if you make one please sign it

Yes sir

https://youtu.be/nqbUyJhjQYg

Activision can suck my dick

very competent dev teams

Its smoke with raven, activision and bilzzard

Although blizzard already going through it

Its crazy all my favorite game franchises are going down hill because of money hungry companies backing them

@lime pivot I got -container working, you can specify a path or a bundle id, do you know how I found the container path for a group?

ok

update

using the private apis from uikitcore it doesn't work

man

new plan

https://github.com/donato-fiore/calculatorhistory

@restive ether I have a problem

moyai

what you doing

I don't even know

Abusing private apis incorrectly it seems

Hey @grim sparrow, have a look at this!

no

its a bloo thing

:c

you can't limit who can see the commands

discord, am i right

@grave sparrow
6e 6f 2f 62 69 74 63 68 65 73

6f 6e 65 2f 62 69 74 63 68 0d 0a 0d 0a 61 6e 64 20 74 68 61 74 73 20 63 61 6d 27 73 20 6d 6f 6d

4E6576657220676F6E6E61206769766520796F752075700A4E6576657220676F6E6E61206C657420796F7520646F776E0A4E6576657220676F6E6E612072756E2061726F756E6420616E642064657365727420796F750A4E6576657220676F6E6E61206D616B6520796F75206372790A4E6576657220676F6E6E612073617920676F6F646279650A4E6576657220676F6E6E612074656C6C2061206C696520616E64206875727420796F750A

fuck you

hello

true

EXACLTY

oh hi

how are you

"man"

your mom

nya

oh

dad?

What's the entitlement that lets me access all app groups

com.apple.security.application-groups

just throw in

as the group

damn thats crazy

anyways

.

Your mother is a security group

decent app developers PLEASE slide into my dms

i beg

Dude just do it yourself

no

i dont have time

and its not that anymore

its something else

What is it now

well kind of

i slid into something else

Is the payment in monopoly money?

its that but more than just the explorer

ill pay you in USD

paypal

idc

What is it

And how much

yeah you slid into the wrong channel

get yo designer looking ass outta here

damn..............

https://docs.etherscan.io/

iOS app for this

• a wallet app

combined

https://github.com/rainbow-me/rainbow

inspiratiojn

@lime pivot https://github.com/ProcursusTeam/defaults/commit/baa369f8786e3427bb3dd761b72df30492dfed6c

@sinful brook

They “fixed” the game a little

Good enough for private game

FaZe

yessir

Faze weenie warrior 420

HOW TO GET INTO TWEAK DEVELOPMENT
This has been asked countless times so it's time that there is a long message that explains this.
One of the first things you want to do is reach a "baseline" before you can even think about getting started.

What this means is that you need to be familiar with Object Oriented Programming and how to use Objective C.
uroboro was kind enough to create a guide that you can find here: https://uroboro.github.io/Learn-Objective-C-in-24-Days-Clone/
Additionally, you should also learn a little bit about how iOS works, learn some basic frameworks/stuff you will need to work with.
Stuff like how to use UIKit, Foundation, etc. Once you have a pretty good understanding of these, then you can proceed.

The next step is to actually start making tweaks. Install a tool called Theos for your appropriate device.
The installation wiki can be found here: https://github.com/theos/theos/wiki, please make sure to follow the appropriate platform instructions.
After that, you are ready to start making tweaks, please follow a tweak development guide. (Here's one if you're lazy: https://kodeycodesstuff.tech/guide) @azure sail

@grave sparrow

@grave sparrow

@grave sparrow

are actually tryna get into it alpha

Yeah

good luck, be sure to snoop around GitHub for other oss projects

True

@twilit jungle will answer every question u have

Any time of the day, feel free to bother him

Just roll your head across the keyboard and Hope it compiles

HOW TO GET INTO TWEAK DEVELOPMENT

true

can confirm

^ can confirm

Working on a dgh0st diss track rn

Okay capt on the hook

Ill do the verses

%hook

exactly

https://cdn.discordapp.com/emojis/696449618539708548.png

Cover art for the track^

W

New profile picture twins, what do you think

@hardy glen

Muchas gracias

Okay off to go make my repo

Lets see how this goes

Live And Let Uhh

@hardy glen

Eminem just salty he can’t have megan

ew who wants megan thee stallion

Wrong megan

megan graduated college man don’t hate on an intelligent woman like that

she the baddest in the game

I’ve heard that description before

at what game, tug of war?

