-
-
[分享]ios objc 方法调用记录插件:iTracer v1.0
-
发表于: 2012-12-11 11:51
-
如果你想逆向 某些app的调用流程 或者 系统app的一些功能的 私有framework class api 调用流程, 可以试试此工具
只需要 配置需要挂接的 类名和app名, 就可以实时追踪 相关功能的 调用流程。 支持批量 hook n多个类名
一、安装方法:
1.配置需要挂接的应用,相关参数:
在mac下通过xcode打开 iTracer.plist ,就改 filter 下 bundles 列表,设置需要挂接的app名,具体设置可以参考
mobilesubstrate的相关文档:http://www.iphonedevwiki.net/index.php/MobileSubstrate
例如要挂接SpringBoard(挂接这个一般比较危险,做好会白苹果的准备 = =!, 真白了 也没事: 同时按开机键+home, 之后再按 开机+音量+, 进入无插件模式,用itools吧对应的插件删了重启就行了):
Filter = {
Bundles = (com.apple.springboard);
};
2.配置需要挂接的 class 的 所有 api, 例如:
Trace = {
item0 = (UIView),
item1 = (UIViewController),
item2 = (UIApplication),
};
3.配置是否开启 打印api详细参数值功能(这个还有些不稳定,打印某些值会挂掉,不过通常情况下 够用了,先凑活着用吧 = =)
TraceArgs = YES/NO
如果不巧打印的时候 真挂了,就把这个功能禁用,仅仅 trace api的调用流程, 还是很稳定的。。
2.利用itool等工具,讲 iTracer.dylib 和 iTracer.plist 放到系统 mobilesubstrate 插件目录:
/Library/MobileSubstrate/DynamicLibraries
3.然后重启SpringBoard(可以通过PPHelper注销、或者ssh登上去 killall -9 SpringBoard)
二、下面是我 trace PPHelper的 一些log, 注: log 的实际输出在: Xcode-Organizer-Console 中:
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView _addSubview:positioned:relativeTo:]: <UIView: 0x95948d0; frame = (0 0; 0 0); alpha = 0.4; hidden = YES; userInteractionEnabled = NO; layer = <CALayer: 0x9594900>>: -1: null
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView superview]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView window]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView window]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView _shouldTryPromoteDescendantToFirstResponder]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView _isAncestorOfFirstResponder]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView description]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView frame]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView transform]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView clipsToBounds]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView layer]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView alpha]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView isHidden]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView isOpaque]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView autoresizingMask]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView autoresizesSubviews]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView isUserInteractionEnabled]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView tag]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView willMoveToSuperview:]: <SogouToolBarRootView: 0x9592560; frame = (0 0; 0 0); hidden = YES; layer = <CALayer: 0x9592660>>
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView _unsubscribeToScrollNotificationsIfNecessary:]: null
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView _makeSubtreePerformSelector:withObject:]: <type(:)>: null
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView _makeSubtreePerformSelector:withObject:withObject:copySublayers:]: <type(:)>: null: null: 0
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView _invalidateSubviewCache]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView actionForLayer:forKey:]: <CALayer: 0x9592660>: sublayers
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView description]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView frame]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView transform]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView clipsToBounds]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView layer]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView alpha]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView isHidden]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView isOpaque]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView autoresizingMask]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView autoresizesSubviews]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView isUserInteractionEnabled]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView tag]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView _subscribeToScrollNotificationsIfNecessary:]: <SogouToolBarRootView: 0x9592560; frame = (0 0; 0 0); hidden = YES; layer = <CALayer: 0x9592660>>
