_msg_t msg;
        mach_msg(&msg.hdr, MACH_RCV_MSG, 0, 512, *port, MACH_MSG_TIMEOUT_NONE, MACH_PORT_NULL);

        switch (msg.cmd) {
            ...
        }
    }
}

void init_server(void) {
    mach_port_allocate(mach_task_self(), MACH_PORT_RIGHT_RECEIVE, &server_port);
    mach_port_insert_right(mach_task_self(), server_port, server_port, MACH_MSG_TYPE_MAKE_SEND);
    bootstrap_register(bootstrap_port, "com.myserver.name", server_port);

    NSThread *bg_thread = [[NSThread alloc] initWithTarget:[NSBlockOperation blockOperationWithBlock:^{
        while (1) handle_commands(&server_port);
    }] selector:@selector(main) object:nil];

    [bg_thread start];
}


// client code
void send_command(some_msg_t *msg) {
    mach_port_t port;
    bootstrap_look_up(bootstrap_port, "com.myserver.name", &port);

    msg->hdr.msgh_bits = MACH_MSGH_BITS(MACH_MSG_TYPE_COPY_SEND, 0);
    msg->hdr.msgh_remote_port = port;
    msg->hdr.msgh_local_port = MACH_PORT_NULL;

    mach_msg(&msg->hdr, MACH_SEND_MSG, sizeof(*msg), 0, MACH_PORT_NULL, MACH_MSG_TIMEOUT_NONE, MACH_PORT_NULL);
}

int main(void) {
    some_msg_t msg;
    msg.pid = getpid();
    msg.cmd = CMD_1;
    msg.some_value = 1337;
    send_command(&msg);
}

Objective-C 🔥

Shame it's not swift tho

i have proof swift is better than objc c

don't have it yet

it's arriving on monday

i forgot to email the screenshot to myself so I'm gonna have to wait until i get access to that pc again

the screenshot is saved on there

it will be definitive proof however

this is way over my head

Seems pretty straightforward

does XPC require an entitlement to use on iOS

perfect

i think that could work

if it works this setup is so cursed

app gives shortcuts info -> shortcuts executes app extension -> app extension gives XPC service other info -> XPC service executes action

https://x.com/flyosity/status/1786048546333999479?s=46

No

I've never signed up for AWS

I run things myself

same

yes this is real

skill wallet issue

xpc?

Anyone here before submitted an app to the app store with login functionality?

i can't get data out of the extension any other way afaik

yeah, need advice on something?

cheapest aws bill

Need to use wasabi instead

Happy birthday

hbd !!

happy birthday!!

Happy birthday!

let me be the first to say happy birthday mr. outdoors

Thanks yall

hayden indoors

Happy birthday

happy birthday procursus man

@marble perch happy birthday

Happy birthday 🎈

happy birthday

What’s the rates like, rn I pay 72 a year for lightweight vps

Happy birthday

had some issues, resolved them hopefully now waiting for them to accept

if not ill ask

@marble perch happy birthday

Anyone know if it is possible to create a tweak that replaces a framework's binary with a binary from procursus?

I'm looking to replace the python interpreter in the Pythonista app with the fully functional and unsandboxed procursus one, but I'd imagine it's not as simple as dragging and dropping

I should specify I know 0 about tweak development

you'd have to modify the app to be unsandboxed

and use the procursus system

aka you need the src

So no amount of IDA Pro or Xcode is gonna help me, huh

should I attempt to get pppwn running on ios

xcode will help if u have source

@unkempt magnet Hi, Did you ever manage to change a file thats on / into a symlink using a kernel exploit?

I'm trying to see if theres any alternatives to namecache overwrite redirect launchd cause I want to fix this kernel panic when shutting device off

who is this

oh it;s nathan

lol

Sorry, but I couldn't find way without redirecting namecache.

Maybe you can use that method that restore launchd to prevent panic?
https://github.com/wh1te4ever/kfund/blob/main/kfd/fun/vnode.m#L559

i'm using the 16.6.1 redirect method, would that still work?

