Yes, it’s grep again! Since we have already mentioned that we can use grep to search strings
in binaries, it’s just a piece of cake for grep to deal with text files. Let’s try grep with previous
example:
snakeninnysiMac:~ snakeninny$ grep -r -i proximity
/Users/snakeninny/Code/iOSPrivateHeaders/8.1
/Users/snakeninny/Code/iOSPrivateHeaders/8.1/Frameworks/CoreLocation/CDStructures.h:
char proximityUUID[512];
/Users/snakeninny/Code/iOSPrivateHeaders/8.1/Frameworks/CoreLocation/CLBeacon.h:
NSUUID *_proximityUUID;
......
/Users/snakeninny/Code/iOSPrivateHeaders/8.1/SpringBoard/SpringBoard.h:-
(_Bool)proximityEventsEnabled;
/Users/snakeninny/Code/iOSPrivateHeaders/8.1/SpringBoard/SpringBoard.h:-
(void)_proximityChanged:(id)arg1;Although the results of grep are comprehensive, it looks a little messy. Here, I recommend
using the built-in search function in OSX. After all, graphical interface looks more
straightforward than command line.
5.2.4 Test private methods
In reverse engineering, most methods we are interested in are private. As a result, there are
no documentations available for reference. If lucky enough, you can get some information from
Google. However, it may indicate that your target methods have already been reversed by
others, hence your tweak may not be unique. If there is nothing on Google, congratulations,
you are probably the first one to come up with the tweak idea, but you have to test the private
methods by yourself.
Testing Objective-C methods is much simpler than testing C/C++ functions, which can be
done via either CydiaSubstrate or Cycript.
- CydiaSubstrate
When testing methods, we mainly use CydiaSubstrate to hook them in order to determine
when they’re called. Suppose we think saveScreenShot: in SBScreenShooter.h is called during
screenshot, we can write the following code to verify it:
%hook SBScreenShotter- (void)saveScreenshot:(BOOL)screenshot
{
%orig;
NSLog(@"iOSRE: saveScreenshot: is called");
}
%end