Microsoft Word - iOSAppReverseEngineering.docx

(Romina) #1

Figure 10- 73 [CKConversation sendMessage:onService:newComposition:]


The execution flow of this method is more straightforward than the previous ones. Skim it


briefly, we can see phrases like “Sending message with guid: %@”, “ => Sending account: %@”


and “=> Recipients: [%@]”, most of which are arguments of _CKLogExternal. If MobileSMS


has already started recording these into syslog, doesn’t it prove that “send iMessage” is


happening? What’s more, we’ve seen the suspicious keyword “sendMessage:” again in figure 10-


74:


Figure 10- 74 loc_2691f836


What’s the receiver and arguments of “sendMessage:”? Let’s find them in IDA; the receiver,


R0, comes from R5. Where does R5 come from? Keep looking upwards until loc_2691F726, as


shown in figure 10-75.

Free download pdf