VMLite Inc

Vibe coding a new vmm, really having fun!

@Manumalware @MudSplasherdev You setup an environment, tell Gemini how to flash the device, give access to the ipsw, the tools, such as img4, img4tool, idevicerestore, etc. then write a product plan on what to do, what is the goal. Gemini CLI will do the work, you just keep hitting Yes to proceed.

@vmlite @MudSplasherdev And what prompt will we have to type on gemini ? Pls ?

GOOD NEWS

@MudSplasherdev You can try to use Gemini cli, I didn’t write code, Gemini did it

@vmlite Very cool

@MudSplasherdev I know this host redirection. I made my own tss server too, can work all the way up to libimage4 without any patching of code. I am using it to play with vphone firmware

@vmlite Just change your hosts file to redirect gs.apple.com to localhost (The TSS server is coming from localhost)

@MudSplasherdev The leaf certificate is very important, but at about 95%, restore would fail, without patching, libimage4.dylib is tough to pass with restored_external

@vmlite Its purplerestore 3

@_inside One more question, again, if you don’t mind, are you using the restore RAM disk from vresearch ipsw or iOS 26.2 ipsw ? Thank you

@vmlite 33831

Since a recent firmware included components for a virtual iPhone, I decided to see if I could boot one up. This is a virtualized iPhone 16 running iOS 26.2. Don't get too excited, as this required a lot of IPSW patches and SpringBoard crashes when I swipe up in the setup screen.

@_inside Thank you !

@matteyeux Ok, I found the strings in DeviceTree.vphone600ap.im4p, thank you

@matteyeux Which firmware did you see this iPhone VRE? I downloaded a few from “pccvre release download”, but couldn’t find it. Thanks

I suspect Apple to provide a virtual iPhone for security research in 2026. Some firmware contains a devicetree for an "iPhone Research Environment Virtual Machine"

@matteyeux Very much appreciated! I downloaded it a few days ago, and unzipped it, but couldn’t find the strings you mentioned. Which file did you do bd the strings? There are two DeviceTree im4p files

@_inside If you don’t mind, can you tell which release of assets downloaded by pccvre are you using?

After improving my GPU driver patch, the iOS VM now has fully* working Metal rendering 🥹 * WebKit rendering is still broken, but it's the only broken thing I could find

@_inside Can I buy a copy?

I had to write a missing component of the AppleParavirtGPU driver, and now the iOS 26 VM has proper graphics 🥳

@nyan_satan Hi, anyway to try or buy your iOS virtualization on arm Mac? I’d like to see if can virtualize iOS26.

Here is my little article with technical details behind the iOS 6 on iPod touch 3 bring-up nyansatan.github.io/run-unsupporte…

@nyan_satan Nice work! I also watched your YouTube video on iOS vm running ok macOS with virtualization. Framework, even more impressive

@whati001 @nyan_satan iOS supports a special host node lightning connector, which is different from the regular lightning cable we use every day. If you use usb analyzer, it does have iAP traffic, starting with 0x55. You can use a regular lightning cable to switch iOS to host mode by control transfer

@nyan_satan Thank you very much for your research. Also did some research to Haywire and Nero protocol running on it. But I have not managed yet to understand how Haywire puts the Apple Device into USB host mode without iAP. Do you have a hint for me? guess some resistor network...

Here is my little thread about Lightning video adapters – also known as Haywire – which are actually computers that feature Apple Secure Boot and run Darwin kernel

@nyan_satan @a1exdandy Ok, thanks. I just tried one lightning female to micro usb male adapter, you are right. It does NOT work with AV adapter, it seems have to try the breakout boards as you mentioned. I used the firmware to reverse engineered the usb mirroring protocol, mainly thru static analysis.

@vmlite @a1exdandy There’s no such thing as “Lightning female adapter” on the market afaik. You need either breakout boards, or butcher an extension cable Speaking of host - not sure at this point. It might be that modern Mac HW/SW won’t work out-of-box with that fork

@nyan_satan Hi, your research on haywire firmware is impressive! I was curious if you have found a way to decrypt the kernel? Thanks

@nyan_satan @a1exdandy Ok, thanks. I just tried one lightning female to micro usb male adapter, you are right. It does NOT work with AV adapter, it seems have to try the breakout boards as you mentioned. I used the firmware to reverse engineered the usb mirroring protocol, mainly thru static analysis.

@nyan_satan @a1exdandy Thank you for the quick response. From reading the doc, it seems that I first need to buy a lightning female adapter to connect Apple AV adapter to a MacBook then run the ipwnfu program on MacBook, right? This is really new to me.

Ok, thanks. I just tried one lightning female to micro usb male adapter, you are right. It does NOT work with AV adapter, it seems have to try the breakout boards as you mentioned. I used the firmware to reverse engineered the usb mirroring protocol, mainly thru static analysis.

@nyan_satan @a1exdandy Ok, thanks. I just tried one lightning female to micro usb male adapter, you are right. It does NOT work with AV adapter, it seems have to try the breakout boards as you mentioned. I used the firmware to reverse engineered the usb mirroring protocol, mainly thru static analysis.

@vmlite Sure, that’s easy. @a1exdandy ported checkm8 to that thing, so now you can do it twitter.com/a1exdandy/stat…