Yes, it should work on 16.0-16.6.1

because this one doesnt work with launchd redirect
https://github.com/wh1te4ever/kfund/blob/main/kfd/fun/vnode.m#L526

so i have to use this onehttps://github.com/mineek/Serotonin/blob/main/usprebooter/fun/vnode.m#L568

(the switchsysbin160 is the same exact thing as the redirect file func)

Seems like offset mismatch

would the unredirect still work

nvm ill just have to see

https://github.com/apple-oss-distributions/xnu/blob/xnu-8792.41.9/bsd/sys/vnode_internal.h#L218
https://github.com/apple-oss-distributions/xnu/blob/xnu-8792.41.9/bsd/vfs/vfs_subr.c#L5773

I saw your panic log,
so try increasing old_holdcount to prevent panic if it works.

ok so

how would I do that

the holdcount offset isnt even defined anyways

I don't know how to find the offset tbf

Can you find vnode_hold function on IDA Pro?

hold on

i can open it in hopper

i dont have ida on my mac

Or can you xref panic string that
'''panic("%s: vp %p holdcount overflow from : %d v_tag = %d, v_type = %d, v_flag = %x."'''

https://github.com/apple-oss-distributions/xnu/blob/94d3b452840153a99b38a3a9659680b2a006908e/bsd/vfs/vfs_subr.c#L5981

yeah thats what i planned to do

ok its dissasembling

if hopper cant find it ill just open it up on my pc

would this be in kext or directly in the kernel

Directly in the kernel

ok hopper sucks let me get on my pc

okay dissasembling again

uhhh

this one (the top in that photo) looks to be the closest

yeah i think this is it

"%s : vp %p holdcount -ve: %d. v_tag = %d, v_type = %d, v_flag = %x."

Or can you xref that string?

found it

above of code that branch command to loc_ffffff007f15464 will be key to find v_holdcount offset

do i xref it

these are that references that func

com.apple.kernel:__text:FFFFFFF007F15464 SUB W8, W20, #1

is same with old_holdcount - 1 in

            __FUNCTION__, vp, old_holdcount - 1, vp->v_tag, vp->v_type, vp->v_flag);```


https://github.com/apple-oss-distributions/xnu/blob/xnu-8792.41.9/bsd/vfs/vfs_subr.c#L5773

So, try finding W20 register where refers

https://github.com/apple-oss-distributions/xnu/blob/xnu-8792.41.9/bsd/vfs/vfs_subr.c#L5761
this, right?

Sorry, but I'm meaning that assembly code in ida

yeah I know im just having trouble finding it

0xB4

is the holdcount offset.

i feel bad for asking all of these questions, but how would i increment the holdcount now?

the old_holdcont at least

No worries

https://gist.github.com/wh1te4ever/e6984ddef2c365afdd085315a1a9dac3#file-mmap_bypass-c-L107

above of example, you can read and increase, just like thatz

off_vnode_v_usecount must be changed with v_holdcount offset

void vnode_ref(uint64_t vnode) {
    uint32_t usecount = kread32(vnode + v_holdcount);
    kwrite32(vnode + v_holdcount, usecount + 1);
}``` something like that right

yes

But + 1

so this should be good?

Yes, some variable name is weird, but it should be okay though.

v_holdcount = 0xb4

Yeah I set that offset

the vnode, in this case, is /sbin

right

i just tried it and it still panicked on shut off

heres what i tried:

Is it sure that panic only occured when call SwitchSysBin function?

It happens when the device is shut off or restarted

After that function is use

So it doesn't panic if we don't use that function?

No that function works fine

return (int)vnode;

Its just the panic happens after

That doesnt break anything

If return, it will never call that below functions.

Ohh

My bad

Hold on

ok lets see if it does anything different now

no it still turned back on when shutting off

damn it

i moved it above the vnode

Then, there should be 1 way that must be work.

Before kwrite64/32, try saving original data using kread64/32. And restore it when shutdown.

i would have to rerun the kernel exploit in launchd though

Oh

originally i was just gonna try and see if there was a alternative way to replace launchd so this issue could be sidestepped

for example: make launchd vnode a symlink to replacement launchd somehow

I see

got any ideas? i'm out of them

I suggested this before iirc

you did, but theres a higher chance of panic

thats why im hesitant

just gamble with launchdhook to get krw, kwrite back the original value then do the bind mount afterwards

w landa you won't really panic

at most boot just takes a bit longer after retrying i guess

i guess ill just kread the original vnode values into /var/jb/var/mobile/value.txt or some idk

first let me see if writing the original values back fixes the panic

wtf i think i just fixed it

bro what

@granite frigate vnode_increment works

dude

i just switched vnode to with_vnd @unkempt magnet and shutting off worked

finally

That's quite interesting!

Good good

nice

🔥

yeah it seems to be working now

phone actually shuts off this time

try usp reboot

i have the path relocated

that only happened when it used /sbin/launchd

i just changed it to fake launchd

genius 👀

🎁 I bought you a copy of Jade! https://chariz.gift/jade/BHGBYMWBPWWM7W7KKVJK

Lmao i was in a cloudflare loop but i then realized i already had jade

@granite frigate this comes up now when the phone dies

so you dont lose phone when it dies lol because it panicked on serotonin

Shit is never true

Mfs not findable

thoughts on surreal db?

looks like another one of those sensational dbs that come out every year

SurrealDB offers a dynamic and adaptable platform for business. With an integrated suite of cutting-edge database solutions, tools, and services, SurrealDB empowers your workforce to discover innovative answers using products meticulously crafted to meet their requirements.

i didnt ask for description

im asking is it here to stay

i was explaining where i got my thoughts

ever heard of citing your sources

think it’s here to stay tho

25k upvotes on github

everything has 25k upvotes on github

asking whether something is here to stay doesnt really mean anything, it's a toss up

and it depends what you mean for here to stay, like tons of projects still exists but no one uses them and they've had no updates in decades

what’s the most safe db

my advice is pick something mainstream like mariadb (mysql) or postgresql

unless youre feeling abnormally adventurous

do they have something alternative for surrealml

i mean idk what much there is in surrealdb of substance

lots of novel features that you really dont need for stuff

there's a reason old school relational database is so popular

postgre looks like something that still runs on windows xp tho

theres no ui for data n stuff

I haven't really used Postgres but https://www.pgadmin.org/

Boom a web ui

that doesn't even make any sense

it's a database server

there's no gui for nginx but here we are

looks ugly asff

if you're judging a database server by a third party user interface for it, you're ngmi

what’s ngmi

not gonna make it?

yeah

ehh i’m already almost done with what im working on

kinda still got alot if i think about it

Tbh a lot of dev tools don't even have an ui

like ?

theos

practically everything I use

stuff having a ui is an anomaly

you sound like someone who uses nano or vim

I do software development

what does that have to do with what i said

in software development you use a lot of tools and many don't have guis

xcode, vscode both have it

i’m good

Have what

a postgres ui?

phpmyadmin

fr

php bad though

:/

ignore the part that it's super easy to deploy

and has widespread stable support

fr

php bad

and has plenty of developers in the workforce

and is free and open source

https://tenor.com/view/linux-foss-github-programming-computer-gif-26397004

git doesn't have an offical ui

at least not one I'm aware of

git gui enters the chat

https://tenor.com/view/php-gif-24572089

it has like 2

gitk comes preinstalled

@tepid olive

ping me when orange names are sane

@tepid olive

cli > gui

Based

import Foundation

class AuthorizationManager: ObservableObject {
    private let tokenStorage: TokenStorage
    private let authenticationRoutes: AuthenticationRoutes = AuthenticationRoutes()
    private let authorizationCache: AuthorizationCache

    private(set) var currentUser: User? = AuthorizationCache().loadCurrentUser()