no the game of your dad asking your mom for a divorce

thats not a game

good work 👌

Nice just made my repo, this shit was easy asf

YOOO

this is amazing lmao

yay

HOLY CRAP I UNDERSTAND AUTO LAYOUT

IT MAKES SENSE

IT ALL JUST CLICKED

THAT’S SO COOL

Don’t you just love eureka moments

WHATS THAT

how do make a jailbreak ios 15

i know html and css

and a little html5

Step 1: Bully ios into submission

Step 2: jailbreak

heheh

it's incredibly rewarding when you just know how to use autolayout and can come up with a crazy complex layout that works perfectly with zero or minimal code involved

tf is auto layout

layout but automatic

tf is layout

out which is laid

it's the way you express how you want your UI to be laid out, simplifies what often used to be pretty complex logic you'd have to write by hand

Yes

People in this server don't get laid smh

No developer ever gets laid, so uh.

i can confirm

@ocean raptor defaults read with no params is trippy lol

I didn't consider that was a thing

hello

i will make tweak

hello

do it

i know html and css

leave

before its too late

safe yourself alpha

ok

write a tweak in Win32

msdos

yes write a tweak in x86 assembly

how to jailbreak xcode sim

Step 1: Bully sim into submission
Step 2: jailbreak

I wish we could make tweaks in c# using visual studio.

Xcode is not a cellular device and does not have a SIM

same

the madman is actually gonna do it

wrong taurine

you need taurine++ with ios 15 support

taurine vip

and taurine gold

the cooler taurine

The get laid taurine

Impossible

how to hook some bitches

Very useful tho

defaults find too, but I'm not sure how I'm gonna implement it

how to hook breadcrumbs

genuine question

no clickbait

same way you'd hook anything else

what's it called

👏 👏

%hook BreadCrumbsTrollingController

ty

%hook iOSClassNameThatIsWayTooLongForNoReason

hello

i am not amy

just found it

%hook SBDeviceApplicationSceneStatusBarBreadcrumbProvider

ty #development

np

what

there’s like a whole help command

and cameron even spent time writing a manpage

so install man

there are no side effects

the old -a used a apple framework but it’s slow and sucks, making -a just work as a recursive -p was better and faster

appstore apps never need to be ran in uicache so it didn’t really matter

yeah

the way -p works does not support appstore apps

on ios 14 anyways

I wouldn't be sure, there still may be stuff that happens when actually uninstalling

well that’s not our problem this was a question in the scope of uicache

any other part of that is irrelevant to me

:true:

@azure sail check out uh

i forget their name

they made croutons14

i think its OSS?

yeah i found it

but ty

ok cool

https://hackmd.io/@XAMPPRocky/r1HT-Z6_t

swift bros we're winning

https://twitter.com/ethanrdoesmc_/status/1470260414084788226?s=21

they’re clearly british so i don’t care for their opinion

rust moment

i was blind to the light

python is actually pretty good

anyone have a link to the llvm 11 toolchain

yes

Long time no see krit

https://github.com/DragonBuild/build/blob/master/action.yml someone ought to make an action like this for theos, makes it possible to do all that with one line

True

Gm

'morning

@grim sparrow if I want to sign my repo, my only job is to provide a Release.gpg file in the repo right? Or do I also have to sign debs

still annoyed how gh actions have to zip everything together

#!/bin/bash
script_full_path=$(dirname "$0")
cd $script_full_path || exit 1

rm Packages Packages.bz2 Packages.xz Packages.zst Release Release.gpg

echo "[Repository] Generating Packages..."
apt-ftparchive packages ./pool > Packages
zstd -q -c19 Packages > Packages.zst
xz -c9 Packages > Packages.xz
bzip2 -c9 Packages > Packages.bz2

echo "[Repository] Generating Release..."
apt-ftparchive \
        -o APT::FTPArchive::Release::Origin="Amy's Repo" \
        -o APT::FTPArchive::Release::Label="Amy's Repo" \
        -o APT::FTPArchive::Release::Suite="stable" \
        -o APT::FTPArchive::Release::Version="1.0" \
        -o APT::FTPArchive::Release::Codename="ios" \
        -o APT::FTPArchive::Release::Architectures="iphoneos-arm" \
        -o APT::FTPArchive::Release::Components="main" \
        -o APT::FTPArchive::Release::Description="Amy's Dump of Tweaks" \
        release . > Release

