#development

@kind herald cracker

@kind herald clicker

Cracker

clanker

@kind herald

add as server emoji plz

I was making a joke about hairy potter but now I see how that term can be misinterpreted i sincerely apologize 🥀

✊🏻✊🏼✊🏽✊🏾✊🏿

pussy

<@&355174844205367317>

Little tip for the one guy developing the Liquid Glass recreation: I keep getting this bug on iPadOS 26 beta 4, and based on the way it behaves, it seems like Apple modified the shadow shader

hi guys, is it ANY way, to get active more than two Esim at the same time?

thx

I thought it was already possible?

Oh active

@kind herald clanker

https://youtube.com/watch?v=wo84LFzx5nI

Don't think so

Install a new modem capable of it

creating a competitor to Qualcomm and mediatek and apple and etc just to have more than 2 active esims (all of my competitors will copy the idea and I will be doomed to fail from the start)

also battery life usage must be horrendous

This is why you can only use 1 data line

And the other is texts only

the battery life is almost no diff when your link speed is 1kbps

There’s in theory a way to allow both lines to act as a data line but fuck knows how to figure that out

well, it can also do calls but yes

ah yes and no

it can receive an incoming call but starting the call actually stops the other line

so if i receive a call on line a but my data line is b, I will lose internet duirng the call

until I manually go and set the data line to line a

which you can't do during a call in ios

for some absurd reason

reminding me of dialup

so if you REALLY need a connection you have to hang up, change data line and then call back

Think Different™

or enable data switching

<@&355174844205367317> erm

ty

You need a DSDA (Dual SIM Dual Active) phone. These are pretty rare (most are DSDS, Dual SIM Dual Standby)

<@&355174844205367317> these bots keep appearing

This only is a thing if one line has No Service

Like literally no service

oh wait I see what you mean yes

although in my experience it’s 50:50 whether it works in calls

But that might be a Tailscale bug

Tailscale goated

@kind herald clanker

Do we have to do this in #development ?

Whatever the joke is there is no need to post it multiple times per day in a development-focused channel

#general exists for a reason

clanker

@native dune Hey bro can you help me develop something

@native dune Hey bro can you help me develop something

@light owl Hey bro can you help me develop something

@wheat grotto Hey bro can you help me develop something

no

cry me a river u degenerate coder

@native dune Hey bro can you help me develop something

Nebula I need help with my code

@marsh ocean my vibe coded calculator isn’t working

Casey Muratori is great. I strongly recommend searching his name and watching all of it

What did bro say

<@&355174844205367317>

<@&355174844205367317>

<@&355174844205367317>

https://tenor.com/view/mods-discord-mod-moderator-moderation-clash-of-clans-gif-24080525

@torn oriole when are you dropping v2 of this gif to fix the duped frame

Just put it in ezgif and delete the frame bruh

<@&355174844205367317> so many

<@&355174844205367317>

https://tenor.com/view/mods-discord-mod-moderator-moderation-clash-of-clans-gif-24080525

what

apple so jolly back in ios 6

pre tim

tim is a machine that turns despair into money

tim is a machine that turned apple into a rotting pile of turd

a rich rotting pile of turd*

rotten apple

https://tenor.com/view/mods-discord-mod-moderator-moderation-clash-of-clans-gif-24080525

Will my app get approved

💀

lmao

They were the one who made it?

make an eeffoc app

What is EEFFOC

Ah coffee

its a trend like 500 cigs

!t roblox

<@&355174844205367317>

Maxine

!t fr

Developers lost their mind

not their fault

thank the UK

anyways:

• imagine bragging about piracy
• imagine doing so in the development channel
• this isn't going to stop this more than likely down the road

Well maybe they should focus on securing their app more instead of useless features

What even was it?

An over reaction

Maxine

Has anyone ever left logging enabled in Console and killed diagnosticd on iOS 16? Doing so completely froze my phone 😭 backtrace below (lldb and debugserver themselves didn't freeze so)

I had to force reboot since all commands would also freeze

yeah

although trying to kill it with something like killall -SIGKILL just fails - it’s the same case when you have a logging profile that changes com.apple.system.logging.plist

just whenever /var/preferences/Logging/com.apple.diagnosticd.filter.plist exists, in other words when logs are streaming

daniel

daniel

Is there any way I can like.. use simulator’s MTLSimDriver to provide Metal acceleration cross chroot via XPC?
There’s MTLSimDriverHost.xpc but there is no Info.plist so I can’t figure out how to use it, and it seems launchd doesn’t allow registering arbitrary XPC service systemwide without modifying launchd.plist

(context: tryna boot WindowServer on iPhone)

Does anyone know how to fix this? Happens with every app/process but frida-ps works
16.6.1 se3 nathanlr Artix GNU

[meighler@ThinkPadX1-Gen8 ~]$ frida -U -n Sileo
     ____
    / _  |   Frida 17.2.14 - A world-class dynamic instrumentation toolkit
   | (_| |
    > _  |   Commands:
   /_/ |_|       help      -> Displays the help system
   . . . .       object?   -> Display information about 'object'
   . . . .       exit/quit -> Exit
   . . . .
   . . . .   More info at https://frida.re/docs/home/
   . . . .
   . . . .   Connected to iOS Device (id=xxxxxxxxxxxxxxxxx)
Failed to attach: tLS connection closed unexpectedly                  

@visual meadow does frida work on nathanlr?

No

What’s the technical reason for that

this is embarassing

please just use a regular slur

most regular slurs are blocked sadly

<@&355174844205367317>

Handled

I think I got Metal XPC working for real...

You really had to censor me wtf

🙄🙄

<@&355174844205367317> erm

Maxine

No?

guess it wasn't maxine

Why lol

Lmao Maxine is usually always first, Maxine is a robot, Maxine is the moderator.

