issuhub.com

Microsoft Word - iOSAppReverseEngineering.docx

(Romina) #1

to “/usr/bin”, and run “sudo chmod 777 /usr/bin/class-dump” in Terminal to grant it execute


permission. Run class-dump, you will see its usage:


snakeninnysiMac:~ snakeninny$ class-dump

class-dump 3.5 (64 bit)

Usage: class-dump [options] <mach-o-file>

where options are:


  • a show instance variable offsets

  • A show implementation addresses
    --arch choose a specific architecture from a universal binary (ppc,
    ppc64, i386, x86_64, armv6, armv7, armv7s, arm64)

  • C only display classes matching regular expression

  • f find string in method name

  • H generate header files in current directory, or directory
    specified with -o

  • I sort classes, categories, and protocols by inheritance (overrides

  • s)

  • o output directory used for -H

  • r recursively expand frameworks and fixed VM shared libraries

  • s sort classes and categories by name

  • S sort methods by name

  • t suppress header in output, for testing
    --list-arches list the arches in the file, then exit
    --sdk-ios specify iOS SDK version (will look in
    /Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS.sdk
    --sdk-mac specify Mac OS X version (will look in
    /Developer/SDKs/MacOSX.sdk
    --sdk-root specify the full SDK root path (or use --sdk-ios/--sdk-mac for a
    shortcut)


The targets of class-dump are Mach-O binaries, such as library files of frameworks and


executables of Apps. Now, I will show you an example of how to use class-dump.



  1. Locate the executable of an App


First, copy the target App to OSX, as I placed it under “/Users/snakeninny”. Then go to


App’s directory in Terminal, and use plutil, the Xcode built-in tool to inspect the


“CFBundleExecutable” field in Info.plist:


snakeninnysiMac:~ snakeninny$ cd /Users/snakeninny/SMSNinja.app/

snakeninnysiMac:SMSNinja.app snakeninny$

snakeninnysiMac:SMSNinja.app snakeninny$ plutil -p Info.plist | grep CFBundleExecutable

"CFBundleExecutable" => "SMSNinja"

“SMSNinja” in the current directory is the executable of the target App.



  1. class-dump the executable


class-dump SMSNinja headers to the directory of “/path/to/headers/SMSNinja/”, and sort


them by name, as follows:

Free download pdf
Get our desktop app
Company
Features
Documentation
Resources
© ISSUHUB. 2024. All rights reserved.