echo "[Repository] Signing Release using Amy's GPG Key..."
gpg -abs -u 816C7A50B575162DC29288CD72339224580758CE -o Release.gpg Release

echo "[Repository] Finished"

you can upload it as a release

oh didnt think of that

nice

Just edit a few keys here and the public key ID

https://github.com/KritantaDev/sdk-builder/blob/master/.github/workflows/sdks.yml#L76

this doesn't unzip it, just uploads zipped zipps to the release, bc i'm too lazy and the workflow takes like 3 hours to run, but it'd be easy enough to figure out

thanks a lot

that script will make a repo that gets all the speed optimisations in sileo

Packages.zst

wholesome

yay

zstd compressed debs when

repos are overrated

upload uncompiled source with no prebuilts to an obscure github org and delete all of your socials so nobody knows where to find it

They’re a thing on Procursus but Elu doesn’t support it

however .xz debs are generally smaller

release them as tarballs and watch as mfs try to install them

Sileo using .xz is 2.02mb and Sileo using .zst is around 2.3mb

i mean yes but the speed improvement is worth it imo

upload each individual source file to the releases

There is very little speed difference

Nothing that I could measure on my phone

if its in a subdir just specify all the dir locations in the release text

The difference is similar to that of libhooker and substrate

there is a difference but nothing you will ever notice without timing it

very precisely

correction, .xz is 1.92mb

rename a .gzip to .zst and listen to ppl talk about how much faster it is

apt-ftparchive

sudo apt install apt-utils

What if I use arch

L

isnt there dpkg for arch

L

Yea I got it installed

what you could do

and what I’ve setup

i remember there's apt for openSUSE

which is slightly better

is just a github action

you can't install packages but you can work with them

so whenever I add a deb to the packages folder it repackages there

does dm.pl not work?

The top is using .xz, the 2nd and 3rd are using .zst

iPhoneOS .zst

Time to setup an action

bumping this

I’m just trying to think now of where I’ve seen one

could've sworn there was a link in the pins in this channel which is why i'm here

alas, no

trying to build a preference bundle with the old ABI to test a fix someone claims works

well I found one for 10

that works

https://github.com/CRKatri/llvm-project/releases/tag/swift-5.3.2-RELEASE

oop

dont have an x86 linux distro

(also it unfortunately needs compiler-rt, so looking for the macos one)

I have the Xcode.xctoolchain from Xcode 11.7

if you want that

sure

(not sure if that one works but i'll give it a shot)

I know it does for arm64e on iOS 13/14

i lowkey cant even remember what the ABI problem exactly is

something something non stable abi

i think using 12.0.0 breaks like, prefs in iOS 13?

yes

if you compile with clang 12 then you cant use arm64e on 13-

oop nvm then

dont need a toolchain

what problem are you having

.

then why wouldn’t clang 11 work?

clang 11 compiled works on 13 and 14

its just 12 (and 13) being stupid

trying to find a way to get 12/13 working on ios 13

bc i was trying to do that like a year ago and its been in the back of my head since then

https://cdn.discordapp.com/attachments/831692717397770272/889544239640363018/unknown.png

all I can tell you

is that capabilities 0x80 means its clang12/13 arm64e

lol

yeah

I feel like there must be a hidden flag somewhere in clang12/13

it's a bitmask of the first (one or two?) bytes in the cpu_subtype field on the dyld header/fat_arch

it’s actually something that took me a day to realise I was using the wrong toolchain

macos server panicked and now i have to manually vnc in and restart everything

someone mentioned to me in the theos discord that just changing the flag let it work on 13

https://gist.github.com/KritantaDev/b577dafe844d26350b051b482bb71268

wrote a script to do that

In this case what is ./pool

Folder of debs

got it

https://github.com/coolstar/sileorepo

yeah that doesn't work

given that absolucy has done a functioning tweak written in rust...

wtf

Ending up using docker in the script

Lmao

@grim sparrow thank you for the help. i ended up using this ```bash
#!/bin/bash
script_full_path=$(dirname "$0")
cd $script_full_path || exit 1

rm -f Packages Packages.bz2 Packages.xz Packages.zst Release Release.gpg

echo "[Repository] Generating Packages..."

