In the recent WWDC sessions focused on iOS State Preservation/Restoration, both have mentioned a command line tool which is meant to display all the saved state information in a human readable format. I can't find any documentation about this though, does anyone know what the program is called and how to use it?
Was searching for the same thing, found it on the Apple Developer Downloads page (search for restoration). It's called the "restorationArchiveTool for iOS 7".
Put the tool in your path (in ~/.bash_profile) and you can use it like this:
restorationArchiveTool --plist --structured -o ~/path/to/output.file ~/Library/Application\ Support/iPhone\ Simulator/{VERSION}/Applications/{HASH}/Library/Saved\ Application\ State/your.bundle.identifier.savedState
Related
[3/16/15, 7:38:28 PM] Isaac Wasserman: I want to make an app that uses similar mechanics to Madden mobile. I want to look at the code using Xcode, but it doesn’t seem like I can read it if it’s not a project. It contains .viv files.
You can't get the code from the app, the app is a compiled binary. On top of that it is encrypted so even getting the binary is difficult.
Even if you could that would be stealing unless you had explicit permission.
If you have connections with the developer they might give you the source, but that's about it. You can always take notes on what the app does that you want to replicate and then come up with your own solution to accomplish it.
I'm working on research that requires me to be able to load an iOS app from a custom piece of code running on the device. I more or less want to modify the current sandbox and then run an existing application in it. I would rather not modify the application, although I realize at some point I'll at least have to re-sign it.
Mocana can apparently do this with their "MAP" technique, but I've not seen any papers or presentations explaining the technical details of how this is accomplished.
I was attempting to dlopen an application's executable and then dlsym on it's main. That moderately works, but requires a debug version of the application. Trying to use an archived version is problematic since the symbol table is separate. Not sure if there is a way to merge the symbol table with the executable. Tried unsuccessfully with lipo, but no real luck (says the architectures are the same and won't merge).
Any direction or good publications would be appreciated.
How can I customize the default Carrier name to something else, e.g. AT&T?
There is a way to change the carrier name without using any objective c code or image editor app: https://github.com/toursprung/iOS-Screenshot-Automator/blob/master/changeCarrierName
This solution works great with all versions of iOS (including iOS 6 and 7)
The key point is
sudo plutil -convert xml1 SpringBoard.strings
We don't necessarily have to convert it back to binary code since Mac OS accepts both formats.
After you converted your file to XML, you can easily edit the file with vim or any other editor of your choice.
UPDATE:
I uploaded a detailed description on how to update the carrier name: https://github.com/toursprung/iOS-Screenshot-Automator/blob/master/changeCarrierName
Copy and paste into terminal, replacing DERP with your carrier string:
find -E /Applications/Xcode.app -iregex '.*/en(glish)?.lproj/SpringBoard.strings' -exec sudo /usr/libexec/PlistBuddy -c 'Set :SIMULATOR_CARRIER_STRING DERP' {} \;
Finds relevant files and modifies them in place. No copying files, converting binary to xml, or editing strings in other applications.
You can use this hack, just compile the XCDFakeCarrier.m file in your project and change the FakeCarrier constant to what you want.
There is a perfect app for this called Status Magic that I was beta testing. Just trying to find a link for it...
You import a screenshot and it removes all the carrier specific text from it and replaces it with a standard status bar and you can edit the time, carrier info, etc...
Means you don't have to use Photoshop or anything.
Will be back with a link...
LINK
https://itunes.apple.com/uk/app/status-magic/id547920381?mt=12
EDIT Just found out that the app is still in review fro the Mac App Store. Should be out soon. It really is perfect for what you are wanting to do though. And really easy to use.
I don't know if that's possible with iOS Simulator (If it's even possible you have to dig deep :) ). The best way is to take the screenshot (Command+S), and change the image in Adobe Photoshop, or some image processing program like that.
I need to debug the startup for an ios application on an actual device... and by start up I mean the very first instruction that is is executed when the OS hands control over to the app. Not "main". Also, this application doesn't have any symbols (ie. the debug information isn't available.. yet). I don't care if I have to debug at the CPU instruction level. I know how to do that (done it for over 30 years). I want the debugger to stop when control is about to transfer to the app. When I use the Attach|by Name command and run, it just says "Finished running".
Oh, and this application was not built in XCode. It is, however an application I built, signed and provisioned and moved to the device. The application does run since I can see the console output. Just in case you're thinking I'm some hacker trying to debug someone's application.
How's that for a tall order? I'll bet nobody can answer this... I've not been able to find any information on how I could do this with an XCode-built project. I wonder if it is simply not possible or "allowed" by the Apple overlords?
What do you say, Stack Overflow gods?
