I tried strings over application binary..but it is showing following error:
strings: object: malformed object (unknown load command 19)
Any other way to read hardcoded information from an iOS application's binary file
The IPA file is not the binary. It's a ZIP archive which you have to extract in order to obtain the app bundle directory, in which resides the actual executable.
Even that executable isn't well-formed. It's encrypted with the AppleID of the user who has downloaded it. You need to decrypt it before being able to run strings on it (you can use some popular iOS application cracking tools for this purpose).
To get hard coded Strings from ipa follow below steps :
Get Clutch from here.
Decrypt the app using Clutch (Clutch <ipaToDecrypt>)
Unzip the decrypted ipa, and get the app bundle directory.
Locate the executable within it, and run strings command against the binary.
(strings <app-binary>)
This is pretty old but I had a particular issue where I was trying to find the hard-coded strings in an app for which Bitcode was enabled and I'd built an archive for exporting to the AppStore.
The final .ipa file unzips as usual, containing the binary at Payload/appname.app/appname, but strings and similar tools are not able to process this.
Instead I used the following commands:
segedit Payload/appname.app/appname -extract __LLVM __bundle llvm.xar
xar -xf llvm.xar
llvm-dis 1
You'll need to install the llvm tools (e.g. brew install llvm) to get llvm-dis.
This produces a file called 1.ll which clearly contains the hard-coded strings I was looking for (along with quite readable pseudo-source). If there's nothing in 1.ll, see if there's files named 2, 3, 4 etc. and run llvm-dis on them.
However for an ipa that has actually been downloaded from the AppStore, you will unfortunately need to use a jailbroken device where you can run clutch etc.
Related
I download one ipa file from appstore,and want to get list of the static lib that linked,any one can help me ?
First of all, it would be interesting to read this official manual by Apple (OS X ABI Mach-O File Format Reference).
Second: how do you download IPA from AppStore? I doubt it's practically possible. Anyway, if you somehow managed to get IPA, then you can use otool command line tool to get static imports. Look inside IPA file (it's standard zip-archive), find the binary file there (it usually has the same name with IPA, e.g, MyApp.ipa -> MyApp.app -> MyApp), extract this binary file and then run the command
otool -L MyApp
I have an Xcode project with 6 targets. They generate almost-identical iOS apps. I almost always build and upload them together.
I'm trying to simplify that flow somewhat. I've put together a schema that builds all six targets. When I build and archive that schema, I get a line in the Archive window under the schema name, as opposed to individual apps; the "Upload to App Store" button is grayed out on that line. There's "Export", but it doesn't produce IPAs.
Tried a similar approach with a target that lists the 6 apps as dependencies and a schema over that target - same result.
A most welcome side effect of a multi-app build is that common dependency libraries are only built once, not six times over. Time saving is considerable, so I would hate to go back to six separate builds.
Question: what's the right way to build multiple iOS apps in one go? If a multi-target schema is the answer, how can I get them to App Store?
An IPA can be trivially built from an app bundle - just place the bundle into a folder called "Payload" and zip it up. Application Loader will happily submit said IPA to the App Store.
Some claim you can upload via command line, too, but I haven't tried yet. App Loader works.
You can even make preparing the IPAs a part of the build, by providing a post-archival script step in schema properties.
The following shell script will get to the archived products:
Today=$(date +%Y-%m-%d)
XCArc=~/Library/Developer/Xcode/Archives/$Today
ArcName=`ls -t $XCArc | head -n 1`
XCArc=$XCArc/$ArcName/Products/Applications
cd $TEMP
mkdir Payload
cp -r $XCArc/MyApp.app Payload/
zip -r -y -q -9 MyApp.ipa Payload
This picks up the latest archived build from the Xcode archives and makes an IPA under $TEMP.
So I already was able to build the .bar file, but now I want to build the .bar file to be sent to the store with the package and signing.
So far I've tried this.
bbwp C:\xampp\htdocs\maddash\packaged\maddash.zip -g (password) -b 1.0.0 -o C:\xampp\htdocs\maddash\packaged\
and my error is..
failed to find signing key file
Did you register your keys from RIM and put them in the default location (%HOMEPATH%\Local Settings\Application Data\Research In Motion for Windows)
Did you update your SDK? Then check your keys in bbwp\bin and rename sigtool to author and move your file to the default location.
If not sufficient, try installing the native IDE and use the UI for managing the keys in the preferences
My personal opinion about this problem.
First. If you have your signing key, great for you, because BB changed the system of signing apps. (Now they use BBtokenID, related with your BBID and, in this moment, the webworks framework is the only one that doesn't support this tokens) (Come on, Hip, Hip, Hurrah! :P).
According to your command, one comment
bbwp C:\xampp\htdocs\maddash\packaged\maddash.zip -g (password) -b 1.0.0 -o C:\xampp\htdocs\maddash\packaged\
In the first paramenter yoy must add the FOLDER of your source code, not your zipped code.
If you have your keys where it corresponds, it will generate a bar file signed.
NOW, you must package it in a zip file. If you need more help with that, tell me :)
This seems to be a proble with permissions on how forge packages the IPA ( wild guess )
anyhow I also found that phonegap build users are having the same issue
I'm using Windows.
It looks like Apple might have changed their validation for IPA files, Trigger will have to look into this and update the way IPAs are created.
In the mean time IPAs are actually just zip files, you should be able to unzip it, make the Forge binary executable and zip it back up. I've not tried this so it might not work, but its worth a try until there is a better fix.
To do so using a command line on a mac you should be able to run the following commands (I assume you have access to a mac to use application loader). bad.ipa is the ipa file you tried to submit which didn't work, and good.ipa is the resulting ipa file which you should hopefully be able to submit.
unzip bad.ipa
chmod a+x Payload/device-ios.app/Forge
zip -r good.ipa Payload
You need to give executable permission mentioned file trigger.io
This is what i did when i have same issue with google Admob library
chmod +x libGoogleAnalytics_debug.a
and compile again and upload ipa back to itunes connect.
I could Generate PKCS1 formatted raw signature.. and was able to verify it even.
But could not find the resource to generate PCKS7 Formatted Signature using IPHONE IOS SDK.
I need to sign a simple text message.
Which library I have to use?
Can we use openssl for this? if yes? then how to include it in the XCODE library framework?
Pls help out.
Yes you can use openssl for this, however you will need to compile it yourself and link your App against the static library. If you want to run it in both the iPhone Simulator and a real iPhone Device (you do), you'll need to create a 'fat' library containing both armv7 and i386 architecture code. If you want to support iPhone 3 instead then you'll need to include armv6 architecture code. It's best therefore to build the library with all 3 architectures.
Here's a couple of resources that describe how to build openssl for iOS:
http://atastypixel.com/blog/easy-inclusion-of-openssl-into-iphone-app-projects/
https://github.com/st3fan/ios-openssl
EDIT: I actually modified st3fan's build script, which I have pasted here:
setenv.sh and build_openssl.sh
Download these scripts and keep them somewhere like ~/bin (review them and then chmod them 0755 once you are sure they are not malicious).
Next edit setenv.sh as it assumes there is a directory where you will install your 3rd-party libraries. By default this is /opt/local/ioslibs so make sure that exists and is owned by you else the final bit will fail. It's been configured for Xcode 4.2/iOS SDK 5 using the default locations so that might need correcting too.
build_openssl.sh is configured to build a specific version of openssl (1.0.0e) and will download the source tarball if it's not in the current directory (you need wget for that, but if you cannot be bothered to install wget then manually download it using the link within the script). When you run it, it will build the library in armv6, armv7 and i386 arch's and copy the correct files to the installation directory.