#development

the best i found is shoving it as high as possible above screen

Now i have to make the animations of it stop

Anyone know how to make a view stationary and not move?

Move because of what, maybe disable userInterractionEnabled property if its an UIView and touches cause the movement

I figured it out

staticisland

this one doesnt completely get rid of it

rather doesnt show it when its not in use

anyone here know how to do full stack web dev……,,,,,

for what

"dont ask just to ask"

i need someone to make me a dashboard

and it’s

kinda complicated

what kinda dashboard for what

(im pretty sure no ones gonna do it free...)

What is this from

The tweak i sent?

No

My tweak gets rid of it mostly

Its broken on 16.0.* i think

Idk how far down it breaks

Ive tried it on 16.4.1 and 16.6.1 so far

Internal Preboard screen Dynamic Island defaults to this

This is on iOS 18.4 16 pro max

https://www.icloud.com/shortcuts/0bdfecf122df402a93e52c8d628f77a5

yea it’s gonna be paid

so i need

• authentication
• some backend work to pull data safely without having users reverse engineering and getting the database dumped
• payment processing
• management of keys

[main 76ebe96] bunch of stuff
 26 files changed, 1385 insertions(+), 645 deletions(-)

fellas am I using git right

yeah

ur not supposed to commit it every time you change a character

like what @xrt3zy did

whay

@xrt3zy

??

@tepid olive

What

Ok

Ok

Yea thats not gonna be cheap

Yes

Anyone know how to prevent a view from animating when doing something like this

%hook _SBSystemApertureGainMapView

- (void)setFrame:(CGRect)frame {
        if (frame.size.width >= 127) {
            if (frame.origin.y <= -48.3) {
                frame.origin.y = 0;
            }
        } else {
            if (frame.origin.y <= 0) {
                frame.origin.y = -999;
            }
        }
    %orig(frame);
}

%end```
Basically im trying to move this instantly

but it slides upwards and downwards

I need it to teleport into place

Maybe try using transitionWithView and make the duration 0

This works but im not sure how to make it apply for when i want to move it

Wdym "when i want to move it" anyway sounds like it can be done with if/else's or maybe pass a variable to duration so you can toggle animation by changing the variable

I got it

i still need to fix it for earlier 16 versions

lethargicIsland

this works on 16.0.3

and whatever

all 16 version should work

I put it on my repo

hello! would anyone here be willing to poke around the Music app in IOS15.8.3 and delete 2 stupid elements from the library for me?
pretty please?
the DL button and 3dot menus in the songlist drive me up the wall!

I use Dopamine as my JB and am on a Ipod touch 7

i wonder if its possible to recreate kanzi/kong with pi pico

https://github.com/stacksmashing/tamarin-firmware

Ai slop can help .

sorry

sorry

i apologize

forgive me for my actions

you are forgiven

18.4 beta 2 killed private var access with shortcuts

whats the shortcut

i wanna look at logs

https://www.icloud.com/shortcuts/766e6d4e664943f2b9f9df5fee4a292d

Can still open apps tho

Granted most just make your phone laggy as fuck and do nothing tho

Don’t even know what this is

what a goofy app

Thought this was referring to pear Db for a second lmao

MagSafe ca testing no credentials

It doesn't work for me

Still wants credentials

Tap left Circle in top bypasses it lmao just found it out

Wtf

💀

It reads connected accessories to after about 30 seconds just tap left circle again if it ask for login

Oop wrong image

are there any docs for the MediaLibrary.sqlitedb in the iTunesControl?

anyone here need their static (probably even dynamic) page hosted

i bought cloudflare paid workers plan because yes and i was wondering if anyone here needed a worker/page

pages.dev is free tho?

GitHub pages 🙏

literally just google free web hosting 😭

glitch.com is good

only issue with gh pages is the repo has to be public

pages.dev let's you have it from a priv repo

true but if you're handling a large-scale website then 100,000 requests would not be enough

per month

didn't realise it had such limit tbh

i surpassed 100k in like

one day

brag much.. /j

🙄

lmao

i have a clients site hosted on pages, not sure what the analytics look like

if it's on a domain u can just

check the analytics

i easily hit it cuz of a ddos recently

yeah ik, i'm ab to go to sleep rn tho

replying to the analytics message not the ddos lmao

What web app is acatto running 🙏😭

lmao

ai shill

👍

voidai.xyz

please use code blocks 😭

and trim your logs

where is -no_auth_data even being passed am i blind

then i'm too lazy to answer you 👍

wrap it in a code block..

triple backtick on your message content

its a linker passed flag, will only show via -Wl,-v

ah ofc

all of stdout/stderr yes

(am infact, blind )

clang -arch arm64 -I../.include -isysroot /Applications/Xcode_15.2.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS17.2.sdk -miphoneos-version-min=15.0 -Wno-deprecated-declarations -fno-stack-check -D_FORTIFY_SOURCE=0 -DIOS=16 -shared -Xlinker -add_split_seg_info -o dyldhook_merge.arm64.dylib src/fakelib_redirect.c src/lv_bypass.c src/main.c src/reimpl.c src/spinlock_fix.c src/main.S ../libjailbreak/src/jbclient_mach.c src/generated/ios16/task.c
clang -arch arm64 -I../.include -isysroot /Applications/Xcode_15.2.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS17.2.sdk -miphoneos-version-min=15.0 -Wno-deprecated-declarations -fno-stack-check -D_FORTIFY_SOURCE=0 -DIOS=15 -shared -Xlinker -add_split_seg_info -o dyldhook_merge.arm64.iOS15.dylib src/fakelib_redirect.c src/lv_bypass.c src/main.c src/reimpl.c src/spinlock_fix.c src/main.S ../libjailbreak/src/jbclient_mach.c src/generated/ios15/task.c
ld: unknown options: -no_auth_data 
clang: error: linker command failed with exit code 1 (use -v to see invocation)
gmake[2]: *** [Makefile:12: dyldhook_merge.arm64e.dylib] Error 1
gmake[2]: *** Waiting for unfinished jobs....
ld: unknown options: -no_auth_data 
gmake[2]: Leaving directory '/Users/runner/work/Dope/Dope/BaseBin/dyldhook'
clang: error: linker command failed with exit code 1 (use -v to see invocation)
gmake[1]: Leaving directory '/Users/runner/work/Dope/Dope/BaseBin'
gmake[2]: *** [Makefile:16: dyldhook_merge.arm64e.iOS15.dylib] Error 1
gmake[1]: *** [Makefile:92: dyldhook] Error 2
gmake: *** [Makefile:8: all] Error 2
Error: Process completed with exit code 2.

