IOS Reverse series-Reverse app

Reverse app Flow Interface analysis

Through Cycript, Reveal.

Code Analysis

All code written by the developer is eventually compiled and linked to the Mach-o file.

If we want to analyze the code of the app, that is to say, analyze the code in Mach-o. Static code analysis commonly used tools Machoview, Class-dump, Hopper Disassermbler, Ida, and so on.

Dynamic debugging

Static analysis still does not solve the problem, but also requires dynamic debugging, run the program run into memory to further analyze the code execution process. That is, the code debugging of the running app.
Common dynamic Debugging Tools Debugserver, Lldb.

Code writing

Through the above analysis, we have been very clear about the function of the app. Then we can write code to inject into the app. You'll need to re-sign and package your app if necessary.

Static Analysis Class-dump

The Class-dump function is to dump the class information of the Mach-o file (to export the information) and generate the corresponding. h header file.
Official address: http://stevenygard.com/projects/class-dump/
After downloading the toolkit, copy the Class-dump file to the/usr/local/bin directory. This will allow you to identify the Class-dump command.
Mac的命令存储在/usr/bin与/usr/local/bin中，目前Mac不允许用户向/usr/bin做修改，我们将命令可以添加到/usr/local/bin中。

Class-dump use

Execute the following command against Mach-o

class-dump -H Mach-O文件 -o 导出头文件存放的文件目录

Static Analysis Hopper

IOS Reverse series-Reverse app