all extracted via IDA, as illustrated in this example.
Drag and drop iOSRETargetApp’s binary into IDA. The Functions window after initial
analysis is shown in figure 4-4.
Figure 4- 4 Functions window
As we can see, CPPClass::CPPFunction(char const*), _CFunction and _ShortCFunction are
listed here. Double click “CPPClass::CPPFunction(char const*)” to go to its implementation, as
shown in figure 4-5.
Figure 4- 5 CPPClass::CPPFunction(char const*)
The underline prefixed string in line 4 is exactly the symbol we’re looking for. In the same
way, where _CFunction and _ShortCFunction come from is obviously shown in figure 4-6 and
figure 4-7.