echo "[Repository] Creating Docker Container..."
docker run --name repo -dit -v ${PWD}:/data ubuntu

echo "[Repository] Updating Docker Container and Installing Utils..."
docker exec -it repo bash -c "(apt-get update; apt-get install apt-utils)"

docker exec -it repo bash -c "(cd data; apt-ftparchive packages ./pool > Packages)"
zstd -q -c19 Packages > Packages.zst
xz -c9 Packages > Packages.xz
bzip2 -c9 Packages > Packages.bz2

echo "[Repository] Generating Release..."
docker exec -it repo bash -c "(cd data; apt-ftparchive -o APT::FTPArchive::Release::Origin="Hearse's Repo" -o APT::FTPArchive::Release::Label="Hearse's Repo" -o APT::FTPArchive::Release::Suite="stable" -o APT::FTPArchive::Release::Version="1.0" -o APT::FTPArchive::Release::Codename="ios" -o APT::FTPArchive::Release::Architectures="iphoneos-arm" -o APT::FTPArchive::Release::Components="main" -o APT::FTPArchive::Release::Description="Hearse's Dump of Tweaks" release . > Release)"

echo "[Repository] Deleting Docker Container"
docker rm -f repo

echo "[Repository] Signing Release using Hearse's GPG Key..."
gpg -abs -u key -o Release.gpg Release
echo "[Repository] Finished"```

idk if its in my head but refreshing/adding it feels much faster

@silver rampart welcome back

Compared to?

When installing something like openjdk it's very noticeable, that's why we switched to zstd debs by default on pro

back to what i had it as, just Packages.bz2

probably in my head

apt is in the AUR iirc

yea it doesn't build and i didn't want to build manually so i just ended up using docker

🗿

🗿

v fair

nice to see some innovation in a software scene held back by 10+ years of backwards compatibility

ubuntu has zstd debs

cutting edge innovation™️

wtf krit back

Would it be possible to make a binary that when loaded into ghidra will exploit the log4j bug?

I saw someone on twitter who did that I think

https://twitter.com/zhuowei/status/1469186818549719042?s=21

Yep

Cool

F

just use IDA

anyone know how to / if you can create a homescreen icon and have it execute some code when you open it through a tweak

you could make a web clip that launches an arbitrary URL scheme

hm

i just had a tought

by initializing the class that the app has

and i give it a custom bundle id

like

com.your.mom

and then on like application launch method

i check the bundle id

and if its that one

do magic

yeah bundle ID is also possible for webclips but that's only iOS 14+

can you create a webclip through a tweak?

yeah, with a tweak you can technically install a webclip directly without asking the user to confirm profile installation

just need to write to /Library/WebClips

or something like that

hm

interesting

might be in /var/mobile actually

I remember messing around with it in Filza

/var/mobile/Library/WebClips

Why would you shoot someone’s nose?

its a diss track cover

i feel like doing this manually in a tweak is more work than injecting a fake icon

guys

i need a cert which is still working for my ipas

where i can find them

developer.apple.com

can you explain location

they sell working certs

i see

$8/mo

apple never catches them and so they're always signed

cheap but there is free ones at chineese qq groups

nvm imma just take a look

lord it's iOS 15.2 and we still don't have good headers

F

How would headers be dumped i am confused

From the ipsw?

many ways

Idk why i just said ipa, i haven’t slept forgive me

this is how I built https://headers.krit.me/

https://github.com/KritantaDev/sdk-builder

Right i used that in the past

The headers website i mean

So hows the android life

it downloads the ipsw, extracts the dyld shared cache, uses DyldExtractor by arandomdev to get the images, and then uses the ktool library I wrote to dump headers

some dump programs (classdump-dyld) operate directly on the shared cache

Oh nice, ktool library that dumps headers? Interesting

others (classdump, optool if that counts), operate only on images

To dump headers, i currently use dsdump

Oh wow

https://github.com/kritantadev/ktool

some like, I think, RuntimeBrowser, load it in at runtime and dump them that way (not 100% sure)

