《iOS应用逆向与安全》随书源码
alonemonkey / iosrebook Goto Github PK
View Code? Open in Web Editor NEW《iOS应用逆向与安全》随书源码
License: GNU Affero General Public License v3.0
《iOS应用逆向与安全》随书源码
License: GNU Affero General Public License v3.0
《iOS应用逆向与安全》随书源码
AloneMonkey 您好,我是用了 Hooper V4 demo版本来静态分析随书源码的UserLogin。发现用Hooper反汇编userLogin函数的结果与书中讲解并不一致?这是为什么呢?是因为Hooper的版本问题吗?还是iOS SDK版本不一致导致的?
我照着书里安装brew install dpkg fakeroot, ldid的版本是1.2.1,没有指定到1.18.10。
然后在执行make package的时候,报错如下,求教
akeroot, while creating message channels: Invalid argument
This may be due to a lack of SYSV IPC support.
fakeroot: error while starting the `faked' daemon.
make: *** [internal-package] Error 1
书上第27页,改进dumpdecrypted 使用make编译失败
MacBook-Pro:dumpdecrypted fei$ make
make: *** No targets specified and no makefile found. Stop.
还想请教下修改 CXToken 内容 如何保存到文件。
1.你在iOSREBook里的7.2 非越狱逆向里的WhatsApp里,hook的代码写在哪里的? 看不懂,下面四个文件里,都没有写hook代码。 能写详细在哪个文件去写hook代码吗? 而且我新建 MonkeyDev里的WhatsAppDylib.mm是空的。
2.能教一下MonkeyDev,详细的hook用法吗? 跪求啊
3.还有你说通过CaptainHook来编写代码,我运行越狱手机,报错
ssh: connect to host localhost port 22: Connection refused
ssh -p22 root@localhost mkdir -p "/var/root/MonkeyDevPackages"
Command PhaseScriptExecution failed with a nonzero exit cod
3.1.我把MonkeyDevDevicePassword填写了密码,运行 报错:
Failed to locate sshpass. Is sshpass installed? If not, brew install https://raw.githubusercontent.com/kadwanev/bigboybrew/master/Library/Formula/sshpass.rb
Command PhaseScriptExecution failed with a nonzero exit code
4.还有就是你说创建MonkeyDev的时候,自带RevealServer.framework,和Cycript, 但是并没有
第二条命令很长,手动输入很容易出错,终端输入以下,报错,请问第二条命令是否这样输入?
brew install --form-bottle https://raw.githubusercontent.com/Homebrew/homebrew-core/7a4dabfc1a2acd9f01a2acd9f01a1670fde4f0094c4fb6ffa/Formula/dpkg.rb
Updating Homebrew...
curl: (22) The requested URL returned error: 404 Not Found
Error: Failure while executing; /usr/bin/curl -q --show-error --user-agent Homebrew/1.8.4\ \(Macintosh\;\ Intel\ Mac\ OS\ X\ 10.14.2\)\ curl/7.54.0 --fail --progress-bar --location --remote-time --continue-at 0 --output /Users/kinken_yuen/Library/Caches/Homebrew/Formula/dpkg.rb https://raw.githubusercontent.com/Homebrew/homebrew-core/7a4dabfc1a2acd9f01a2acd9f01a1670fde4f0094c4fb6ffa/Formula/dpkg.rb
exited with 22. Here's the output:
curl: (22) The requested URL returned error: 404 Not Found
求monke老师回答,一直不解~
iPhone7、iOS13 Xcode11 编译调试报错
Access to UITextField's _placeholderLabel ivar is prohibited. This is an application bug
在iOS13中运行闪退
在书中46页中有写到 一个登陆app的demo 在随书源代码中能找到,但是在github上并没有这个工程,
CycriptDemo 工程。
Snapchat10.3.0.ipa 文件被破坏了,无法安装
1deMacBook-Pro:~ Banson$ /Users/a1/Desktop/ollvm/build/Debug/bin/clang -emit-llvm -c /Users/a1/Desktop/main.mm -o /Users/a1/Desktop/main.bc
/Users/a1/Desktop/main.mm:10:10: fatal error: 'stdio.h' file not found
#include <stdio.h>
^~~~~~~~~
1 error generated.
1deMacBook-Pro:~ Banson$ /Users/a1/Desktop/ollvm/build/Debug/bin/clang -emit-llvm -c /Users/a1/Desktop/test/test/test.mm -o /Users/a1/Desktop/test.bc
/Users/a1/Desktop/test/test/test.mm:10:9: fatal error:
'Foundation/Foundation.h' file not found
#import <Foundation/Foundation.h>
^~~~~~~~~~~~~~~~~~~~~~~~~
1 error generated.