    init(
        tokenStorage: TokenStorage = TokenStorage(),
        //networkManager: NetworkingManager = NetworkingManager(),
        authorizationCache: AuthorizationCache = AuthorizationCache()
    ) {
        self.tokenStorage = tokenStorage
        //self.networkManager = networkManager
        self.authorizationCache = authorizationCache
    }
    
    func signUp(name: String, email: String, username: String, password: String, gender: String) async throws -> User {
        let response = try await authenticationRoutes.signUp(name: name, email: email, username: username, password: password, gender: gender)
        tokenStorage.saveToken(token: response.data!.token!)
        currentUser = response.data!.user
        
        authorizationCache.saveCurrentUser(currentUser!)
        return currentUser!
    }

    func signIn(email: String, password: String) async throws -> User {
        let response = try await authenticationRoutes.signIn(email: email, password: password)
        tokenStorage.saveToken(token: response.data!.token!)
        currentUser = response.data!.user
        
        authorizationCache.saveCurrentUser(currentUser!)
        return currentUser!
    }

    func signOut() async throws {
        //try await networkManager.signOut()
        tokenStorage.clearToken()
        authorizationCache.clearCache()
        currentUser = nil
    }

    func isLoggedIn() -> Bool {
        return tokenStorage.getToken() != nil
    }

    func getCurrentUser() -> String? { // Make the return type optional
        guard let token = tokenStorage.getToken() else {
            print("Token not found in storage")
            return nil
        }
        print("Token found: \(token)")
        return token
    }
}``` how can i update the value of currentUser from outside this class

import Foundation
import Combine

class RelationshipManager: ObservableObject {
    @Published var searchQuery: String = ""
    
    private(set) var users: [PlaygroundUsers]? = nil
    var currentUser = AuthorizationManager().currentUser!
    
    var authToken = TokenStorage().getToken()!
    let friendshipRoutes = FriendshipRoutes()
    private var cancellables = Set<AnyCancellable>()
    
    init() {
        $searchQuery
        //.debounce(for: .milliseconds(500), scheduler: DispatchQueue.main)
            .removeDuplicates()
            .sink { [weak self] query in
                guard !query.isEmpty else { return self!.users = nil }
                self?.performSearch(query: query)
            }
            .store(in: &cancellables)
    }
    
    private func performSearch(query: String) {
        Task {
            do {
                users = try await searchFriendRequest(query: query)
            } catch {
                print("Error searching for friends: \(error)")
            }
        }
    }
    
    func searchFriendRequest(query: String) async throws -> [PlaygroundUsers]? {
        let response = try await friendshipRoutes.searchFriendRequest(authToken: authToken, searchQuery: query)
        
        if let users = response.data?.playgroundUsers, !users.isEmpty {
            self.users = users
            return users
        } else {
            return nil
        }
    }
    
    func createFriendRequest(userID: String, friendID: String) async throws -> User? {
        let response = try await friendshipRoutes.createFriendRequest(authToken: authToken, userID: userID, friendID: friendID)
        
        if var relationships = currentUser.relationships {
            relationships.append(response.data!.relationship!)
            currentUser.relationships = relationships
        } else {
            currentUser.relationships = [response.data?.relationship].compactMap { $0 }
        }
        
        return nil
    }
    
    func fetchFriends(for userID: String) async throws -> APIResponse {
        let response = try await friendshipRoutes.fetchFriends(authToken: authToken, for: userID)
        return response
    }
}``` from something like this where it says `createFriendRequest`

help

@tepid olive

Working on an Audio Tester app

can't be serious

16player is ass

Adleast it’s not php

At least php is not swift

Rune mentioned

• Buy Rune

Nexus

At least swift is not r/jailbreak

Is iproute on procursus

Specifically ip

pretty sure it’s in network-commands

I have it installed

guess not then

check with apt-file

procursus has a contents file

apt-file is goated

ong

techincally, a cli is also a ui

Git kraken a ui

git guis are awful

They serve one purpose, gui fixing merge conflicts

For that they are really good

That’s the only reason to use them

why would you want to fix a merge conflict via a gui instead of just using the actual tui

Because pressing a checkbox with a mouse is super fast

pressing y is faster

Send command

idk it by heart

i don’t make merge conflicts

Loser

Not using branches or having multiple contributors be like:

i use branches

and have worked with other contributors

Not enough then

Jk

there were only like 6 of us tbf

Yah we have way more experience than you

We code more

Yes

Typing for 5 hours

I can give a specific example that makes the most sense.

