iOS程序破解与调试基础
";mso-hansi-font-family:="" "times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">由于苹果正常情况下的app";mso-hansi-font-family:="" "times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">主要通过app store";mso-hansi-font-family:="" "times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">下载,而在上传到app store";mso-hansi-font-family:="" "times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">时会被进行drm";mso-hansi-font-family:="" "times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">保护。被保护后的ipa";mso-hansi-font-family:="" "times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">无法直接分析,也无法进行相关的patch";mso-hansi-font-family:="" "times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">,因此,对ipa";mso-hansi-font-family:="" "times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">的破解,获取其真实的代码,资源数据就尤为重要,也因此是每一个app";mso-hansi-font-family:="" "times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">逆向分析的首要步骤。
";mso-hansi-font-family:="" "times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">破解app";="" mso-hansi-font-family:"times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">的方法
";="" mso-hansi-font-family:"times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">目前破解app";mso-hansi-font-family:="" "times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">已经有专门的工具,均需手机越狱,其中有gui";mso-hansi-font-family:="" "times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">的crakulous.";mso-hansi-font-family:="" "times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">以及命令行的clutch";mso-hansi-font-family:="" "times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">,
";="" mso-hansi-font-family:"times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; line-height: 1.8em; font-family: 宋体;">以clutch";mso-hansi-font-family:="" "times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; line-height: 1.8em; font-family: 宋体;">为例:
";="" mso-hansi-font-family:"times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">在越狱后的机器上打开terminal:
";="" mso-hansi-font-family:"times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">使用login";mso-hansi-font-family:="" "times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">进入根权限后。输入
Clutch";mso-hansi-font-family:"times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">,将显示当前的app";="" mso-hansi-font-family:"times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">名及序号,再次输入
Clutch ";mso-hansi-font-family:"times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">(对应的app";="" mso-hansi-font-family:"times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">序号)则开始破解该app";mso-hansi-font-family:="" "times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">。
";="" mso-hansi-font-family:"times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">如上图,我们选取的是某游戏的app";mso-hansi-font-family:="" "times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">进行破解
";="" mso-hansi-font-family:"times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">破解后的ipa";mso-hansi-font-family:="" "times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">被保存在/var/root/documents/cracked/";mso-hansi-font-family:="" "times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">下
";="" mso-hansi-font-family:"times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">利用如91";mso-hansi-font-family:="" "times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">助手的文件管理功能,将ipa";mso-hansi-font-family:="" "times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">下载到电脑中。
";="" mso-hansi-font-family:"times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">再利用ida";mso-hansi-font-family:="" "times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">(6.1";mso-hansi-font-family:"times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">及以上版本)打开ipa";="" mso-hansi-font-family:"times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">进行分析得到:
";mso-hansi-font-family:"times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">二";mso-hansi-font-family:"times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px;">、";mso-hansi-font-family:"times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">调试
Ios app";mso-hansi-font-family:"times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">的调试,主要利用openssh+gdb";mso-hansi-font-family:"times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">的方式。
";="" mso-hansi-font-family:"times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">在进行调试之前,首先须确保手机越狱,而后通过cydia";="" mso-hansi-font-family:"times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">在手机中安装下列软件:
Openssh";mso-hansi-font-family:"times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">(搭建ssh";="" mso-hansi-font-family:"times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">通道,实现远程登录用)
Terminal";mso-hansi-font-family:"times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">(ios";="" mso-hansi-font-family:"times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">上的终端程序,可实现命令行控制,同时也可由putty";="" mso-hansi-font-family:"times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">远程利用openssh";mso-hansi-font-family:="" "times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">的通道登录)
Adv-cmd";mso-hansi-font-family:"times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">(提供更复杂的命令行指令)
";="" mso-hansi-font-family:"times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">安装以上三个软件后。利用无线进行手机与笔记本的连接:
1 ";mso-hansi-font-family:"times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">可利用无线网络,让手机与笔记本加入同一无线网络中
2 ";mso-hansi-font-family:"times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">可利用笔记本本身的无线功能,由笔记本本身创建临时无线网络,让手机加入该网络
";="" mso-hansi-font-family:"times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">处于同一网络后,查看手机的网络地址:
";="" mso-hansi-font-family:"times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">点击红框中的箭头,则看到ip";mso-hansi-font-family:="" "times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">地址:
";="" mso-hansi-font-family:"times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">(手机安装openssh,terminal";mso-hansi-font-family:="" "times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">后)利用putty";mso-hansi-font-family:="" "times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">远程登录
";="" mso-hansi-font-family:"times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">此时即可利用gdb";mso-hansi-font-family:="" "times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">调试了,在手机中打开我们想要调试的进程(某单机游戏为例)。于手机中打开该游戏后。在putty";="" mso-hansi-font-family:"times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">中输入ps -ax(";mso-hansi-font-family:="" "times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">需手机安装adv cmds";mso-hansi-font-family:="" "times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">):
";="" mso-hansi-font-family:"times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">找到了对应的进程,此时如普通的linux";="" mso-hansi-font-family:"times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">控制台,使用gdb -p 10540";="" mso-hansi-font-family:"times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">则可挂上该进程进行调试:
";="" mso-hansi-font-family:"times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">利用disas";mso-hansi-font-family:="" "times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">指令即可查看反汇编代码:
";="" mso-hansi-font-family:"times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">这样,利用gdb";mso-hansi-font-family:="" "times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">的动态调试功能,结合ida";mso-hansi-font-family:="" "times="" roman""="" style="word-wrap: break-word; margin: 0px; padding: 0px; font-family: 宋体;">的静态分析功能。则可实现对手机进行逆向分析调试的目的。