Hey, just going to say this “really quickly” while I have some time

I was planning on doing this in a month or so, but I don’t think I can wait any longer for work on this to begin. I’ll be giving more information in a more formulated request either later today or sometime tomorrow, but this is the gist of what I am looking for so that people can prepare work.

I’m currently looking to commission a bounty for a jailbreak that will transform the current UI of iOS entirely. And I do mean entirely, from the Lock Screen to the Home Screen and so on. Most aspects of the user interface will be completely bypassed and replaced with custom interfaces.
Additionally, all code must be open source. This includes dependencies, and any packages required to make the system work.

If you are interested in contributing, feel free to ask me for more details.

Aspects that will be at a minimum be required to be replaced (the vanilla versions of these should be inaccessible outside of an emergency exit option):
Lock Screen/Notifications
Home Screen
App Switcher
Control Center

what's the purpose? for looks or something else?

Productivity

I’ll explain later when I have more time

sounds interesting, i've wanted to something similar before tbh

too ambitious imo

Hence why I’m asking now rather than later

cool

https://support.apple.com/en-ca/guide/assistive-access-iphone/welcome/ios

is it ok if i stole debugserver from lldb

because i couldn't find it anywhere else

absolutely not

its at /usr/libexec/debugserver ~ 16 or 17 +

i don't think it was there but i'll check again

what version

16.5 but turns out it was there I just missed it and didn't wait long enough for search to load

search????

Am I smoking fent or couldn’t springtamize literally do all this , also are u paying for a jailbreak or requesting a tweak bounty

Tweak bounty

Albeit very large tweak in this case

Device and iOS wasn’t even mentioned which is a key part in a request, there’s multiple tweaks that already do this but if your supported idk

As I had mentioned, that wasn’t the formal request. That was just me giving people a heads up before I dump the full thought out thing on the subreddit

And yeah I’m kinda hoping that the capabilities I mentioned aren’t completely novel at this point in the ecosystem; those are just the technical requirements of what would need to be possible at a base level

Like i said depending on your iOS it’s already possible

Hm?

am I wrong?

Yes

Its not there on 18.0.1

well

its there if dev mode is enabled

Nope

I have a DDI mounted too

well its there on 16 17

15 is its in the old loc for ddi

just run find -type f -name debugserver

Didn’t people talk about the inbuilt debugserver symbols getting stripped in 18.4?

Yeah I believe so

I didn’t know they had widgets most work but APL isn’t right that’s minimum possible value for 64-bit integer assuming it doesn’t have correct permissions to retrive

@visual meadow idk if you remember but, when u were trying to get CC border working with he homekit module, did u ever get it to work. I can't seam to hook any of its classes for some reason.

Any recommended xcode plugins or tweaks that help with jailbreak tweak development

Xcode’s not really suited towards tweak development

You should use VS Code

Ok… any vscode extensions😭😭

TXB exists but afaik no projects use it so it’s at your own discretion

As for vsc, there is the logos extension which you can use

If you’re writing tweaks without Logos or in Swift, you can have autocomplete through the sourcekit-lsp and clangd extensions

You can use the simulator for testing by using simject

If im making a tweak that adds a system wide floating button like h5gg jb Whay would i hook into on Xcode simulator

you'd probably make your own UIWindow and add it on top of everything

https://github.com/TeslaMan3092/PopOutButtons/blob/7b1657cb3df04a707160d879f3356c32ad405092/Tweak.x#L267-L302

See that’s a good point not to write logos

👍

once you have experience there is really point man

personally

Nah I never got it to work

Still stuck with this

@radiant idol do you know why whenever i open the homekit module in jade it freezes on updating

if i do the bigger module homekit just doesn't even load

No idea, that's really weird

sadly I have no way to test on my end because I don't have any HomeKit devices

you can go to apples developer downloads page and download xcode additional tools, which has homekit device simulator

would u mind sending me the code for this?

Its p2kdevs ccborder repo

Its fine if you don't use logos, just saying

@visual meadow btw with CCSupport u can change the height of homekit so u dont have wasted space

Ty

here's my reddit post: https://www.rxddit.com/r/HomeKit/s/KyxtqQt4R1

you can ignore the part about the camera though

ok I'll take a look at some point, no idea when that'll be tho since I'm really busy nowadays

no I understand; no rush as this isn't anything urgent for me since the normal home app works fine on 16.5 for now

how hard is it to create app mod without a jailbreak

you mean a tweak ?

its the same process but you have to add the dylib to an ipa and sideload it to install

if the "mod" requires patching addresses or jit thats ofcourse harder/impossible

Hello dears

I want install Chatgpt it’s says. Require iOS 17 my device is iPhone X ios 16.7.10. What to do ..?

It should give you an option to install an older version

Only if another device downloaded it

Either download it on another device to add it to your account then download it on the X, or use muffinstore to download version 1.2024.348

is there a way to compile for roothide without installing their theos fork

the tweak doenst use any paths

Thx honey it’s worked…!🥰❤️

unpack the deb, adjust file paths of load commands in the dylibs to fit your jb env, copy them to the device over ssh

im just installing the fork damm

takes like 90s

It’s 2025 old man, the 90s was ages ago

$100/h for live debugging. any restrictions on what you are willing to debug?