1. Have a public facing main branch for stable code.
2. Have an experimental branch for risky hacks and fixes
3. Even though experimental is ahead of main, maybe someone pulls into main for some important fixes.
4. Now both branches diverge. Conflicts now exist. So hence fixing the conflicts

If you got game you deal with something like this

Clearly you don’t

Master should always have a „good“ version

Not necessarily release, but stable

ofc little conflicts like that happen, i’ve never had a messy conflict tho like you were implying

Conflicts aren’t messy

That’s just how ascii works bruh

Guys

How is your master branch called

main

master sounds too harsh

idk how to explain it

main feels calmer

Sgtm (sounds good to me)

is that your main branch name

Yep

It was quietly made “old”

Subconsciously now most people see master and think a repo is outdated

that’s annoying

am i done for

Lmao

When I started using GitHub it was still called master

So that kind of stuck with me

yeah same, when they adopted main i switched over

that would’ve prob been on my old gh acc

my main branches are all over the place lmao

best first init name?

some are main, some are master, some are mistress, some just "compiler-rewrite" or "no-updater"

lol

i just use main because i dont care enough to change it

"Ready, set, go!"

however by the time i decide to make a repo for whatever project im doing, theres already a decent amount of progress that has been made

so i just kinda say what i did instead of calling it an "initial commit"

true

i need to start making local git repos at the start of new projects

in case i decide to actually continue it

for example the initial commit for elle was not called "initial commit" because progress has already been made when i committed

the first thing i do when i start something is mkdir name && cd name && git init

omg can we talk about how horribly designed the api for git submodules is

this

all the commands look like they do the same thing

update, add, sync, whatever

im pretty sure the command i run when i sync the i18n submodule is git submodule update --rebase or something but i cant remember

i’ve never used that command but i use sub modules, i swear you just add a repo inside of another one

that’s all i did for my dotfiles repo anyway

Wot

please tell me you have looked at the man

ive looked yes

it explains it pretty clearly

master

the proper initial commit message is "here be dragons"

i do "aw shit. here we go again"

I'm an "Inital Commit" kinda guy

"init"

Sometimes "First Commit"

init

innit

🇬🇧

init.rc

my scariest exam in 14 hours

ok

ok

ap?

i wrote it in the wrong channel -_-

matura

i just write what it is

“broken shit”

"Hell on earth"

"Shits erroring"

"more spelling errors"

“fix(readme): typos”

"fix: random shit"

fridnly fire

would it be worht it to thro an ssd into a 2011 MBP(i5 dual core) and install monteray and use as a Xcode compiler server thing ?

you forgot the [no ci]

No

Get a smarter ci

not really

I mean if it's your only Mac sure I guess

otherwise not really

Since a simple ssd is like 20

but like would it be slow?

like un usable

im using a VM rn

How much ram does that thing have?