UPDATE: I should clarify something. This application is not built with any commercially available or open-source tool. I work with a tools vendor creating compilers, frameworks, and IDEs. IOW, you cannot get this tool... yet. In the process of bootstrapping a new tool chain, one regularly must resort to some very low-level raw debugging. Especially if there are bugs in the code generated by the tools.
I'm going to answer my own question because I think I've stumbled upon a solution. If anyone has anything more elegant and simple than this, please answer as well. On to the steps:
Starting with a raw monolithic iOS executable (not a bundled .app, but the actual binary mach-o file that is the machine code).
Create a new like-named empty Xcode project. Build and run it on the device.
Locate the output bundle's .app folder.
Copy the above raw iOS executable over the existing one in the .app bundle's folder.
The application will now have an invalid signature and cannot be deployed and run.
Run codesign against the app bundle (you can find out the command-line by running xcodebuild on the above Xcode project).
In the bundle's .app folder, run otool -h -l on the binary image. Locate the LC_UNIXTHREAD load command and find the value associated with the 'pc' register. This is address where the os loader will jump to your application. If this address is odd, then these are Thumb instructions otherwise it will be ARM (I think that's how it works).
Add a symbolic breakpoint (I used GDB instead of LLDB) and enter the address as '*0x00001234' as the symbol.
Select Product|Perform Action|Run Without Building.
Assuming that GDB is able to evaluate the breakpoint expression and set the break point, and you've selected Product|Debug Workflow|Show Disassembly When Debugging, the process should break at the very first instruction to be executed in the application.
You can now single step the instructions and use the GDB console to get/set register values.
Your question does not make sense - main is the entry point into the application. It is the first code that should be encountered, unless possibly you have initialize() overridden for some classes (but even then I think main would get hit before the runtime).
I think you are seeing some kind of odd error on launch and you think you want to set a breakpoint on entry to catch it, but far more likely what would help you is to describe the problem on launch and let one of the 4000 people who have seen and fixed the same crash help you...
However, if you really want to use GDB to break on an application with no symbols (but that you launch from XCode) you can have GDB break on an assembly address as per:
How to break on assembly instruction at a given address in gdb?
To find the address of main (or other methods) you can use tool or atos, some examples in this question:
Matching up offsets in iOS crash dump to disassembled binary
ADDITION:
If for some reason XCode cannot launch your application for debugging, you could also jailbreak and install GDB on the device itself which would give complete control over debugging. If XCode can launch you application I see no reason why being able to break at an arbitrary memory address does not give you the ability you seek...
One solution for applications with webviews is to run them in the iOS Simulator, and connect to that with the remote-debugger in macOS Safari. This is off-topic but maybe the one or other could benefit.
http://hiediutley.com/2011/11/22/debugging-ios-apps-using-safari-web-inspector/
Or use NetCat for iOS... not the most perfect solution, but at least you see what's going on.
I've developed and application for iPhone. It works fine on os4 but it does not work on os3.1. In fact works but there are some problems; after splash screen a what screen appears. while I leaving the application I can see the application is opened successfully but just see while exiting.
So I wonder if there is a tool which says which apis have problems with os3.1? So I have a chance to replace them.
If you want to check a specific API, just run this in your code somewhere with an appropriate response. For example, to see if print is supported, run this...
if (NSClassFromString(#"UIPrintInfo")) {
}
Set your project's Base SDK to iphone-os-3-1, then build. All the error messages about classes, methods, and functions that don't exist must designate things added since iphone-os-3-1, since your project built and linked fine against the iphone-os-4-0 SDK.
If you don't have the iphone-os-3-1 SDK, try this instead:
Open your project's Build Settings.
Find the "Preprocessor Macros" setting.
Edit it and add __IPHONE_OS_VERSION_MAX_ALLOWED=30100
Now, try building. This should cause everything introduced after iOS 3.1 to be labeled unavailable, producing the same errors as if you had switched to the iphone-os-3-1 SDK.
It's a good idea to get a second installation of Xcode for this situation, in this case you need 3.2.1 with SDK 3.1.3 - I wish I could help you with a download link since it is no longer shown on Apple's page, but I have googled in the past and found direct, official download links which will work as long as you are signed in with your developer account, so good luck.
The annoying bit is that you need to go through your project files and set "Base SDK" to 3.1.3 and then back once you have completed the exercise. But it is the easiest way to flag what you can't do in 3.1.3. "sudo rm -rf" (I feel nervous even typing that) has an excellent method there but you need to have an inkling of what might be safe and what might not before you implement it or else you end up with code 10x the size it needs to be.
Apple really needs to sort out this issue - hopefully by flagging methods that are prior to your specified "Deployment Target", in the same way that deprecated methods are flagged.