关闭

llvm调试命令

112人阅读 评论(0) 收藏 举报
分类:

转载自:https://everettjf.github.io/2016/05/25/my-ios-debug-cheatsheet

common
查找进程:

ps aux | grep /App
ps -e | grep /Applications
查找文件:

grep -r ToBeFind /System/Library/
分离fat binary

lipo -thin armv7 WeChat.decrypted -output WeChat_armv7.decrypted
lipo -thin armv64 xxx.decrypted -output xxx_arm64.decrypted
class dump

class-dump –list-arches AlipayWallet.decrypted

class-dump -S -s -H WeChat_armv7.decrypted -o dumparmv7
class-dump -s -S -H –arch armv7 AlipayWallet.decrypted -o dumpAlipay
lldb
参考

https://github.com/iosre/iOSAppReverseEngineering
http://objccn.io/issue-19-2/
帮助

help frame
打印UI结构

po [[[UIWindow keyWindow] rootViewController] _printHierarchy] (iOS 8)
po [[UIWindow keyWindow] recursiveDescription]
栈信息

bt (backtrace)
bt all (all threads)
objc_msgSend 参数打印

po r0p(char)r1
p (SEL)$r1
返回地址

p/x $lr
断点

br s -a 0x0023234f
breakpoint set -F “-[NSArray objectAtIndex:]”

br s -a 0x02107730+0x000ab000 -c ‘(BOOL)[(NSString *)$r2 isEqualToString:@”snakeninny”]’

b ptrace
列举模块

image -o -f
lldb基础命令

c
n
s
frame info
expr

thread return
breakpoint command add 1
远程调试

debugserver *:1234 -a AlipayWallet
debugserver -x backboard *:1234 /var/mobile/Containers/Bundle/Application/9DB7CE45-3B4C-42A3-9D4D-49A3A5122903/AlipayWallet.app/AlipayWallet
lldb连接远程调试

(lldb) process connect connect://192.168.199.164:1234
lldb expr例子

(lldb) expr char $str = (char )malloc(8)
(lldb) expr (void)strcpy(str,munkeys)(lldb)exprstr[1] = ‘o’
(char) 0=o(lldb)pstr
(char *) $str = 0x00007fd04a900040 “monkeys”

(lldb) x/4c $str
(lldb) x/1w $str + 3
(lldb) expr (void)free($str)

(lldb) expr id myView=(id)0x7f82b1d01fd0(lldb)expr(void)[myView setBackgroundColor:[UIColor blueColor]]
(lldb) expr (void)[CATransaction flush]

(lldb) po [$myButton allTargets]

(lldb) p (ptrdiff_t)ivar_getOffset((struct Ivar *)class_getInstanceVariable([MyView class], “_layer”))

观察点

(lldb) watchpoint set expression – (int *)$myView + 8

arm64

param1 x0param2x1

po x0p(char)x1
cycript
参考: http://www.cycript.org/manual/

开始

cycript -p BinaryName
打印UI结构

[[UIWindow keyWindow] recursiveDescription].toString()
[[[UIWindow keyWindow] rootViewController] _printHierarchy].toString()
打印沙盒Documents路径

[[NSFileManager defaultManager] URLsForDirectory:NSDocumentDirectory inDomains:NSUserDomainMask]
基本使用

cy# [#0xb226710 url]
@”ww4fd1rfRDShBo_4K6rqfwAAACMAAQED”

cy# c = #0x1752d8c0
cy#”

0
0

查看评论
* 以上用户言论只代表其个人观点,不代表CSDN网站的观点或立场