【逆向】class-dump导出头文件

链接地址：class-dump

简介

这是一个命令行实用程序，用于检查存储在Mach-O文件中的Objective-C运行时信息。它为类、类别和协议生成声明。这与使用“otool-ov”提供的信息相同，但作为普通的Objective-C声明提供，因此它更加紧凑和可读。

This is a command-line utility for examining the Objective-C runtime information stored in Mach-O files. It generates declarations for the classes, categories and protocols. This is the same information provided by using ‘otool -ov’, but presented as normal Objective-C declarations, so it is much more compact and readable.

Why use class-dump?

It’s a great tool for the curious. You can look at the design of closed source applications, frameworks, and bundles. Watch the interfaces evolve between releases. Experiment with private frameworks, or see what private goodies are hiding in the AppKit. Learn about the plugin API lurking in Mail.app.

对好奇的人来说这是个很好的工具。您可以查看封闭源代码应用程序、框架和捆绑包的设计。观察不同版本之间的接口演变。尝试使用私有框架，或者查看AppKit中隐藏的私有优点。了解隐藏在Mail.app中的插件API。

用法

class-dump 3.5 (64 bit)
Usage: class-dump [options] <mach-o-file>

  where options are:
        -a             show instance variable offsets
        -A             show implementation addresses
        --arch <arch>  choose a specific architecture from a universal binary (ppc, ppc64, i386, x86_64)
        -C <regex>     only display classes matching regular expression
        -f <str>       find string in method name
        -H             generate header files in current directory, or directory specified with -o
        -I             sort classes, categories, and protocols by inheritance (overrides -s)
        -o <dir>       output directory used for -H
        -r             recursively expand frameworks and fixed VM shared libraries
        -s             sort classes and categories by name
        -S             sort methods by name
        -t             suppress header in output, for testing
        --list-arches  list the arches in the file, then exit
        --sdk-ios      specify iOS SDK version (will look in /Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS<version>.sdk
        --sdk-mac      specify Mac OS X version (will look in /Developer/SDKs/MacOSX<version>.sdk
        --sdk-root     specify the full SDK root path (or use --sdk-ios/--sdk-mac for a shortcut)

• class-dump AppKit:

class-dump /System/Library/Frameworks/AppKit.framework

• class-dump UIKit:

class-dump /Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS4.3.sdk/System/Library/Frameworks/UIKit.framework

• class-dump UIKit and all the frameworks it uses:

class-dump /Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS4.3.sdk/System/Library/Frameworks/UIKit.framework -r --sdk-ios 4.3

• class-dump UIKit (and all the frameworks it uses) from developer tools that have been installed in /Dev42 instead of /Developer:

class-dump /Dev42/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS5.0.sdk/System/Library/Frameworks/UIKit.framework -r --sdk-root /Dev42/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS5.0.sdk

微信实操

1、将下载ipa包转为.zip包
2、解压，进去看到如下内容

3、查看包内容，找到Mach-O文件

4、使用class-dump进行处理
class-dump -H Mach-O的名字 -o 目录名字

5、恭喜你💐