![]() ![]() It can also disassemble:īash$ xcrun -sdk iphoneos otool -arch arm64 -tV FaceCore The otool command displays specified parts of object files or libraries. Documentation is available on the linked page. Jtool is a project by morpheus which provides a powerful command-line utility for static analysis of Mach-O caches, objects, files, and more. It currently runs for approximately $299 USD (for the non-commercial version). The pseudocode it generates is on par with IDA, and offers an alternative to Hopper's pseudocode, which can be difficult to work with.įor those who can't afford expensive licenses, Ghidra is more than enough for any developer or engineer.īinaryNinja is a newer Disassembler with a fleshed-out Python / C++ API capable of static Reverse Engineering. Ghidra is a free, very powerful reverse-engineering tool released by the NSA. Pseudocode cannot be edited, and is often difficult to read.Ī free, evaluation copy of the program is offered which limits functionality and showcases a much older version of the program.Hopper is a newer disassembler and decompiler that offers an excellent choice for hobbyists that don't have several thousand to spare. One processor type per license.Įven "lite-er' version. Capable of disassembling/debugging most binary types, both 32 and 64 bit. These have been documented in the page linked below. Recent versions include unrivalled dyld_shared_cache tools. It's typically regarded as the industry standard for Reverse Engineering. IDA has a massive amount of features and has been in development for over three decades. IDA, or IDA Pro, (the Interactive DisAssembler) is a very popular program for disassembling binaries. This is called decompiling, and IDA, Hopper, and Ghidra all have powerful decompilers bundled with them. ![]() These programs are designed to aid and facilitate reverse engineering of compiled software.Īlthough all can "Disassemble", that is, provide assembly code, some can also provide near-perfect C pseudocode from the assembly. See the dyld_shared_cache page on this wiki for a full list of tools and info.ĭisassemblers are useful when you need an in-depth analysis of a binary. On a static cache, using DyldExtractor is recommended. Requires iOS7 and above.ĭumpdecrypted dyld_shared_cache extraction The following tools can be used to analyze an executable.ĭecrypting App Store Applications FlexDecryptįlexdecrypt is an app/macho decryption tool, notable for not requiring app launch to decrypt executables.Ĭlutch decrypts app executables, plugins and frameworks. Remember that the resulting files are not the original headers, so use them with caution. If you want to class-dump private frameworks, you can either install Xcode and class-dump the frameworks on your Mac using the above tools, or you can use classdump-dyld, which works right on your device (classdump-dyld can also be installed via its package hosted on BigBoss). (class-dump may produce better headers than class-dump-z for recent binaries.) This allows for an analysis of what methods exist in the executable, which can help you guess which ones to hook to get given functionality.Īll default (private and public) libraries on iOS are combined into a big cache file to improve performance in /System/Library/Caches//dyld_shared_cache_armX (see dyld_shared_cache for more details). It also comes with a splendid writeup on ObjC/Swift class-dumping: class-dump, class_dump_z, classdump-dyldįrom a given executable, class-dump and class_dump_z will generate header files with class interfaces. It's self-described as "An improved nm + objc/swift class-dump". Display a lot of valuable info about MachO binaries, including ones with mangled/corrupted load commands.ĭsdump is a tool (compatible with MacOS and and iOS), notable for being also able to dump Swift metadata.Insert/replace load commands, etc (a la optool, install-name-tool).tbds (a la class-dump, tapi, otool, etc.) Browse and/or Hexdump Load Commands, Segments, etc via the GUI.Tested on Windows x86/ARM, MacOS x86/M1, Linux x86/ARM, iOS (in both iSH and SSH), and Android. Ktool is a fully cross-platform tool and library for ObjC class dumping/header generating (among many other things). iOS-Runtime-Headers (Hosted on github, with access to the slightly superior github search bar).(Has a solid search tool, automatic, and dumps for every major ios version from iOS 3 through 14).(Has syntax highlighting, version diffing, and logos hook generation (click a line number)).It's written in golang and works on macos, and to some extent, linux.Ĭlass/Metadata Dumping tools iOS Header Dumps 1.2.4 class-dump, class_dump_z, classdump-dyldīlacktop's ipsw tool is an absolute juggernaut, capable of doing ( _to some extent_ ) what every single tool on this page can do (and more).
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |