évelyne
@eveiyneee
Followers
4,665
Following
14
Media
17
Statuses
571
Explore trending content on Musk Viewer
Angela
• 1060105 Tweets
Trans
• 1008393 Tweets
Imane Khelif
• 1003132 Tweets
Olympic
• 945415 Tweets
Rebeca
• 915070 Tweets
Simone
• 868699 Tweets
Algeria
• 229211 Tweets
billie
• 121418 Tweets
Argelia
• 117099 Tweets
トランスジェンダー
• 116595 Tweets
Charli
• 86933 Tweets
Bears
• 75938 Tweets
バニーの日
• 51953 Tweets
#SVAllStarsDebateFinal
• 43311 Tweets
Logan Paul
• 42011 Tweets
Merry Christmas
• 40109 Tweets
Macri
• 36721 Tweets
Texans
• 30283 Tweets
#ليله_الجمعه
• 30178 Tweets
日経平均
• 27249 Tweets
ONDE NÃO PEGA CELULAR
• 19560 Tweets
ダンジョンの中のひと
• 18050 Tweets
OUÇA LAÇO COMPRIDO
• 16796 Tweets
Fábio
• 16652 Tweets
性別騒動の女子ボクサー
• 13543 Tweets
パンツの日
• 13241 Tweets
Alonso Correa
• 12363 Tweets
springboard tweak injection with kfd and the ct bug, tweaks loaded by ellekit. thanks
@zhuowei
for the technique
27
65
375
17.0 support for tweak injection is almost ready, only needs a userspace PAC bypass (easy) and the kernel exploit from google. when it releases it should immediately work
31
53
326
17.0 is still a good iOS version, you guys are fine…. don’t panic you have an upcoming exploit & there’s a coretrust bypass 😋
46
33
312
Dopamine 2.0 has to be the best arm64e jailbreak ever. It’s incredibly fast and stable
24
22
292
if you even care, 17.2 and lower seem to have a UaF (krw!) in igmp_flush_relq. I’m
not smart enough to exploit it, someone else should try
23
45
272
It’s kinda funny how iOS 17.0 has a CoreTrust exploit but still no way to get a binary signed with it on a device. Really shows how useful having installd’s checks is for device security
6
16
217
Fixing :
Step 1: Disable SIP and enable arm64e execution. Not explaining this, it's easy
Step 2: download this dylib and resign it with xattr -sc
Step 3: run the command within the ``` in terminal:
16
19
212
dylib injection into SpringBoard is possible with kfd and the coretrust bypass, someone’s gotta work on it though
12
24
191
ellekit 1.0 is out, fixing literally all known bugs. it’s been fun.. time to add a new hooking technique
18
33
187
I’m glad someone else took interest in SpringBoard tweak injection, you should no longer expect me to release anything related to that.
19
11
183
the aim of springboard tweaks on 17.0 is to make a fully functional jailbreak*, not something janky that you manually set up
18
23
182
Hi! Please test these ElleKit 1.1 debs. They should fix AppSync, CarBridge and BioProtect issues, so pls try those for me. I hope these are finally stable enough for release.
rootful:
rootless:
25
40
178
ElleKit v0.5.2 is now out!
Changelog:
- fixes for exception handler stack overflows
- 16.4 support (palera1n)
- many miscellaneous bug fixes and optimizations
Get it on now!
8
25
169
with the t1sz fix, everything works on 16.6 beta 1 on my iPhone 11 Pro.
looking forwards to jailbreaking my main phone for the first time in years :D
26
13
169
Dopamine is probably the highest quality, least dramatic jailbreak there has been since iOS 10
27
7
157
The 16.6 beta 1 beta alert is appearing on November 17th
I’ll develop a beta alert remover before that
28
15
157
Here's a kfd-based arm64 krw handoff technique along with an unfinished jb. Enjoy
6
34
157
ElleKit will now has a stable jailed iOS MSHookFunction interface, used as such:
6
15
151
Apparently if you install trollstore on 16.5 and delay ota to 17.0 trollstore will still work... although if you uninstall it on 17.0 you can't get it back until a new method is found
17
6
144
Maybe I should update my main device from 17.0, since every time I do it an exploit for the version I left is released
19
6
136
my kfd fork:
includes iPhone 11 Pro 16.6 beta 1 ResSet16 support
and here is an IPA:
25
15
111
anyone have good deals for the cheapest A12+ device on 16.2-16.5.1? dm the links if you find any!! i need a good test device if i wanna do this project
31
6
120
installing tweaks patched with roothide from sileo now works well😗
17
9
121
16.6 beta 2 exploiting is extremely unstable, go to 16.6 beta 1 while it’s still signed (cc
@FCE365
)
25
17
120
ElleKit v0.6 and OldABI 0.3.1 are out!
