NYTimes.com <[email protected]>
)(lldb) po [[[[$r2 object] copyAllMessages] anyObject] senders]
<__NSArrayI 0x16850850>(
NYTimes.com <[email protected]>
)(lldb) po [[[[$r2 object] copyAllMessages] anyObject] to]
<__NSArrayI 0x16850840>(
[email protected]
)(lldb) po [[[[$r2 object] copyAllMessages] anyObject] dateSent]
2014 - 10 - 01 21:30:32 +0000
(lldb) po [[[[$r2 object] copyAllMessages] anyObject] subject]
Asian Morning: Told to End Protests, Organizers in Hong Kong Vow to Expand Them
(lldb) po [[[[$r2 object] copyAllMessages] anyObject] messageBody]
<MFMimeBody: 0x16852fc0>Everything is too distinct to explain. firstSender returns a single sender, while
sendersIfCached and senders both return an NSArray, which means on iOS, there could be
multiple senders in an email. Although this situation is quite rare (at least for me, I have never
seen multiple senders), to avoid missing any sender, I’ll still use “senders” to get all possible
senders. The final task is to mark messages as read; do you still remember [MessageMegaMall
markMessagesAsViewed:] in section 8.2.5? Is it the right method for marking messages as read?
Let’s set a breakpoint on this method and check whether it will be called when we mark an
email as read.
At first, we need to locate [MessageMegaMall markMessagesAsViewed:] in IDA and check
its base address, as shown in figure 8-17.
Figure 8- 16 [MessageMegaMall markMessagesAsViewed:]
Its base address is 0x13b648. Since the ASLR offset of MobileMail is 0xb2000, we can set a
breakpoint like this:
(lldb) br s -a ‘0x000b2000+0x0013B648’
Breakpoint 4: where = MobileMail`___lldb_unnamed_function7357$$MobileMail, address =
0x001ed648
Process 103910 stopped
* thread #1: tid = 0x195e6, 0x001ed648
MobileMail`___lldb_unnamed_function7357$$MobileMail, queue = ‘com.apple.main-thread,
stop reason = breakpoint 4.1