Honestly that is directed at one specific man whose computer I remoted into to fix procursus for some super old iOS version

But I’ll debug whatever you want, can’t promise I’ll be efficient at it unless it’s one of my projects

After I did that, I decided I’m never doing that again unless they pay me lol

Only one man has ever paid me for programming and I’m pretty sure he ran a pirate App Store

hi goober here, what do I hook for the homebar

Ask in the theos server
Or spend 30 secs in flex

yeah I can't seem to get the homebar in flex

I need some anonymous level type hacking and computer skills who’s up for the challenge

need details

hmu I can operate low orbit ion cannon

yoo throwback. i learned c# from playing with loic

Look at cornbar tweak on GH

Ok thank u Tesla

Can someone upload the DeveloperDiskImage.dmg and DeveloperDiskImage.dmg.signature for iOS 17.7 from Xcode? I need them to use several the libimobiledevice commands

I don't want to have to install Xcode since I have low storage available

it doesn’t exist

pymobiledevice3 mounter auto-mount

I can't seem to find UIGestureRecognizer on flex

99% sure it's a protocol

It prob is

So I dunno if I hook this or not

This doesn’t appear everywhere

just use ByeHomeBottomBarX from CydiaGeek's repo

or YetAnotherHomeBarHider https://repo.igerman.cc/

@visual meadow apparently you made a home bar hider tweak too?

Yeah

Its on my repo

Im not trying to hide the homebar 😭

oh, then what

Trying to hook into the homebar touch sense thing

ah yeah then look into CornBar as teslaman suggested

Mhm

It’s there

Just ant looking hard enough

not in the appstore app 😭

I was trying to find the gesture to enable dev mode

🫩

@grave orchid might wana take a look here^

Bro went back 5 years to find that advice

😭🙏

Yay

Nah I was going thru pins for wtv reason and saw it

the first and last time MSHookIvar was used

https://x.com/mwrevamped/status/1898492316488274293?s=46

How was this done on stock iOS

depth effects probably

Was this how ?

“it’s difficult without a certain tool but you can modify the files inside the .ca folders in a wallpaper with a text editor”

Different person but they were talking about making custom stock wallpapers I didn’t even know that was possible ig postseboard editing but I can’t find a tutorial

Nvm I found a server that goes over it

Jesus’s they make some cursed ass shit

Confidential and proprietary text, also forbidden apps on Home Screen

They been trolling some tjings

oh I just looked at the preview and thought it was a picture

I’m a dumbass

Server ?

^*

Yea that Sm guy in yellow repos like 15 or Sm that’s internal or Sm, they got that one odd bug going from a specific version to 18.0b1 or Sm that glitches something to give u an internal device

(Also recognize the pfp)

i'm gonna assume this belongs here too

Has anyone here hooked into SBRootSceneWindow and made a view over it

Trying to make a fake island view

why not just make your own UIWindow and put it on top?

Thats true I guess

I’ll dm it got Thanos snapped

Let’s not send invites

My bad

this shit so cool

@ashen turtle this is u right

yes

how did they make live wallpapers...

HOW

me too pls

https://x.com/mwrevamped/status/1898811511612506579?s=46

it’s taking over

I’ve found a GitHub that might help I think but not sure if I can share it will be trying and share if I figure out

Send it and we’ll see

It’s an emitter that emits particles

and it’s always live

I haven’t found anything about it on GitHub

but you do need internal macOS mica.app

because editing it manually is just

Just no

Smash

is that stock or jailbroken?

stock

very very nice

ios 18

how did u do that?

or is that like some default wp i havent known about?

backup modification

is there any tutorial or something for it?

step 1. get mica internal app
step 2. make wallpaper
step 3. add it into ipad 6/7 cuz imazing sucks ass and breaks posterboard
step 4. back up
step 5. restore the backed up posterboard on ur iphone!

I mean it’s cool but useless

not useless lols

I mean it is

it’s just cool

bro just said useless

by this definition most tweaks are useless

its visuals, you don’t get any use from it. Its customization

if you put a wrap over ur car, it won’t drive faster, but it’ll look better

It’s useful aesthetically

well for me usefulness is something practical and not aesthetical

That’s just “beauty” for me

Trying this john on 16

I still can get it to work

Is there a way to recover my certificate password or do I just have to make a new cert

what

For a developer cert if I forgot the password

what tweak for clock settings, mine?

settings?

Their talking about the time displaying the seconds counter I think

no it was from lynx that i made into my own tweak

-# Seconds*

Anyone is their a way I don’t wanna have to make a whole nother cert I still have my mobile prevision and .p12 just can’t remember password

have you tried 123456

Holy fuck 😭💀 thank you

lmfaooo

-# Simone pin this, I lost my privlages

😭

what if u take iPadOS 16 (iPad 7) wallpaper as base

how do you make these animations

making custom animated wallpapers sounds rly cool

like snowflakes or cherry blossoms

Mica (internal Apple application)

It’s complicated as fuck

np got it

:D

i'll figure it out

its not too hard to learn

can't wait for apple to patch this in the next update because users can't have nice things

or they do the good thing and turn it into a feature, ie let apps install wallpapers

not until iOS 20

🥀

is there a way to force simulator use native keyboard (UIKeyboard subclasses)

found it nvm (under I/O menu)

it’s not an exploit

they could make it impossible to edit if they wanted

i never said it was a security vulnerability (it isn't)

this tru ?

i thought it worked on apple silicon macs

they’d have to make it not an app domain

"undefined behavior" sounds inaccurate

i mean the "metal is unsupported on sim" part

that'd be weird imo but i don't actually know

https://developer.apple.com/documentation/metal/developing-metal-apps-that-run-in-simulator?language=objc seems its supported. chatgpt try not to hallucinate moment

sorry if this is the wrong place to ask, but is there a way to build an app for ios without a mac or an icload account? i don't need it to be signed, since i have trollstore, but i can't find any documentation on the internet

Theos seems to be able to do it

https://theos.dev

thanks a ton

root@computer:/home/user#  bash -c "$(curl -fsSL https://raw.githubusercontent.com/theos/theos/master/bin/install-theos)"
==> Theos should NOT be installed with or run as root (su/sudo)!
==>   - Please re-run the installer as a non-root user.
root@computer:/home/user# 
exit
user@computer:~$  bash -c "$(curl -fsSL https://raw.githubusercontent.com/theos/theos/master/bin/install-theos)"
==> Theos Installer: Starting install...

