hide text, verboseboot toggle (broken)

Makefile

@@ -30,6 +30,13 @@ Serotonin.tipa: $(wildcard **/*.c **/*.m **/*.swift **/*.plist **/*.xml)
 	echo "[*] Signing SB hook"
 	./ChOma_host/output/tests/ct_bypass -i RootHelperSample/launchdshim/SpringBoardShim/SpringBoardHook/.theos/obj/debug/SpringBoardHook.dylib -r -o RootHelperSample/launchdshim/SpringBoardShim/SpringBoardHook/springboardhooksigned.dylib
 
+	echo "[*] Building hideconfidentiatext"
+	$(MAKE) -C RootHelperSample/launchdshim/hideConfidentialText/
+
+
+	echo "[*] Signing hideconfidentialtext"
+	./ChOma_host/output/tests/ct_bypass -i RootHelperSample/launchdshim/hideConfidentialText/.theos/obj/debug/hideConfidentialText.dylib -r -o RootHelperSample/launchdshim/SpringBoardShim/SpringBoardHook/hideConfidentialText.dylib
+
 	# jank workaround at best, can someone else please fix this weird file dependency? – bomberfish
 	echo "[*] Copying fastPathSign"
 	cp RootHelperSample/Exploits/fastPathSign/fastPathSign ChOma/output/ios/tests
@@ -46,7 +53,8 @@ Serotonin.tipa: $(wildcard **/*.c **/*.m **/*.swift **/*.plist **/*.xml)
 	cp RootHelperSample/.theos/obj/debug/arm64/trolltoolsroothelper Payload/usprebooter.app/trolltoolsroothelper
 	install -m755 RootHelperSample/launchdshim/launchdhook/launchdhooksigned.dylib Payload/usprebooter.app/launchdhooksigned.dylib
 	install -m755 RootHelperSample/launchdshim/SpringBoardShim/SpringBoardHook/springboardhooksigned.dylib Payload/usprebooter.app/springboardhooksigned.dylib
-
+	install -m755 RootHelperSample/launchdshim/hideConfidentialText/.theos/obj/debug/hideConfidentialText.dylib Payload/usprebooter.app/hideconfidentialtext.dylib
+	cp RootHelperSample/launchdshim/hideConfidentialText/hideconfidentialtext.plist Payload/usprebooter.app/hideconfidentialtext.plist
 	$(LDID) -S./RootHelperSample/entitlements.plist -Cadhoc Payload/usprebooter.app/{fastPathSign,ldid,trolltoolsroothelper}
 	$(LDID) -Sent.plist -Cadhoc Payload/usprebooter.app/usprebooter
 	zip -vr9 Serotonin.tipa Payload/ -x "*.DS_Store"

RootHelperSample/launchdshim/hideConfidentialText/Makefile

@@ -0,0 +1,15 @@
+# Sourced from https://gist.github.com/dlevi309/3da8d364556942fbd63acb52f3ecb866
+TARGET = iphone:clang:16.5:14.4
+ARCHS = arm64 arm64e
+INSTALL_TARGET_PROCESSES = SpringBoard
+THEOS_PACKAGE_SCHEME=roothide
+
+include $(THEOS)/makefiles/common.mk
+
+TWEAK_NAME = hideconfidentialtext
+
+$(TWEAK_NAME)_FILES = Tweak.x
+$(TWEAK_NAME)_CFLAGS = -fobjc-arc -lbsm -Wmodule-import-in-extern-c
+$(TWEAK_NAME)_PRIVATE_FRAMEWORKS = SpringBoardUIServices SpringBoard
+
+include $(THEOS_MAKE_PATH)/tweak.mk

RootHelperSample/launchdshim/hideConfidentialText/README.md

@@ -0,0 +1,6 @@
+# iOS 16 LS → iOS 15 LS
+This is from a bounty from [r/TweakBounty](https://reddit.com/r/TweakBounty).
+
+Bounty: https://www.reddit.com/r/TweakBounty/comments/18gvc7l/151611opt_rootless_ios_16_tweak_to_restore_the/
+
+Some of the code is taken from the proof-of-concept by [@dlevi309](https://github.com/dlevi309): [link to POC](https://gist.github.com/dlevi309/3da8d364556942fbd63acb52f3ecb866).