Can we get those pinned

been my mostly sole project for the last 4 months or so lol

Wow… i always wanted to work off the dsdump write up and “attempt” at making a header dumping tool

just make springboard an ipa and sideload it with tweak dylibs

ez

And its cross platform as well

Now i can dump headers on linux

works genuinely anywhere too

Okay gonna try it on my ti-84 python edition

@silver rampart wtf is statusviz source code

most of my tweaks were written over the course of approximately 4 hours a piece

and then never touched again

statusviz is probably not even the worst

Same i never go back, i just stay up all night

yyep

Can’t wait to try it out on a swift app

I think I finished it by like 6 AM too

The reason i like dsdump is because it handles swift quite well

it was just an insane hack using a ton of mitsuha bar views, FFT, and libCozy for color backdropping

im just trying to add something to the status bar

but like, replacing something else

see yeah i still need to learn swift to add dumping it to ktool

I have code to change the status bar color to random colors thats all

thats not that hard to do

my main focus for the original project 4 months ago was just someone requesting a class-dump for Linux bc class-dump itself kinda sucks butt

Yeah, dsdump does it quite well. Never gave me any problems, especially if i need to copy over structs to xcode to find offsets for variables

now it does all of this shit

including img4 utilities bc why the fuck not

Big W for windows/linux users

all of that stuff is wonderful to have bc jack shit works on Windows on Arm

Yea lmao

miracle i got an iOS toolchain to compile for it

Idk who is allowed to pin here but hopefully we can get both of those pinned because thats huge

0xfeedfacf thats all i know

My projects over the last 4 or so months:
https://headers.cynder.me/ - Quality, syntax-highlighted Header dumps for every single ios version from 13-15. Dumped with ktool.

• Click a line number of a method to generate logos hooks for that method
• Select a version in the top right to diff two different ios versions of a header.
• Binaries (fully extracted, imports and everything work) can be downloaded from here as well

ktool - https://github.com/cxnder/ktool
" is a multi-purpose, 100% cross platform toolkit for MachO/ObjC dumping, analysis, and editing. Now includes a command-line GUI. Can run just about anywhere.

Things it can do:

• Dump/Browse functional ObjC headers, classes, .tbds (a la class-dump, tapi, otool, etc.)
• Browse and/or Hexdump Load Commands, Segments, etc via the GUI
• Insert/replace load commands, etc (a la optool, install-name-tool)
• Display a lot of valuable info about MachO binaries, including ones with mangled/corrupted load commands.
• Plenty more

It's also a public, usable, python library, meaning you can go absolutely wild with it."

more pinnable message ^

Oh didn’t know that headers.krit got updated too

That is indeed pinnable

you see, i could pin it

but do i want to pin it

thats the real question

@silver rampart curious, how long did it take you to dump headers for every ios version

@indigo peak so i just counted

and as the person with the most pinned messages in this channel, i invoke pin-seniority

^

lmao

ugh

fine

wait let me unpin all your messages

Damn not bad

so

funny story

used to take a touch longer than that (to dump less versions)

https://github.com/KritantaDev/sdk-builder/commit/f497f1fea8d331711ef0d84c4d8c262209a1e2f6#diff-3bdbf592cdb01948fb5e310de3f3ccf5b65527a9074f009151076ed3f62964f1L38

O(n^2)

Wtf

due to an oversight during a refactor, it'd redump the entire framework for every single class in it

lol

Whats the time complexity now

no idea, but it takes approx 4 minutes to dump 2000 frameworks on a 3 core github actions machine

Damn thats impressive

majority of the time now is spent downloading the ipsw and waiting on DyldExtractor

Exponential time go vroom

still need to automate the process of uploading the dumps to the website lol

takes like 30 minutes

current roadblock with dumping actual iOS 15 headers is the new cache format

holy fuck this is nice asf

i like the gui

(it has mouse support too)

yea i saw that

(also the text wraps and you can resize the window) (way cooler to me than anyone else tbh)

i like this

gui feels nice, midnightcommander vibes

felt it'd be easier to do than a regular GUI in all honesty, turns out that was not the case

probably would've been easier if i didn't for some reason refuse to use any curses GUI libraries

also found a bug i think, upon clicking the ktool option on top left hand side. Mouse input goes through The floating window

being able to use it on stuff like my hub server is very nice though

noted, there's like one pixel on the top right of the little window you have to click to close that, isn't really a properly implemented feature yet

yea i am so confusedd lmao

i was pressing q/esc/backspace

i just needed a way to read the log text

best tool i have seen this year geared towards tweak dev/reverse engineering

gui got high potential

someone more familiar with PyQt or another solid real UI framework could fairly easily adapt this into an actual GUI app

certainly, i am more of a do everything in the terminal type of guy

also this fuckin table formatter

got really drunk one night, sat down, wrote the whole thing, by some miracle it worked, shipped it