Probably not that much

6gb

i think

Oh that's half decnet

one 2gb and one 4

My mums MacBook has like 4gb I don't remember which year

i mean, gui not required
it'll probably be faster than a vm unless you're running a vm with much better hardware than it tho

@naive kraken using arch(1) or posix_spawnattr_setarchpref_np(3) to make a non-default slice execute doesn't work on dopamine

could be reproduced by having an arm64 and arm64e slice and then try to execute the arm64 slice on arm64e

AP CSA exam tomorrow

Good luck

is ez

you'll ace it

How do you compile starware

                        SBFolderController *folderController = [[_logos_static_class_lookup$SBFolderController() alloc] initWithFolder:[folderIcon folder] orientation:[iconController orientation] viewMap:map];
                                                                                                                        ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ```

do I really need to have ios 14 sdk

tomorrow as in 36 hours?

wait what happens if you have two ap exams at the same time

https://x.com/pr0grammerhum0r/status/1787482474399846500?s=46

they allow you to request a late exam time

??

tomorrow as in the next day, 12pm local

ugh why does that exist

Since iOS 14

no, why

Rosetta

not since when

Run in Rosetta

I see

So I guess the solution would be to trust every slice that could be executed

which includes arm64 arm64v8 (arm64e old abi arm64e new abi)

I think I will just send the selected slice to launchd

am thinking about the jbclient_trust_binary api

because the the test was 36 hours from when you sent

technically the next day and 12 hours

unless you're taking it early

it's in like 20 hours

Is there gona be a like video link that not YouTube ?

Yes

Well

Do you mean apple link

Ok it will be posted in #announcements ?

Or vlc link

Ye

Ah

Yes it will be in apple event

Or whichever one is the read only channel

Like there was in October

Ok

https://www.apple.com/apple-events/event-stream/

This will stop redirecting soon

Ah ok

Something cool https://x.com/cellebritelabs/status/1787842456223961292?s=46

🔥

C mashallah

exactly

damn ios 17 sandbox escape wen

just use trollstore to give an app no sandbox

"Just use trollstore" is only possible when you have trollstore

Hey so this might be stupid, but is there a way that a tweak can be made to toggle on the hide jailbreak mode in dopamine every time you open a specific app or apps, and toggles it off when you clear it from memory?

I have troll store

hide environment unlinks /var/jb entirely

meaning no access to jb stuff

lol

How about like a shortcut?

The dopamine app doesn’t currently support shortcuts

But in theory can’t you just make an if code block when an app is open toggle hide jailbreak on and so forth?

I searched and searched on what hide jb environment toggle actually does. All I could find is that it partially disabled the jailbreak according to a Reddit comment. I didn’t know it actually unlinks /var/jb. However I still believe shortcuts might work if the app was supported.

Yeah?

unlink while running in jb state

I’m struggling to understand.

I’m in a jailbroken state. I toggle the hide option. It unlinks /var/jb. Correct?

What????

Huh

It doesn’t crash and burn tho

Yes I understand that but

But it doesn’t crash and burn

So then why have it as an option if it wasn’t designed for this.

What’s the intended purpose?

Then why can I just enable it, open the app that detects jailbreak, works fine, close said app, open dopamine and disable the toggle again and everything works fine

Total coincidence? How is it possible when I can repeat said coincidence multiple times

No

Not yet

Working on being one

What

No dont do that

So what you are saying is it’s not intended to work like that but for some reason it doesn’t spontaneously combust my phone?

actually you should do that

Yes

what

dopamine reboots userpace once it's done

Nah I actually do understand what all you guys mean. The intended purpose is to use it when first loaded into a jb environment so it’s reflected everywhere. Ok.

no the opposite dumbass

How would I go about making a tweak to do just that?

I know 0 knowledge about object c or swift. So maybe I should start there?

I only have some knowledge in python and basic c++

wait I might be thinking of palera1n my bad

Ok 👍. Summer holiday plan is to learn objective c.