Usually by the time I type Maxine the user is being banned already

True

Maxine bot

That's why I improved speed using reactions

Was asleep sorry

moderators sleeping

https://tenor.com/view/neighborhood-spiderman-yuh-everybody-gets-only-one-peter-griffin-family-guy-gif-16522409

I dont think she’s a clanker

@kind herald clanker

Why this exists

https://plugins.hex-rays.com/cisco-talos/ghida

😭

Ghidra 💔

<@&355174844205367317>

gm

just as I report with ping it gets banned

hi Maxine

Im goated like that

I can tell

anyways I bought an SE1 on 10.3.2 for $20.55 + $2.80

Based

https://x.com/pikuma/status/1951405067002884230?t=UjqR6uMDqnvWFuPRCF9F5g&s=19

for some reason its funny every time I see it

@lament mica

<@&355174844205367317>

As usual Maxine does nothing but warn me 💔

I hope she warns you again

My timbers are shivered lil bro

Oh you're timbered for sure

Only timbered I am are the Tim’s on my feet

That didn't make sense

I hope you get warned for bad joke

I hope you get warned for being a member ultra touch grass

It’s 5am give her a break

guys what does this mean

Cursor hidden and inactive

Do you even code bruh

is this drawn on desktop too? I would guess it is, obscured by layers that are failing to render on ios

atp just make me mod

My wallet just got drained of 5000 usdt

Maybe, you could try it yourself by calling enable_overlay(4) in windowserver

yeah it works there too

neat

enable_overlay(0b1111)

??

do you know of a way to do this without a vm, yk when you debug windowserver you can't really keep using the computer as everything freezes, maybe i can inject a dylib that just calls this ?

is the function simply enable_overlay(int arg)

at some point i wanted to make a tool like this lmao didn't know it was built-in

???

Not too familiar but you could probably get away with a second device remotely debugging if it's just a case of you want graphics acceleration

Or maybe a CLI debugger over ssh

i don't get this joke

@kind herald are you a robot

No

KAC

You could ssh from another machine

How original

why no vm?

Btw you could trace xref of it which leads to some function that checks os_variant_has_internal_content prior to setting it

<@&355174844205367317>

<@&355174844205367317> erm

ty

i love the moderators-ping-channel

what did you do 😭

my goat got flagged as spam 💔

lmao seeing the ban, gir is thinking is funny

there is no thinking involved

gir has no brain

yeah but discord uses the term thinking

I’m assembling a council of overqualified introverts with trust issues, delusions of grandeur, and matching trauma patterns a decentralized alliance of minds forged in the trenches of iOS jailbreaking. We’ll pretend to collaborate, but everyone’s really building their own exploit chain in silence, racing to outshine each other while claiming it was always about the “community.” It’s not teamwork. It’s firmware warfare

Take ur schizo pills bud

Already did I snorted them off your moms ass like the wolf of wallstreet

https://cdn.discordapp.com/attachments/688122301975363591/1400318605853331590/IMG_4474.gif

didn't know it was run by an r/jb staff

holy shit it's pwn20wnd

That guy is a fake

I miss when #development was about development

I miss when #development was about development

this has never occured

perhaps you meant: hd

Elite

The real #development is #1084320818231787552

Or #1279554619952857160

<@&355174844205367317>

How does one bypass antihook?

Hook the antihook of course

modify the hooking library to emit a different instruction pattern when it inserts a branch-out. the usual add/adrp/br is extremely recognizable

Theos server

movk+br >>

yeah most things don’t check for that pattern

@kind herald ^

Yeah

I always use it for manual hooks

<@&355174844205367317>

what are people using to decrypt stuff

preferably terminal

img4lib

if decrypt apps, trolldecrypt maybe? if terminal it's flexdecrypt iirc

i've had the best experience with bagbak

thx

managed to get trolldecrypt to install through the url option in ts lite (my files app is cooked)

btw if you care bagbak decrypts plugins as well

<@&355174844205367317>

@wheat grotto

fuck not you

<@&355174844205367317>

L

HOLY SHIT ITS DRAKE

fr

YOO FREE CASH LFG

What you'll need very soon

unlike you, im employed

ETA of scam deletion: some time in the near future

fr

@kind herald get on

https://x.com/ptr_to_joel/status/1952627973082993145?t=tpLho16S9uGWgHJrVqW-dQ&s=19

can anyone help me, I'm stuck in recovery mode

Anyway to download the .app of the macOS developer 5 beta? My MacBook is not on a good WiFi and my hotspot sucks ass 😢 so I have to use my phone and transfer the .app over lmao

Mods

Ethernet

You have to wait until public beta for it

is there anything like cynject for ellekit?

well, its a debug tool i dont want to debug the vm (as opposed to my own session).

opainject

Anyone here overwrite a sysctl with krw before

Light work 🥱

https://cdn.discordapp.com/attachments/1379225281939767426/1401229760385781916/ezgif-71e4d0a8e11b6d.gif

Yes

What exactly are you overwriting

The pointer it reads from?

(They’re data PAC’d)

Shit

Because the ones i want to set are set by launchd once on boot

And then they can't be changed

I just need to change kern.osversion and kern.osproductversion

Am I able to overwrite e.g kern.osproductversion from 16.5.1 to 16.4.1 or is that data pac'd

I wonder if i could make a different sysctl point to that one and then change it and point it back

Or is that what you meant that was data pac'd

Could also be in __const

They aren't hardcoded

The values of them

So the sysctl is in __data?