Beautiful

came back to fix a bug literally the next day and could not decipher a line of fuckin code

lmaoo

legitimately had to rewrite a good portion of it

describes most of the GUI code if i'm being honest

perfectly sane line wrapping code

I am currently learning python so i would be happy to look at the code and learn some shit, perhaps contribute in the future

look anywhere but window.py

pycharm moment

Its been so long since I did anything big in python that its weird seeing stuff without semicolons

Same

i've been working on this for so long now someone asked me for objc help last week and i forgot syntax stuff

send help

I was working on my first python project, and with the force habit, i wrote couple lines with semi colons at the end until someone pointed it out

https://github.com/HearseDev/logos-format first python project, i had it already written in c++ and went to write in python and realized what i have been missing out on

python is amazing

True

Also true

but dont conform to pep-8 and any sane IDE or linter will yell at you

(and rightfully so, its a pain to read)

Yea i use clang-tidy just for that.

I prefer readability

https://github.com/KritantaDev/ktool/blob/320e503cd32e557a86cd1c369cb97e4e26007a95/src/ktool/window.py#L260 this was the line of code i couldn't decipher

lines = [col[i:i + column_maxes[col_i]] for i in range(0, len(col), column_maxes[col_i])]

Yea wtf

it uses a 3rd arg in range() that sober me was not aware even existed (step size)

true but you would never do that

Unless you're insane

Which you are

So

that line takes a string and chunks it up into a List with column_maxes[col_i] sized strings containing the original string

What formatter do you use for python

pycharm default

My brain

ah

it does well

I was steered towards black

although it's fully configurable as well

I don't really like formatters because there's always that one time where the formatter won't let you make something that looks better

There's always the single edge case

but i stick to standard PEP-8, there's not as much room for bullshitting in python as like, ObjC

And adding a comment to ignore the error is uglier

what

this function makes the formatter the big angry

fuckin argparse

F

so i have this "macro-style" function for checking if required args are passed

Nice

but the argparse args variable only exposes the variable names, and i want to show like, "hey you need --headers and not do_headers

Imagine using formatters

I like formatters

honestly not that bad, I make worse lines

I am a messy person

one sec i have a worsest line

This proves it

print(int("".join([str(i) for i in [ord(a) ^ ord(b) for a,b in eval(bytes.fromhex('6576616c2862797465732e66726f6d686578282737613639373027292e6465636f6465282929').decode())("".join(f"{ord(i):08b}" for i in "python3asdf"),"0000{0:b}".format(1325394000 * 8287531693697519 + 1151356516))]]), 2).to_bytes(84, "big").decode())

witness me

yeah after reading that, i am closing the tab

run it

bonus points if you can figure out how it works

organized mess

well that's basically obfuscated

okay give me a minute

got bored in jupyter

Nice setup

jupyter extension for vscode is cursed as fuck

alternate less dramatic angle

amen

i have a hub server running on a macos machine a few devs and i share

what does it even do, I never figured it out

opens notebook files

badly

what are those

Is that ida running in wine

^

no

sec

What kind of workbook

You bought ida

mhm

damn

i guess i am just broke

i had to save up over several months

How much is ida

my support plan also expired right when apple dropped the new ios 15 dsc format

1 million

Dollars

4508 for pro + arm64 decomp

Thats only for one decomp

am very miffed

4.5 thousand dollars??

Yes

What the fuck

For one decomp

Why would you buy that

Because its superior

Than anything else

just pirate it though

bc of the amount of time i spend using it

not everyone wants to pirate

yes they do

If i had the money, i’d buy it too

well if i had the money i'd also buy a lambo

being completely honest, i pirate the windows version, but in good conscience, lol

Obviously, because you can’t pirate a lambo

You can steal one though

with how much his work pays, that's pennies

ok so people do want to pirate

checkmate liberal

Fair enough

and not to mention that, but a lot of ppl who have ida licenses have them paid for by their work or uni

and to businesses and unis, that's also pennies

yes

do that

well obviously

get that sick ios 15 support in DSCU

but the discussion was about individuals buying it lol

the individual pricing was bullshit

yeah

IDA Home is a great starting point imo

idk how good the cloud decomp was

i bought pro before they rolled it out and never bothered to check again

Yea i got 7.6 for $0

apparently its ok

better than hopper?

