diff --git a/TipsGotTrolled.xcodeproj/project.pbxproj b/TipsGotTrolled.xcodeproj/project.pbxproj index 0007f3b..e71bb62 100644 --- a/TipsGotTrolled.xcodeproj/project.pbxproj +++ b/TipsGotTrolled.xcodeproj/project.pbxproj @@ -450,7 +450,7 @@ CODE_SIGN_STYLE = Automatic; CURRENT_PROJECT_VERSION = 1; DEVELOPMENT_ASSET_PATHS = "\"TipsGotTrolled/Preview Content\""; - DEVELOPMENT_TEAM = 7G89J82G2A; + DEVELOPMENT_TEAM = 6X2LMXRYXS; ENABLE_PREVIEWS = YES; GENERATE_INFOPLIST_FILE = YES; INFOPLIST_KEY_NSAppleMusicUsageDescription = "Needed to find the path to Tips.app executable."; @@ -464,7 +464,7 @@ "$(inherited)", "@executable_path/Frameworks", ); - MARKETING_VERSION = 1.2; + MARKETING_VERSION = 1.2.1; PRODUCT_BUNDLE_IDENTIFIER = com.haxi0.TipsGotTrolled; PRODUCT_NAME = "$(TARGET_NAME)"; SWIFT_EMIT_LOC_STRINGS = YES; @@ -481,7 +481,7 @@ CODE_SIGN_STYLE = Automatic; CURRENT_PROJECT_VERSION = 1; DEVELOPMENT_ASSET_PATHS = "\"TipsGotTrolled/Preview Content\""; - DEVELOPMENT_TEAM = 7G89J82G2A; + DEVELOPMENT_TEAM = 6X2LMXRYXS; ENABLE_PREVIEWS = YES; GENERATE_INFOPLIST_FILE = YES; INFOPLIST_KEY_NSAppleMusicUsageDescription = "Needed to find the path to Tips.app executable."; @@ -495,7 +495,7 @@ "$(inherited)", "@executable_path/Frameworks", ); - MARKETING_VERSION = 1.2; + MARKETING_VERSION = 1.2.1; PRODUCT_BUNDLE_IDENTIFIER = com.haxi0.TipsGotTrolled; PRODUCT_NAME = "$(TARGET_NAME)"; SWIFT_EMIT_LOC_STRINGS = YES; diff --git a/TipsGotTrolled.xcodeproj/project.xcworkspace/xcuserdata/haxi0.xcuserdatad/UserInterfaceState.xcuserstate b/TipsGotTrolled.xcodeproj/project.xcworkspace/xcuserdata/haxi0.xcuserdatad/UserInterfaceState.xcuserstate index c8456ad..c35c953 100644 Binary files a/TipsGotTrolled.xcodeproj/project.xcworkspace/xcuserdata/haxi0.xcuserdatad/UserInterfaceState.xcuserstate and b/TipsGotTrolled.xcodeproj/project.xcworkspace/xcuserdata/haxi0.xcuserdatad/UserInterfaceState.xcuserstate differ diff --git a/TipsGotTrolled/Classes/TS.swift b/TipsGotTrolled/Classes/TS.swift index d02b94a..b8cc5a2 100644 --- a/TipsGotTrolled/Classes/TS.swift +++ b/TipsGotTrolled/Classes/TS.swift @@ -43,35 +43,7 @@ class TS { return nil } } - // documents path finder aio - func getTipsDoc(in directory: URL) -> URL? { - let fileManager = FileManager.default - - do { - let contents = try fileManager.contentsOfDirectory(at: directory, includingPropertiesForKeys: nil, options: []) - - for url in contents { - var isDirectory: ObjCBool = false - if fileManager.fileExists(atPath: url.path, isDirectory: &isDirectory) { - if isDirectory.boolValue { - if url.lastPathComponent == "Tips" { - print(url) - return url - } else { - if let subdirectoryResult = getTipsDoc(in: url) { - return subdirectoryResult - } - } - } - } - } - } catch { - print("Error reading directory: \(error)") - } - - return nil - } - // to check if user is running on supported + // to check if user is running on supported func isiOSVersionInRange() -> Bool { let systemVersion = UIDevice.current.systemVersion let versionComponents = systemVersion.split(separator: ".").compactMap { Int($0) } diff --git a/TipsGotTrolled/ContentView.swift b/TipsGotTrolled/ContentView.swift index c27215f..2ed7e54 100644 --- a/TipsGotTrolled/ContentView.swift +++ b/TipsGotTrolled/ContentView.swift @@ -14,7 +14,7 @@ struct ContentView: View { @State var LogItems: [String.SubSequence] = { if let version = Bundle.main.infoDictionary?