- (void)setJailbreakHidden:(BOOL)hidden
{
    if (hidden && ![self isJailbroken] && geteuid() != 0) {
        [self runTrollStoreAction:@"hide-jailbreak"];
        return;
    }
    
    void (^actionBlock)(void) = ^{
        BOOL alreadyHidden = [self isJailbreakHidden];
        if (hidden != alreadyHidden) {
            if (hidden) {
                if ([self isJailbroken]) {
                    [self unregisterJailbreakApps];
                    [[NSFileManager defaultManager] removeItemAtPath:NSJBRootPath(@"/basebin/.fakelib/systemhook.dylib") error:nil];
                    carbonCopy(NSJBRootPath(@"/basebin/.dyld.orig"), NSJBRootPath(@"/basebin/.fakelib/dyld"));
                }
                [[NSFileManager defaultManager] removeItemAtPath:@"/var/jb" error:nil];
            }
            else {
                [[NSFileManager defaultManager] createSymbolicLinkAtPath:@"/var/jb" withDestinationPath:NSJBRootPath(@"/") error:nil];
                if ([self isJailbroken]) {
                    carbonCopy(NSJBRootPath(@"/basebin/.dyld.patched"), NSJBRootPath(@"/basebin/.fakelib/dyld"));
                    carbonCopy(NSJBRootPath(@"/basebin/systemhook.dylib"), NSJBRootPath(@"/basebin/.fakelib/systemhook.dylib"));
                    [self refreshJailbreakApps];
                }
            }
        }
    };
    
    if ([self isJailbroken]) {
        [self runAsRoot:^{
            [self runUnsandboxed:actionBlock];
        }];
    }
    else {
        actionBlock();
    }
}```

there's your answer

Can you explain what’s going in here 😭

remember that we still have files owned by root

smh

regardless of the jb being rootless

rootless a mid name for it, but thats apples fault

i get it
can be used unsafely

lol

alr so

i got an ios 9 iphone se. like its untethered running ios 9. so nand isnt the problem

im trying to pwned boot into, the current ios 9 install

using irecovery

and im getting this issue

during boot

the nand is ios 9 nand firmware version, and the device boots into ios 9 perfectly fine untethered. it just wont boot into ios 9 with irecovery, it gets stuck at

[ PCI configuration begin ]
[ PCI configuration end, bridges 4, devices 3 ]

i asked a few people and they all had the same issue when they tried too. does anyone know of a workaround or fix for this issue?

apologies for the confusion
but this won't work (for the wrong reasons)

tweak injection and library injection in general happens as soon as the app is executed
so you can't just do this if the app has already been loaded into memory

you'd need trollstore level permissions to undo what dopamine does to hide

Oh I see now. So the way shortcuts works is it runs commands within the app itself rather than opening the target app?

Oh I already believe you a while ago.

I’m just trying to understand

What actually happens under the hood

👍 ok. Thanks for explaining

Things I have tried. Choicy. Shadow. Vnodebypass.

All detected

It’s a banking app

I think it detects if /var/jb is present, as it only works if i enable the hide toggle. So there’s that

But then again

Shadow should work if that’s the only thing detected

But it doesn’t so we move we move

sandbox profile lang is dog water

neon register flashbacks

Do you think in this case dleovl’s upcoming roothide dp 2.0 might work for such apps?

easy on mac atleast, they let us have some power

@bitter osprey

whats ur idea

i see..

Wait he’s the developer of roothide right? Or am I trippin

libjailbreak stuff has a api for it

works fine tbh

zefram 2

zefram pro

Bro is just a skid and yapper

I’m the yapper? Or dleovl is the yapper?

Tbh I do yap but it’s only so I can get a better understanding

Dleovl is the yapper

Oh ok. I have not been in this server long enough for that conclusion I guess. It’s time for me to touch some grass now at 11 PM.

Lol

Also I may or may not have creamed myself when I got sshrd scripts working for the first time. True hacker moment for me

Dleovl moment

so blender is useful after all

uyouplus

Woah

Uyouplus

Woah!!

uyou plus

Oh

why are we saying uyouplus?

I am truly in confusion.

this is true
anything else is subproject

yeah but who does tweak_name +=
or has more than one string there
???

Why is it even an array

Prob for subprojects ?

I guess

Zefram 100% has multiple projects in the tweak name array

First is zefram and the subprojects are called "bootloop", "stealer" and another is "ransomware"

Hot take

Instead of it being called Rootful, we call it Rooty so that Rooty and Rootless are consistent with Lossy and Lossless compression.

