朱心浪
@xina520
Followers
15,113
Following
138
Media
36
Statuses
170
Explore trending content on Musk Viewer
Nigéria
• 204655 Tweets
DAOUOFFROAD COL EP6
• 200757 Tweets
Jasper
• 123940 Tweets
Newsweek
• 119899 Tweets
Ricardo
• 76121 Tweets
Nodal
• 64162 Tweets
Marta
• 41751 Tweets
Lorena
• 41077 Tweets
LONE LION MUNAWAR
• 39151 Tweets
#انا_مش_روبوت_انا_سعودي
• 36460 Tweets
Guayaquil
• 31843 Tweets
スペイン
• 29366 Tweets
Fields
• 29054 Tweets
Espanha
• 27241 Tweets
Southwest
• 20202 Tweets
DECADE OF KICK MADNESS
• 17536 Tweets
#なでしこジャパン
• 17367 Tweets
アプリDL
• 15577 Tweets
$BUB
• 10026 Tweets
Last Seen Profiles
I never thought about charging, nor did I need any donations, but I felt hostile and attacked. If you are impatient, please delete me and pull me black. I don't want you to understand me, but please don't blackmail me, thank you
188
42
584
Fixed a permission conflict in IOS15. The RocketBootstrap and applist works normally
100
51
572
ml_dbgwrap_halt_cpu new value: 800000ff
dma_ctrl_1 new value: 8000000000070e01
kernel_addr phys_addr: fffffff14eca99d0 91db959d0
dma_ctrl_1 old value: 70e00
fffffff14eca99d0 : 4141414141414141
99
123
535
Next, I will not send the test version to unfamiliar people. The public needs to wait for a stable day
102
39
441
From now on, anyone can test it. Please give feedback if you have any questions
121
44
391
From now on, any plug-in developer who needs to test can apply to me to join the developer public test group. Note that the current version only supports 15.0-15.1.1 A12-M1, and fake developers are not allowed
74
38
332
I know there are many problems in the current version, but I believe I will solve them one by one. Please rest assured that I will improve it
69
19
318
shasum -a 256
f765c8eaaf86badd35741486af484a37f83031c4fda8a68c8b3d058f90ab15cf
63
64
316
I didn't fix other people's plug-ins. This is not my job. What I have done is to make the prison break environment more compatible. I am not wasting time. Every step of repair is needed
36
14
280
The fork function cannot be used in ios 15 a12 jailbreak because it cannot map the executable memory. However, if you want to use it, you can move the function to Dylib for execution
53
18
270
The friend who didn't get the test was very sorry, because it was really not good enough, maybe because my English was too poor, so I gave the initial version to some Chinese friends to test, I'm sorry
64
15
255
Users who have problems installing for the first time, please restore all the settings of your phone, choose to rebuild the jailbreak environment, and open jailbreak
70
24
253
It seems that everyone forgot that this is the version used by developers for development
37
15
253
Due to the leak of the version, we have to open the test in advance. If you have any questions, please understand.
51
25
256
shasum -a 256
6a4276d25cef61a44ac04074c3a89a18ee50eb347767faa895be5326acc3919d
71
34
233
These credits belong to KFD Fugu 37c3 and have nothing to do with me. There are more people developing jailbreaks now, and I think some people need it
17
25
238
We can't test in a large area yet. The first version has found problems that need to be solved. I believe we should try to solve them as soon as possible
26
13
223
If you think ,I have the code you need (any jailbreak developer), please DM me Alas, Google translation is poor, ha ha
58
25
212
I never generated version 1.1.4.4, but someone told me that someone was spreading version 1.1.4.4, indicating that there are many fake programs. If you get it from other places, there may be a problem
21
29
197
该方法在ios15.1 上测试通过 无需hook amfid 同时也绕过 内核 AMFI 检测
This method passes the test on ios15.1 without hook amfid and bypasses kernel AMFI detection
@tihmstar
@CStar_OW
@littlelailo
I posted my CoreTrust/DriverKit writeup. Thank you so much for all your help and advice.
10
23
115
36
38
207
@foxfortmobile
It is recommended to use "saily ". Now all sources of "saily " work normally . I may integrate it in a later version, because I don't want to maintain the package manager. I spend more time fixing jailbreak problems
26
15
205
If the installation of incompatible plug-ins fails to enable jailbreak, please select "safe mode (no restart for the first time)" to uninstall the plug-ins under Sileo. It is not recommended that ordinary users use the method of deleting directories
25
20
167
This is rootless A12. Many processes need continuous improvement. In order to be compatible with the old plug-ins, I have made many patches, but many people think that it should support all the parts that other jailbreaks can support, just like other jailbreaks.
