Skip to content

tobefuturer/restore-symbol

master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
1 branch 0 tags
Code

Latest commit

@tobefuturer
tobefuturer update makefile
83ccb90 Apr 27, 2019
update makefile
83ccb90

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
class-dump @ a8877b6
oc method and json symbol feature finish
August 23, 2016 02:22
picture
README
August 27, 2016 20:36
restore-symbol.xcodeproj
README
August 27, 2016 20:36
search_oc_block
ida block search script add x64_86(mac binary) support
February 10, 2017 01:10
source
解决LC_CODE_SIGNATURE不存在时写入异常数据的问题
March 23, 2018 14:35
.gitignore
add replace header restrict feature
August 31, 2016 18:30
.gitmodules
oc method and json symbol feature finish
August 23, 2016 02:22
README.md
readme image url error
June 15, 2017 17:49
makefile
update makefile
April 27, 2019 14:49
restore-symbol How to use Just restore symbol of oc method Restore symbol of oc block Command Line Usage

README.md

restore-symbol

A reverse engineering tool to restore stripped symbol table for iOS app.

Example: restore symbol for Alipay

How to use

Just restore symbol of oc method

    1. Download source code and compile.

git clone --recursive https://github.com/tobefuturer/restore-symbol.git
cd restore-symbol && make
./restore-symbol
    1. Restore symbol using this command. It will output a new mach-o file with symbol.

./restore-symbol /pathto/origin_mach_o_file -o /pathto/mach_o_with_symbol
    1. Copy the new mach-o file (with symbol) to app bundle, replace the origin mach-o file with new mach-o file. Resign app bundle.

codesign -f -s "iPhone Developer: XXXXXXX" --signing-time none --entitlement ./xxxx.app.xcent ./xxxx.app
    1. Install the app bundle to iOS device, and use lldb to debug the app. Maybe you can use the ios-deploy, or other way you like. If you use ios-deploy , you can execute this command.

brew install ios-deploy
ios-deploy -d -b xxxx.app
    1. Now you can use b -[class method] to set breakpoint.

Restore symbol of oc block

    1. Use command line tool(restore-symbol) to inject oc method symbols and block symbols into mach o file.

./restore-symbol /pathto/origin_mach_o_file -o /pathto/mach_o_with_symbol -j /pathto/block_symbol.json
    1. Other steps(resign, install, debug) are samen as above.

Command Line Usage

Usage: restore-symbol -o <output-file> [-j <json-symbol-file>] <mach-o-file>

  where options are:
        -o <output-file>           New mach-o-file path
        --disable-oc-detect        Disable auto detect and add oc method into symbol table,
                                   only add symbol in json file
        --replace-restrict         New mach-o-file will replace the LC_SEGMENT(__RESTRICT,__restrict)
                                   with LC_SEGMENT(__restrict,__restrict) to close dylib inject protection
        -j <json-symbol-file>      Json file containing extra symbol info, the key is "name","address"
                                   like this:

                                        [
                                         {
                                          "name": "main",
                                          "address": "0xXXXXXX"
                                         },
                                         {
                                          "name": "-[XXXX XXXXX]",
                                          "address": "0xXXXXXX"
                                         },
                                         ....
                                        ]

About

A reverse engineering tool to restore stripped symbol table for iOS app.

Resources

Readme

Stars

1.2k stars

Watchers

33 watching

Forks

347 forks

Releases

No releases published

Packages

No packages published

Contributors 2

Languages