RootHelperSample/launchdshim/hideConfidentialText/Tweak.x

@@ -0,0 +1,24 @@
+// change confidential text - thx fiore
+@import Foundation;
+@import UIKit;
+@interface SBUILegibilityLabel : UIView
+@property(nonatomic, assign, readwrite)NSString* string;
+@property(assign,nonatomic) long long textAlignment;
+@property(nonatomic, assign, readwrite)UIColor* textColor;
+@end
+
+%group thething
+%hook CSStatusTextView
+- (void)setInternalLegalText:(NSString *)string {
+    %orig(@"");
+}
+%end
+%end
+
+%ctor {
+    BOOL fileExists = [[NSFileManager defaultManager] fileExistsAtPath:@"/var/mobile/.serotonin_hidetext"]; // no cfprefsd hook, will rework when I get system injection working
+    if (fileExists) {
+        %init(thething)
+    }
+}
+

RootHelperSample/launchdshim/hideConfidentialText/build.sh

@@ -0,0 +1,2 @@
+make
+/Users/ibarahime/ChOma/ct_bypass -i /Users/ibarahime/old-lockscreen/.theos/obj/debug/oldlockscreen.dylib -r -o oldlockscreen.dylib

RootHelperSample/launchdshim/hideConfidentialText/control

@@ -0,0 +1,9 @@
+Package: serotonin.hideconfidentialtext
+Name: hideconfidentialtext
+Version: 0.0.1
+Architecture: iphoneos-arm
+Description: hides the confidential text if /var/mobile/.serotonin_hidetext exists
+Maintainer: Serotonin
+Author: Fiore
+Section: Tweaks
+Depends: mobilesubstrate

RootHelperSample/launchdshim/hideConfidentialText/hideconfidentialtext.plist

@@ -0,0 +1 @@
+{ Filter = { Bundles = ( com.apple.springboard ); }; }

RootHelperSample/main.m

@@ -356,10 +356,13 @@ int main(int argc, char *argv[], char *envp[]) {
                     //                7. place springboardhooksigned.dylib as jbroot/SpringBoard.app/springboardhook.dylib
                     [[NSFileManager defaultManager] removeItemAtPath:jbroot(@"/System/Library/CoreServices/SpringBoard.app/springboardhook.dylib") error:nil];
                     [[NSFileManager defaultManager] copyItemAtPath:[usprebooterappPath() stringByAppendingPathComponent:@"springboardhooksigned.dylib"] toPath:[jbroot(@"/System/Library/CoreServices/SpringBoard.app") stringByAppendingPathComponent:@"springboardhook.dylib"] error:nil];
-                    // last step: create a symlink to jbroot named .jbroot
+                    // 8. create a symlink to jbroot named .jbroot
                     [[NSFileManager defaultManager] createSymbolicLinkAtPath:jbroot(@"/System/Library/CoreServices/SpringBoard.app/.jbroot") withDestinationPath:jbroot(@"/") error:nil];
-                    // laster step: add the cool bootlogo!
+                    // 9. add the cool bootlogo!
                     [[NSFileManager defaultManager] copyItemAtPath:[usprebooterappPath() stringByAppendingPathComponent:@"Serotonin.jp2"] toPath:@"/var/mobile/Serotonin.jp2" error:nil];
+                    // 10. add our confidential text hider into regular TweakInject dir
+                    [[NSFileManager defaultManager] copyItemAtPath:[usprebooterappPath() stringByAppendingPathComponent:@"hideconfidentialtext.dylib"] toPath:[jbroot(@"/usr/lib/TweakInject") stringByAppendingPathComponent:@"hideconfidentialtext.dylib"] error:nil];
+                    [[NSFileManager defaultManager] copyItemAtPath:[usprebooterappPath() stringByAppendingPathComponent:@"hideconfidentialtext.plist"] toPath:[jbroot(@"/usr/lib/TweakInject") stringByAppendingPathComponent:@"hideconfidentialtext.plist"] error:nil];
                     // remove workinglaunchd
                     [[NSFileManager defaultManager] removeItemAtPath:[usprebooterappPath() stringByAppendingPathComponent:@"workinglaunchd"] error:nil];
 //                } else {
@@ -394,7 +397,17 @@ int main(int argc, char *argv[], char *envp[]) {
                     [[NSFileManager defaultManager] removeItemAtPath:filePath error:nil];
                     return -1;
                 }
+        } else if ([action isEqual: @"hideText"]) {
+            NSString *filePath = @"/var/mobile/.serotonin_hidetext";
+            BOOL fileExists = [[NSFileManager defaultManager] fileExistsAtPath:filePath];
+            if (!fileExists) {
+                [[NSFileManager defaultManager] createFileAtPath:filePath contents:nil attributes:nil];
+                return 1;
             } else {
+                [[NSFileManager defaultManager] removeItemAtPath:filePath error:nil];
+                return -1;
+            }
+        } else {
                 return 0;
             }
         }

