Email or username:

Password:

Forgot your password?
3 comments
toast i guess

@cR0w haha, yep!
Quoting from the type.cyhsu.xyz link,
“Somehow, the sanity of the file paths within the SysContainerDomain was not checked, allowing the inclusion of the infamously unsafe string ../ […]. Because SysContainerDomain files are unpacked under
/var/.backup.i/var/mobile/Library/Backup/System Containers/Data/
during restoration, the path
SysContainerDomain-../../../../../../../..
resolves to / [. This] allows access to system files.”
Shortened b/c text limit

toast i guess

@cR0w While it allows you to do all sorts of things, SparseRestore is usually used to modify the MobileGetsalt file. This allows for enabling/disabling regional or model-specific things, like EU side loading, enforced shutter sound, Siri’s new AI, and for some reason the iOS 18 Photos UI? I believe, while not being exploited, MobileGetsalt also determines the ability to install non-WebKit browsers, NFC contactless payments, AI in Xcode, and more.

theapplewiki.com/wiki/Eligibil

cR0w h0 h0

@toast_i_guess That's amazing. It really is the year of ../

Go Up