I'm pretty sure bc launchd sets those on boot

thanks for making it MIT licensed, it cool if i vendorize it? i dont see it listed in any repos

Oh I see

Well you can set the actual variable

Just can’t change the pointer it reads from

Oh then that's fine

That's what I wanted to do

I'm probably gonna set them to null and then set them again in launchdhook like they're supposed to be

Or I'll just overwrite them not sure

it's shipped by dopamine

dopamine ships a builtin package with a symlink for it

I can release it to some repo if you need it

although figuring out the logistics of this could be annoying

since my builtin package would need to conflict with it some way

ah damn im using palera1n

yea adding it to a repo sounds like a logistical nightmare

maybe its best if i just vendorize it and send patches upstream if i make changes

just place it in some place it doesn't conflict

then do whatever with it idc

yeah i probably would just statically link it to an existing binary and strip all the CLI options etc

I figured out how to

but the end goal didnt work

Im trying to run newer/older userspaces

but rn camera picture/video/screen recording dont work

I was like maybe its that but its not

<@&355174844205367317> erm

ty

Np

That’s gonna have a lot of issues if your kernel is the wrong version

Syscalls, IOKit client methods, stuff like that

Only issue I had rn was taking pictures/videos wouldn't save, screen recording wouldnt work

I was trying 16.4.1 on 16.5.1

Oh right

I thought you were trying a different major version

I was trying 17 but i gave up on that bc something with posix spawn was broken

Persistence cannot continue due to a capture error. (Error Domain=AVFoundationErrorDomain Code=-11800 "The operation could not be completed" UserInfo={NSUnderlyingError=0x281805f20 {Error Domain=NSOSStatusErrorDomain Code=-536870206 "(null)"}, NSLocalizedFailureReason=An unknown error occurred (-536870206), AVErrorRecordingFailureDomainKey=4, NSLocalizedDescription=The operation could not be completed})```
Camera error btw

People who understand, can I create a tweak or something like that to turn off and on the dylib of my project? Can anyone tell me this?

In short, I have a project to hack a game, and I want to know how I can protect it. Can anyone here who understands this help me?

I need an iOS dev to protect a dylib file.

what do you mean by "protecting" it

obfuscation? drm?

ye

obfuscation

i need obfuscation

i know there are tools to automate obfuscation but i found simple string encryption to be good enough for me most of the time

hmm

you can see dm?

or don’t can

I need an iOS dev to obfuscation or protection a dylib file.

pls pay $1000

it’s really?

or joke

I need some dev to obfuscate a dylib file, or put protections on it. I can pay for it

import Foundation

func protect(dylib: String) {
print("Protecting (dylib)...")
let cloaked = dylib.replacingOccurrences(of: ".dylib", with: ".png")
try? FileManager.default.moveItem(atPath: dylib, toPath: cloaked)
print("Now totally uncrackable as (cloaked) 🤡")
}

protect(dylib: "/usr/lib/supersecret.dylib")

trust bro it’s stronger than fort Knox

Obfuscation is useless imo

Bouta make some Top tier vibe coded content

it's not useless, but you're right it will be deobfuscated eventually

i lose all motivation even when something doesn't have symbols 💀

Bouta make millions off this app when this game drops I will def be charging money 😭🙏🙏

twun

twin

try hikari ig

its not maintained now tho

hi

you can

help me?

Thank god for KDKs 🗣️🗣️

SEPROM probably the most motivating thing without symbols to re

Mfs when they see rune.dylib

Good luck

First to get it to build, second for the wait, building llvm ain’t so fast, and then figuring out good settings

just obfuscate stuff till it's harder to crack, the amount of obfuscation is up to you 🤷‍♂️

iBoot DRAM controller initialisation code 😍😍

that too I love recfg tunable structs

but I guess seprom is better cuz no source code materials at all

Or foxfort drm idk

Both be using hikari

hikari the weakest shit on the planet lmao

It’s also the only one publicly available

Lmfao

I love recfg too

you clearly don't know how to use google dorks on github

They’re all based on hikari

Unless I missed something

may be but you might find a few custom implementations

Lemme guess, some random ollvmxx

idk just need to be more creative

@faint timber the random DCS strings that are sometimes left in older iBoot versions >

finesse the src

ye

But I need to know how to do it

That’s why I’m looking for someone who understands

I need an iOS dev to obfuscation or protection a dylib file.

make things look like they do something else when they don't

wtf

that is literally what obfuscation means

hiding what something does

cycript is cooked right?

I still use it

nothing comes near replacing it imo

https://github.com/EthanArbuckle/cycript-wrapper

I’d make a deb for it but Saurik would probably yell at me

i have something that can replace it

lua is not replacing it

but since cycript still works im less incentivized to ship it

is it lua

yalready know

lol

my god its AGPL...

i wanted to check if it used libffi but i dont wanna read the source anymore

yes it does use libffi

it’s src is an actual nightmare

oh ok interesting. i wonder if hes using the one in dyld_shared_cache or he vendorized it

yeah i feel like thats par for the course lol

It’s a submodule iirc

half of modules are dead repos now

compiling it requires a version of bison from like 2003

The last person to make big improvements to the project got shitted on by Saurik for it (Frida dude)

oh yeah i remember that

be a decent person

yep lol

essential reading https://github.com/nowsecure/frida-cycript/issues/2

if he vendorized it, then whoever is bold enough to make changes, should use the one in dyld_shared_cache, its special cased to work really well with iOS and i think it would fix trampolines breaking, if they're broken

and it would fix some issues in dopamine

i hope saurik is doing better now

last I heard about him was a few years ago, someone we know met up with him at UCLA for lunch. said he was doing well

completely unrelated, but i recently found a clone of the OG substrate repo from around 2015 with all the tags still included. afaik your mirror repo has been the only "current" one forever, but it lacks tags

oh nice

i can fix that rq you have it up somewhere?