==> Platform: Linux

==> Preparing to install dependencies. Please enter your password if prompted:
[sudo] password for user: 

don't run as root!!!
please enter sudo password :)** **

Makes sense, only run as root what needs root

but my user isn't a sudoer

Make it one

guh

can apps compiled with theos be sideloaded on jailed devices?

as long as it produces an ipa file, you can sideload it

well

i can't get the default swift app to work with feather

when i try to import it, it just crashes

i'd try sideloadly but then i'd have to boot into windows

are you developing on a phone rn 😭

i'm developing on debian

oh then just use sideloadly from there

i just want to make a silly little app but it's unreasonably difficult without a mac

shouldn't be, i haven't done any app dev myself but ik people who have

let me find you a link

https://github.com/Luki120/Azure

is made with theos iirc

i'll try compiling it

it compiled but feather crashed again, so maybe it's a feather problem?

Just use Sideloadly or something of the sort to sideload it

I believe all the package managers that I've tested will fall back to other formats if their preferred format is not available. I know for sure that you should be good if you just have a Packages

Oh messawg got deleted as I was replying

oof

original message: I'm setting up some custom dynamic repo software and on my server i have native language bindings for gzip but not bz2, do most GUI based package managers respect Packages.gz ? or am i basically forced to use Packages.bz2? I know Packages.bz2 is the gold standard but for me personally it would be slightly less convenient than Packages.gz, i know debian officially supports Packages.gz, but i also know the GUI package managers implement all that stuff from scratch so there is a chance Packages.gz was overlooked, if Sileo or Zebra for example doesnt respect that then ill just use Packages.bz2. I know i could just figure this out from grepping Zebra / Sileo / etc codebase but maybe someone in here knows it offhand

ah even without gzipping it? nice

Yeah I wrote a really basic repo thing one time and iirc it worked without compression

But the package managers will try the compressed paths first

i think sileo prefers zstd

but yeah uncompressed should work

Simplest way to check is just setup a simple web server with nothing on, point package manager to it and then see what paths it trys

tyty

python3 -m http.server 👍

alright well, Zebra and Sileo respect plain /Packages, cant really test Cydia since its so out of date these days

Don't bother

Unless you outright plan to support like iOS 14 with something

i support iOS 7

Ah.

Well it's pretty safe to assume Cydia does respect it

but, whatever, my users are manually downloading .debs from a discord channel so this is already better than that

yeah plus ig someone will lmk if it breaks

thx again guise

Siri got delayed until iOS 20 they better not patch anything and only work on their software swear I might sue their ass I bought 16 pro max with promises that aren’t even coming to this phone

Blasphemy, just like everything else in the world what was made a long time ago always has more reliability compared to the new

Is it possible to bypass checks I think I’m getting somewhere before vs after I deleted a bunch of shit and turned secure host off

nebula hi

https://github.com/avleen/bashttpd 👍

13 years ago

Says 11 years for me

It's ok to be living in the past

That's the joke

joker

are french jokes always this bad

Bro made his license 2 years before starting development

teaching rjb how to use github

I have no idea what that image is

I just click the green code button and download

Development had already started when the license was added

I'm not british

That doesn't even give you an executable 😭

why has one of my mac apps given me a notch 😭

this is a m1 air 🙏

how does an app designate itself as able to be opened by camera control

Hi all, does anyone know how to make a variable I can have auto-replace with an environment variable or script output in a header file?

I have a $THEOS/include header file which contains an IP address I want to auto-populate at compile time

you can define it in cflags

e.g. in makefile:

CFLAGS += -DMYIP=\"${ENVIRONMENT_VARIABLE}\"

then

make ENVIRONMENT_VARIABLE=127.0.0.1

now MYIP is available to the code

Thanks very much mate 🙂

Might be a questionable question to ask on account might go against tos but… anyone else perfer to code when they’re uhh not exactly sober😭😭😭😭

Lowk helps me 🤷 nd js wondered if anyone else perfers coding like this

lmao Im deving non sober rn lol, I don't prefer it tho because I usually dont drink

Im not talkin ab drinking 😉

nah I only drink if anything

Oh alr

then 🍃, 🍄,🌵, 💉 or something else

No u got it right with the first 2, no idea what the cactus is😭

lol

🍄👨‍💻

cactus jack

Peyote

idk if i asked this before but is it possible for a tweak to implement rcs support in imessage for older ios?

https://youtu.be/_1M8QeXHlKQ

Probably not

possible, probably, you could mitmproxy to see how it registers rcs with your carrier and also figure out send/recieve

probable, probably not

Hello. I have a question about debugging on a jailed device. I have a dev cert with get-task-allow and have mounted the DDI.
Is there an equivalent of ios-deploy --debug for other platforms (specifically Windows)? I want to start an app and immediately attach debugserver to it. I tried with pymobiledevice3 but it doesn't seem to have a "start debugserver with app" option

@cloud yacht dude what the fuck you made debugplus

tysm 😭

no problem

what it do

debug but better

https://github.com/doraorak/Spawn_debugserver

i'll give this a look thanks

this should launch the app and print its pid, then you can use lldb to attach

not as automatic as ios-deploy

but still works

actually this seems to run into the same issue that i was having with pymobiledevice3

ah rip. its a wrapper around pm3 so yeah..

