[Fix Found - Code Changes Needed] Cowabunga still detecting TrollStore even with Force DirtyCow

[core-hacked]

Hello I am on ios 16.2 beta 1 (which is supported by cowabunga/the exploit works. However it still detects trollstore even though I force DirtyCow exploit in settings.

[leminlimez]

cowabunga v10.2.0?

[core-hacked]

cowabunga v10.2.0?

Latest version and some before it. Yes

[leminlimez]

it was fixed in v10.2.0

[core-hacked]

it was fixed in v10.2.0

I am on the latest version. It's not (at least for me)
Reset all is also broken...

[leminlimez]

untoggle it, save, then retoggle it and save again

it is working on my ip x

[core-hacked]

untoggle it, save, then retoggle it and save again

it is working on my ip x

I restarted, resprung, toggled untoggled, reinstalled Cowabunga etc. i did the most common steps to diagnose/fix the problem. This is something different.

Is there a file or folder which might indicate that trollstore is installed? What does the app actually check for/how does it know?

iP 11 Pro Max -> iOS 16.2 Beta 1

[core-hacked]

Ok I think I have found the problem.
Since the exploit works, but the device is on ios 16.2 (beta, but still recognized as 16.2), the lines of code below (if statement), contradict eachother so force MDC is never applied.

if #available(iOS 16.2, *) { 
    UIApplication.shared.alert(title: "Not Supported", body: "This version of iOS is not supported.")
} else { 
    // Force MDC is inside an else, however it doesnt work for 16.2 beta 1, as the above prevents it from executing.
    do {
        if UserDefaults.standard.bool(forKey: "ForceMDC") == true {
            throw "Force MDC"
        }
        // TrollStore method
        try FileManager.default.contentsOfDirectory(at: URL(fileURLWithPath: "/var/mobile/Library/Caches"), includingPropertiesForKeys: nil)
        StatusManager.sharedInstance().setIsMDCMode(false)
    } catch {
        // MDC method
        // grant r/w access
        if #available(iOS 15, *) {
            grant_full_disk_access() { error in
                if (error != nil) {
                    UIApplication.shared.alert(title: "Access Error", body: "Error: \(String(describing: error?.localizedDescription))\nPlease close the app and retry.")
                } else {
                    StatusManager.sharedInstance().setIsMDCMode(true)
                }
            }
        } else {
            UIApplication.shared.alert(title: "MDC Not Supported", body: "Please install via TrollStore")
        }
    }
}

This would need a rewrite/fix. Something like a new toggle in the main menu, "Allow unsupported versions", which would override this for users who are on betas.

I don't know Swift however my programming knowledge leads me to believe that the code below might be correct. (At least the gist of it.) Also the toggle needs to be added to the view etc. but yeah...

// adjust if statement for ios beta users / force unsupported versions toggle. 
if UserDefaults.standard.bool(forKey: "ForceUnsupported") == false && #available(iOS 16.2, *) {
    UIApplication.shared.alert(title: "Not Supported", body: "This version of iOS is not supported.")
} else { 
    do {
        if UserDefaults.standard.bool(forKey: "ForceMDC") == true {
            throw "Force MDC"
        }
        // TrollStore method
        try FileManager.default.contentsOfDirectory(at: URL(fileURLWithPath: "/var/mobile/Library/Caches"), includingPropertiesForKeys: nil)
        StatusManager.sharedInstance().setIsMDCMode(false)
    } catch {
        // MDC method
        // grant r/w access
        if #available(iOS 15, *) {
            grant_full_disk_access() { error in
                if (error != nil) {
                    UIApplication.shared.alert(title: "Access Error", body: "Error: \(String(describing: error?.localizedDescription))\nPlease close the app and retry.")
                } else {
                    StatusManager.sharedInstance().setIsMDCMode(true)
                }
            }
        } else {
            UIApplication.shared.alert(title: "MDC Not Supported", body: "Please install via TrollStore")
        }
    }
}

[core-hacked]

Or maybe instead, just allow it if ForceMDC is on, so no new toggle.

// adjust if statement if ForceMDC is true
if UserDefaults.standard.bool(forKey: "ForceMDC") == false && #available(iOS 16.2, *) {
    UIApplication.shared.alert(title: "Not Supported", body: "This version of iOS is not supported.")
} else { 
    do {
        if UserDefaults.standard.bool(forKey: "ForceMDC") == true {
            throw "Force MDC"
        }
        // TrollStore method
        try FileManager.default.contentsOfDirectory(at: URL(fileURLWithPath: "/var/mobile/Library/Caches"), includingPropertiesForKeys: nil)
        StatusManager.sharedInstance().setIsMDCMode(false)
    } catch {
        // MDC method
        // grant r/w access
        if #available(iOS 15, *) {
            grant_full_disk_access() { error in
                if (error != nil) {
                    UIApplication.shared.alert(title: "Access Error", body: "Error: \(String(describing: error?.localizedDescription))\nPlease close the app and retry.")
                } else {
                    StatusManager.sharedInstance().setIsMDCMode(true)
                }
            }
        } else {
            UIApplication.shared.alert(title: "MDC Not Supported", body: "Please install via TrollStore")
        }
    }
}

[mrx-rx]

Addressed in #301. Code fix implemented.