Brief introduction
Class-dump is a command-line tool for detecting objective-c runtime information stored in a mach-o file. He can detect Class,category,protocol's statement. Similar to the information generated by ' Otool-ov ', but Class-dump produces a declaration in the OBJECTIVE-C syntax format, so it is more readable.
Why use Class-dump
It's a powerful tool. With it, you can view some closed-source applications, the framework, and bundles. View the changes in the interface between different versions. Experience a private library, or see what private APIs the AppKit has. Learn what extended private APIs are used by Mail.app.
Download
Class-dump-3.5.dmg
Class-dump-3.5.tar.gz
class-dump-3.5.tar.bz2
Installation
After the download class-dump-3.5.dmg
is complete, the inside class-dump
copy is copied to the /usr/bin/
path, and the Execute permission is given.
sudo cp Class-dump/usr/bin
sudo chmod 777/usr/bin/class-dump
Use
class-dump [Options]
Where options is:-A displays the offset of the instance variable. -a displays the address of the implementation. --arch Select a specified schema type from a binary file (ppc,ppc64,i386,x86_64) of a common schema type. -C displays only the classes that match the regular expression. -F in method hit lookup string. -H generates the header file in the current directory, or uses -o
parameters to specify the directory where the header file is generated. -I pairs class, categories,procotols sort by inheritance (Overrides -s
parameters)-O
Specify the output directory, mate
-H
Use. -R recursively expands frameworks and fixes
VM
Shared libraries. -S sorts the classes and categories by their names. -S sorts the method by name-T restricts the output header to test the schema type of the--list-arches list file, and then exits--sdk-ios specifies the iOS SDK version (will find/DEVELOPER/PLATFORMS/IPHONEOS.PLATFO RM/DEVELOPER/SDKS/IPHONEOS.SDK--SDK-MAC Specifies the Mac OS X version (will look for/DEVELOPER/SDKS/MACOSX.SDK--sdk-root Specify the full root path of the SDK (or simply use
--sdk-ios
/
--sdk-mac
)
Practice
We know that the app downloaded from the app Store is encrypted, there is a shell, we have to smash the shell, this article does not talk about the shell, this only talk about the use of class-dump.
I randomly selected an app in my phone, called "Early Korea", is a simple RSS reading tool, (to tell the truth, simple to completely no reverse value). After smashing the shell file can be downloaded here, and then we directly to its dump.
Class-dump-h Iosrss.decrypted-o iOSRSS.h
Then we can see the generated folder in the current directory iOSRSS.h
, all the dump out of the header files are inside.
Then we can look at each class, the Category,protocol declaration.
View Private methods