Skip to content

affilares/rootlessJB

Repository files navigation

Description

Blah blah, read this: How to make a jailbreak without a filesystem remount as r/w

  • Powered by jelbrekLib

Usage notes

  • empty_list used by default. You can change that in sploit.c
  • Cydia Impactor will BREAK the binaries and the only solution would be compressing files or saurik releasing an update. I will not bother with an ipa for now.
  • Binaries are located in: /var/containers/Bundle/iosbinpack64
  • Launch daemons are located in /var/containers/Bundle/iosbinpack64/LaunchDaemons
  • /var/containers/Bundle/tweaksupport contains a filesystem simulation where tweaks and stuff get installed
  • Symlinks include: /var/LIB, /var/ulb, /var/bin, /var/sbin, /var/Apps

All executables must have at least these two entitlements:

<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>platform-application</key>
    <true/>
    <key>com.apple.private.security.container-required</key>
    <false/>
</dict>
</plist>
  • Tweaks and stuff get installed in: /var/containers/Bundle/tweaksupport the same way you did with Electra betas.
  • Tweaks must be patched using the patcher script provided. (Mac/Linux/iOS only) or manually with a hex editor
  • Apps get installed in /var/Apps and later you need to run /var/containers/Bundle/iosbinpack64/usr/bin/uicache (other uicache binaries won't work)

iOS 12

  • No tweaks and code injection yet
  • No amfid patch yet. Must run "inject /path/to/binary" before adding a new binary
  • No jailbreakd yet
  • No remount (heh?)

patcher usage: ./patcher /path/to/deb /path/to/output_folder

Thanks to: Ian Beer, Brandon Azad, Jonathan Levin, Electra Team, IBSparkes, Sam Bingner, Sammy Guichelaar

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • C 69.0%
  • Objective-C 26.7%
  • Logos 2.8%
  • Other 1.5%