I have a reverse engineering set up on a Mac machine. This set up does some reverse engineering on iOS applications(.ipa files). I'm migrating the setup from Mac to a linux machine.
Currently on Mac, I'm using OTOOL on ipa binary files and using the following commands:
otool -L /iOS/binary/path
otool -lv /iOS/binary/path
otool -hv /iOS/binary/path
Now, I've to do the same operation, i.e reverse engineer the iOS applications, but now on the linux machine. AFAIK, OTOOL is not available for linux machine.
I've come across JTOOL which I think is most relevant till now. I can use it on linux, and it does something similar to OTOOL, but not exactly same. E.g. while using the -L command on JTOOL, I also need to specify architecture. However, OTOOL gives the shared libraries for all the available architectures.
I tried ldd, but I'm getting the error - "not a dynamic executable".
I tried objdump, but it asks for the object file.
I'm not sure which tool can I use. I to figure out the alternate tool which can do same as OTOOL. Or, if not same, then what changes do i need to make to use the alternate tool.
Related
I have a project that runs some utility I've installed using homebrew on one of its build rules.
On my M1 mac, homebrew is installed on /opt/homebrew/bin.
I have eval "$(/opt/homebrew/bin/brew shellenv)" present in my ~/.zprofile file, but it seems like Xcode doesn't respect that (or maybe overrides it?).
When trying to evaluate the PATH variable during Xcode run script command I get the following:
PATH=/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin:/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/local/bin:/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/libexec:/Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/usr/bin:/Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/usr/local/bin:/Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer/usr/bin:/Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer/usr/local/bin:/Applications/Xcode.app/Contents/Developer/usr/bin:/Applications/Xcode.app/Contents/Developer/usr/local/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin
For clearance, this is the phase I was running, under Build rules.
I've managed to find two workarounds that work with this issue, the first is to symlink the program you want from /opt/homebrew/bin onto /usr/local/bin (protoc in my case)
sudo ln -s /opt/homebrew/bin/protoc /usr/local/bin/protoc
The second is to add the following line to the build rule script:
eval "$(/opt/homebrew/bin/brew shellenv)"
This has the disadvantage of not working on non M1 Macs.
There is a possible, very simple solution provided by this answer.
Basically, freshly upgraded versions of XCode (for example, 13.4.1) running on Apple Silicon-powered Macs (like my M1 MacBook Pro), have components that cannot properly use/output the appropriate object files in all the output platform combinations you need.
This leads to some "interesting" issues and error message cross-overs that find "almost correct" answers on StackOverflow. Hence the many suggestions to exclude "arm64" platform and similar from the build options.
The simple answer to all of that is... to just run XCode with Rosetta enabled. Rosetta will engage with the components that miss the needed cross-platform capabilities.
Here is an example of how to enable an application to use Rosetta. You select the app icon, then go to the File menu and select "Get Info". Then click the "Open using Rosetta" checkbox.
I am trying to figure out how to get the UUID for a apple executable file while on Linux (EC2).
When on Mac, I can use the following line to get the UUID:
xcrun dwarfdump --uuid
I learned that there is a version of dwarfdump on Linux, so I used the following command to install it:
sudo yum install libdwarf-tools
However when I run the utility and look at the help screen there is no "-u" or "-uuid" command, and trying to run them does't do anything (there is no error message). The commands available look like it is a different tool that what I am looking for. I tried some of the arguments like "-a" and "-b" against the same file which worked on Mac, but I never get any output.
Does anyone know where I can get the version of dwarfdump that supports UUID for Linux? Or any other easy way to get the UUID from a file? I know it's in the binary file somewhere but I don't want to have to write an entire command parser just for this.
I talked to the developer of this tool and the problem is that MachO is not currently supported.
So it looks like the only way to do this would be to write a tool from scratch to do it, or to modify an existing tool. I think ATOSL might be able to be used for this purpose.
When compiling projects that make use of libraries installed via MacPorts (boost, opencv, etc) I need to pass clang the library and include file locations via the -I and -L arguments.
Is there any "official" way to direct the Apple native clang look in these locations by default.
I guess I could just make a bash script with something to the effect of
clang -I/opt/local/include -L/opt/local/lib %#
and call that instead of the compiler, but is there a cleaner way to point clang to these locations automatically?
I am not looking for an Xcode based fix, instead I would like to be able to compile from the command line without having to manually type the above arguments in each time.
Any suggestions?
I had a similar question answered on the MacPorts mailing list[0].
Export these environment variables.
export CPPFLAGS='-isystem/opt/local/include'
export LDFLAGS='-L/opt/local/lib'
P.S. Hope you've not been waiting this long for an answer :)
[0] https://lists.macports.org/pipermail/macports-users/2017-July/043562.html
I want to be able to find a list installed applications on an iOS 7 device using SSH. I have installed open to be able to launch them, but it requires the com.application.identifier bundle names to work. Is there some centralized place that lists these identifiers? If not, is there some command to extract them? I have been looking for hours, but I everything I have found is for older iOS versions and outdated.
I found my answer. I had to install Erica Utilities to get the plutil function. Then I just used find /User/Applications/ -name iTunesMetadata.plist -exec plutil -key softwareVersionBundleId {} \;
I want to create a (non-xcode) makefile to create a fat library (emulator + device(s)) that can be imported into an XCode project using a makefile that calls the basic command line tools directly (not running XCODE from the command line, but the MAC Gcc and it's related utilities) - this is for .m, .mm, .c, and .cpp source files.
Ideal would be to find an example that works for a simple library (not by calling a makefile generator that makes an almost non human readable makefile)
anyway anyone know of such a thing or appropriate mechanism for doing the same?
Also an ability to extract the complier flags from an XCode project would be real handy :)
The purpose is I want to add a module to my cross platform libraries so I can integrate them into an iOS project.
Thanks!!
You can extract the compiler flags by viewing the build details or, more simply, running xcodebuild from the command line.
To create a fat binary, you either take advantage of the compiler toolchain's built-in support on the Mac OS X platform by passing multiple -arch arguments, like so:
clang -arch i386 -arch x86_64 -framework Foundation simple.m -o simple
Alternatively, you build the binary once for each desired architecture, then wrap all those binaries into a single fat binary using lipo. This is handy when working with ported Unix software; just change the build result directory each time, then smash them all together after building with lipo. Assuming you have simple-i386 and simple-x86_64, you would then do:
lipo simple-i386 simple-x86_64 -create -output simple
This would create a fat binary named simple containing simple-i386 and simple-x86_64.
Ok - I found this which is a great HOWTO o building a fat library using XCODE that outlines the process and how to create the projects
http://blog.boreal-kiss.net/2011/03/15/how-to-create-universal-static-libraries-on-xcode-4/
being a newbie to XCode and iOS development I had to discover a few things.
you can view the actual command line output of a build to see what the gcc flags are.
View->Navigators->Log - then control click on the messages list to "expand all Transcripts"
to see what stdout and stderr from the chosen build's build output.
You can execute an "external build tool" with your .bashrc and .bash_profile environment settings by making the command and arguments a login shell: "bash --login -c 'mybuildtool [my tools args] $(ACTION)', and thus bypass having to deal with the hard to maintain MacOSX launchd settings etc. this works for things like using ruby and rake as well as make etc.