i'll do a better release tomorrow or something, but to keep my promise, here's a gist bug2: platform-application bypass, /usr/bin/fileproviderctl is a binary with a purpose i'm not sure of, however, it executes /usr/local/bin/fileproviderctl_internal when run make /usr/local/bin/fileproviderctl_internal a symlink to your code to execute, and replace a daemon with /usr/bin/fileproviderctl recommended to use wifiFirmwareLoader, and SUID fileproviderctl with mobile:mobile (if it runs as root containermanagerd has a seizure) boom, BFU code exec on >11.xish -> 14.xish bug3: platform-application bypass, custom filesystem directory structure: /System/Library/Filesystems/hax.fs: /System/Library/Filesystems/hax.fs/Contents: /System/Library/Filesystems/hax.fs/Contents/Resources: /System/Library/Filesystems/hax.fs/Contents/Resources/mount_hax -> symlink to your haxxx cp -p /sbin/mount to /usr/local/bin/scripter (bypass some sandbox stuff) replace a daemon with an executable containing this: #!/usr/local/bin/scripter -t hax fake the last argument is automatically filled in with the executable path, so mount finds an existing path, and attempts to mount "fake" (taken as /fake as it runs in /) on that path, with the filesystem hax, which executes our code. replace a daemon like wifiFirmwareLoaderLegacy either do the same SUID trick, for untethered, sandboxed code exec as mobile (tired) or use psychicpaper and get untethered, unsandboxed code exec as root (wired) boom, BFU code exec on 9.xish -> 12.xish in both cases, code has to be properly signed and installed. as an example, make an Xcode project, and replace the main function with your code. sign, and install properly, as an application. if this doesn't work for you, it can be a bit of a bitch to get working sometimes, there can be some quirks. license: This software is licensed under the "Anyone But Some Assholes" (ABSA) license, described below. No other licenses may apply. ------------------------------------------ The "Anyone But Some Assholes" license ------------------------------------------ Do anything you want with this program, with the exceptions listed below under "EXCEPTIONS". In the unlikely event that you happen to make a zillion bucks off of this, then good for you; consider buying some hookers, cocaine, hookers and cocaine, weed, hookers and weed, hookers; cocaine; and weed, weed and cocaine, etc. EXCEPTIONS ---------- Any distributions of this program, and source code, must be licensed under this same license, and source code must be provided, either alongside of the program, or with a URL where the code is accessible. Moderators, Owners, or anyone capable of moderating either the "r/jailbreak" Discord server, "Sileo" Discord server, or both Discord servers may not make use of or redistribute this program or any of its derivatives. iMuseum, or whatever that cocksucker goes by now, can both go fuck himself, and may not make use of or redistribute this program or any of its derivatives. An exception is made to the Discord server rule for any members of the checkra1n team, or anyone who is credited alongside checkra1n. Those people include: argp, axi0mx, danyl931, jaywalker, kirb, littlelailo, nitoTV, never_released, nullpixel, pimskeks, qwertyoruiop, sbingner, siguza, haifisch, ihackbanme, jndok, jonseals, xerub, lilstevie, psychotea, sferrini, Cellebrite (ih8sn0w, cjori, ronyrus et al.) Another exception is made to the Discord server rule for any members of the unc0ver team, or anyone who is credited alongside unc0ver. Those people include: pwn20wnd, sbingner, siguza, Jake James, himynameisubik, ios_app_devex, pattern-f, Brandon Azad, Ned Williamson Another exception is made to the Discord server rule for any members of the Manticore team, or anyone who is credited alongside Manticore. Those people include: @rpwnage, @pwnedc99, @fugiefire, @FCE365 / GeoSn0w Besides the previous exceptions, @nonce#1119 (currently) on Discord may not make use of or redistribute this program or any of its derivatives. Also, by using this program you agree that you will worship our lord and saviour spv, and failure to do so may result in anything from broken kneecaps, to death. An amendment to the license is given to @cameren#0420 on Discord, who is both a complete cunt, and may not make use of or redistribute this program or any of its derivatives, and this will not be removed depending on his moderator status. An amendment to this license is also made permitting the use of this software by tihmstar, regardless of moderator status.