im on the wrong laptop rn but ill find it this weekend

Don’t worry, cycsript is agpl’d

https://git.saurik.com/cycript.git/blob/HEAD:/COPYING

Wtf

the worst license ever

lol I remember that

saurik took it way too personally lmao

*the best (after gpl2, of course)

I don’t see any cons

saurik will saurik 🤣

I once texted him about a security issue on his website, and he thanked me. Then 20 mins later he texted back again like “just realized who this is… surprised you helped me, but please refrain from doing so again in the future”

actual what the fuck

lmfao

everyone has their opinions. I echo rr’s sentiment #development message

fair

Don’t theos sdks already have this though?

cycript builds (an ancient) libffi directly, it doesn’t just link it. it would be a substantial change to the project to make it use the one in the dsc

and those changes are difficult because, to my knowledge, only 3 people have been able to compile that project in the last 10y

atp move the whole project to theos lol

interesting challenge

Accepted (?)

please do

it’s grammar definition needs to be rewritten for modern bison versions

otherwise it needs to be compiled on an iOS 10 device

lately I’ve just been hacking at the binaries to coerce them to work on modern OSs

One more “ongoing side project” has been added to the “ongoing side projects heap of doom”

relatable 😭

better to just start from scratch imo

too much politics and licensing woes

i'd do it when it finally stops working entirely

most recently i got it working on m1 simulator. choose() works too https://github.com/EthanArbuckle/simulator-trainer/blob/main/img/cycript.gif

nice yea if i had that setup id feel the same

the binaries are embedded in the repo https://github.com/EthanArbuckle/simulator-trainer/tree/main/simulator-trainer/Supporting Files/bootstrap

dont tell saurik

nice, yea no need i already got my own repl now

i dont want it to happen anymore yall can have cycript lol

stop being anti-brazil

lu(l)a

lua sux

(Imho)

Oh my god saurik vendors libuv

some fun lore on the origins of CydiaSubstrate (saurik essay in the comments on this post) https://web.archive.org/web/20081217114619/http://ripdev.org/2008/12/pseudosubstrate.html

almost 20y old, thats crazy

0ptimo in the comments too. Im suprised BigBoss is still online

What makes you think he would care about dead 9 year old project that much?))

The probability of him even noticing a new cyscript-related project is low

wow thanks for that link. interesting to see his writing when he still believed in the GNU dogma

What makes you think he would care about dead 9 year old project
like, every interaction i've had with him

i think the reason its "dead" is because of that frida repo. some other drama is why substrate is not open source anymore. he's a petty dude

like, every interaction i've had with him
We will see

What’s up with the frida repo/dude?

coolio made a clone of winterboard and saurik dedicated like 3 slides in a JBCon presentation to calling her out for stealing 😂 while she was in the audience

Bro this has to be the most absurd, absolute and post-(un)ironical ragebait in the jailbreak community history ever🤣

dude, that doesn't even scratch the surface of unhinged Saurik posts

there used to be a bot that would reply to every saurik comment with a TLDR

I think I’ve seen it 🤣

@lime pivot what's your favorite saurik crash out

Lmaooo

hi bro, you can see dm?

@robust radish is there any usecase for cyscript on macs

Just tell it here

cycript, pronounced as ssssscript

in saurik's defense he was getting trolled nonstop by 15 year olds and couldnt hang

but yeah it’s great for dynamic instrumentation and exploration

that’s a good point. he was like 40 yelling at 15year olds lol

yea he was just from a different generation of the internet and had no clue how to deal with it lol

the reason I got banned from jbc was because he didn’t understand “hoe” vs “hoeing”. He thought I called Britta a hoe

Wtf
I always pronounced it as “saiscript” 😆

yeah everyone does. saurik is legit crazy

Can someone help me how to blur my dylib file? Or put a protection on it so that nothing is changed on it?

You could use hikari

But why really

https://www.cycript.org/manual/

I pronounce "cycript" using a "geminate S" or "long S". The result sounds a little like a stereotypical serpent from a cartoon: "sssscript". I doubt anyone else will pronounce it like this, but I have my hopes. I also often use "cycript" as a verb with relation to automation of and injection into libraries and applications, which emphasizes its power as a scripting language.

oops didn't mean for that to be a reply

bro wants ppl hissing at him

freak

Given enough amount of time and autism passion , people will find way(s) around

I have a hacks store, and I sell my ipa file along with dylib c and I need to hide everything I have inside dylib so people don’t change the name of the menu or something like that

sell ipas? That’s illegal

lol

i sell hacking for games bro.

dont waste time on that. as a technical exercise i will pop whatever you do and open source it

Sell tweaks

At least

lol

But only people who know a lot can do this, so I need to protect myself from not so smart people

People use ida pro or ghidra to modify, I need to protect myself from that.

why

what is so important that it must not be reverse engineered

if you statically obfuscate, people will just turn to dynamic instrumentation

using frida or objsee

if you have to ask a public chat how to obfuscate something you're already cooked

non-smart people (like me) still could use ida + decompiler and more-or-less figure out your logic

sudo will crack it in 5 minutes

am i allowed to mention that name in here

hikari is the answer tho, others have said a few times

ya

fr

Bro, as I said I sell hacks for games, so it gives some money, people don’t have that and want crack, to use for free or post for free, you know?

I know it can be broken by someone who understands reverse engineering or something like that, but I just want to make it more difficult.