but not great

idk

(low bar)

Honestly I use IDA and Hopper a lot evenly

True

did 7.6 leak

yeah

already

for windows at least

damn

which SP

it did a while ago

2

Yea for windows, i use it through wine

fuck me

when

my paid version is further behind in updates than the fuckin leak

pain

it works quite well through wine aside from the UI aesthetic

least i dont have to worry about kcache shit on windows anymore

bc 7.6 was when they added the decompression into ida itself

imo they perform better in different circumstances

You can get away with using the dark theme though. Its not perfect but good enough

which is why sometimes I'll use one of the other

But my theme does not save in 7.6

nah I didn't renew it

I'm stuck on 5.0

lol, from what i've heard, chained fixups break it completely

Capt you should send me the money to renew it

you probably used it more than me

lol

also hopper dsc extraction is just, bad

I think its $40

bindiff does not install in wine

Which sucks

hopper is actually affordable

lol

dark mode makes it look better

run idapyswitch

it'll fix the dll error maybe

I have the entirety of the nfc drivers commented in IDA

and correctly typed

sec lemme pull out my flex

have my license

i have sp1 atm

Sp2 is somewhere on the internet

I'm running sp1 rn

I swear I sent someone here sp2 but I never bothered to update

Service Pack

service pack?

iirc

it packs services

yea i just assumed from windows "sp"

its like an update pack

Evidently you are not a Windows user

fuckin nice

if someone gets bindiff running in wine, pls teach me

'get a hobby' they said

hobbies are for nerds

also

75% complete RE of the SecureROM for the S3 watch

thats pretty epic

damn nice

me when I need to parse the input of advent of code

I spent far too long going through the nfc drivers just me to only need 4 functions because I can hijack them

aemulonfcd is a collection of reverse engineering and over engineering

list whateverthefuckitscalled was a mistake

comprehension

so great to have and the things you can do with it are so terrible

@restive ether thought I just had, you could probably re-use the Aemulo XPC hax to get stable communication from a jailed process to Springboard without the need for rocket bootstrap

securerom/iboot source leak is interesting to look at

even if it's old

t8010 isn't that old

yeah

i really rather wish t8004 dropped with it

it's also great that it includes the comments with it

would've made my life reversing the S3 watch rom a lot easier

I also like to use (falsevalue, truevalue)[boolean] instead of truevalue if boolean else falsevalue

f

and combine that with some list comprehension and you get things like this

the worst part was when I realised that one part of my RE was wrong

and that fucked over a lot of my other stuff

big mood

turns out this one parameter is int ** and not int *

gets even worse with https://github.com/KritantaDev/iBootLoader bc the symbolication for the roms is automatic

and I have to base the entire thing off of one xref to a function that xrefs a specific string

so if either of those are wrong it entirely shits the bed in a very confusing way

(e.g. on 7010(?) roms)

this did indeed solve a 3 month long bug I had

and then I had to spend a month getting reliable communication between 2 sandboxed processes

and eventually finished at xpc hax

I think its the most sandboxed process on device

I sent you nothing

aren't all apps sandboxed

until you unsandbox them

lol

what apps aren't sandboxed then

omg

just figured out why sileo will chomp memory when refreshing

hungry hungry hippos

Capt go read the *os internals books

^

does anyone here with an actual dev environment and an arm64e jailbroken device wanna test something for me

define actual dev environment

currently, i'm building my tweaks on a jupyter hub terminal running on a macos server i have

then downloading them and uploading the debs to a random github release i made

then dming myself a link to them on twitter

my dev environment in a nutshell

then opening that link in twitter on my ipad and installing it via sileo

so anything marginally better than that

I have an a12 device and macos if thats good enough

sileo install deb with depends challenge

stfu

sileo install preferenceloader challenge (unbeatable) (not clickbait)

your mom

I am doing memory optimisations now

!

just installed preference loader in 3 seconds

vibe ok

https://unclutter.anamy.gay definitely helps

lol

u cant without installing some random package that depends it

it does not show up

not true at all

it does?

tbf i'm probably on an old version

sounds like it

or a dumbass

probably both

you’re using the build that still does that cydia mode thing

with tags

i'm on the very first version of odyssey that supported 13.5.1

Update

lol

L

no

it works im scared to touch it

it does not work internally

neither do i

everytime you refresh repos you will casually leak between 70mb and 200mb

sileo 2.0 break your install challenge

everytime you open a package page you will leak around 20mb

no match for my own shit code

this aged well

to be fair

my packages will force a reboot long before memory is an issue

the leaks weren’t too obvious

except like one

but yes this is a repo refresh leak

totally reasonable

anyways, this is a bit complicated, but

wait

what version is your a12 device on

14.3

14.3

shit

wtf

twins

ok

Are you one of the 7 people still using the alpha builds?

