James Gill JJTech0130

## debugger_jit_improved.m
#import <Foundation/Foundation.h>
#import <mach/mach.h>
#import <stdio.h>
#import <stdlib.h>
#import <string.h>
#include <libkern/OSCacheControl.h>

const int REGION_SIZE = 0x4000*1;

void write_instructions(void* page)

## carrier_bundle.py
import sys
import json
import plistlib
import requests
import zipfile
from io import BytesIO
try:
    from rich import print
except ImportError:
    print=print

## gsa.py
import base64
import hashlib
import hmac
import locale
import plistlib as plist
from datetime import datetime
import logging
import requests
import srp._pysrp as srp
import urllib3

## generate_esim.sh
#!/usr/bin/env bash
set -euo pipefail

# Configuration
CONFIG_ID="8da72a14ba6942ac904c2f028aada7cb"   # Simlessly eSIM config ID

CBRS_PREFIX="315010"      # CBRS MCC+MNC per your request
CBRS_IBN="9999"           # CBRS IBN for testing/shared
DEFAULT_KI="$(printf 'A%.0s' {1..32})"    # 32 hex chars of 'A' -> 16 bytes (testing)
DEFAULT_OPC="$(printf 'A%.0s' {1..32})"   # same for OPc

## dvmt-unlock.md

      
              1 file
            
          
              0 forks
            
          
                0 comments
              
            
              5 stars
            
          
                JJTech0130
                / dvmt-unlock.md
            
            
              Last active
              October 12, 2025 17:21
            
              
                Change DVMT pre-alloc. memory using RU.efi. Originally from Reddit.
              
          
WARNING: BIOS modding can be dangerous. You run the risk of bricking your device. I am not responsible for broken devices.


This tutorial was created for my HP Pavilion 15 laptop. I cannot confirm that this works on any other devices.


Finding variable

We need to find the offset, varstore, and possible values for the DVMT pre-alloc.
Extracting BIOS


## icloud_tokens_from_disk.py
import base64
import hashlib
import hmac
import plistlib
from pathlib import Path

import keyring
from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
from cryptography.hazmat.primitives.padding import PKCS7

## unpin.js
// Disables SSL pinning by replacing functions with no-ops.
function unpin() {
    var SecTrustEvaluate_handle = Module.findExportByName('Security', 'SecTrustEvaluate');
    var SecTrustEvaluateWithError_handle = Module.findExportByName('Security', 'SecTrustEvaluateWithError');
    var SSL_CTX_set_custom_verify_handle = Module.findExportByName('libboringssl.dylib', 'SSL_CTX_set_custom_verify');
    var SSL_get_psk_identity_handle = Module.findExportByName('libboringssl.dylib', 'SSL_get_psk_identity');
    var boringssl_context_set_verify_mode_handle = Module.findExportByName('libboringssl.dylib', 'boringssl_context_set_verify_mode');

    if (SecTrustEvaluateWithError_handle) {
        var SecTrustEvaluateWithError = new NativeFunction(SecTrustEvaluateWithError_handle, 'int', ['pointer', 'pointer']);

## anisette.py
import base64
import json
import logging
import plistlib
import random
import uuid
from datetime import datetime

import requests
import urllib3

## partfinder.py
import requests
import json
import rich
from bs4 import BeautifulSoup, Tag

DEALER_STORE_ID=1405 # You can pretty much pick any dealer
CATALOG_ID=251 # Not sure

def get_wc_cookies():
    # curl -L 'https://parts.ford.com/shop/AjaxManageUserVehicles' -H 'Content-Type: application/x-www-form-urlencoded' -d 'storeId=1405'

## obdlink.py
import serial
from serial.tools import list_ports
import time

class CANError(Exception):
    """Custom exception for CAN-related errors."""
    pass

class ELM327:
    def __init__(self, port, baud):
	#import <Foundation/Foundation.h>
	#import <mach/mach.h>
	#import <stdio.h>
	#import <stdlib.h>
	#import <string.h>
	#include <libkern/OSCacheControl.h>

	const int REGION_SIZE = 0x4000*1;

	void write_instructions(void* page)
	import sys
	import json
	import plistlib
	import requests
	import zipfile
	from io import BytesIO
	try:
	from rich import print
	except ImportError:
	print=print
	import base64
	import hashlib
	import hmac
	import locale
	import plistlib as plist
	from datetime import datetime
	import logging
	import requests
	import srp._pysrp as srp
	import urllib3
	#!/usr/bin/env bash
	set -euo pipefail

	# Configuration
	CONFIG_ID="8da72a14ba6942ac904c2f028aada7cb" # Simlessly eSIM config ID

	CBRS_PREFIX="315010" # CBRS MCC+MNC per your request
	CBRS_IBN="9999" # CBRS IBN for testing/shared
	DEFAULT_KI="$(printf 'A%.0s' {1..32})" # 32 hex chars of 'A' -> 16 bytes (testing)
	DEFAULT_OPC="$(printf 'A%.0s' {1..32})" # same for OPc
	// Disables SSL pinning by replacing functions with no-ops.
	function unpin() {
	var SecTrustEvaluate_handle = Module.findExportByName('Security', 'SecTrustEvaluate');
	var SecTrustEvaluateWithError_handle = Module.findExportByName('Security', 'SecTrustEvaluateWithError');
	var SSL_CTX_set_custom_verify_handle = Module.findExportByName('libboringssl.dylib', 'SSL_CTX_set_custom_verify');
	var SSL_get_psk_identity_handle = Module.findExportByName('libboringssl.dylib', 'SSL_get_psk_identity');
	var boringssl_context_set_verify_mode_handle = Module.findExportByName('libboringssl.dylib', 'boringssl_context_set_verify_mode');

	if (SecTrustEvaluateWithError_handle) {
	var SecTrustEvaluateWithError = new NativeFunction(SecTrustEvaluateWithError_handle, 'int', ['pointer', 'pointer']);
	import requests
	import json
	import rich
	from bs4 import BeautifulSoup, Tag

	DEALER_STORE_ID=1405 # You can pretty much pick any dealer
	CATALOG_ID=251 # Not sure

	def get_wc_cookies():
	# curl -L 'https://parts.ford.com/shop/AjaxManageUserVehicles' -H 'Content-Type: application/x-www-form-urlencoded' -d 'storeId=1405'
	import serial
	from serial.tools import list_ports
	import time

	class CANError(Exception):
	"""Custom exception for CAN-related errors."""
	pass

	class ELM327:
	def __init__(self, port, baud):