Simulator Injections (iOS 10)

With the reveal of iOS 10, some jailbreak developers have been trying to get dylib injection so they can either test existing tweaks or do some research.

The best way to do this is heavily based on friggog’s method. With some modifications, you can easily do this with iOS 10.

First, add the following to your Makefile:

TARGET = simulator:clang:latest:10.0 # Near the top
tweakname_USE_SUBSTRATE = 0 # Near decleration

Finally, in order to build to the simulator, you first need to open the simulator. Then, open terminal to your theos project and copy-paste the following:

make clean; make; xcrun simctl spawn booted launchctl debug system/com.apple.SpringBoard --environment DYLD_INSERT_LIBRARIES="$PWD"/.theos/obj/iphone_simulator/debug/tweakname.dylib; xcrun simctl spawn booted launchctl stop com.apple.SpringBoard

These commands tell the simulator to inject your generated dylib into SpringBoard the next time it loads. We then force the simulator to stop SpringBoard, which forces a restart.

That’s it. Make sure you are using the latest version of theos/theos in order for this to work.

Thanks to @angelxwind for the command sequence.