ONE Jailbreak Ad

KFD apps for iOS 16.2 – iOS 16.5, and iOS 16.6 Beta 1

Promotion image of KFD article.

KFD, short for kernel file descriptor, is a new exploit by felix-pb to read and write kernel memory on Apple devices. It leverages various vulnerabilities that can be exploited to obtain dangling PTEs, which will be referred to as a PUAF primitive, short for “physical use-after-free”. Then, it reallocates certain kernel objects inside those physical pages and manipulates them directly from user space to achieve kernel read/write.

This kernel read/write exploit is used now by iOS customization and tweaks developers to change the look of Home Screen, alter hidden system settings, remove Dock background, replace icons, modify Control Center appearance, activating Dynamic Island on all iOS 16 devices, and more. Basically, everything possible with the old exploit to create MacDirtyCow tweaks can be also achieved with KFD exploit. However, it requires discovering special offsets.

KFD exploit code is conveniently bundled within the library, libkfd, but the project also provides straightforward executable wrappers for iOS. This exploit has been made available as an open-source project under the permissive MIT license through a GitHub Repository.

KFD effectively targets two critical vulnerabilities: CVE-2023-32434 and CVE-2023-23536. It successfully compromises A12 to A16 devices (iPhone XS – iPhone 14) running iOS 16.5 and earlier versions, and iOS 16.6 Beta 1. While it might be possible to use KFD to exploit iOS 15, a more advisable approach is to utilize the MacDirtyCow exploit instead.

Note: KFD exploit was fixed, and it will never work on iOS 16.5.1 and newer, also iOS 16.6 Beta 2 includes a fix disallowing the exploit to work properly.

Best KFD apps for iOS

KFD exploit has enabled the release of various tools for iOS 16 on A12+, all of which can be installed without the need for a jailbreak. It is important to note that the vulnerability was addressed in the subsequent releases of iOS, with iOS 16.5.1 and iOS 16.6 Beta 2 fixing the bug. As a result, none of the KFD tools will function on these or any later releases of iOS.

1. Misaka

Misaka KFD is a tweak manager for MacDirtyCow & KFD exploits, allowing you to modify iOS without the need of jailbreak. It doesn't offer as many possibilities a jailbreak has to offer, but still things you can modify or enable on your device are amazing. Misaka supports all devices compatible with KFD, both jailbroken and not, running A12-A16 (iPhone Xs – iPhone 14 Pro Max) on iOS 16.2 – iOS 16.5 & iOS 16.6b1. Misaka offers access to over 300 tweaks.

Misaka KFD screenshot.

2. Cluckabunga

Cluckabunga KFD is a new project from LeminLimez, the developer behind Cowabunga. This new initial release of KFD Toolbox provides essential configuration options for Springboard, Lock Icons, Custom Fonts, and even enables Dynamic Island on any device running iOS 16.2 and newer. Cluckabunga supports features to enable Dynamic Island and X Gestures on iOS 16, and all Springboard Tools from Cowabunga were integrated into the new app.

Chicken Butt KFD screenshot.

3. KFDFontOverwrite

KFDFontOverwrite is a new application utilizing the KFD exploit for iOS to replace system fonts. Because the application is using the KFD exploit, it doesn't require a full-featured jailbreak to change iOS fonts. Furthermore, you can also import even more compatible fonts and apply them on your iOS 16 device. Everything from iPhone XS to iPhone 14 Pro Max is compatible. Also, it works on iOS 16.6b1 with iPhone Xr, iPhone 11 and 11 Pro, iPhone 14 Pro.

KFDFontOverwrite KFD screenshot.

4. Posi0nKFD

Posi0nKFD is a tweak tool for iOS, leveraging the recently unveiled KFD exploit compatible with iOS versions 16.5 and below, as well as iOS 16.6 Beta 1. While its potential reach all modern devices from A12 to A16. Posi0nKFD empowers you to customize your iOS device effortlessly, offering features such as hiding the Dock and Home Bar, enabling iPhone 14 Pro Resolution, and even allowing you to use custom fonts. Furthermore, you can personalize the CC with custom icons and add a touch of uniqueness to your Lock Screen with custom icons as well.

Posi0nKFD KFD screenshot.

5. SimpleKFD

SimpleKFD is a KFD exploit to personalize hidden iOS settings, all without the necessity of a jailbreak. This application truly distinguishes itself by offering comprehensive tweak support spanning from iOS 15 to iOS 15.7.6, and from iOS 16 to iOS 16.5, including iOS 16.6 Beta 1. Within this collection of options, you'll uncover a spectrum of functionalities, such as hiding elements like the Homebar and Dock, unlocking the full prowess of the 14 Pro Max resolution, and harnessing the dynamic capabilities of the 14 Pro Max Dynamic Island (only on iOS 16).

SimpleKFD screenshot.

6. PureKFD

PureKFD (PurityKFD) is a new project developed by Lrdsnow, allowing users to access Picasso Packages and Misaka package and execute them using KFD exploit on supported devices. Basically, this is a simple KFD tweak manager, combining Picasso and Misaka tweaks. However, the Misaka Repositories are not yet supported and will be added in the near feature. The core concept driving PureKFD is to offer Picasso enhancements, which, in reality, are readily available for free. However, PurityKFD necessitates users to make a purchase for these tweaks.

PureKFD screenshot.

7. Picasso

Picasso emerges as a cutting-edge tweak manager designed exclusively for jailed iPhones, harmoniously compatible with the KFD exploit. This application is introduced as premium software, accessible for a reasonable price of $5.95. It extends its support from iOS 16.0 through iOS 16.5, and also iOS 16.6 Beta 1 on A12+ iPhones. The developers have indicated that Picasso will ultimately become available as a free release after beta tests.

Picasso KFD screenshot.

Picasso distinguishes itself with an impeccably crafted user interface, presenting a sleek and intuitive design. However, it's worth noting that there are alternative package managers available in the community that provide significantly more features and functionality at no cost.

Author Photo
Written by

Kuba has over 20 years of experience in journalism, focusing on jailbreak since 2012. He has interviewed professionals from various companies. Besides journalism, Kuba specializes in video editing and drone flying. He studied IT at university before his writing career.

Post a comment

Latest Posts


How to use Palen1x ISO to jailbreak on Windows

Palera1n Jailbreak for iOS 15 to iOS 16 is not available for Windows PC, which has led to the development of a new project called Palen1x. The goal of Palen1x is to enable Windows users to access Palera1n directly from their PCs. Palen1x is based on the...

Euro 2024 playlist for StrymTV

Euro 2024 playlist for StrymTV

If you love football, get ready for Euro 2024 in Germany. It’s a big event featuring top European players like Cristiano Ronaldo, Robert Lewandowski, and Kylian Mbappe. With StrymTV you can watch all the Euro 2024 group stage games on your mobile device...


Detect SeaShell malware in IPA and TIPA with TrollInstall

TrollInstall is a shortcut app that lets you install IPA and TIPA files with SeaShell protection. SeaShell is an open-source malware that can easily be injected into any IPA file installed through TrollStore. Downloading IPAs from untrusted sources can...