["CFBundleShortVersionString"] as? String { let isVersionInRange = TS.shared.isiOSVersionInRange() - + if isVersionInRange { return ["Welcome to TipsGotTrolled v\(version)!", "", "Your device is supported.", "", "Please press Exploit, allow, then Change Tips", "", "by haxi0 and C22"] } else { @@ -47,11 +47,7 @@ struct ContentView: View { Button("Change Tips") { do { let documentsDirectoryURL = FileManager.default.urls(for: .documentDirectory, in: .userDomainMask).first - let flagFilePath = "\(ts.getTipsDoc(in: URL(fileURLWithPath:"/var/mobile/Containers/Data/Application/"))!)/_trolled" - if FileManager.default.fileExists(atPath: flagFilePath) { - UIApplication.shared.alert(title: "Please delete Tips app then reinstall it before proceeding", body: "⚠️ It looks like your Tips app have been tweaked. Please, delete it from Home Screen and reinstall it from the App Store. A reboot is recommended after reinstalling the Tips app.⚠️", withButton: false) - return - } + if FileManager.default.fileExists(atPath: documentsDirectoryURL!.appendingPathComponent("Tips").path) { do { try AbsoluteSolver.delete(at: documentsDirectoryURL!.appendingPathComponent("Tips")) @@ -59,18 +55,17 @@ struct ContentView: View { UIApplication.shared.alert(title: "Error", body: "Error: \(error)") } } - + try AbsoluteSolver.copy(at: URL(fileURLWithPath: ts.getTipsPath()!), to: documentsDirectoryURL!.appendingPathComponent("Tips")) // backup previous binary just in case try MacDirtyCow.overwriteFileWithDataImpl(originPath: ts.getTipsPath()!, replacementData: Data(contentsOf: Bundle.main.url(forResource: "PersistenceHelper_Embedded", withExtension: "")!)) - FileManager.default.createFile(atPath: flagFilePath, contents: nil, attributes: nil) - - UIApplication.shared.alert(title: "Done, READ!!!", body: "⚠️ PLEASE, DO NOT LAUNCH TIPS AFTER INSTALLATION. REBOOT RIGHT NOW, THEN LAUNCH IT! DO NOT RUN Change Tips AGAIN UNLESS YOU UNINSTALLED EVERYTHING! OTHERWISE YOU MIGHT GET A SEMI-BOOTLOOP (BASED ON HAXI0'S EXPERIENCE!). AFTER TROLLSTORE IS INSTALLED AND EVERYTHING IS WORKING, YOU MAY DELETE THIS APP. ⚠️", withButton: false) + UIApplication.shared.alert(title: "Done, READ!!!", body: "⚠️ PLEASE, DO NOT LAUNCH TIPS AFTER INSTALLATION. REBOOT RIGHT NOW, THEN LAUNCH IT! ⚠️", withButton: false) } catch { UIApplication.shared.alert(title: "Error", body: "Error: \(error)") } }.disabled(!ts.isiOSVersionInRange()) + .disabled(!exploited) } header: { Label("Hijack Tips", systemImage: "hammer") } @@ -97,12 +92,12 @@ struct ContentView: View { } .padding() } - header: { - Label("Console", systemImage: "bolt") - } - footer: { - Text("Made by C22 and haxi0 with sweat and tears. TrollStore by opa334, method by Alfie. M1 and M2 are also supported.") - } + header: { + Label("Console", systemImage: "bolt") + } + footer: { + Text("Made by C22 and haxi0 with sweat and tears. TrollStore by opa334, method by Alfie. M1 and M2 are also supported.") + } } .navigationBarTitle(Text("TipsGotTrolled"), displayMode: .inline) } diff --git a/TipsGotTrolled/SBFApplication.h b/TipsGotTrolled/SBFApplication.h new file mode 100644 index 0000000..720b35e --- /dev/null +++ b/TipsGotTrolled/SBFApplication.h @@ -0,0 +1,47 @@ +/* +* This header is generated by classdump-dyld 1.0 +* on Wednesday, November 15, 2023 at 5:37:33 PM Eastern European Standard Time +* Operating System: Version 17.1 (Build 21B74) +* Image Source: /System/Library/PrivateFrameworks/SpringBoardFoundation.framework/SpringBoardFoundation +* classdump-dyld is licensed under GPLv3, Copyright © 2013-2016 by Elias Limneos. +*/ + + +@class SBSApplicationShortcutService, SBSApplicationShortcutServiceFetchResult, NSString, NSURL, NSNumber, NSArray; + +@interface SBFApplication : NSObject { + + SBSApplicationShortcutService* _applicationShortcutService; + SBSApplicationShortcutServiceFetchResult* _applicationShortcutServiceFetchResult; + double _applicationShortcutServiceFetchResultExpirationReferenceTime; + BOOL _systemOrInternalApplication; + NSString* _applicationBundleIdentifier; + NSString* _displayName; + NSURL* _bundleURL; + NSNumber* _appStoreItemID; + NSString* _applicationShortcutWidgetBundleIdentifier; + +} + +@property (nonatomic,readonly) NSString * applicationBundleIdentifier; //@synthesize applicationBundleIdentifier=_applicationBundleIdentifier - In the implementation block +@property (nonatomic,readonly) NSString * displayName; //@synthesize displayName=_displayName - In the implementation block +@property (nonatomic,readonly) NSURL * bundleURL; //@synthesize bundleURL=_bundleURL - In the implementation block +@property (getter=isSystemOrInternalApplication,nonatomic,readonly) BOOL systemOrInternalApplication; //@synthesize systemOrInternalApplication=_systemOrInternalApplication - In the implementation block +@property (nonatomic,readonly) NSNumber * appStoreItemID; //@synthesize appStoreItemID=_appStoreItemID - In the implementation block +@property (nonatomic,readonly) NSString * applicationShortcutWidgetBundleIdentifier; //@synthesize applicationShortcutWidgetBundleIdentifier=_applicationShortcutWidgetBundleIdentifier - In the implementation block +@property (nonatomic,readonly) NSArray * staticApplicationShortcutItems; +@property (nonatomic,readonly) NSArray * dynamicApplicationShortcutItems; +-(NSString *)applicationBundleIdentifier; +-(NSURL *)bundleURL; +-(id)initWithApplicationBundleIdentifier:(id)arg1 ; +-(BOOL)isSystemOrInternalApplication; +-(NSArray *)staticApplicationShortcutItems; +-(void)dealloc; +-(NSString *)applicationShortcutWidgetBundleIdentifier; +-(id)init; +-(NSNumber *)appStoreItemID; +-(NSString *)displayName; +-(NSArray *)dynamicApplicationShortcutItems; +-(void)_updateApplicationShortcutServiceFetchResult; +@end + diff --git a/TipsGotTrolled/TipsGotTrolledApp.swift b/TipsGotTrolled/TipsGotTrolledApp.swift index bd94150..db340a6 100644 --- a/TipsGotTrolled/TipsGotTrolledApp.swift +++ b/TipsGotTrolled/TipsGotTrolledApp.swift @@ -10,13 +10,14 @@ import SwiftUI @main struct TipsGotTrolledApp: App { @AppStorage("isFirstLaunch") var isFirstLaunch: Bool = true + var body: some Scene { WindowGroup { ContentView() // when content view is loaded let's say user to delete Tips .onAppear { if isFirstLaunch == true { - UIApplication.shared.alert(title: "Please delete Tips app then (re)install it before proceeding", body: "Hi ! It looks like it's the first time you come here. To avoid any corruption, please delete Tips app from Home Screen then reinstall it. Thanks for using this tool!", withButton: true) + UIApplication.shared.alert(title: "Please delete Tips app then (re)install it before proceeding!", body: "Hello! It looks like it's the first time you come here. To avoid any corruption, please delete Tips app from Home Screen then reinstall it. Thanks for using this tool!", withButton: true) isFirstLaunch = false } // is persistance in bundle ? diff --git a/ent.txt b/ent.txt new file mode 100644 index 0000000..647429d --- /dev/null +++ b/ent.txt @@ -0,0 +1,36 @@ + + + + + platform-application + + application-identifier + kr.h4ck.trolldecryptor + com.apple.security.exception.files.absolute-path.read-write + + / + + com.apple.private.security.no-sandbox + + com.apple.private.persona-mgmt + + com.apple.private.MobileContainerManager.allowed + + com.apple.private.security.container-manager + + com.apple.private.security.storage.AppBundles + + com.apple.private.security.storage.AppDataContainers + + task_for_pid-allow + + get-task-allow + + com.apple.security.get-task-allow + + proc_info-allow + + com.apple.system-task-ports + + +