@silver rampart is there a way you could add the ability to open the header in a new tab for your header website

1. build a package that has prefs using llvm 12.0.0
2. go into .theos/_/Library/PreferenceBundles/whatever.bundle/
3. run this script on the bundle library: https://gist.github.com/KritantaDev/b577dafe844d26350b051b482bb71268
4. resign it, cd out, dpkg --build .theos/_, and shoot me the deb

i need to just use a hrefs instead of hacking onclick()s to work, when i get around to that it should work

trying to think of a package I could use

oh I know

use bruhkeys

I'm just gonna use macspoof because i have that shitty setup done

all of my packages with prefs use my own code that requires compiler-rt to build

so i cant do it on this machine

oh pro still doesn’t have compiler-rt i wonder if someone did it but didn’t push it

that works

aight building now

oh also, before u run remap.py, python3 -m pip install --force-reinstall k2l

Sounds good, i like it so far btw

just gonna paste this to summarize what remap.py does

oh it’s levi

what a guy

no idea who anyone is in the scene anymore i love it

nice guy

this deb?

doesn't ldid -e just extract the codesig

yeah didn't notice that

lol

man ldid 🙄

its been a long day

I believe sun was gonna update pro llvm so they'll do it than

that's gonna be a joy to type in terminal

discord did it

not me

🎉

now we pray it works

now we spend 2 minutes trying to get a link to it from discord

https://cdn.discordapp.com/attachments/688124600269144162/920038799248076820/6c1c69dcde160483.deb

Link for the lazy https://man.cameronkatri.com/ldid/ldid

cam figuring out the last two flags challenge

agh

can you modify the control to remove the firmware limt

lol sure

i'd do it myself but dpkg -x doesn't extract the packaging tarball

https://cdn.discordapp.com/attachments/688124600269144162/920040618837835886/uwu.deb

tysm

-R

ty i will promptly forget that in 5 minutes

That's why man and search in less exist

is that also resigned?

you have less hoes

Yes, I have 0

Should be

where is more wtf

more is super old and way worse than less

wtf

what about most

iirc ldid -s only does sha1, not sha256, but you'd have to check that

is that the difference between -s and -S?

or am I just dumb

nvm

c strings are hard

give the old man some slack

It's cause he uses custom arg parsing instead of getopt(3)

No slack

@tepid olive don't me

@main apex @tepid olive @grim sparrow @silver rampart don't me

doesn't work then

not surprising bc of the massive under the hood changes

go ahead, mention all 5 of us, i dare you

(that i still dont even understand yet)

@restive ether now I don't meant to alarm you but I just found a massive memory problem

lol

Don't me

when you try and install a deb, it would load the entire deb into memory

at once

and hold it

why

may be why installing larger debs can be so taxing on the device.....

not criticizing just curious

Nah, that can't be why

Ever tried installing UTM (200~mb)

Probably poor design when it was implemented initially

its purely just to hash it

could mmap it

I'm refactoring it now to load in buffers

and unload each buffer

I hate looking through this and finding dumb things that someone implemented that have stuck around for so long

like the refresh leak that stuck around for the best part of 2 years

imagine being concerned about memory usage 😎

I managed to get it to leak 5gb

before I gave up

lipo command in ktool intentionally leaks a shitload of references bc all of the patching/writing functionality is hacked in as an afterthought

# Slice() might hold a ref preventing it from being closed? but i'm just going to let it close on exit() :)

good thing i’m not jailbroken then

virgin insulting everyone else's code vs chad insulting your own code

true

vs lad not even writing code in the first place

wait does ios even support memory mapped IO?

would be amazed if it didn't but

@grim sparrow if you're working with files in the MB size range, might speed up IO (especially if you're buffering it, but here that shouldn't be an issue)

the current implementation should be fine

she says

virgins installing large themes and wonder why their phone jetslammed itself into oblivion

well

what I just implemented

also should reduce the memory load on the system by half

mmap is nice