Clever Geek Handbook

How to analyze the iOS tweet app in theos

I am trying to make a customization in Teos.
Thanks to many good tutorials, I can now do some simple tweaks myself.
But that's not always good.

To configure, I first need to use a utility named "class dump" to get the application headers.
Second, when searching and looking at the headers, I have to guess which class I should be hooking.
Third, write the code and make the package.

I cannot do the second step well.
To guess how the application works, I used the logo (% orig,% log) in the test tweak and "syslog to / var / log / syslog".
For example, If there is the following class header:

@interface SampleClass
- (id)methodA:(int)Arg;
.
.
@end

I am writing the following code to set up a test:

%hook SampleClass
- (id)methodA:(int)Arg {
    %log;
    NSLog(@"return Class is %@", NSStringFromClass([%orig class]);
    NSLog(@"Argument value is %d", Arg);
}
%end

This way I could recognize the returned class and arguments with a test setup.

But, I don't know what is being done in the "method".
Specifically, I want to know which original code was written and which method calls which method.

Any idea to get to know them?

+3


source to share


2 answers


How do you want to connect to private APIs. And since we know there isn't any document for private APIs. You can only learn about these methods with the TRIAL and ERROR method, or you can help a little some of the blogs people have written on these private APIs.



The whole idea depends entirely on what you want to do. If you specify any specific method or class you want to connect to. I can help you, I have worked on too many personal apis, this might be helpful for you.

0


source


Ok I would suggest using some reverse engineering tools in the application you want to analyze, perhaps dissasembler. Here is a list with some of them http://iphonedevwiki.net/index.php/Reverse_Engineering_Tools

I have personally tried Hopper but it is still difficult to understand the code. IDA is probably better at this, but haven't had time to try it yet.



Also I've seen several projects trying to connect obj_msgSend and this way to register all objective-c calls, but haven't found a functional one yet. one example is https://github.com/emeau/itrace , but you can search for them yourself. If you find functional please let me know

UPDATE Have a look at Snoop-it, maybe I like what you need.

0


source






More articles:


All Articles