Microsoft Word - iOSAppReverseEngineering.docx

talking about. Anyway, welcome to http://bbs.iosre.com for further discussion.

Follow me:

1. Create iOSRETargetApp with Theos. The commands are as follows:

snakeninnys-MacBook:Code snakeninny$ /opt/theos/bin/nic.pl

NIC 2.0 - New Instance Creator

------------------------------

[1.] iphone/application

[2.] iphone/library

[3.] iphone/preference_bundle

[4.] iphone/tool

[5.] iphone/tweak

Choose a Template (required): 1

Project Name (required): iOSRETargetApp

Package Name [com.yourcompany.iosretargetapp]: com.iosre.iosretargetapp

Author/Maintainer Name [snakeninny]: snakeninny

Instantiating iphone/application in iosretargetapp/...

Done.

2. Modify RootViewController.mm as follows:

#import "RootViewController.h"

class CPPClass

{

public:

void CPPFunction(const char *);

};

void CPPClass::CPPFunction(const char *arg0)

{

for (int i = 0; i < 66; i++) // This for loop makes this function long enough to

validate MSHookFunction

{

u_int32_t randomNumber;

if (i % 3 == 0) randomNumber = arc4random_uniform(i);

NSProcessInfo *processInfo = [NSProcessInfo processInfo];

NSString *hostName = processInfo.hostName;

int pid = processInfo.processIdentifier;

NSString *globallyUniqueString = processInfo.globallyUniqueString;

NSString *processName = processInfo.processName;

NSArray *junks = @[hostName, globallyUniqueString, processName];

NSString *junk = @"";

for (int j = 0; j < pid; j++)

{

if (pid % 6 == 0) junk = junks[j % 3];

}

if (i % 68 == 1) NSLog(@"Junk: %@", junk);

}

NSLog(@"iOSRE: CPPFunction: %s", arg0);

}

extern "C" void CFunction(const char *arg0)

{

for (int i = 0; i < 66; i++) // This for loop makes this function long enough to

validate MSHookFunction