Microsoft Word - iOSAppReverseEngineering.docx

(Romina) #1
id a = function(dataSource);
id b = function(a);
id c = function(b);
...
id z = function(y);
NSString *myPhoneNumber = function(z); // tail

The variable is already known, and we’re at the tail of the call chain. Reverse engineering, as


its name suggests, enables us to track from the tail back to the head. In this process we will find


out every function in this chain, so that we can regenerate the whole algorithm. In a nutshell, to


regenerate the algorithm is to record every data source (data source’s data source, and so on.


Hereafter referred to as the Nth data source) and the trace of function calls along the trip. When


the Nth data source of the variable is a determined data (say in this chapter, the Nth data source


is the SIM card), the functions between Nth data source and variable is the algorithm. Confused?


It’ ll become clearer after this example.



  1. Find the UI function of the top cell


Figure 6-16 MVC design pattern, taken from Stanford CS 193P


According to MVC design pattern (as shown in figure 6-16), M stands for model, namely,


the data source, which is unknown; V stands for view, namely, the top cell, which is known; C


stands for controller, which is unknown. M and V has no direct relations, while C can directly


access both M and V, hence is the communication center of MVC. If we can make use of the


known V to acquire C, can’t we access M via C to get the data source? This method is logically


accessible, is it practicable?


Based on my professional experiences so far, getting C from V is 100% doable; the key is the


public method [UIResponder nextResponder], which has the same position to


recursiveDescription in my heart. Its description is:

Free download pdf