@placid kraken hi

nightwind pookie sent me over

my question is if its possible to get the inspect element thing from the desktop version onto the mobile version

of discord

yes with client mods but you can’t visually inspect you can only view the current selected element with $r in the repl

after you connect from the repl

you have access to the react tree

and can inspect the current element called $r in the repl

https://m.youtube.com/watch?v=o3t52-ZxFtU

Thanks 🙏

this is such a helpful course

once I knew a fair bit of objc, I watched through some of these vids

helped me a lot

ACED MY AP CSA EXAM

😁 😁 😁 😁

W

lets go

@grave sparrow How do i register an XPC service on ios

i need some kind of entitlement for this to work, correct?

or should i just install via trollstore

installing via trollstore doesn't work unfortuantly

look who’s returned

ahhh ok the MachService bit I didn't get

can you send an example, I got everything else

https://rderik.com/blog/creating-a-launch-agent-that-provides-an-xpc-service-on-macos/

thanks

i mean you need trollstore to even be allowed the entitlements if any
trollstore shouldn't be a requirement though (dopamine can function without it for example)

ofc you need root perms to set groups

somewhere along the line getting root perms failed

no

It’s a bug xina used for root

yeah but

that still gives you root perms

?

Yes

so what did i say incorrectly here

lol

oh let me guess, the operation not permitted is unrelated to that

wait so does that bug even work on 14.x

https://x.com/xina520/status/1515720109255393282?s=61 setgroups bug

It’s not necessary there

true

i guess there's the electra method

lol

Your name reminded me to stop procrastinating 💀

lmao i set it because i was

🤣

That’s golden

today is the first time i've touched relocateme since uh

a week ago

Heyyyy

Pins.

LMFAO

Check the pins.

lmfao

Would any of yall have use for me opening up the RelocateMe Reborn XPC service for anyone to use - provided you've installed the tweak legit

It's pretty basic, just supports

• spoof to a CLLocation
• cancel spoof gracefully
• cancel spoof by killing locationd

Idk if i want to put in the work for it if no one's going to use it

some arabic dude will

yeah fr

add it

i'll make it a 1.1 update i've been adding too much

if I can get shortcuts integration going then that's it

testing and then release 1.0

1.1 will bring share sheet and XPC

@timid furnace have you played with pip 24.1 at all

deciding not to work on stuff just because nobody will use it is lame

it’s good practice!

look at any of my stuff besides @lime quartz

oh cool strikethrough actually works thru mentions now

I have a lot of other stuff going on

Not sure i want to commit time if I don't have to bc I have other things to do with that time is more what I meant

idk if that came out right

Idts what changed

apparently they’re ditching a bunch of legacy stuff + major perf improvements

probably other shit too that’s just what i remember

how exactly do the newer (pre ios 15 tho) jailbreaks implement restore rootfs?

revert back to the orig-fs apfs snapshot & reboot

gotcha

10.3.3 has apfs right? a google search told me so

yes but iirc jailbreaks didn’t make apfs snapshots until 11

(either electra1112 or electra1131 started that trend)

hear me out....

(don't)

fun fact electra apfs snapshots still aren’t good because it creates an empty jb-related file on the fs before making the snapshot

so when you revert to it there’s still a file left over

kinda wanna modge podge a ios 10.3-10.3.3 jb together that adds restore rootfs

in concept its simple i think

just not very useful

no that’s definitely useful

and anyways yeah dh (and socket) and meridian are both open src

and i guess you could technically implement it in TNS too

tns?

totally not spyware

oh, so true

seems like most ios 10 ones are at least partially (that are in the version range im looking at)

I think .file has always been there

or at least present in newer versions

i thought there was another one it created

15.4.1

would i need an older version of xcode to work on something like this though?

idk

idk

I think pre-11.3 apfs didn’t have snapshots

they never made snapshots

they just renamed the existing ones

or something along those lines

oh yk what i think you're right

would you rec basing off of either or?