Serotonin.xcodeproj/project.pbxproj

@@ -8,7 +8,6 @@
 
 /* Begin PBXBuildFile section */
 		013141FF2B445B26006BEBE9 /* memoryControl.m in Sources */ = {isa = PBXBuildFile; fileRef = 013141FE2B445B26006BEBE9 /* memoryControl.m */; };
-		6F379D022B4C6BBD00020008 /* liblibiospatchfinder.a in Frameworks */ = {isa = PBXBuildFile; fileRef = 6F379D012B4C6BBD00020008 /* liblibiospatchfinder.a */; };
 		6F379D042B4C6BD700020008 /* patchfinder.m in Sources */ = {isa = PBXBuildFile; fileRef = 6F379D032B4C6BD600020008 /* patchfinder.m */; };
 		6FCA3ADD2B4C702E00E50872 /* libcompression.tbd in Frameworks */ = {isa = PBXBuildFile; fileRef = 6FCA3ADB2B4C702E00E50872 /* libcompression.tbd */; };
 		9756F40B2B505A3000172EF9 /* krw.m in Sources */ = {isa = PBXBuildFile; fileRef = 6E9204902B330FAB001D38E5 /* krw.m */; };
@@ -55,6 +54,7 @@
 		9756F5142B505F2600172EF9 /* pplrw.m in Sources */ = {isa = PBXBuildFile; fileRef = 9756F4EE2B505F2600172EF9 /* pplrw.m */; };
 		C805CA452B1719C1005157BA /* util.m in Sources */ = {isa = PBXBuildFile; fileRef = C805CA442B1719C1005157BA /* util.m */; };
 		C81122DF2B16C9CC00AD077B /* troller.m in Sources */ = {isa = PBXBuildFile; fileRef = C81122DE2B16C9CC00AD077B /* troller.m */; };
+		C8180C242B52D1C300280EC5 /* liblibiospatchfinder.a in Frameworks */ = {isa = PBXBuildFile; fileRef = 6F379D012B4C6BBD00020008 /* liblibiospatchfinder.a */; };
 		C82599F02B4C4C07002D0DDA /* Serotonin.jp2 in Resources */ = {isa = PBXBuildFile; fileRef = C82599EF2B4C4C07002D0DDA /* Serotonin.jp2 */; };
 		C82AFEF42B175AB80070EA49 /* Assets.xcassets in Resources */ = {isa = PBXBuildFile; fileRef = C82AFEF32B175AB80070EA49 /* Assets.xcassets */; };
 		C82AFF392B17688E0070EA49 /* usprebooterApp.swift in Sources */ = {isa = PBXBuildFile; fileRef = C82AFEF12B175AA30070EA49 /* usprebooterApp.swift */; };
@@ -366,7 +366,7 @@
 				9756F4112B505A9100172EF9 /* libfragmentzip.a in Frameworks */,
 				9756F4122B505A9100172EF9 /* libgrabkernel.a in Frameworks */,
 				6FCA3ADD2B4C702E00E50872 /* libcompression.tbd in Frameworks */,
-				6F379D022B4C6BBD00020008 /* liblibiospatchfinder.a in Frameworks */,
+				C8180C242B52D1C300280EC5 /* liblibiospatchfinder.a in Frameworks */,
 				C82AFF3F2B179A8C0070EA49 /* IOKit.framework in Frameworks */,
 			);
 			runOnlyForDeploymentPostprocessing = 0;

