finds.dev← search

// the find

opa334/darksword-kexploit

★ 1,414 · Objective-C · updated Mar 2026

iOS <=26.0.1 DarkSword Kernel Exploit reimplemented in Objective-C

A kernel privilege escalation exploit for iOS 15–26.0.1, reimplemented in Objective-C by opa334 (the TrollStore author). It's a direct port of an existing leaked exploit, not original research — opa334 spent an afternoon making it compile and run on iOS 15. Audience is iOS security researchers and jailbreak developers who need a kernel PE primitive they can read and modify.

opa334 has real credibility here — TrollStore and other shipping jailbreak tools are proof they understand iOS internals, not just copy-paste. The Objective-C rewrite makes the logic readable without Theos or Swift toolchain overhead. The README is unusually honest about provenance, scope, and the afternoon it took. Wide iOS version range claim (15–26.0.1) makes it a useful reference across generations of devices.

Offsets are only hardcoded for 15.x and the question mark in the README ('15.x(?)') does not inspire confidence — you will need to supply offsets yourself for anything newer. Single source file with no explanation of the exploit primitives means you need to read the original repo in parallel to understand what is actually happening. No API, no library target, no integration guide — this is a proof-of-concept you build on yourself, not a drop-in component. The codebase is explicitly one afternoon's work, so edge cases and error handling are minimal.

View on GitHub →

// want more like this?

We dig through GitHub every week and send a few repos picked for what you actually care about — each with an honest take like this one.

Get finds in your inbox → Search again →