16
7
158
If you are not a developer, it is recommended to wait for the official version
17
10
159
Fixed pink screen in safe mode
Fix the pink screen issue with bindfs command above 15.2
Fix the issue of some people's fonts being restored
Some optimizations
48
27
158
Fix mobile directory permission issue
no longer need to download img4 files for the first time
Add delayed spring for a14 black screen users (temporarily processed)
22
27
158
I may need to use discord because my Telegram is prohibited due to the number of people added. Please wait
9
9
148
It is not as perfect as it appears. There are still many compatibility issues to resolve. I try to be compatible with some old components. I hope to finish it eventually
31
9
140
For 15.41, before that, I naively thought that the current existing method could be used in combination with weightBufs and dynamic signature to quickly complete it, but I only found out last night that it was impossible
12
8
138
Therefore, fugu15 is the only key to complete a complete prison break, but it cannot be used stably here. I haven't found a good solution to this problem
8
9
129
But in fact, the purpose of my compatibility with the old plug-ins is for a transition. I hope that all plug-ins can update the new version to make the whole more stable
7
7
127
Add Source Installing XinaBlackList may resolve some issues as I have placed some patches on it.
16
22
116
Apple Sandbox, you are leaking air. Why does the program in the sandbox have the right to detect symlinks outside the sandbox😡
9
15
110
这只是一个演示流程,真正执行起来还是有难度
This is just a demonstration process. It is still difficult to implement
13
5
100
@foxfortmobile
Rootless is safe. In the worst case, you may be forced to restart your phone to return to normal
3
11
96
只是把昨天的思路方案1执行起来,还有其它方案还没有测试,我需要时间
I just implemented yesterday's idea scheme 1. There are other schemes that have not been tested yet. I need time
3
4
93
three entitlement cannot be used in ios15, whether it is the developer certificate or app store fast path
if ( trust_level <= 6 ) {
(pmap_cs detection)
".private.cs.debugger"
"dynamic-codesigning"
".private.skip-library-validation"
}
8
9
90
@CStar_OW
I am writing a tool to modify these connections to the root (load)_ command
case LC_ LOAD_ DYLIB:
case LC_ LOAD_ WEAK_ DYLIB:
case LC_ REEXPORT_ DYLIB:
case LC_ LOAD_ UPWARD_ Dylib: fix some interdependent bin
Another part may need hook dyld to solve some problems
8
11
84
这是fugu15要来了吗 有签名绕道 有pac绕道 有内核代码执行
16
5
72
@Jakeashacks
@eveIyneee
@opa334dev
rootlessness, it was never the one who troubled the A12+ ,I patched the path just for a temporary transition.
You can write new dependencies for the rootlessness.
4
5
67
我已经把amfi跟签名相关的反复逆了几遍,系统二进制运行级别为8 我们签名的如 dylib 级别为5 系统进程在加载dylib 时发现低于它级别的,会被去掉内存可执行标志。 如果我们对系统二进制附加签名使它运行在级别5,但是现在开发者证书的签名在ios15上会amfi被检测沙盒以外的权力。
5
7
44
@NewGhost_
Some people who didn't get the test version said that they could accept the current program bug. When they got it, they kept complaining. They never paid attention to the precautions I had sent. They repeatedly asked me questions I had already answered. I can't spend time on it
4
2
48
@Jakeashacks
Key points have been protected by added pac ppl, for example, the task permission structure has been deleted, proc off_p_ucred released ppl, off_ p_ Csfiags are also used by PAC, etc
3
3
46
@Jakeashacks
@foxfortmobile
I have finished hooking the dyld and intercepting the usr path and Library path. The path that does not belong to the system cache or fails to load will be replaced with a new path
3
3
41
@dittovsrajy
It is an ipa that can be directly installed from trolls or other signature tools. Questions like yours tend to mislead others
3
0
40
进程检测权限的地方有三处,,启动时检测签名cs_blob_profile 启动后pmap复制一份 cs_blob_profile 这一部分检测被ppl保护,运行中二进制有一部分权限是检测pmap_profile, 一部分权力检测进程线程ucred 而对trust_level检测是在pmap里,这个受AMFI ppl保护
3
4
35
Under what circumstances trust_ Level > 6 only when the trust cache is added, How to inject dylib, just keep the teamid and csb_platform_binary consistent with the target binary
2
1
37
@opa334dev
@FCE365
Since fugu 15 uses the kernel pac to bypass, we can continue to use the trust cache method to bypass the signature. Then our process level can be raised from 6 to 7, so that we don't need to bypass so many things
4
5
34
@shogunpwnd
private/preboot/%s/System/Library/Caches/com.apple.kernelcaches/kernelcache %s=fread=private/preboot/active
3
0
35
@foxfortmobile
To run dpkg without roots, you need to fix the command path or hook dyld. The most important thing is to fix the problem of executable memory that cannot be mapped by fork .
dpkg-deb -R (
Supports releasing to the specified directory)
0
5
30