断开原因是远程服务器断开,
通过libimobiledevice 工具,iproxy做的端口映射会自动断开,
但是通过wifi或者usbmuxd脚本开启映射端口再通过usb连接的ssh就没有问题,请问这个怎么解决
git clone 代码不全,提示the remote end hung up unexpectedly
有购书交流群吗?
遇到问题可以一起讨论讨论。
P132 顶部页面如何分析到登陆的方法为+[Manager performLogin...]
Data LO 和 Data HI 如何转换为虚拟地址呢?
crash链接,
使用工具是frida-ios-dump 和iOS App Signer, 通过ifunBox安装到越狱机,
我的手机是ios 10.1的系统 我按书中第10页操作 无法ssh root@我自己的ip 有人遇到过吗
ssh登录后,输入 cycript
指令,iPhone 6, 版本11.1.2 提示错误:
killed:9
iPhone 5s,版本12.2提示:
-sh: cycript: command not found
查了资料,可能是OS过高不兼容导致,大佬们有遇到类似的情况吗,敢问如何处理哒?
看到在iOS11上面运行cycript这篇博文有解决方案,但是在
过ldid命令重签名 ldid -Scycript.entitlements cycript
这个环节卡死咯,想象力有限,不晓得何解...
搞一台OS9试试?
Electra团队在后浪推前浪,试了下bug依旧
执行了这局cmake -G Xcode CMAKE_BUILD_TYPE="Debug" ../llvm
报错如下:
CMake Error at /usr/local/Cellar/cmake/3.12.0/share/cmake/Modules/CMakeTestCCompiler.cmake:52 (message):
The C compiler
"/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/clang"
is not able to compile a simple test program.
It fails with the following output:
Change Dir: /Users/a1/Desktop/ollvm/build/CMakeFiles/CMakeTmp
Run Build Command:"/usr/bin/xcodebuild" "-project" "CMAKE_TRY_COMPILE.xcodeproj" "build" "-target" "cmTC_56fce" "-configuration" "Debug"
Build settings from command line:
TOOLCHAINS = com.apple.dt.toolchain.XcodeDefault
=== BUILD TARGET cmTC_56fce OF PROJECT CMAKE_TRY_COMPILE WITH CONFIGURATION Debug ===
Check dependencies
target specifies product type 'com.apple.product-type.tool', but there's no such product type for the 'iphonesimulator' platform
** BUILD FAILED **
The following build commands failed:
Check dependencies
(1 failure)
168页 5.3.1 Theos的安装这一节中,“然后,从GitHub上拉取Theos代码.....“这一段的下面命令存在一个无伤大雅的笔误,
原文是
sudo clone --recursive https//github.com/theos/theos.git /opt/theos
在clone前漏掉了git,应为:
sudo git clone --recursive https//github.com/theos/theos.git /opt/theos
MachOParser.h这个放到我的项目里一直报错
Cycript 注入的Demp App找不到
libsystem_platform.dylib`_platform_strcmp:
0x1b99dcb10 <+0>: tst x0, #0xf
0x1b99dcb14 <+4>: b.eq 0x1b99dcb34 ; <+36>
-> 0x1b99dcb18 <+8>: ldrb w4, [x0], #0x1
0x1b99dcb1c <+12>: ldrb w5, [x1], #0x1
Thread 1: EXC_BAD_ACCESS (code=1, address=0x82f8c60100000002)
新建的appbundleId
要和目标app保持一致,否则无法安装。
我在脚本签名前加了这段代码,貌似可行:
/usr/libexec/PlistBuddy -c "Set :CFBundleIdentifier $PRODUCT_BUNDLE_IDENTIFIER" $TARGET_APP_PATH/info.plist
dyld: warning: could not load inserted library '@executable_path/InsertDylib.dylib' into hardened process because image not found
8.2中静态混淆,我用xcode9模拟器解析的。导出的.h里面有好多系统库符号,是必须要下载xcode8来指定过滤吗?
请问哪些工具是基于越狱设备下使用
用了好多第三方工具都无法装上iPhone 5s iOS8.4
请问ios11.3-11.4怎么越狱,书中只介绍了10.0系统的越狱
P177第三行两处‘Replease’应该替换为‘Replace’
源码无法下载,ssh和https方式都clone不了,zip下载都是失败~!
https clone爆这个错误:
Git error: RPC failed; curl 56 LibreSSL SSL_read: SSL_ERROR_SYSCALL, errno 54
设置git config --global http.postBuffer 5242880000依然无效
第363页 重签名校验,提到 通过如下函数路径并读取其中的内容
NSString *provisionPath = [[NSBundle mainBundle] pathForResource:@"embedded" ofType:@"mobileprovision"];
但是没有提到读取的方法
请问 如何使用OC的方式去读取embedded.mobileprovision?
6.2.4节有个词错了:“表示该节的内容映射到虚拟内容....”
应该映射到虚拟内存
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.