Changelog:
- Fixes b.cond and cb(n)z rebinding
- Fixes Aemulo and EmojiPort*
- Bundle loading fixes for palera1n
- Inject OldABI in preference bundles
- And many more bug fixes and optimizations
Now available on
9
18
120
Would be interesting to see someone spawn a jailbreakd with the ct bypass and create some new framework to make tweaks
5
6
115
I got trustcache injection fully working on arm64 15.x
It was a rainy day so I took some time 😅
13
7
110
i wonder how many users ellekit has. all rootless / roothide users use it, so it must be a lot right?
17
7
106
to clear up confusion, i mean springboard and daemon tweaks on 17.0
10
1
104
just when i update to 18.0 😭
Maybe I should update my main device from 17.0, since every time I do it an exploit for the version I left is released
19
6
136
17
3
98
Also I won’t work on this seriously till Google publishes their 17.0 kernel exploit, but at least we know it’s possible. All versions supported by kfd will get a jailbreak soon anyway
10
9
96
now that kfd works for everyone i’m gonna wait until people update their MacDirtyCow tools, i’m not an expert in that domain
have fun :)
11
4
93
I might work on this when I finish finals on december 19th, or I'll publish ElleKit 1.2
dylib injection into SpringBoard is possible with kfd and the coretrust bypass, someone’s gotta work on it though
12
24
191
7
9
91
it would be a jailbreak-lite but it would have most jailbreak features
7
4
88
update on wip arm64 jb: got remount done, but i can’t get trustcache injection working just yet
4
2
88
taking a break from jailbreak development was so good for me - i’m done when ellekit 1.1 releases
8
1
88
fyi: kfd works on 17.0 beta 1 for A14 and lower
A15+ need a SPTM bypass
9
14
87
I got kfd to have a 95% success rate on my device by adding some bound checks
6
6
81
I still think it’s silly to release it like this, the CoreTrust bypass should be automated adequately to support system wide injection in a stable manner, but I’ll make my own private thing anyway for my main device
6
3
84
There’s a new obscure panic with KFD that happens after a few days… is this PPL trying to clean up a leaked page entry? I’d check this out but PPL is closed source
9
5
81
Has anyone made a bootstrap for the CoreTrust bug that resigns packages automatically from apt? It would be useful to test SpringBoard tweak injection
5
3
82
Changes:
- Fixes AppSync Unified on Dopamine
- Fixes cbz rebinds
- Fixes objc_msgSend hooks
- Adds mobiletimerd to the palera1n filter
- Adds a new hook technique
- and more... I forgot over the 6 months I've been doing this
7
12
81
*If* 17.0 gets a proper kernel or launchd exploit I might resume work on the userspace PAC bypass needed
2
4
79
honestly i might stop working on everything except ellekit and push 1.1 finally, then I’ll have to study for med school 🧍♀️sorry guys
update on wip arm64 jb: got remount done, but i can’t get trustcache injection working just yet
4
2
88
18
3
76
i gotta say, i don’t see the need for a jailbreak when we have MDC / KFD
You can basically do anything with ROP if you put in effort
30
2
74
just to clarify, lots of people think this is an installation method for iOS 17 or a new exploit, it's not. this has been doable since the Fugu15 bug came out
A full featured bootstrap for ios16.0-17.0(A12+) is coming soon, with sileo/zebra/newterm3/openssh/theos all working.
