Ios: How to Run gdb on ios5

Source: Internet
Author: User

Why is gdb running on ios? This is a matter of opinion. For developers, We have gdb, which makes it easier to track and analyze other people's programs and learn from each other's advantages. :) here we will not teach you crack :)

 

 

Running environment:


Mac OS 10.7.4

Xcode 4.3.2

IOS 5.0.1 jailbreak ipod 4

 

 

First, find the gdb in Xcode.

/Applications/Xcode. app/Contents/Developer/Platforms/iPhoneOS. platform/Developer/usr/libexec/gdb

Download ldid, http://code.google.com/p/networkpx/downloads/detail? Name = ldid & can = 2 & q =


Next, perform the following steps:


[Plain] cd/tmp
Cp/Applications/Xcode. app/Contents/Developer/Platforms/iPhoneOS. platform/Developer/usr/libexec/gdb-arm-apple-darwin.
Lipo-thin armv7 gdb-arm-apple-darwin-output gdb
Cd/tmp
Cp/Applications/Xcode. app/Contents/Developer/Platforms/iPhoneOS. platform/Developer/usr/libexec/gdb-arm-apple-darwin.
Lipo-thin armv7 gdb-arm-apple-darwin-output gdb
 

[Plain] Create and save the object entitlements. xml
<! DOCTYPE plist PUBLIC "-// Apple // dtd plist 1.0 // EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd”>
<Plist version = "1.0">
<Dict>
 
<Key> com. apple. springboard. debugapplications </key>
<True/>
<Key> get-task-allow </key>
<True/>
<Key> task_for_pid-allow </key>
<True/>
</Dict>
</Plist>
Create and save the entitlements. xml file
<! DOCTYPE plist PUBLIC "-// Apple // dtd plist 1.0 // EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd”>
<Plist version = "1.0">
<Dict>

<Key> com. apple. springboard. debugapplications </key>
<True/>
<Key> get-task-allow </key>
<True/>
<Key> task_for_pid-allow </key>
<True/>
</Dict>
</Plist>


[Plain] use the downloaded ldid
Ldid-Sentitlements. xml gdb
 
Use scp to copy gdb to ios devices
Scp gdb root @ <iOS Device IP Address>:/usr/bin/
Use the downloaded ldid
Ldid-Sentitlements. xml gdb

Use scp to copy gdb to ios devices
Scp gdb root @ <iOS Device IP Address>:/usr/bin/

Refer to the description in scs3_201511bachmann.pdf to learn how to use it (you need to flip the wall to download the pdf)


In addition,

During disassemble, you need to use tools such as clutch to decryption the app downloaded from the app store first, then use the relevant nm, ida, class-dump-z to query the relevant Assembly Code and find the address of the function entry point to be concerned.

Finally, execute gdb attach -- pid on the target's deivce, set the breakpoint on the previously found address, and then perform the crack action you want :)

 


From Melody_lu123
 

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.