About
Articles
Book Store
Distributed RCE
Downloads
Event Calendar
Forums
Live Discussion
Reference Library
RSS Feeds
Search
Users
What's New
Customize Theme
bluegrey
blackgreen
metal
simple
Flag:
Tornado!
Hurricane!
Login:
Password:
Remember Me
Register
Blogs
>>
nummish
's Blog
Created: Monday, April 7 2008 12:45.20 CDT
Modified: Monday, April 7 2008 12:45.41 CDT
Printer Friendly ...
OS X / Objc Reversing
Author:
nummish
# Views:
4121
I've been doing some reversing on my mbp lately, and noticed there really isn't a large community resource for anyone reversing objective c binaries, or reversing on the apple at all. I know there are people doing it with all the iTunes DRM stuff and the iPhone unlocking scene, but everyone either keeps to themselves, or starts to look at a binary, sees all the symbols and walks away because it's too easy.
For the most part people seem to simply use otool+otx, class-dumper or IDA on parallels.
To make up for this vacuum of knowledge, I've put together a mailing list at 0x90.org for anyone interested in this topic. It's low traffic, but hopefully it can be useful in the long run.
http://0x90.org/mailman/listinfo/xso
Blog Comments
shirkdog
Posted: Monday, April 7 2008 13:38.00 CDT
Maybe you will be able to get some of that info into the reference library.
itsme
Posted: Tuesday, April 8 2008 01:12.33 CDT
i wrote an ida .idc script to create structs, and name functions from all the symbol tables.
http://nah6.com/~itsme/cvs-xdadevtools/ida/idcscripts/fixobjc.idc
itsme
Posted: Tuesday, April 8 2008 01:15.18 CDT
one thing to do when using hex-rays to decompile, is to add a '...' parameter to the typedef of objc_msgSend
int objc_msgSend(_DWORD, _DWORD, ...)
nummish
Posted: Tuesday, April 8 2008 13:03.19 CDT
I have an idapython script I've been working on to do the same thing. I noticed you have the beginnings of of the argument type definitions in there. nice.
Add New Comment
Comment:
There are
31,314
total registered users.
Recently Created Topics
[help] Unpacking VMP...
Mar/12
Reverse Engineering ...
Jul/06
hi!
Jul/01
let 'IDAPython' impo...
Sep/24
set 'IDAPython' as t...
Sep/24
GuessType return une...
Sep/20
About retrieving the...
Sep/07
How to find specific...
Aug/15
How to get data depe...
Jul/07
Identify RVA data in...
May/06
Recent Forum Posts
Finding the procedur...
rolEYder
Question about debbu...
rolEYder
Identify RVA data in...
sohlow
let 'IDAPython' impo...
sohlow
How to find specific...
hackgreti
Problem with ollydbg
sh3dow
How can I write olly...
sh3dow
New LoadMAP plugin v...
mefisto...
Intel pin in loaded ...
djnemo
OOP_RE tool available?
Bl4ckm4n
Recent Blog Entries
halsten
Mar/14
Breaking IonCUBE VM
oleavr
Oct/24
Anatomy of a code tracer
hasherezade
Sep/24
IAT Patcher - new tool for ...
oleavr
Aug/27
CryptoShark: code tracer ba...
oleavr
Jun/25
Build a debugger in 5 minutes
More ...
Recent Blog Comments
nieo
on:
Mar/22
IAT Patcher - new tool for ...
djnemo
on:
Nov/17
Kernel debugger vs user mod...
acel
on:
Nov/14
Kernel debugger vs user mod...
pedram
on:
Dec/21
frida.github.io: scriptable...
capadleman
on:
Jun/19
Using NtCreateThreadEx for ...
More ...
Imagery
SoySauce Blueprint
Jun 6, 2008
[+] expand
View Gallery
(11) /
Submit
Printer Friendly ...
![[+] expand](/imagery/files/soysauce_blueprint.gif){kind=link}