zynamics Objective-C helper script

对于OC的程序逆向IDA直接解析的代码并不是十分清晰,有太多的_objc_msgSend之类的函数,而根本不知道具体调用的函数是个什么鸟东西。用这个插件可以修正诸如 _objc_msgSend之类的名字。

 

修改之后效果如下:

这样就直观的多了,最起码可以知道调用的是个什么东西,并且在修正之后可以生成更加直观的graph view。

zynamics Objective-C helper script has moved to Google Code
==================================++=======================

This repository has moved to Google Code:
http://code.google.com/p/zynamics/source/checkout?repo=objc-helper

zynamics Objective-C helper script

Description
———–

This is an idapython script that analyzes ARM/Objective-C files in
order to patch calls made to msgSend(), in order to have a better
callgraph and more useful cross references. A bit of extra information
can be found on:

http://blog.zynamics.com/2010/04/27/objective-c-reversing-i/
http://blog.zynamics.com/2010/04/27/objective-c-reversing-ii/

Also fixObjectiveCx86 implements a port that works on x86 binaries, as
Vincenzo explains in this other blog post:

http://blog.zynamics.com/2010/06/08/objective-c-phun-on-mac-os-x/

Prerequisites
————-

The script has been developed and tested using IDA 5.6 and idapython
1.3.0 but it should work with older versions.

Usage
—–

Just open the target executable file or IDB and run the script. If you
are working with iPhoneOS binaries you will find your target inside the
IPA file. And remember that applications downloaded from the AppStore
have the code section encrypted, so you will need to decrypt it before
running the script or trying to analyze it.

After running the script is recommended to make IDA re-analyze the
program to get the correct assembly listings and cross references. In
order to do that, inside IDA go to Options->General->Analysis and then
click on “Reanalyze Program”

WARNING:
This script modifies the IDA DataBase by creating new segments and
patching code. If you don’t know the implications of this, it is
a good idea to have a backup of the database.

License
——-

The Objective-C helper script is GPLv2-licensed. If you prefer to
distribute code from the script under another license please contact
us to learn about re-licensing options.

Objective-C helper script
Copyright (C) 2010 zynamics GmbH

This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or (at
your option) any later version.

This program is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc.,
59 Temple Place, Suite 330, Boston, MA 02111-1307 USA

☆版权☆

* 网站名称:obaby@mars
* 网址:https://danteng.me/
* 个性:https://oba.by/
* 本文标题: 《zynamics Objective-C helper script》
* 本文链接:https://danteng.me/2012/07/4322
* 短链接:https://oba.by/?p=4322
* 转载文章请标明文章来源,原文标题以及原文链接。请遵从 《署名-非商业性使用-相同方式共享 2.5 中国大陆 (CC BY-NC-SA 2.5 CN) 》许可协议。


猜你喜欢:

1 comment

  1. Level 1
    Google Chrome 23 Google Chrome 23 Windows 7 Windows 7 cn中国–山东–青岛 联通

    对 ios5 以后, 不好用了吧

发表回复

您的邮箱地址不会被公开。 必填项已用 * 标注