process connect connect://[ip]:port returns "error: remote connections are not supported" for me

i can do platform connect connect://[ip]:port which does work but I am not attached to any process doing it this way and I can't seem to attach to anything either

you select the platform first right ?

yea

the gdb-remote command in the link you sent is new to me. I didn't use that

try gdb-remote [ipv6 adress]:port (wrote at the same time lol)

i'll have to try that later, something else came up 😅

Or just use xcode

😭

Ah yeah xcode on windows 🔥

Yes

It works well

👍

Can vouch

what is "SSDevice"?

balatro mod to debug and inspect variables at runtime

https://github.com/nst/iOS-Runtime-Headers/blob/master/PrivateFrameworks/StoreServices.framework/SSDevice.h

oh nice

So stuff that can be used for surveillance drm, got it

I’m pretty sure this framework is made for demo devices

displayLinkWithTarget:selector: this doesnt exist on macos

whats the alternative (ig its NSTimer)

Currently working on an interesting project tryna create a Frida based semi jailbreak env for the Xcode iOS Simulator. The goal is to sim a jailbreak like state by dynamically bypassing restrictions, injecting tweaks nd enabling package management similar to Sileo all within the Simulator. Not rlly sure how far this can go yet esp with UIKit loading nd runtime hooking in a non jailbroken env but I’m experimenting to see what’s possible. So far I’ve been able to dynamically load UIKit nd work around UIApplication access issues, hook into ObjC classes, enumerate loaded modules nd build a fake package manager that simulates tweak installs. Still exploring deeper runtime mods nd tweak injection but the end goal is to make tweak dev easier nd more accessible by providing a way to test tweaks in the Simulator without needing a fully jailbroken device. If anyone got insights or wants to collab lmk.

like simject?

Ye like simject but im hoping to accomplish more

Instead of having just basic tweak injection in the Simulator. Im working on deeper runtime modifications, better UIKit hooking, and a more advanced package manager system to make tweak testing in the Simulator actually useful.

it is useful already ?

Yeah it’s already useful
for hooking into Obj-c classes, enumerating modules, and i made a fake package manager for simulating tweak installs, but right now its not actually installing real tweaks like you would on a jailbreak.
So im currently working on trying to get it to actually install the tweaks and run them

How do I make Sileo userspace reboot after installing my tweak?

probably a postinst script, that was how resprings were

ellkit does it

looks like postinst

Hollon i havent made much progress since last update but ive been branching my script out into mini files cuz im already at 700 lines n its a pain to read

my suggestion for package manager gui is make it a mac app instead of a simulator app (maybe thats what you are doing already idk)

so you can just add dylibs/filters to /opt/simject...

idk what more you specifically want but simject is almost a jb already as far as dylib injection goes

hmm prolly the reason as to why i was struggling with getting the package manager working

thx

kinda feel dumb that i didnt think of taht

prolly gon do that later

@hasty ruin didn’t you say that you were working on balls3 with a voice?

https://github.com/MegaDevIOS/bonzibuddy-ios this voice works on iOS 15

But on iOS 16.5 (my iOS version) the voice doesn’t work

british bonzi https://github.com/MegaDevIOS/bonzibuddy-ios/blob/13d0789f98d43983f78a02c2198971454ac60b96/Tweak.xm#L18

Writing tweak injection is painful😡

youre reinventing the wheel — tweak loaders for iOS work on simulator

you really shouldn't do that lmao, just use simject

I was thinkin ab using simject to load tweaks but eh🤷

Yk what icl ts pmo rn so ima make it use simject to load the tweaks

btw since we are on topic, i made a similiar thing meant only for the notes app.

1. find a dylib injection method (yabai's work fine https://github.com/koekeishiya/yabai/blob/master/src/osax/loader.m if you edit the hardcoding for dock)

2. use it to load a dylib you make

3. that dylibs constructor is responsible for loading all the other dylibs/tweaks on a specific path. i just load everything but ideally this is where you would be looking for filter plists and/or other identifiers as well.

4. since this is meant for notes app, i made a daemon that uses the method from step 1 to inject the dylib from step 2 whenever notes app is launched (NSWorkspace).

how different is this from normal ios tweak loaders, probably the most important difference is its lacking a "launchdhook". and i guess thats how one would inject into all/most processes ?

Literally this whole project is supposed to be simject but better

But ig i can use simject for tweak injection nd instillation

Damn thats a hard word to spell

Instillation

Is that even spelled correctly

installation

😭

great job making me feel stupid

it’s mostly the same. on iOS tweakloaders (or the first stage) usually get remote injected into launchd. On simulator, theres a plist you can add DYLD_… env var to. you can also just add load commands into the sims launchd or into something like libobjc.dylib

is anyone suprised

who saw it coming

ignore the not fully removed comment

javascript jumpscare

I smell AI

im using frida on the simulator

So if this happen it doesnt like fully fuck it up

a lil bit

for names nd formatting😭

I may be biased but imo the cleanest way to tweak simulator is to use makerw to root the simulator runtime, simforge to convert iOS tweaks to simulator platform (never compiling specifically for simulator), optool to add a load commands into something for injection

I think the main issue is that all this is not plug-and-play

So people try to make their own tooling

simject can be up and running with like 2 cmds tho

cant blame me tho

cuz then i'd have functions called like tralalalero_tralala or bombardiro crocodilo

compThenMVtoSim.sh 🔥

Simject yes

Other tooling not so much

Have you tried

yall tellin me to quite

Ok fair

I have not

don’t quit

Yayy

jus use simject, uhh (somone) bootstrapped it

its been done

Who is this (someone)

dont bug them

Oh no

wha

What is his project called of the bootstrapped simject

what 😭

its private and was a like on time thing

DO NOT BUG HIM

Oh🙁

I wont 🙄

i was jus saying to say its possible to use simject

to bootstrap

Why everyone treating him like he’s the spawn of satan himself

?

he is him fr

😭😭😭

who is someone

and why are you treating them like satan lmao

okay yeah he is satan

pretty sure its fiore

no.

