Idaq is a popular cracking tool that allows you to view the internal arm assembly of executable files.CodeTo indirectly obtain or guess the code of the executable file of the competitor.
The following is an example of a simple analysis of an iPhone application.ProgramCorresponding arm assembly code:
Stmfd SP !, {R4, R7, LR} // stack-in operation. Generally, this command is available at the beginning of any function.
LDR R1, = (off_13f888-0xb651c) // move the memory value corresponding to = (off_13f888-0xb651c) to register r1
Add R7, SP, #4 // R7 <------ SP + 4
BL _ objc_msgsend // jump to the subroutine _ objc_msgsend for execution. After execution, return to continue execution.
MoV R4, R0 // R4 <------ R0
Ldmfd SP !, {R4, R7, PC} // stack-out operation. Generally, this command is used at the end of any function.
In the future, we will analyze the internal operating principles in more detail based on different modules of different applications.
--- Xichen2 Chen Xi