This is an automated archive made by the Lemmit Bot.
The original was posted on /r/jailbreak by /u/iOS-Nexus on 2025-07-10 00:32:41+00:00.
Hey everyone, Nexus here! I'm back with a crucial update on my RevokeZero project idea (https://www.reddit.com/r/jailbreak/s/tpqpTYc5p3). The new details are significant and make our goal much more concrete for anyone interested in collaborating. As you might remember, the core idea is to leverage the MCS exploit (affecting iOS 18.5 and earlier versions, details here: https://github.com/cr4zyengineer/EvilWorkspace) to enable abnormal app persistence. This exploit allows an app to bypass forced termination, prevent uninstallation, remain active indefinitely, and even programmatically restart itself.
The heart of the project remains keeping sideloaded apps active even after certificate revocation. My key observation is that if an app is verified and launched before a revocation and is never fully terminated by the system, it can continue to function. Now, I've refined the technical request and the mechanism we could use. What I need is for a developer to create a specific payload to enable this interminable app persistence, along with an exploit to activate this payload. The payload would be placed in a very specific, app-accessible path: /private/var/containers/Bundle/Application/. And here's the most exciting part: the key to injecting this payload is the Write to Symlink method (https://github.com/34306/writetosymlinked). Apple doesn't seem to be patching this vulnerability, which makes it an extremely promising and stable path for our purposes. This method would give us the "hook" needed to trigger the MCS exploit from within the app's environment.
Let me know what you think of this more defined approach! Let's open a discussion and see if we can get this project off the ground.
Thanks everyone, Nexus