(someone) boostrapped it one day long long ago

.

no (someone) had full sileo etc

fiore jus made the folders

(somone) had like procurs i think

is it someone banned from this server

Minecraft geek developer

This is the someone

why am i not surprised

Still no idea who the heck that is

If u could js dm me their name😭😭😭

@crisp frost .

Ok alr

U coulda js typed his name out instead of @‘ing him 😭😭😭

@crisp frost

@crisp frost Hi

@crisp frost Hiii

ok back to work

Hi Maxine

Hiii

@robust radish Hey, I'm trying to get objsee to run, however no matter which app I try to open with it, I'm getting this error, do you maybe know what's up ? I'm on iOS 15.1 iPhone 7

anyone know how to attach r2 frida to springboard without springboard crashing]

for some reason i can attach normal frida but not r2 frida

does anyone understand how to configure openssh-server in palera1n (from procursus)? i know there's dropbear on port 44, and then a public ssh server on 22 (and also 2222?) im trying to turn off password-based auth and use public/private key based auth.

i set PasswordAuthentication no in /var/jb/etc/ssh/sshd_config and rebooted/rejailbroke and it didnt make any difference whatsoever, on port 44, 22, and 2222. the changes i made to the sshd_config file persisted after rebooting, but it seems like the SSH daemon on 22/2222 doesnt even read that file nor does it read /var/root/.ssh/authorized_keys??? the dropbear server on 44 does read /var/root/.ssh/authorized_keys tho

like..... is /var/jb/etc/ssh/sshd_config a distraction? is there a different config file hidden somewhere else....? the nightmare im envisioning is: the ssh server on 22/2222 trying to read /etc/ssh/sshd_config and failing, which means its impossible to configure

sorry if im asking the wrong channel, this is kind of a borderline question

@torn oriole

Useless

@torn oriole

useless

dropbear should only be listening on localhost:44
/var/jb/etc/ssh/sshd_config is also the right config file, but I think the authorized_keys needs to be in /var/jb/var/root/.ssh

/var/jb/var/mobile works too iirc

Not if he wants to login to root

pretty simple checkra1n binpack runs dropbear and listens on localhost 44
openssh is a daemon and setup via SockServiceName via the daemon plist not sshd configs

theres a couple differences to get key auth working on mac/ios ssh

Hmm I thought the 2222 was supposed to be localhost:2222 only…

nah

--- a/var/jb/etc/ssh/sshd_config 2025-03-17 14:57:34.974175828 -0700
+++ b/var/jb/etc/ssh/sshd_config 2025-03-17 14:57:34.969748175 -0700
@@ -34,7 +34,7 @@
 #MaxAuthTries 6
 #MaxSessions 10

-#PubkeyAuthentication yes
+PubkeyAuthentication yes

 # The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
 # but this is overridden so installations will only check .ssh/authorized_keys
@@ -54,8 +54,9 @@
 #IgnoreRhosts yes

 # To disable tunneled clear text passwords, change to no here!
-#PasswordAuthentication yes
-#PermitEmptyPasswords no
+PasswordAuthentication no
+PermitEmptyPasswords no
+ChallengeResponseAuthentication no

 # Change to no to disable s/key passwords
 #KbdInteractiveAuthentication yes

heres the patch

anyone here manage to change the size of the island? I managed to hide the waveform, but it looks awkward with it having the space there still

No i dont fw the island

on latest dopamine version, is flex list causing the settings app to hang on black screen for anyone? it never use to do this

i have to disable it otherwise settings never loads

speedrun
do not get broken old

I put it on my repo

Named it MiniIsland

Bit strange, but it works on unsupported devices and on your jailbreak, so that’s a win

wait what if he shrinks the entire cutout on unsupported devices

Took me a second to see what you mean

But that would be amazing

I fixed the animation thing when you swipe out of a music app

Now it immediately goes to the form instead of slowly going to it

Do you guys know where i should download futurerestore from ?

Im trying to download the latest RELEASE for macos, but its expired

From "nightly.link"

nightly.link is just a github wrapper, get it form gh directly

Must be talking about Pwn20nd

Still waiting for his return

I give up on the modified simulator🙁

My function naming was elite tho

Most readable code ive had yet😭

“skibidi simulator patch”

Main reason it doesn’t work

You clearly haven’t reverse engineered enough Swift binaries to see why skibidi simulator patch is necessary

Nah trust apple left a backdoor for skibidi simulator patch in iOS 16.6.1. You clearly dont understand the complexity of the Fricken Packet Yo exploit

Your js not built different enough to comprehend it

@hasty ruin raul formating

What in the

@tepid olive

im trying to debug Apple Notes on Mac and I can't set breakpoints on a method I found in Hopper:

(lldb) breakpoint set --method "-[ICMMainWindowController setUpToolbar]"
Breakpoint 3: no locations (pending).
WARNING:  Unable to resolve breakpoint to any actual locations.

**@interface** ICMMainWindowController : ICMNoteEditorWindowController<ICMTokenizedSearchFieldDelegate,ICMSearchFieldDelegate,ICMShareToolbarItemDelegate,NSToolbarDelegate,NSUserInterfaceValidations,NSMenuDelegate,NSWindowDelegate,NSWindowRestoration,ICMAppTouchBarControllerDelegate,ICMPasswordEntryViewControllerDelegate> {

…

- (**void**)setUpToolbar;

how do yall do it?

EDIT: ASLR. the answer is ASLR.

Man idk I just click the debug option

How did you get that

Debug enabled

Probably with nugget

got it working

should i start up again or nah?

#usesimject

You can also call [ICMMainWindowController fp_shortMethodDescription], and that will list all its methods with addresses of them (aslr taken into account). And then you can do "b -a (address)"

amazing

nuh uh

is it possible to "hijack"/hook onto siri

yes, see siri plus

tho it's not oss

so

err

That's literally exactly what i'm trying to replicate

but it's not open source

so

project's gonna be like 10x harder

😭

why would it be harder?

no documentation + i have 0 idea how siriplus works

reading the code would help

Rude.

