Jake James jakeajames
jakeajames
/ patch.sh
Last active
February 5, 2023 04:07
Make h3lix work when installed not-via-Impactor. To be used with the latest h3lix.
View patch.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| if [ $# != 2 ]; then | |
| echo "Usage: $0 /path/to/input_ipa /path/to/output_ipa" | |
| exit 1 | |
| fi | |
| if ! [ -f $1 ]; then | |
| echo "'$1' does not exist" | |
| exit 1 | |
| fi |
View poc.c
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdlib.h> | |
| #include <stdio.h> | |
| #include <pthread/pthread.h> | |
| #include <mach/mach.h> | |
| struct ool_msg { | |
| mach_msg_header_t hdr; | |
| mach_msg_body_t body; | |
| mach_msg_ool_ports_descriptor_t ool_ports[]; | |
| }; |
View IOSurface_stuff.c
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // | |
| // IOSurface_stuff.c | |
| // time_waste | |
| // | |
| // Created by Jake James on 2/22/20. | |
| // Copyright © 2020 Jake James. All rights reserved. | |
| // | |
| #import "IOSurface_stuff.h" |
jakeajames
/ patchfinder64.c
Last active
August 4, 2022 10:16
"kppless" sandbox profile patch for iOS 12
View patchfinder64.c
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| addr_t Find_platform_profile() { | |
| uint64_t string = Find_strref("\"failed to initialize platform sandbox", 1, 0, false); | |
| if (!string) { | |
| string = Find_strref("\"failed to initialize platform sandbox", 1, 1, false); | |
| if (!string) { | |
| return 0; | |
| } | |
| } | |
| string -= KernDumpBase; | |
jakeajames
/ SubstituteDummy.m
Created
March 29, 2019 21:48
View SubstituteDummy.m
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| struct substitute_function_hook { | |
| void *function; | |
| void *replacement; | |
| void *old_ptr; | |
| int options; | |
| }; | |
| extern void *MSGetImageByName(const char *filename) __asm__("_MSGetImageByName");; | |
| void *SubGetImageByName(const char *filename) { | |
| return MSGetImageByName(filename); |
jakeajames
/ Makefile
Created
March 31, 2019 17:08
reverse kCFCoreFoundationVersion checks. Uses code from xerub. Code will suck in some places. I warned you.
View Makefile
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| include $(THEOS)/makefiles/common.mk | |
| export ARCHS = arm64 | |
| TOOL_NAME = patch_cfversion_checks | |
| patch_cfversion_checks_FILES = $(wildcard *.c) $(wildcard *.m) | |
| CFLAGS += -Wno-macro-redefined | |
| include $(THEOS_MAKE_PATH)/tool.mk |
jakeajames
/ exploit.c
Last active
April 9, 2022 04:10
leak address of segment_list in oob_timestamp
View exploit.c
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // | |
| // exploit.c | |
| // extra_time | |
| // | |
| // Created by Jake James on 2/8/20. | |
| // Copyright © 2020 Jake James. All rights reserved. | |
| // | |
| #include "exploit.h" | |
| #include "IOAccelerator_stuff.h" |
View qwertybug.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <pre id="logs"></pre> | |
| <script> | |
| // utilities | |
| let arr = new Uint32Array(2); | |
| let arr64 = new Float64Array(arr.buffer); // use same buffer | |
| function floatToInt(float) { | |
| arr64[0] = float; |
jakeajames
/ iDarkify12.xm
Created
March 5, 2019 19:33
View iDarkify12.xm
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| @interface _UIBackdropView : UIView | |
| -(id)initWithStyle:(long long)style; | |
| -(long long)style; | |
| @end | |
| @interface SBFloatingDockPlatterView | |
| @property (nonatomic, retain) _UIBackdropView * backgroundView; | |
| @end | |
| @interface SBFolderBackgroundView : UIView |
jakeajames
/ jump.c
Last active
July 30, 2019 10:12
View jump.c
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // | |
| // jump.c | |
| // sock_port | |
| // | |
| // Created by Jake James on 7/14/19. | |
| // Copyright © 2019 Jake James. All rights reserved. | |
| // | |
| #include <sys/mman.h> |
NewerOlder