yalu + mach_portal
for iOS 8.4.1 iOS 10.(1(.1))

by ian beer (sb/root/kern) & qwertyoruiop (hypv/memprot)

task_for_pid_0 is sooo 2014 2017 (6s)
that means __TEXT_EXEC, for the researchers out there! (6s)

on 7, things are different. but ya still got __DATA_CONST!

also decided to not obfuscate

no warranty implied blah blah blah i am not a lawyer

beta1: glitchy, mobilesubstrate not working (on purpose), super fucking unstable, glitchy again

(!!!) DO NOT INSTALL UNLESS YOU KNOW WHAT YOU ARE DOING (!!!)

this is likely (nah not really but pretend it is) to fuck your device
up forcing you to restore, so better safe than sorry. wait for stable release

DO NOT DOWNLOAD THIS SOFTWARE FROM OTHER SOURCES OTHER THAN THESE LINKS UNDER ANY CIRCUMSTANCE.
IT IS VERY EASY TO BACKDOOR THIS SORT OF SOFTWARE TO CONTAIN MALWARE. PLEASE BE EXTREMELY CAREFUL.
THESE MIRRORS ARE TRUSTED, BUT STILL CHECK SHA


changelog
beta4-1:
- it may now work (in theory/maybe). It may fail a few times; hard reset with home(pre-i7)/volume down(i7) + power

beta4:
- added mobilesubstrate support
- device support still unchanged
- procexp hangs rather than panicing
- OS should be way more stable
- it may have some new issues. If OS does not come back after reloading, reboot and try again.

planned features for next release (gamma):
- more devices supported
- fix procexp
- fix mmap() hook amfi checks
- mobilesubstrate works thanks to a dirty hack. better solution?

mirror (my own) - beta3
mirror (my own) - beta4-1 - BROKEN
$ shasum -a 256 mach_portal+yalu-b4-1.ipa
f34ba1bebf02b265a871158e778596ee2ff1547a69fdb687d911897b7b7b22c5

cydia impactor


my patches and additions on top of Ian's code are licensed under the ABSE ("Anyone But Stefan Esser") license.
note that an additional exception to the license is added, forbidding use/redistribution of said content to his
trainees as well, but only when in a 5 mile radius from "Stefan Esser" or while holding any sort of (video)conference/chat with him.

note that this license will only be used as long as what would capstone decode / that one other arm64 ida
plugin thing by i0n1c ("Stefan Esser") are not under the MIT license. 
afterwards, all exceptions are cleared and basically WTFPL applies

if you need a copy of the rest of the license feel free to google it or something.


(c) KJC Research