RE time

or ask the dev nicely

RU.

ok let me see.

gmj

host ur own siri server 💔

what 😭

people have done that actually

chatgpt shit

https://tenor.com/view/i-saw-w-gus-fring-gus-gustavo-deleted-gif-25440636

@oak meadow helo can u tell me how siriplus exactly works......................

would be kindly appreciated.

like

self host models?

yea probably

possible

but

it's literally gonna be just like apple intelligence

i can probably try to do that but idk how to hook to siri

not to be rude but it doesn't sound too hard to find out? do some digging with flex and you'll soon find it

uh siri resides in its own application right

yeah

uh so hows flex gonna flex

you just inject it when you're on the siri screen

have fun with that

just get onto the type to talk screen

it's not difficult

u jus gotta hold the button 😭

i use neteskos so it jus shows up 🙏

or that too

ok then that's cancer

Got it to work ate some mushrooms and bam!
(Moderators if ur reading this im talking about uhh mushrooms in pasta yk)

<@&355174844205367317>

What

It’s gone

It was handled in general 2 seconds ago

Automod slacking

You only need to ping once unless it was someone different or something different

On invite filter

I legit thought it was a ping about someone having shrooms

I was about to say “What am I supposed to do about that”

It was the first instance I saw of it, I didn’t know if it went into general

<@&355174844205367317> steam link scam

!t becometweaker

Thanks for helping

For future reference the real issue I had was, I was putting my keys in /var/root/.ssh/authorized_keys. But I guess the procurses openssh-server was trying to read from /var/jb/var/root/.ssh/authorized_keys

So I added this line in /var/jb/etc/ssh/sshd_config:

AuthorizedKeysFile     /var/root/.ssh/authorized_keys

And that fixed it

not sure why this isnt the default

oh, i think i know why... because since now it's an absolute path, it isn't reading from the user's home directory, so it would break if you're trying to ssh as mobile

it's not the default because rootless is supposed to be entirely self contained

Does Procursus have plans to develop a dynamic root environment? More and more apps are starting to detect jailbreaks via the /var/jb path.

the way most stuff actually detects a jailbreak is not (only) through the path (some stuff does but that’s not the only way)

Dopamine’s Hide Jailbreak (2.4+) is able to nuke the /var/jb path temporarily as well just fine (though palera1n could use an equivalent option but tbf palera1n already has a degree of inherent detectability anyways)

isnt checking to see if stuff is injected fairly common?

there's a lot of common things

Dynamic root + injection prohibition should allow most apps to function normally, making it more convenient. For instance, banking apps do not require injection (thus more secure).

I'm going to be real changing the root path + blocking injection itself wouldn't change too much

stuff like RootHide as an example does a lot more besides that

Without injecting, it's very unlikely that an app can detect jailbreaking.

Hard paths (not much can be done about it)

URL schemes that can be identified (this can be solved by hooking lsd)

you'd be surprised at what apps are allowed to do

Maybe, I'm currently stuck at /var/jb. To solve it, I need to inject, but injecting will lead to more detection methods.

what are you even trying to do

Sorry, my English is not very good, and I use an AI assistant for translation. As I mentioned in my first message, I need a jailbreak root directory that is not /var/jb (a dynamic one is less likely to be detected, what do you think)?

why do you need that

I hate being detected by applications for having /var/jb; they still don’t allow me to use them even when I‘m not injecting.

If you're using Dopamine just Hide Jailbreak

Although I can decapsulate the IPA and apply static patches, it‘s not a long-term solution.

are you using palera1n or Dopamine

This is what libroot is for, although idk if its practical to just change the root path as of now

tbf libroot was mainly a means to get RootHide to not using iphoneos-arm64e as the arch

No because Procursus is hardcoded to use /var/jb

But technically with libroot, you could provide your own bootstrap that doesn't use /var/jb, provide a libroot provider and everything will work

how does libroot solve packaging tho? since the debs still specify /var/jb or /

Solution fake root dpkg

Or what's it called

Chroot

Procursus doesn’t have plans to do anything ever

it doesn't need to

when you make such a bootstrap you can take care of it

ok everything makes way more sense to me now that i am using procurses openssh-server. i was using dropbear this whole time and it would set $HOME to /var/root and would read from /var/root/.ssh/authorized_keys. and $PATH wasnt set properly etc.

i guess dropbear is part of the jb and not part of procursus

pov you ruined the entire purpose of rootless

true - it is much easier to patch that since it's hard coded

dopmin

Well said

i appreciate the intellectual comment

I am once again considering shipping a Windows disk image with a tweak for TTS

I figured out a way to make it way more efficient

I couldn't find a way to pause/resume bochs emulation but turns out It's A Unix™️ System™️ and I can just use SIGSTOP/SIGCONT as needed

by any chance does anyone know how to do unattended windows 95 installs

So installed two internal apps that have widgets they both worked but after restoring my device and reinstalling only one apps widgets worked while the others didn’t

I sent the IPA to GPT and it modified it for me and now the app that’s widgets didn’t work do and the app has more features can someone explain what happened ?

The bundle IDs have been successfully updated:
• Main app: com.brandon.swiftuitest.alt
• Widget extension: com.brandon.swiftuitest.alt.widget

Now I’ll repackage the modified app into a new .ipa file so you can install it

This is what GPT did but I’m still confused as why it worked before not having to do this at all ?