Objsee is based, thank you for making it!
where can I donate?

they don't need to understand how it works to redistribute it for free tho right

type this

you can help me?

no i can't help, i hate obfuscation and DRM

obfuscation is motivation for me to RE something

lol

It doesn’t have to be a very strong one bro, something basic already helps me

Obfuscate strings with xor

then use hikari

(hrtng already solves this)

what hikari

what this

i don’t know

sorry

LMFAO

when you’re upset but lowkey thankful

you had him feeling conflicted 😪

This is fucked

I hate nodejs

if this is for cycript, make sure you’re getting the right nodejs. The repo linked as a submodule has been retired, and iirc cloning it will actually get you a much newer version than is compatible with cycript. you have to hunt down the right one by commit and manually clone it

Other than Tinder bypasses and VCams, has anyone seen tweak requests with unusually large bounties or that are technically difficult to make?

idk if this counts but https://texts.com was hiring a tweak dev a few years back

ah I’m not tryna get hired anywhere, just want some lunch break projects

The largest I recall was Tanner posting one for 100 dollars, the request was for Safari and SafariViewController to share cookies, @chilly hedge got that one done in an afternoon

that was pretty cool - and fit the description of what you meant by technically difficult to make

that sucked big time because cycript legitimately was and still is the best debugging tool I've ever used

I set up an OS X 10.8 VM for some side project stuff I'm playing around with rn and god, I miss this

actually can't believe too that MacPorts still works on it, ancient packages of course, but that's more than can be said for brew

10.8/10.9 was the era where I was (trying to not beg) saurik to make substrate/cycript official on OS X. there was the "Cydia for Mac" that was floated as a concept around then, but never happened

that was also when tweak injection got as simple as, you just download EasySIMBL and tick a box. done. no admin prompt, no security modes to disable

SIMBL loaded pretty late tho. it was like hijacking an AppleScript plugin system or something

not like substrate where you're injecting before main()

it’s also so fun

the macOS tweak injection system that Alex Zielenski helped with was pretty good

parasite

I miss that guy

at OpenAI now

he was always a dick

but I loved ZKSwizzle so much

he was, but a good worth ethic lol

at one point we had a dream team working on a whole platform for macOS tweaks, I was just deeply unqualified to act as a leader of the team lmao

zebra for mac

saily mac

did you know Chariz was going to be a package manager

wasn’t Chariz for Mac a real thing for a minute

yep

that had to have been like 2015

CPM

2015 me did not have project management skills

I think you did pretty well lol

and everyone had their own idea of how it should work

hey I appreciate it

in fairness to it, it lost steam more because Alex and Mustafa got jobs, and SIP came in a little later and mildly doomed it

waiting for Siguza to show up here with some kind of JXA solution

you can get cycript working on m1 Mac, just requires disabling all the security stuff

works with binaries patched for ios -> macosx?

that’s intriguing

I have a test MacBook I usually run with SIP and all off so I can do whatever I want

.NET just straight up doesn’t run when amfi is neutered so I keep having to toggle that

yeah. I have it working on macOS, sim, and iOS. Mostly by hacking at the Machos. I can send you some stuff if you want

definitely interested

there’s some ipc_… flag that fixes a bunch of stuff that breaks when amfi is off, like Chrome stuff

oh that might be it

there's still some Java bug though

I’m convinced it’s related to the JIT engine

ipc_control_port_options=0

worth a try

ooh thanks, I’ll try in a bit

https://bugs.openjdk.org/browse/JDK-8326663 fr

I think this one only fixed electron apps

I legit made the 10.8 VM because it was easier to DYLD_INSERT_LIBRARIES into iTunes than to somehow inject into AMPDevicesAgent

cycript would make that very possible

do you know how to make USB passthrough work on old macOS vms btw

USB controller must be 2.0 not 3.0

my go-to method for injecting into system stuff is to make a tmpfs mount over the original binary parent directory (which is usually read-only), then copy a version of the binary back into that mount with a load command inserted to my dylib

oh smart

still doesn't work with that unfortunately, maybe incompatibilities between m1 host and Intel guest?

so I guess that’s still a possible attack with SSV then

oh hm, hard to say unless it’s VMware

they had the most complete macOS Intel VM support

just no GPU driver which became more of an issue as time went on

works especially well with simulator, which is more relaxed with codesigining. makes sim injection very easy

pre-10.10 you just didn’t get transparent menu bars/popups. 10.10 it started causing real bad screen tearing

@lime pivot I have a patched copy of cycript for the m1 handy if you want it rn

totally forgot about it too lol

oh actually injecting doesn’t work so you might actually be better off waiting for Ethans

this was just the iOS version converted to macOS, there aren’t any actual patches

Hello guys, does anyone here understand obfuscation and encrypting codes?

prerequesite is knowing how to re and how compilers work

Is Python/Ruby/Java-related functionality still useful? I wonder if I should remove that

I would remove it, at least initially. complicates compilation and not that useful

True

That feeling when you make it organized instead of just throwing everything in content view and hoping it works

ShitUI :/

You haven’t even seen my UI

Did you know that there is a whole language named “Shit”?

Yeah looks trash cuz shitui

I’m adding you in the credits of my app and saying you made the UI

No thanks

suicide is looking more promising than ever

Fr

How is it shit

What should I change

Everything

Like literally redo everything from scratch

I did this was my first attempt 💀

I spent longer on the fake cluckinbell than the actually UI 😭

if anyone is interested in how the internals of iOS app content rendering and input delivery works (frontboard, backboard, etc), I've documented my understanding of it here https://github.com/EthanArbuckle/ios-rendering-docs

I vaguely remember that lol

I really wish I were less emotional and more logical with him over the years, but I also just don't think he would have ever changed his mind on a lot of things

Saruik the goat

Not as good as pwn but still goated

thanks for the valuable insight

he really was onto a lot of good things, and I respected that he wanted things to be as correct as possible

but I just wasn't (honestly still don't think I am) a good communicator especially with conflicting opinions

