Hi, If you can sign jailbreak binaries using ldid and entitlements to allow running those codes and to set the signed binaries to run as root, with a "virtual rootless jb" enviroment by this TrollBox, it can give an option for untethered/semi-untethered jb on any iOS that supports CoreTrust bug especially for those who are A11 and lower because there are banned entitlements allowed so thay amfi bypass can be added to those devices.
This also allows the ability to modify springboard binary for iOS 15 for example, to inject jailbreak script to run as root while springboard binary is doing it's job so while springboard is loading, the script that starts jailbreak from the TrollBox I've suggested (the rootless signed bootstrap in it) and mount the apps, the jb will be automatically applied after every single boot and respring without needing for PC anymore.
For the rootful method, I'm not sure that this could work except for the iOS 14 that have naturally root filesystem unlocked to be RW but for iOS 15+, rootless method for this suggestion will for sure be more possible than rootful mode.
Hi, If you can sign jailbreak binaries using ldid and entitlements to allow running those codes and to set the signed binaries to run as root, with a "virtual rootless jb" enviroment by this TrollBox, it can give an option for untethered/semi-untethered jb on any iOS that supports CoreTrust bug especially for those who are A11 and lower because there are banned entitlements allowed so thay amfi bypass can be added to those devices.
This also allows the ability to modify springboard binary for iOS 15 for example, to inject jailbreak script to run as root while springboard binary is doing it's job so while springboard is loading, the script that starts jailbreak from the TrollBox I've suggested (the rootless signed bootstrap in it) and mount the apps, the jb will be automatically applied after every single boot and respring without needing for PC anymore.
For the rootful method, I'm not sure that this could work except for the iOS 14 that have naturally root filesystem unlocked to be RW but for iOS 15+, rootless method for this suggestion will for sure be more possible than rootful mode.