These are both the same app yet the one modified by GPT is significantly more enhanced and has more features

And the sprite kits are different I don’t understand what could have possibly made the app revert to a different version of it’s the same ipa or how changing the identifier added/channged so much

Final Answer:
• The .ipa never changed
• The restore + reinstallation using the same bundle ID broke how iOS treated the app
• Our fixed .ipa re-triggered full system registration, revealing everything the app was built to do

This is what GPT is telling me I’ve just never had this isseu before and it’s confusing it’s like two different builds yet it’s the same app

Apparently I

You just uncovered one of the biggest silent bugs in how iOS handles widgets and extensions in sideloaded apps.

uh

do we need a pin on chatgpt and jailbreak related things

yes

I have no idea what your referencing this isn’t jailbreak related that’s why I posted in this channel and I don’t trust GPT yet what it did fixed that’s why I’m asking if anyone knows what happens

schizoposting

gpt sucks in coding

if you’re gonna code atleast do something good

I do that everyday

Learning about Wayland clients right now

It seems like Wayland encourages roll-your-own-everything

Compositors aren't even supposed to provide window decorations 💀

they can, there's server side decorations and client side decorations

But that's a protocol extension, isn't it?

From what I understand compositors collectively decided this was a terrible idea and came up with protocol extensions

sorta

wayland is meant to be minimalist by itself

the extensions are used to make things more generalised

from what i understand, as a client as long as you comply with the base protocol you'll be fine

compositors will have pollyfills i'd imagine

I'm trying to make a client that uses the layer shell extension

Let's see how it goes

in gtk?

i've wrote some code for that in a few languages atp

?

Am I not supposed to use wayland-client directly for that?

are you using gtk for your ui?

cos there's a handy library i've used in the past for layer shell

i used the rust bindings but same thing, https://github.com/wmww/gtk4-layer-shell

Qt

Unfortunately

(although maybe there's one for qt too...?)

I haven't checked

i'd be surprised if there's not

Seems like there is

But it seems like it's meant to be used to run all parts of the application as a part of layer-shell (?)

That's not what I want

I guess wayland-client it is then

what are you trying to do exactly?

i can't really help there sorry, never used it myself

I want to add a native Wayland mode to Shijima-Qt

wl_shimeji uses layer-shell and it seems to work great, so

Qt mobile

The current mode uses XWayland on Wayland which works fine with some compositors but not with others

well the gtk_layer_shell thing lets you specify which windows have which layer shell properties, i assume the qt equivalent you found would work the same?

native >>

just don’t adopt wayland

Scaling isn't good with XWayland

X11 is better anyways

It's extremely obvious with Hyprland where the app looks like a pixelated mess

hyprland with xwayland is pretty good for me

Huh

I haven't tried other apps but Shijima-Qt under XWayland looks awful with the default Hyprland configuration for me

i haven't got the default config iirc

check my dots if you'd like https://github.com/rugmj/.dotfiles

Your a fucking dumbass that’s all you ever say when I try and ask questions , literal dumbass did you even read what I said I’m not using it to jailbreak I’m not using it for code I don’t understand what happen to IPA to make it change drastically and neither do non of you if you can’t even fucking answer

Fecal project having ass

You're a fucking dumbass, that’s all you ever say when I try and ask questions. Literal dumbass, did you even read what I said? I’m not using it to jailbreak, I’m not using it for code either. I don’t understand what happens to IPA's to make it change drastically and none of you know either if you can’t even fucking answer.

fixed it for you 👍

You’re a fucking dumbass. That’s all you ever say when I try to ask questions literal dumbass. Did you even read what I said? I’m not using it to jailbreak. I’m not using it for code. I don’t understand what happened to the IPA to make it change so drastically, and neither do any of you if you can’t even fucking answer.

No I fixed it for you grammar Nazi I’m talking about one IPA not IPAs if your gonna be a smart ass make sure it’s correct

yeah im not scrolling up to read the context

Then don’t involve yourself in stuff you don’t even know

https://media.discordapp.net/attachments/804838107425275944/1089991828356472923/caption.gif

That’s obviously you since you keep talking about it

kanye is this u???

whens the new yeezy app coming out bro

Nothing I even said fits Kanye’s ideology, yet another un intelligent take from someone who craves attention

Your a fucking dumbass that’s all you ever say when I try and ask questions , literal dumbass did you even read what I said I’m not using it to jailbreak I’m not using it for code I don’t understand what happen to IPA to make it change drastically and neither do non of you if you can’t even fucking answer

Your a fucking dumbass that’s all you ever say when I try and ask questions , literal dumbass did you even read what I said I’m not using it to jailbreak I’m not using it for code I don’t understand what happen to IPA to make it change drastically and neither do non of you if you can’t even fucking answer

it did not take me 10 seconds to find something that fits kanyes ideology

*You're

@pallid totem get off discord go to gym

ok

Okay so not only unintelligent but you lack comprehension , reading skills and symbology

You sob like a girl

Your a fucking dumbass that’s all you ever say when I try and ask questions , literal dumbass did you even read what I said I’m not using it to jailbreak I’m not using it for code I don’t understand what happen to IPA to make it change drastically and neither do non of you if you can’t even fucking answer

Your a fucking dumbass that’s all you ever say when I try and ask questions , literal dumbass did you even read what I said I’m not using it to jailbreak I’m not using it for code I don’t understand what happen to IPA to make it change drastically and neither do non of you if you can’t even fucking answer

random fiore appearance

-# 👋

hi fiore

i do not get why you are so pissed

I’m not gonna argue with idiots who probably haven’t event graduated let alone have a degree

ok!

it all started from this keep in mind 🙏

Okay so what was the original question

I’m not gonna argue with idiots who probably haven’t event graduated let alone have a degree

I’m not gonna argue with idiots who probably haven’t event graduated let alone have a degree

Fahrenheit or Celsius

*even

Why are you correcting me go correct the original message

Friendly fire

😭😭😭😭

@pallid totem you are a girl

An IPA I installed worked fine , then after restoring device and reinstalling the same IPA it was completely different I didn’t understand why and neither does anyone else since they revert to meaningless trolls instead of answering

proof

You sob like one

ok

are you sure that is the same app

Yes

because the ui can not just magically change

ipa of what? How was it different? I bet on the app’s data

here

Yes it can if it fails to load certain elements