You gotta work on that then being closed minded is a horrible characteristic, even if you don’t agree just hearing someone and seeing their approach can be beneficial to bounce ideas back

in my mind I want it to be about meeting halfway, but when I say it, it can come out poorly and seem just saying they're wrong and I'm right

Yea I get that especially if there’s certain aspects you think would work better with your approach, honestly it would just be beneficial to make two projects one were you meet half way and just doing what he thinks is best then you can compare and see

that happened in a few instances, he took offence to it every time

Then that’s more a his issue than yours idk the situation but it sounds you were open to compromise but he was just stuck in a mindset it’s my way or nothing

it reads like working against him not with him, and he saw no reason you should work against him. he has a long essay about why he felt that way

anyways, how are you doing kirb

been a while

That’s a terrible way of thinking I’d rather have friends that challenge my way of thinking than nodding and agreeing

Nothings ever black and white there’s numerous ways to accomplish tasks and if you only do what you think is best and no one challenges you you’ll never improve

really has been

got way too much going on which you prob know is nothing new lmao

but all going great

work has been really rewarding, growing pretty quickly

where are you these days, still DT?

right, and I always tried to enter the conversation if I could bring something mutually beneficial to him, me, and the community

I feel that’s the reason jailbreaking died too many devs have this entitled feeling Pwn while talented was entitled from what people have said about him doesn’t sound like he was a team player CS was just a whinny drama filled bitch it was always a dick measuring contest of who had the best jailbreak when really they could’ve just worked together

as much as, like I said, there were some times I just ended up being emotional. which is not the approach that will convince someone that is a very logical thinker like him

which led to him not trusting me, and then not trusting me further because I worked with people who … honestly idk at this point, but I always felt they were way worse than me at keeping emotions out of it

not naming names, but @robust radish will know

I don't think I ever had a conversation with pwn where he wasn't extremely passive aggressive. he was just well known for being a jerk

star was like that too, but I could reason with her a lot more. pwn didn't want to engage with it at all

borders what I want to discuss in public channels. perhaps that’s enough lore for now 😅

Awesome. I’d retweet it if that were an option on github.

I already said too much. oh well

jb has had a lot of drama though for sure

Not on lemins side he’s always been a great dev

guess I'm just disappointed things could have always been better than they were

Yea and now we have nothing all the devs either got paid off by Apple or rage quit

iOS 11 was the worst

The iOS 13 zero day was the last peak moment we will ever experience

LiberiOS was excellent

but I also guess it helps to know this is pretty common in all homebrew/jailbreak communities. not that it makes it any better. but it stings a bit less I spose

qwerty was left, cs and saurik didn't cooperate, and pwn and cs had a falling out?

The switch homebrew community is the worst 💀 mfkers code in applications saying if your using fusegele it will lag because that’s a shit program made by a shit dev

man that's not their problem, let people figure out it's junk themselves. you don't need to break your own stuff and hurt your own reputation in the process

CS just too emotional got rage baited every day and quit JB 30 times before she actually left

uh okay

Still waiting for lib hooker pro

true

Wonder if apples ever gonna patch poster restore this shit should honestly just be a feature instead of having to use mica and learn that shit app

Bro I never thought that jb lore was that insanely deep

it goes extremely deep

it would be an entertaining documentary

Not as entertaining as the MCmillions documentary that shit was crazy

The mafia rigged the McDonald’s monopoly game

Proud to have missed basically all of it

@lime pivot what’s with the frida and saurik? Did frida guy make improvements wrongly or what?

I don't remember the context, it's been so long

I think it was that they took a lot of the core of cycript and built something more extensive on top of it (frida itself)

he tried to use GPL as a reason why it's not ok, but there wasn't actually a GPL violation, it was all done correctly

so he changed it to AGPL

I probably have that very wrong, it's been a loooong time

at least it stayed open I guess. I tried to be an encouragement for him to keep working on cycript, and it felt like I did actually help him realise it's worth it a few times

we talked once about OS X code injection, and he showed me how cycript's build of cynject was better than substrate's (before substrate got updated)

and I used the TCP server mode embedded in the app I was working on around then, as my primary debugger

it was buggy, but I still loved it

i think he was grumpy about his hooking system being replaced with frida

like he took it as an insult

oh I see

(that’s just an opinion)

idk, people are just gonna take open source things and play with them in ways you weren't expecting. that's just how it is

I agree. pressuring someone to rename a fork is wild

with Legacy Update I've both had people who hacked it up in ways that made no sense, stole my logo, etc, and people who did clever things I really respected

a blind guy found it better than the Windows 10 Settings app when using it with a screen reader, so he wrote a script to extract and force install it. that was awesome

so much of my code is packaged up in >$5 tweaks/apps. Just how it goes

and I had someone build a competitor that works a bit different and has features I don't. and I have features he doesn't. we're both chill, and hell, it was random people who wanted to make out that there was some drama between us

we're good friends and we help each other out with stuff

did you see the saga of the guy forking krum's void installer to add support for incorrectly installing on btrfs

some of it

and one of the freedoms built into GPL is your right to do what you want with the code (provided you do it fairly). you have to be ok with that meaning sometimes someone does something dumb/rude

it's just not something you can control the outcome of, and that's the point

https://tenor.com/view/closed-source-open-source-foss-github-code-gif-26506919

@faint timber I've come to the incredible conclusion that hikari is indeed trash

managed to recreate ios 15 lock screen on ios 16

Does anyone know how Snowboard does "Force Refresh". Like can I do it via terminal?

uicache -arf if i had to guess
all respring force

snowboards button doesn't respring though and uicache -af isn't it as well.

also wtf uicache -f reset all my notification settings

Yes please mr beast give me money

how?

by modyfing posterboard

Its still WiP, im trying to make it as much simillar as possible

im planning to add live wallpapers back

yayay thank you

https://github.com/NightwindDev/old-lockscreen

This is a poorly made version, im currently working on a new one, which is a lot better

I would recommend you to look into making the font size adaptive. I just hardcoded them in my implementation but that configuration might not look perfect on different displays

well thats what im trying to do, also here's a comparison between your version and mine on an iPhone 11, you can see it already looks a lot better and the fonts are perfectly scaled for iphone 11. Of course, i still want to make it work perfectly on more iphones, but ill need to test it on more iphones first, im also planning on adding live wallpapers as i said before.

