• Stars
    star
    260
  • Rank 157,189 (Top 4 %)
  • Language
    C
  • Created over 6 years ago
  • Updated about 4 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Give me tfp0, I give you jelbrek

jelbrekLib

Give me tfp0, I give you jelbrek

Library with commonly used patches in open-source jailbreaks. Call this a (light?) QiLin open-source alternative.

Compiling:

./make.sh

Setup

  • Compile OR head over to https://github.com/jakeajames/jelbrekLib/tree/master/downloads and get everything there.
  • Link with jelbrekLib.dylib and include jelbrekLib.h
  • Call init_with_kbase() with tfp0, the kernel base and (optionally, leave NULL otherwise) a custom kernel execution function, as your first thing and term_jelbrek(), as your last

Issues

  • AMFID patch won't resist after app enters background. Fix would be using a daemon (like amfidebilitate) or injecting a dylib (iOS 11)

iOS 12 status

  • rootFS remount is broken. There is hardening on snapshot_rename() which can and has been (privately) bypassed, but it for sure isn't as bad as last year with iOS 11.3.1, where they made major changes. The only thing we need is figuring out how they check if the snapshot is the rootfs and not something in /var for example where snapshot_rename works fine. Use unc0ver's code if you need the remount, I will probably add it along some bigger update

Credits

  • xerub for the original patchfinding code
  • theninjaprawn for some patchfinders
  • xerub for the original trustcache injection technique
  • stek29 for nvramunlock & lock and hsp4 patch
  • theninjaprawn & Ian Beer for dylib injection
  • Luca Todesco for the original remount patch technique
  • Umang Raghuvanshi for the rename-APFS-snapshot remount idea
  • pwn20wnd for the oiriginal implementation of the rename-APFS-snapshot technique
  • AMFID dylib-less patch technique by Ian Beer reworked with the patch code from Electra's amfid_payload (stek29 & coolstar)
  • rootless-hsp4 idea by Ian Beer. Implemented on his updated async_wake exploit
  • Sandbox exceptions by stek29 (https://stek29.rocks/2018/01/26/sandbox.html) (& a few fixes by me for iOS 12+)
  • CSBlob patching with stuff from Jonathan Levin and xerub
  • Symbol finding (https://github.com/jakeajames/kernelSymbolFinder) & the CoreTrust bypass technique by me ;)
  • The rest of patches are fairly simple and shouldn't be considered property of anyone in my opinion. Everyone who has enough knowledge can write them fairly easily
  • sbingner for kerneldec

And, don't forget to tell me if I forgot to credit anyone!

More Repositories

1

rootlessJB3

hahh
C
361
star
2

rootlessJB

C
301
star
3

time_waste

iOS 12.0-13.3 tfp0
C
149
star
4

sock_port

iOS 10.0-12.2 tfp0
C
128
star
5

multi_path

multi_path with root and sandbox escape
C
102
star
6

rootlessJB_EL

A rootless jailbreak concept with tweak support and SSH
C
82
star
7

dylibify

Transform any ARM macho executable to a dynamic library
Objective-C
74
star
8

SneakyShot

Kernel-based method to take screenshots on iOS, works with encrypted videos.
Objective-C
60
star
9

RealCC

Actually disable wifi from CC in iOS 11
Logos
54
star
10

Prometheus

futurerestore for noobs and lazy people
Objective-C
53
star
11

iSuperSU

An SuperSU-style app to privilege other processes on the go
Objective-C
51
star
12

yalu102-space

My fork of yalu102! iOS 10-10.2 jailbreak by @qwertyoruiopz and improved by me!
Objective-C
30
star
13

kernelSymbolFinder

Get kernel symbols on device. No jailbreak required (note: unslid addresses)
C++
26
star
14

noNotch

Remove notches from iPhone X
Logos
22
star
15

say

Make Siri say anything from command line
Logos
22
star
16

jakeajames.github.io

HTML
19
star
17

TimeToUnlock

Set the current time as your passcode.
Logos
17
star
18

rootme-tutorial

How to run Xcode apps as root and unsandboxed while still debugging them easiliy.
17
star
19

ActivatorFix

Activator support library for iOS 11
Logos
16
star
20

RepoGen

🔥 Generate a Cydia repo straight from your jailbroken device!! 🔥 - BETA - 🔥 sideloaded version coming soon 🔥
15
star
21

CatchaThief

Catch a picture of whoever inputs a wrong passcode.
Objective-C
13
star
22

empty_list

empty_list jelbrek
C
12
star
23

trustbin

Trustcache injector for iOS 11.3-11.4
Objective-C
9
star
24

IcyInstaller3

Icy is a lightweight DPKG-based installer for iOS.
Objective-C
9
star
25

AutoEntitle

Automatically entitle, sign, fix permissions & unstash binaries and apps installed via Cydia on iOS 11
C
8
star
26

OneHandWizardFix

Fix OneHandWizard on iOS 11
Logos
8
star
27

empty_list_tester

C
5
star
28

jakezone

Shell
4
star
29

jake.github.io

Swift
3
star
30

repo

1
star
31

NoJBStore

1
star
32

NCXI

Source Code and Issue Tracker for NCXI
Objective-C
1
star
33

cydiashqip

1
star