Is this really low level though? Because its hooking UIKit which is very high level relative to ASM. I'd be really curious to see an app draw on iOS without UIKit. I don't know if thats possible.
You can write directly to the frame buffer, like a video game. You still need the UIKit import to publish, because it has to be bundled into a .ipa which requires an AppDelegate, a UIBundle, among other things.
If you want to “technically” avoid UIKit, you can drop one step lower. UIKit is implemented on CoreAnimation. A bare UIView is nearly a pass through wrapper around CALayer. It wouldn’t be hard to build your own custom UI on CALayers. The old CA tutorials for implementing a ScrollView from the ground up are still floating around out there.
And even that won't do it, because within the constraints of iOS, eventually that framebuffer with software rendering has to be displayed on the screen via an OS API, which is UI Kit.
If you enable the JIT entitlement for personal development, then bundle a mach-o into an entitled app. Or compile it directly on the app and mprotect-x to execute it. Is there something else you can’t do that I’m not considering? I might give this a try.
Is syscall a public API on iOS? In the end, you have to call that to get anything on the screen?
Looking at unistd.h, it seems marked as
__OS_AVAILABILITY_MSG(ios,deprecated=10.0,"syscall(2) is unsupported; "
"please switch to a supported interface. For SYS_kdebug_trace use kdebug_signpost().")
I doubt you can render an UI in pure Assembly and show it on the screen without going through UI Kit in a non-rooted device, given that even the device drivers extension points is quite limited.
Which was the whole discussion point that started the thread, how to make a iOS app with zero references to UI Kit.
This isn't an 8 and 16 bit home computers, or games console, with an address for the framebuffer.