Gotcha, cool

I see what you mean by my version not looking great on your end

:is(
  .page-metadata-section:is(.categories, .tags, .series),
  .page-metadata-item.authors
) > a:not(:last-child):after {

rate my new css rule

Since when cyscript was a ** disassembler** lol

it used to have a server component called cyrver 💀

apparently it works on NeXT (going off this commit message) 😱 https://github.com/EthanArbuckle/cycript/commit/b5dd57dc1e068c730142fb1007ce6c43a6ef7090#diff-7b3a3b05c593bbe13eee8794acd0decdc856060ac1dd14189467540a8b44a111

“Used to”?
Server.cpp is still present, and in theory might work 💀

I need to check that

oh

it builds into libcycript — there’s still a client/server architecture. it was just previously more like an oracle. like frida-server, which calls itself a server and injects another server into traced processes, but it calls that an agent instead of a server (incorrectly)

I was looking at the release assets for Cydia Impactor earlier today just out of curiosity and Cydia Extender was apparently built to support iOS 2.0 lol

from the info plist

{
    "CFBundleName": "Extender.VPN",
    "DTXcode": "0462",
    "NSHumanReadableCopyright": "Copyright © 2018 Jay Freeman (saurik). All rights reserved.",
    "DTSDKName": "iphoneos2.0.saurik",
    "DTSDKBuild": "12D75",
    "CFBundleDevelopmentRegion": "en",
    "CFBundleVersion": "1643275645",
    "BuildMachineOSBuild": "11G63",
    "CFBundlePackageType": "XPC!",
    "CFBundleShortVersionString": "0.9.56",
    "SBUsesNetwork": 0xb,
    "CFBundleInfoDictionaryVersion": "6.0",
    "CFBundleExecutable": "Extender.VPN",
    "DTCompiler": "",
    "MinimumOSVersion": "2.0",

“iphoneos2.0.saurik”

@robust radish sorry for constant pinging
Can i use dylib_injector.m to try fix cycript’s injector? There’s no license, hence why im asking

what repo is that in?

cycript-wrapper

GPL’d

O
Thanks 🙏

(I just did it). I always forget to add a license to stuff

hey is there any documentation on the checkm8 vulnerability

I wanna take my own shot at implementing it

aside from just palera1n source

palera1n source doesn’t contain checkm8 exploit

Try this https://alfiecg.uk/2023/07/21/A-comprehensive-write-up-of-the-checkm8-BootROM-exploit.html

any good alternatives lol

its not the best but you can use mine: https://headers.dfiore.xyz

alr ty

i forgot it was a custom programming language... another reason to start from scratch

i dont know why you would need node either, isnt JavascriptCore enough?

AFAIK he removed readline as a dependency and started to implement that from scratch

ya https://github.com/nowsecure/frida-cycript/issues/2#issuecomment-714144041

But, I digress: the point here is that I am not bound to the AGPL on my own code; I am bound to the GPL on my old released versions due to linking against readline, but I even removed readline--which happens to be developed by a coworker of mine, so this was awkward--from later, "internal" versions I gift to close friends occasionally, for complete compliance.)

i dont even think what he's saying there is true

https://github.com/lua/lua/blob/v5.4/makefile#L72-L75

^ that uses readline as an optional dependency and is MIT licensed

its licensing nuances are beyond my interest

yeah i digress. i just avoid GPL, keeps things simple

point is it would be a nightmare to keep cycript going

I don’t plan to stop using it

i just realized i subconsciously said "i digress" because i read that in sauriks comment

spoke his name too many times, now you’re absorbing his language. the cycurse

pls notice me saurik senpai

cynpai

cyrik

prolly his alt

Or add lua support and don’t use uhh …cy script(?)
()

It’s needed for libcycript.db, for whatever reasons (why a database is even necessary in the first place?)

for symbol/class tab completion performance iirc

node modules are inserted into libcycript.db, content of which is used with JSEvaluate for javascript things
))

i see. it looks like its an easy way to embed 3rd party libraries if one desires. do npm install or yarn install on your dev machine, and the cycript build system embeds all those into libcycript.db, so you dont need to install node on iOS

"Node.js Core Libraries" https://www.cycript.org/manual/#7feda59e-6646-4ca5-a05b-aec241d39375

nice feature i suppose

i guess maybe there was a vision where nodejs would be fully embedded into cycript itself so you would have access to all the node libraries AND the objc runtime in the same language

but he already based it on JavaScriptCore, so he did it like that so he could try it out without doing a huge refactor

pure speculation on my part

deno users:

bun goated

bun is buns

I wanna make a documentary would any one be interested in interviewing over zoom about the jailbreak history

I won’t be paying you but I will be charging others to watch the documentary

I won’t be paying you but I will be charging others to watch the documentary

I won’t be paying you but I will be charging others to watch the documentary

I won’t be paying you but I will be charging others to watch the documentary

I won’t be paying you but I will be charging others to watch the documentary

I won’t be paying you but I will be charging others to watch the documentary

not paying ppl thats helping u make the documentary but will charge people to watch the documentary?

