Mastodawn

wen eta KFD for iOS 26.0.1???????

Seriously, any iOS experts looked into if CVE-2025-43520 from the DarkSword vulns could be used for KFD/MacDirtyCow-style file modding?

https://cloud.google.com/blog/topics/threat-intelligence/darksword-ios-exploit-chain

The Proliferation of DarkSword: iOS Exploit Chain Adopted by Multiple Threat Actors | Google Cloud Blog

DarkSword is a new iOS exploit chain that leverages multiple zero-day vulnerabilities to fully compromise iOS devices.

Google Cloud Blog

Show thread

Zhuowei Zhang 4d ago

Wait, so the DarkSword exploit just injects JavaScript into any process they want? Could... could modders write tweaks in JavaScript?
https://iverify.io/blog/darksword-ios-exploit-kit-explained

Inside DarkSword: A New iOS Exploit Kit Delivered Via Compromised Legitimate Websites

Shortly after our publication on the Coruna exploit kit, a collaborating researcher at Lookout flagged a suspicious-looking URL possibly related to the threat actor from Russia linked with Coruna.

Show thread

artemist

@zhuowei i think that's called frida

Show thread

Zhuowei Zhang 4d ago

@artemist Frida requires a Frida server (jailbroken) or a FridaGadget (injected into app), though, both in native code, and ships with its own JavaScript interpreter, a choice between Duktape, V8, and QuickJS.
The implant, as described, can't inject native code and only runs JavaScript, using Apple's built-in JavaScriptCore. That should still be enough to hook most code, right?