104
152
729
1
5
76
Also rootless is still better than roothide, should be optional 😭
3
3
76
so excited…. i’ll be able to have tweaks on my main device for the first time in years when the kernel exploit drops
6
4
75
*it will be slightly slower than Dopamine, but modern devices are fast enough to handle it imo
2
4
75
also who bootlooped on the roothide bootstrap 😂 that sounds like you modified something in the system files
5
3
74
To enable early Greymatter support in Mail: hook the c function EMIsGreymatterAvailableWithOverride() and return 1. Here's the state of it:
6
5
72
thought i found a proper 16.x sandbox escape with root but it turns out it only works on 16.1 beta 3 and lower :(
11
8
66
Thanks a lot to those who helped, my weekend hours ran out and I have to study, but I’ll finish this next week hopefully 🤞 At least now I know what causes the issues
5
2
65
If you want to support my work, you can donate at the link in bio 🫶 I spend a lot of time trying to get everything as stable as possible for users
6
14
63
There’s also a 16.4 and lower sandbox bypass that can be done but I won’t look into it since my phone is on 16.6
thought i found a proper 16.x sandbox escape with root but it turns out it only works on 16.1 beta 3 and lower :(
11
8
66
13
9
62
lol ElleKit 1.1 fixed a bunch of super super niche bugs apparently, like flashlight and apple pay not working
6
5
61
Help me test ElleKit 1.1.1 RC!
Rootless:
Rootful:
Please test CarBridge! If you get a safe mode, send your crash logs
13
11
58
1m$ for "com,apple.developer.marketplace.app-installation" is one thing, but how much does "com,apple,private,security.no-sandbox" cost?
5
1
58
ElleKit 0.6.2 is out, fixing palera1n tweak injection by making it use the Dopamine tweak injection method
7
8
55
all known ElleKit bugs are fixed, and EmojiPort + Aemulo seem to be working perfectly. 0.6 incoming soon
13
8
54
I don’t have any 16.x arm64e test devices unfortunately, but it works super well on all my devices!
4
1
54
@g3nNuk_e
No? Stop speculating, this is false. I am talking about SpringBoard tweak injection, akin to real jailbreaks
5
1
53
someone pls make a bootstrap app for 15.x and 16.x so this can progress quicker thanks
3
3
52
when rootless jailbreaks came out, nobody detected them. now they do. this is the same thing, eventually they will update their detections and the apps will break again
7
3
51
Someone pleaseeeee make a 15.6.1 jailbreak for my iPhone 7 so I can use it as a test device.. I don't have time to do it myself :(
15
4
50
after my finals if an install method for 17.0 is found i wanna do exactly that
0
1
51
let's hope Google TAG blesses us with a kernel exploit this christmas or maybe something else will come....
2
2
47
working on dynamiccow using a new vnode technique but it doesn’t work at all………………….
0
0
46
i don’t have a 17.4 checkm8 device to test ellekit, so I don’t know if I’ll be able to fix the issue. They’re expensive
5
3
46
A bit of a change of pace... I'm releasing a calculus library that does symbolic differentiation, integration*, calculates limits and implements integral approximation with Taylor series
Released without license for now
1
8
45
@straight_tamago
@Little_34306
Could the version of the kfd exploit used in Misaka for 15.0-16.6.1 be open sourced? Would be a great contribution to the community.
2
2
44
If no issues are reported I'll release these tomorrow
Hi! Please test these ElleKit 1.1 debs. They should fix AppSync, CarBridge and BioProtect issues, so pls try those for me. I hope these are finally stable enough for release.
rootful:
rootless:
25
40
178
7
8
44
many are mentioning sideloading - i’m pretty sure if someone put in the effort it would be possible to extend the 7 day limit by messing with amfid
7
0
43
once again fridarootmanager and other things like that are irrelevant to the goal
1
0
42
this means those on beta 2 will never be able to jailbreak as 5 kread calls panic the device
9
2
43
my new iphone 14 is likely to come on 17.1.1, rip any chance of me using trollstore with ellekit
9
0
42
also about the arm64 jailbreak since I left that on a bad note - i was approaching it by rewriting everything myself including the handoff but other people just used tihmstar’s work and got it done faster, so i don’t have any reason to keep going ❤️
4
0
42
Kinda mad that I’ve been tryna release ElleKit 1.1 for 6 months now and it’s still not ready
8
8
40
FYI Legacy arm64e support may cause spinlocks. Removing it will help.
You can patch oldabi dylibs with Allemand, my static oldabi patcher
10
5
41