That guy is the resident clown so don't worry

I think I might have asked him at some point, or someone else asked, but he could have used BSD libreadline

he didn't want to have something inferior to GNU readline though

is limneos down? https://developer.limneos.net/
it asks me to sign in

I can appreciate that he wanted things to be good to prove a point though. like he wanted to have the GNU versions of everything because they just were better, and he felt the values of the GPL are important for showing Apple can do better

I'd assume that too

these days, it could be ported on top of bun, which uses JSC

but bun is very recent

It’s called humor maybe take the stick out of your ass and laugh sometime

do we have different definitions of clown

Nah that’s my bad

this dude thinks a clown has a stone cold, humorless stare

its been liek this for a bit, probly gona stay like that

u can use fiores headers site tho https://headers.dfiore.xyz/

ah

gen alpha moment

fiores headers works but its even slower than limneos

@indigo peak

talking about it in the theos server, but I’ll pay someone to build the ideal header site

make a list of requirements

Can’t wait for all versions starting at 10.x requirement

💀

3 versions are 15gb or so

it’s gonna be over 2TB of static files (all iOS versions, headers as well as another type of dump which is much larger). I’ll post full requirements in a bit

keyword searching static files don’t scale, so some high perf backing db is necessary

i'm in theos server so you can ping me there as well if you want

I’m interested too (solely in the requirements)

Ping me

Jynx

Jynx

Zynx

Lynx

Pynx

Wynx

unfortunately theres no bun port in procrusus. at least there's node in there but they didnt get around to doing rootless. probably best to just stick to JSC would be way less complicated

but what do i know maybe bun is easier to port

One more “ongoing side project” has been added to the “ongoing side projects heap of doom”

the js objc bridge will be a nightmare

if you have to write that part in C its over

oh ya its over this is the only js ffi and it only supports linux

https://github.com/ratboy666/qjs-ffi

mJS has ffi too but its GPL gg

did you get cycript compiling?

im working on it, currently fixing some saurik's c++ code

lets see if this gets DMCA'd https://github.com/EthanArbuckle/iPhone17-1_18.2_22C152_Restore

poluting gh search even more 🔥

real

Can’t say that one in public bro 😭

💀

did that last one get DMCA’d?

no i haven't gotten one

hold on am I allowed to distribute LiveExec32 with public ramdisk binaries

Idk if they’d be cool with redistributing binaries. I’m hoping these derivative side effects of binaries are safely in the grey area

pull a Spire and have LiveExec download the ramdisk during install

(spire brought Siri to iPhone4 by downloading a dyld cache for an iPhone 4S from apple cdn in its postinst). Or something like that

💀 https://github.com/Cannathea/afc2d-arm64/blob/master/extrainst.mm#L33-L41

you can tell this was largely copied from saurik's OG afcd2 package, because literally no one else write objc code like this NSHTTPURLResponse *response(nil);

This is objc++
bur literally no one does type var(val); in c++ either

nah that's just saurk's weird style

i've never seen it elsewhere. here's where they copied it from https://git.saurik.com/afc2d.git/blob/HEAD:/extrainst.mm#l31

based boomer code

I wanted to make LiveExec32 jailed (I have a working build for iOS 18), so doing ramdisk would need to include binaries of lots of stuff

😂😂

u should try putting it on the appstore /s

jailbreaks have made it onto the AppStore before

Charlie miller caught a lifetime ban for that

one dev was just like f*ck it and added the bin to the deb lol https://github.com/Cannathea/afc2d-arm64/compare/master...Lessica:afc2d-arm64:master

idk why they even need a different afcd binary. that seems unnecessary

the problem is that the stock version of afcd can only execute as mobile, the internal version (the one was accidentally distributed) can execute as root as well

there’s some function you can hook and then run it as root

AFCServerContextSetRootPath

it sets the path successfully but everything is still executed as mobile

@indigo kraken https://github.com/dlevi309/carplay-cast/tree/ios15 hey were you able to compile this tweak for iOS 15? I tried compiling it but I'm getting errors

no it’s broken I just wanted to compile the latest from actions

ah okok

not sure about that, just harder to detect ig

in theory it's supposed to all compile back to working binaries, just not signed

There is libRosetta LOL
I wonder if someone has tried getting rosetta running on ios

@frank fossil i assume you already tried doing this?

I should try this someday

One more “ongoing side project” has been added to the “ongoing side projects heap of doom”

There are some Rosetta codepath in the XNU kernel iirc so I assumed it wouldn’t work (how does Rosetta work on Linux VM though?)

I also deleted all 7GB of x86 shared caches so I can’t try it rn

there's a GitHub repo that has an action to patch Rosetta to work on Linux

Does it work?

on a certain kernel page size

I forgot

why does limneos require me to sign in

Anyone know how to modify the frame buffer on iOS 3

iOS 3

💀

Yes, iOS 3

Realistically it should be the same for most of iOS

why-

are you seriously suggesting that apple hasn't changed the frame buffer rendering in the past 16 years??

Well I am suggesting the core apis behind it probably havent changed and thats really all I need to know

I'm sure the methods have changed

https://github.com/Billy-Ellis/framebuffer_write

heres ur answer though

ios 7 that should work

ugh

but i need an image overlay

i need something to at least look like it's lowering the gamma

since one of my touch 1's displays is washed out a bit

the tldr is you need to get the offsets of the frame buffer for ur specific devicve

although you could write an offset finder

I certainly won't be attempting that my C is not very good

why dont you just hook frontboard

the process that draws applications windows

its the ios equivalent of windowserver

If it were that simple why does this dude go through hell and back trying to find his offset

because he actually wants to write to the kernel frame buffer...

to do what checkra1n does

fair enough

if you just want to overlay an image just do that in userspace

well yes i wanted to do that but the header website is.. broken?

idk its asking for a sign in