zhuowei

// Allows disabling Same-Origin Policy on iOS WKWebView.
// Tested on iOS 12.4.
// Uses private API; obviously can't be used on app store.

@import WebKit;
@import ObjectiveC;

void WKPreferencesSetWebSecurityEnabled(id, bool);

@interface WDBFakeWebKitPointer: NSObject

pwn0rz

#include <IOKit/IOKitLib.h>
#include <mach/mach.h>
#include <stdio.h>
#include <stdint.h>
#include <stdlib.h>
#include <ctype.h>

void hexdump(void *ptr, int buflen) {
  unsigned char *buf = (unsigned char*)ptr;
  int i, j;

Lessica

import Cocoa

class MyStackView: NSStackView {
    override func responds(to aSelector: Selector!) -> Bool {
        if aSelector == #selector(NSSplitViewController.toggleSidebar(_:)) {
            return false
        }
        return super.responds(to: aSelector)
    }
    

yarshure

Key Name                                                Description
========                                                ===========
3GProximityCapability                                   Whether the device has a 3G proximity sensor
3GVeniceCapability                                      Whether the device supports FaceTime over cellular
720pPlaybackCapability                                  Whether the device supports 720p video (identical to kMGQDeviceSupports720p)
APNCapability                                           
ARM64ExecutionCapability                                Whether the device supports executing arm64 binaries
ARMV6ExecutionCapability                                Whether the device supports executing armv6 binaries
ARMV7ExecutionCapability                                Whether the device supports executing armv7 binaries
ARMV7SExecutionCapability                               Whether the device supports executing armv7s binaries

elvis-iOS

//
//  AKNativeAnisetteService.m
//  akd
//
//  Created by Scott Knight on 5/10/19.
//  Copyright © 2019 Scott Knight. All rights reserved.
//

#import <AuthKit/AuthKit.h>
#import "AKNativeAnisetteService.h"

elvis-iOS

var SecTrustEvaluate_handle =
    Module.findExportByName('Security', 'SecTrustEvaluate');
var SecTrustEvaluateWithError_handle =
    Module.findExportByName('Security', 'SecTrustEvaluateWithError');
var SSL_CTX_set_custom_verify_handle =
    Module.findExportByName('libboringssl.dylib', 'SSL_CTX_set_custom_verify');
var SSL_get_psk_identity_handle =
    Module.findExportByName('libboringssl.dylib', 'SSL_get_psk_identity');
var boringssl_context_set_verify_mode_handle = Module.findExportByName(
    'libboringssl.dylib', 'boringssl_context_set_verify_mode');

khanhduytran0

Recap

As you may have known, we recently managed to bring multitask to LiveContainer. This originally came from FrontBoardAppLauncher which was reverse engineered of various Apple apps: ClarityBoard, SpringBoard, Xcode PreviewShell, etc. A quick recap of how we worked on it:

• I began reverse engineering said apps to study how to use various Private API of FrontBoard, RunningBoardServices and UIKit, resulted in MySystemShell and FrontBoardAppLauncher
• I found app could spawn multiple processes thanks to the writeup of NSExtension
• We found we could extend memory limit by setting a hidden NSExtensionPointIdentifier

However, as more and more people get to try it, we were reported that physical keyboard input wouldn't work. (LiveContainer/LiveContainer#524)

If anyone could figure it out, we will forever owe you.