OPlayer Lite 最新去广告

OPlayer Lite 最新去广告

问问题: http://bbs.iosre.com/forum.php?mod=viewthread&tid=707&page=1&extra=#pid3881

lldb 命令 : http://objccn.io/issue-19-2/

列举目录:~~~~~~~~~~~~~
cy#

[[NSFileManager defaultManager] URLsForDirectory:NSDocumentDirectory inDomains:NSUserDomainMask][0]

#"file:///var/mobile/Containers/Data/Application/235BFE91-3A0F-4728-9AEB-CCB321D30E92/Documents/"


Panda-iphone:/var/mobile/Containers/Data/Application/235BFE91-3A0F-4728-9AEB-CCB321D30E92/Documents root#
脱壳~~~~~~~~~~~~~~~~~~~~~~~~~~
DYLD_INSERT_LIBRARIES=dumpdecrypted7.dylib /var/mobile/Containers/Bundle/Application/EA468FAA-CC33-4BF7-B6B1-4F933CA4D7A2/OPlayer\ Lite.app/OPlayer\ Lite

\mach-o decryption dumper
DISCLAIMER: This tool is only meant for security research purposes, not for application crackers.

[+] detected 32bit ARM binary in memory.
[+] offset to cryptid found: @0x4abc(from 0x4000) = abc
[+] Found encrypted data at address 00004000 of length 23592960 bytes - type 1.
[+] Opening /private/var/mobile/Containers/Bundle/Application/EA468FAA-CC33-4BF7-B6B1-4F933CA4D7A2/OPlayer Lite.app/OPlayer Lite for reading.
[+] Reading header
[+] Detecting header type
[+] Executable is a plain MACH-O image
[+] Opening OPlayer Lite.decrypted for writing.
[+] Copying the not encrypted start of the file
[+] Dumping the decrypted data into the file
[+] Copying the not encrypted remainder of the file
[+] Setting the LC_ENCRYPTION_INFO→cryptid to 0 at offset abc
[+] Closing original file
[+] Closing dump file

class-dump -H -I xxx -o xxx.h

搜索广告类 ADBannerView
PlayViewController.h
#import "ADBannerViewDelegate.h"
#import "GADBannerViewDelegate.h"
@class ADBannerView, AVAssetReader, AVPlayer, AVPlayerDemoPlaybackView,
AVPlayerItem, FloatingView, GADBannerView, HTTPServer, InfoViewController,
MPVolumeView, NSDictionary, NSMutableArray, NSString, NSTimer, NSURL,
OSMusicMetaInfo, OSPlayerHelper, PlaySeekView, PlayerView, RoundedRectView,
SubtitleLabel, UIActivityIndicatorView, UIButton, UIImage, UIImageView, UILabel,
UINavigationController, UIView, WBEngine;

__attribute__((visibility("hidden")))
@interface PlayViewController : UIViewController <ADBannerViewDelegate,
GADBannerViewDelegate, UIAlertViewDelegate, WBEngineDelegate,
WBLogInAlertViewDelegate, WBSendViewDelegate, RNGridMenuDelegate>
{
    ADBannerView *iAdView;
    GADBannerView *gAdView;
    ····
}
    @property(retain, nonatomic) ADBannerView *iAdView; // @synthesize iAdView;
查看某个类的 属性在哪里~~~~~
cy# [[UIWindow keyWindow] recursiveDescription] 也可以直接 reveal 查看


检测 dylib 版本信息~~~~
1)➜ DynamicLibraries lipo -info OPlayer.dylib
Non-fat file: OPlayer.dylib is architecture: arm64


2)➜ DynamicLibraries file OPlayer.dylib
OPlayer.dylib: Mach-O 64-bit dynamically linked shared library


3)snakeninnys-MacBook:~ snakeninny$ otool -h /Users/snakeninny/Code/SMSNinja(bigboss)/SMSNinjaNow/layout/Library/MobileSubstrate/DynamicLibraries/libsmsninja.dylib 
/Users/snakeninny/Code/SMSNinja(bigboss)/SMSNinjaNow/layout/Library/MobileSubstrate/DynamicLibraries/libsmsninja.dylib (architecture armv7):
Mach header
      magic cputype cpusubtype  caps    filetype ncmds sizeofcmds      flags
 0xfeedface      12          9  0x00          6    27       3336 0x00100085
/Users/snakeninny/Code/SMSNinja(bigboss)/SMSNinjaNow/layout/Library/MobileSubstrate/DynamicLibraries/libsmsninja.dylib (architecture arm64):
Mach header
    
  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值