-
-
[原创] MacOS ARM 安装 keypatch For IDA Pro 9.0 填坑
-
发表于: 2025-4-23 14:27
-
但是如果你是ARM版本的MacOS系统, 打开IDA Pro 9.0, 大概率会看到以下报错:
导致这个报错有两个可能是两个原因:
如果你没办法判断自己的libkeystone.dylib是否是Arm64的架构, 可以使用file命令进行判断:
这两个问题解决方法都一样, 需要我们自己去编译一个libkeystone.0.dylib, 然后复制到keystone的安装目录.下面开始介绍如何自己编译:
如果看到以下窗口, 就是编译成功:
参考了以下文章:
a69K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6T1L8s2g2W2i4K6u0V1k6r3g2$3K9h3I4Q4x3V1k6S2k6Y4c8W2M7W2)9J5k6r3W2V1j5g2)9J5k6s2m8J5L8H3`.`.
pip3 install keystone-enginepip3 install keystone-enginepip3 install sixpip3 install six/Applications/IDA Professional 9.0.app/Contents/MacOS/plugins/keypatch.py: ERROR: fail to load the dynamic library.Traceback (most recent call last): File "/Applications/IDA Professional 9.0.app/Contents/MacOS/python/ida_idaapi.py", line 574, in IDAPython_ExecScript exec(code, g) ~~~~^^^^^^^^^ File "/Applications/IDA Professional 9.0.app/Contents/MacOS/plugins/keypatch.py", line 53, in <module> from keystone import * File "/opt/homebrew/lib/python3.13/site-packages/keystone/__init__.py", line 4, in <module> from .keystone import Ks, ks_version, ks_arch_supported, version_bind, debug, KsError, __version__ File "/opt/homebrew/lib/python3.13/site-packages/keystone/keystone.py", line 74, in <module> raise ImportError("ERROR: fail to load the dynamic library.")ImportError: ERROR: fail to load the dynamic library./Applications/IDA Professional 9.0.app/Contents/MacOS/plugins/keypatch.py: ERROR: fail to load the dynamic library.Traceback (most recent call last): File "/Applications/IDA Professional 9.0.app/Contents/MacOS/python/ida_idaapi.py", line 574, in IDAPython_ExecScript exec(code, g) ~~~~^^^^^^^^^ File "/Applications/IDA Professional 9.0.app/Contents/MacOS/plugins/keypatch.py", line 53, in <module> from keystone import * File "/opt/homebrew/lib/python3.13/site-packages/keystone/__init__.py", line 4, in <module> from .keystone import Ks, ks_version, ks_arch_supported, version_bind, debug, KsError, __version__ File "/opt/homebrew/lib/python3.13/site-packages/keystone/keystone.py", line 74, in <module> raise ImportError("ERROR: fail to load the dynamic library.")ImportError: ERROR: fail to load the dynamic library.# 默认的libkeystone.dylib ➜ ~ file /opt/homebrew/lib/python3.13/site-packages/keystone/libkeystone.dylib/opt/homebrew/lib/python3.13/site-packages/keystone/libkeystone.dylib: Mach-O 64-bit dynamically linked shared library x86_64# 自己编译后 ➜ ~ file /Users/studio/Downloads/keystone/build/llvm/lib/libkeystone.dylib/Users/studio/Downloads/keystone/build/llvm/lib/libkeystone.0.dylib: Mach-O 64-bit dynamically linked shared library arm64# 默认的libkeystone.dylib ➜ ~ file /opt/homebrew/lib/python3.13/site-packages/keystone/libkeystone.dylib/opt/homebrew/lib/python3.13/site-packages/keystone/libkeystone.dylib: Mach-O 64-bit dynamically linked shared library x86_64# 自己编译后 ➜ ~ file /Users/studio/Downloads/keystone/build/llvm/lib/libkeystone.dylib/Users/studio/Downloads/keystone/build/llvm/lib/libkeystone.0.dylib: Mach-O 64-bit dynamically linked shared library arm64# 下载项目git clone https://github.com/keystone-engine/keystone.gitcd keystone# 创建build文件夹, 后续编译后的内容都存放在这mkdir buildcd build# 下载项目git clone https://github.com/keystone-engine/keystone.gitcd keystone# 创建build文件夹, 后续编译后的内容都存放在这mkdir buildcd build# 第4行, 修改之前ARCH=''# 修改之后ARCH='arm64'# 第4行, 修改之前ARCH=''# 修改之后ARCH='arm64'# 修改前:cmake -DBUILD_LIBS_ONLY=$BUILD_LIBS_ONLY -DLLVM_BUILD_32_BITS="$LLVM_BUILD_32_BITS" -DCMAKE_OSX_ARCHITECTURES="$ARCH" -DCMAKE_BUILD_TYPE=$BUILDTYPE -DBUILD_SHARED_LIBS=ON -DLLVM_TARGETS_TO_BUILD="all" -G "Unix Makefiles" ..# 修改后:cmake -DBUILD_LIBS_ONLY=$BUILD_LIBS_ONLY -DLLVM_BUILD_32_BITS="$LLVM_BUILD_32_BITS" -DCMAKE_OSX_ARCHITECTURES="$ARCH" -DCMAKE_BUILD_TYPE=$BUILDTYPE -DBUILD_SHARED_LIBS=ON -DLLVM_TARGETS_TO_BUILD="all" -DPYTHON_LIBRARY="/opt/homebrew/opt/python@3.12/Frameworks/Python.framework/Versions/3.12/lib/libpython3.12.dylib" -DPYTHON_EXECUTABLE="/opt/homebrew/opt/python@3.12/Frameworks/Python.framework/Versions/3.12/bin/python3.12" -G "Unix Makefiles" ..# 修改前:cmake -DBUILD_LIBS_ONLY=$BUILD_LIBS_ONLY -DLLVM_BUILD_32_BITS="$LLVM_BUILD_32_BITS" -DCMAKE_OSX_ARCHITECTURES="$ARCH" -DCMAKE_BUILD_TYPE=$BUILDTYPE -DBUILD_SHARED_LIBS=ON -DLLVM_TARGETS_TO_BUILD="all" -G "Unix Makefiles" ..# 修改后:cmake -DBUILD_LIBS_ONLY=$BUILD_LIBS_ONLY -DLLVM_BUILD_32_BITS="$LLVM_BUILD_32_BITS" -DCMAKE_OSX_ARCHITECTURES="$ARCH" -DCMAKE_BUILD_TYPE=$BUILDTYPE -DBUILD_SHARED_LIBS=ON -DLLVM_TARGETS_TO_BUILD="all" -DPYTHON_LIBRARY="/opt/homebrew/opt/python@3.12/Frameworks/Python.framework/Versions/3.12/lib/libpython3.12.dylib" -DPYTHON_EXECUTABLE="/opt/homebrew/opt/python@3.12/Frameworks/Python.framework/Versions/3.12/bin/python3.12" -G "Unix Makefiles" ..# 修改cmake最低支持版本cmake_minimum_required(VERSION 2.8.7)# 修改后:cmake_minimum_required(VERSION 3.5)# 注释或删除掉以下代码, CMP0051已经废弃if (POLICY CMP0051) # CMake 3.1 and higher include generator expressions of the form # $<TARGETLIB:obj> in the SOURCES property. These need to be # stripped everywhere that access the SOURCES property, so we just # defer to the OLD behavior of not including generator expressions # in the output for now. cmake_policy(SET CMP0051 OLD)endif()[培训]Windows内核深度攻防:从Hook技术到Rootkit实战!
最后于 2025-4-23 14:35
被Ade0408编辑
,原因: 重复标题
|
|
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
依然不行!~
最后于 2025-7-29 18:19
被hacker521编辑
,原因:
|
|
|
|
|
|
|
|
|
|
|
|
|