usprebooter/ContentView.swift

@@ -55,7 +55,7 @@ struct ContentView: View {
                         ForEach(0 ..< LogItems.count, id: \.self) { LogItem in
                             Text("\(String(LogItems[LogItem]))")
                                 .textSelection(.enabled)
-                                .font(.custom("Menlo", size: 10))
+                                .font(.custom("Menlo", size: 9))
                                 .foregroundColor(.white)
                         }
                     }

usprebooter/TheCoolerContentView.swift

@@ -26,6 +26,7 @@ struct CoolerContentView: View {
     @State var blurScreen = false
     @AppStorage("cr") var customReboot = true
     @AppStorage("verbose") var verboseBoot = false
+    @AppStorage("hideText") var hideText = false
     @AppStorage("unthreded") var untether = true
     @AppStorage("hide") var hide = false
     @AppStorage("loadd") var loadLaunch = false
@@ -119,17 +120,33 @@ struct CoolerContentView: View {
 //                            .disabled(true)
                             Toggle("Beta iOS",systemImage: "star",isOn: $isBeta)
                             Toggle("Verbose Boot", systemImage: "ladybug", isOn: $verboseBoot)
-                                .onChange(of: verboseBoot) {_ in
-                                    if verboseBoot {
-                                        if ((spawnRoot(mainBundlePath, ["toggleVerbose", "", ""], nil, nil)) == -1) {
-                                            verboseBoot = false
-                                        }
+                                .onChange(of: verboseBoot) { newValue in
+                                    if newValue {
+                                        spawnRoot(mainBundlePath, ["toggleVerbose", "", ""], nil, nil)
                                     } else {
-                                        if ((spawnRoot(mainBundlePath, ["toggleVerbose", "", ""], nil, nil)) == 1) {
-                                            verboseBoot = true
-                                        }
+                                        spawnRoot(mainBundlePath, ["toggleVerbose", "", ""], nil, nil)
                                     }
                                 }
+                            Toggle("Hide confidential text", systemImage: "ladybug", isOn: $hideText)
+                                    .onChange(of: hideText) { newValue in
+                                        if newValue {
+                                            spawnRoot(mainBundlePath, ["hideText", "", ""], nil, nil)
+                                        } else {
+                                            spawnRoot(mainBundlePath, ["hideText", "", ""], nil, nil)
+                                        }
+                                    }
+
+//                                .onChange(of: verboseBoot) {_ in
+//                                    if verboseBoot {
+//                                        if ((spawnRoot(mainBundlePath, ["toggleVerbose", "", ""], nil, nil)) == -1) {
+//                                            verboseBoot = false
+//                                        }
+//                                    } else {
+//                                        if ((spawnRoot(mainBundlePath, ["toggleVerbose", "", ""], nil, nil)) == 1) {
+//                                            verboseBoot = true
+//                                        }
+//                                    }
+//                                }
 //                            Group {
 //                                Toggle("Enable untether", systemImage: "slash.circle", isOn: $untether)
 //                                Toggle("Hide environment", systemImage: "eye.slash", isOn: $hide)