Figure 5- 10 WLAN
Our attention lies on actual operations of an App for sure. As a result, how to locate
PreferenceBundle binaries that perform the actual operations is one topic for us to study. Third
party PreferenceBundles that come from AppStore can be only used as configuration of their
corresponding Apps, they don’t provide any actual functions, there’s no need to locate them.
PreferenceBundles from Cydia are also not problems because the solution was already
introduced in “locate by Cydia”. However, when it comes to the iOS stock PreferenceBundles,
the process of locating their binaries is a bit complicated.
The UI of a PreferenceBundle can be written programmatically or be constructed from a
plist file with a fixed format (You can refer to
http://iphonedevwiki.net/index.php/Preferences_specifier_plist for the format). When we try
to reverse engineer a PreferenceBundle, if all control object types in the PreferenceBundle UI
come from preferences specifier plist, such as the “About” view shown in figure 5-11, we should
pay attention to distinguish whether it is written programmatically or constructed from plist.