m1stadev

What's nonce entanglement?

Beginning with devices using an A12 SoC or higher, Apple introduced nonce entangling.

• This meant that, when saving SHSH blobs, a nonce generator would generate a different ApNonce for each device.
• When saving SHSH blobs for an A12+ device, you now must find a generator-ApNonce pair for your device, then use that generator-ApNonce pair when saving SHSH blobs.
• After you have found a generator-ApNonce pair for your device, you can save it and re-use it whenever you save SHSH blobs again.

Getting a generator-ApNonce pair (jailbroken)

1. (iOS 14+ only) Install an iOS kernel r/w library.
   • On Taurine, install libkernrw.

• On unc0ver, install libkrw.

nderkach

Record a screencast with QuickTime Player

1. Connect an iOS defice with a cable
2. In QuickTime Player: Option-Cmd-N (New Movie Recording) -> Select your device from the recording menu:

Install gifify

stek29

Update

I was tired of waiting so I've just crawled kernelcaches for all avaliable devices and made one big offsets.json containing all offsets. However, they are untested. They *should* work, but refer to table below if you're afraid of bootloops.

---

MESSAGE TO jk9357 OR WHOEVER IS MAINTAINING WALL.SUPPLIES

Some offsets are wrong/missing on wall.supplies.

Siguza

// Bugs by NSO Group / Ian Beer.
// Exploit by Siguza & tihmstar.
// Thanks also to Max Bazaliy.

#include <stdint.h>             // uint32_t, uint64_t
#include <stdio.h>              // fprintf, stderr
#include <string.h>             // memcpy, memset, strncmp
#include <unistd.h>             // getpid
#include <mach/mach.h>
#include <stdlib.h>

laris

https://apple.stackexchange.com/questions/867/how-can-i-unpack-a-deb-on-mac-os-x-without-installing-it

How can I unpack a .deb on Mac OS X without installing it?

I have a .deb file that I want to unpack and examine, but not install. I'm currently looking for where i can download dpkg for OSX, but can't find it. If you have a link, please share.

• ar -x path/to/deb/file.deb
• brew install dpkg

dpkg: stable 1.19.0.5 (bottled)

LukeZGD

• Patch: https://github.com/LukeZGD/iOS-OTA-Downgrader-Keys/releases/download/jailbreak/untether.patch
• Commands:

# Patch
bspatch untether.bin untethermod.bin untether.patch
# Get diff
xxd untether.bin u1.hex
xxd untethermod.bin u2.hex
diff u1.hex u2.hex

LukeZGD

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
	<key>SectionsEnabledIdentifiers</key>
	<array>
		<string>com.apple.controlcenter.settings</string>
		<string>com.apple.controlcenter.brightness</string>
		<string>com.atwiiks.controlcenterx.volume-slider</string>
		<string>com.atwiiks.controlcenterx.air-night</string>

LukeZGD

Home Depot Offsets iOS 8.x.
Found with the help of https://github.com/Merculous/OF32
bufattr_cpx and bx_lr offsets: first result of searching hex 00687047
A5 offsets should work. tested working: 8.0, 8.3, 8.4.1
A6 does not seem to work at all on Home Depot, possibly because of something to do with the Trident exploit.

A5 8.0-8.0.2
0x2c5308
0x2c73e8
0x1ba80

MTACS

Hosted Preference Bundles

Create a "hosted" view of a preference bundle outside of Preferences.app, and in a dedicated application.

For application

• Create new tweak using "iphone/application_modern" template
• In the app's delegate file add the following to the -(void)applicationDidFinishLaunching:(UIApplication *)application; method:

Bhavdip

###Sketch trial non stop

Open hosts files:

$ open /private/etc/hosts

Edit the file adding:

127.0.0.1 backend.bohemiancoding.com

127.0.0.1 bohemiancoding.sketch.analytics.s3-website-us-east-1.amazonaws.com