再比如 我 trace iTunes-U的 一些log:
Dec 11 11:03:56 unknown iTunesU[3393] <Warning>: [iTracer]: [SSAccountStore init]
Dec 11 11:03:56 unknown iTunesU[3393] <Warning>: [iTracer]: [SSAccountStore activeAccount]
Dec 11 11:03:56 unknown iTunesU[3393] <Warning>: [iTracer]: [SSAccountStore _reloadAccountsIfNeeded]
Dec 11 11:03:56 unknown iTunesU[3393] <Warning>: [iTracer]: [SSAccountStore _setAccounts:]: (
"<SSAccount: 0x1108d780>: (1096041240, xxxxxx@gmail.com)",
"<SSAccount: 0x11091c40>: (1264698560, xxxxxx@gmail.com)"
)
Dec 11 11:03:56 unknown iTunesU[3393] <Warning>: [iTracer]: [SSAccountStore activeAccount]
Dec 11 11:03:56 unknown iTunesU[3393] <Warning>: [iTracer]: [SSAccountStore _reloadAccountsIfNeeded]
Dec 11 11:03:56 unknown iTunesU[3393] <Warning>: [iTracer]: [SSAccountStore activeAccount]
Dec 11 11:03:56 unknown iTunesU[3393] <Warning>: [iTracer]: [SSAccountStore _reloadAccountsIfNeeded]
Dec 11 11:03:57 unknown wifid[22] <Error>: WiFi:[376887837.256361]: Client itunesstored is background application
Dec 11 11:03:57 unknown iTunesU[3393] <Warning>: [iTracer]: [SSDownloadManager _loadDownloadKindsUsingNetwork]
Dec 11 11:03:57 unknown iTunesU[3393] <Warning>: [iTracer]: [SSDownloadManager _copyDownloadKindsUsingNetwork]
Dec 11 11:03:57 unknown iTunesU[3393] <Warning>: [iTracer]: [SSDownloadManager _sendObserverConnection]
Dec 11 11:03:57 unknown iTunesU[3393] <Warning>: [iTracer]: [SSDownloadManagerOptions downloadKinds]
Dec 11 11:03:57 unknown iTunesU[3393] <Warning>: [iTracer]: [SSDownloadManager _newOptionsDictionary]
Dec 11 11:03:57 unknown iTunesU[3393] <Warning>: [iTracer]: [SSDownloadManagerOptions persistenceIdentifier]
Dec 11 11:03:57 unknown iTunesU[3393] <Warning>: [iTracer]: [SSDownloadManagerOptions shouldFilterExternalOriginatedDownloads]
Dec 11 11:03:57 unknown iTunesU[3393] <Warning>: [iTracer]: [SSDownloadManagerOptions prefetchedDownloadProperties]
Dec 11 11:03:57 unknown iTunesU[3393] <Warning>: [iTracer]: [SSDownloadManagerOptions prefetchedDownloadExternalProperties]
Dec 11 11:03:57 unknown iTunesU[3393] <Warning>: [iTracer]: [SSDownloadManager _handleMessage:fromServerConnection:]: <type(^v)>: <type(^{_xpc_connection_s=})>
Dec 11 11:03:57 unknown iTunesU[3393] <Warning>: [iTracer]: [SSDownloadManagerOptions downloadKinds]
>
Dec 11 11:03:57 unknown iTunesU[3393] <Warning>: [iTracer]: [SSDownloadManager _handleMessage:fromServerConnection:]: <type(^v)>: <type(^{_xpc_connection_s=})>
Dec 11 11:04:00 unknown iTunesU[3393] <Warning>: [iTracer]: [SSSoftwareUpdatesRequest handleFinishResponse:error:]: {
0 = "238CA706-D2B3-4B99-9CDE-7589471CBF4E";
2 = (
{
"artist-name" = "Chongqing Rumtel Communication Technology Co.,Ltd";
"artwork-urls" = (
{
"box-height" = 57;
"box-width" = 57;
"needs-shine" = 0;
url = "http://a1039.phobos.apple.com/us/r1000/062/Purple/v4/6e/ba/20/6eba20a4-80a5-44d7-90f8-88971027db90/Icon.png";
},
{
"box-height" = 114;
"box-width" = 114;
"needs-shine" = 0;
scale = 2;
url = "http://a762.phobos.apple.com/us/r1000/084/Purple/v4/33/c1/0b/33c10ba1-cbca-86af-8363-ac83ab72e05b/temp..ntkvtqdp.114x114-75.jpg";
}
);
"bundle-id" = "com.rumtel.WRADIO";
"item-id" = 379407006;
"link-type" = "software-update";
rating = {
"advisory-array" = (
);
description = "";
label = "4+";
rank = 100;
system = "itunes-games";
};
"release-date" = "2012-12-07 20:17:24 +0000";
"store-offers" = {
SWUPD = {
"action-display-name" = "\U5b89\U88c5";
"action-params" = "productType=C&salableAdamId=379407006&pricingParameters=SWUPD&price=0&appExtVrsId=12758142&ct-id=14";
"asset-flavors" = {
"10:purple" = {
size = 9500607;
};
};
"ds-ids" = (
1096041243
);
price = 0;
"price-display" = "\U514d\U8d39";
size = 9500607;
"supported-device-types" = (
{
"device-type-id" = 1;
"minimum-product-version" = "5.0";
"minimum-product-version-description" = "\U6b64 App \U9700\U8981 iOS 5.0 \U64cd\U4f5c\U7cfb\U7edf\U3002";
"minimum-product-version-title" = "\U9700\U8981\U66f4\U65b0";
}
);
"supported-devices" = (
1
);
};
};
这个只是应我个人需求,随便开发的插件,可能不是很稳定,大家有需要的就凑活着用吧。。
[招生]科锐逆向工程师培训(2024年11月15日实地,远程教学同时开班, 第51期)
|
|
|---|---|
|
|
|
|
|
顶一个,
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
