IOS reverse security from starter to bald – assembly looks logic

Kotani bald collection

• Today we are going to focus on logic like if, do-while, while, for, etc.

• This time will not always look at the source, the introduction of a reverse is commonly used tool ————Hopper

1. HopperThe use of

This brothers use free ~, after all can save point is saving point ~ ha ha ha

• 1. This tool is smart and simple. Take a look at its icon first. (Don’t download it wrong)

• 2. Open it and turn it onBinary fileDragged in. With respect to OK ~
• 3. I just downloaded it onlineipa(I don’t know whose ~), as shown below

2. The judge

2.1. Global variables

• 1. The preparation has been finished. Let’s have a lookThe global variable(This is used in a lot of places ~)
• 2. Same old rules

int g = 10;

int funcIfLogic(int a, int b){
    return a+b+g;
}

int main(int argc, char * argv[]) {
    int c = funcIfLogic(1.2);
    printf("%d",c);
}
Copy the code

• 3. seeCompile and analyze logic

As you can see from the analysis, the global function is evaluated by address offset

0 x104b1e1f8 – (If you move three to the right, you're essentially wiping out the last three) – > 0 x104b1e – (Add the offset value (7) and move it three places to the left) – > 0 x104b25000 – (Plus the offset address 0x554) – > 0 x104b25554

2.2. ifjudge

• Change the code a little bitif)

int g = 10;

int funcIfLogic(int a, int b){
    if (a > b) {
        return a+g;
    }else{
        returnb+g; }}int main(int argc, char * argv[]) {
    
    int c = funcIfLogic(1.2);
    printf("%d",c);
}
Copy the code

• Feels like assembly has a little more:

2.2.1. Judgment extension (B instruction)

• Up there, I see itb.leisLess than or equal toThe meaning of. I made a list of common commands and meanings for my brothers

2.3. assemblyTurn to the seniorPseudo code~

Now that we’ve introduced tools above, let’s use tools to write logical pseudocode ~

• 1. First drag the binary tohopperAnd then find a way ~

• 2. Then the brothers looked at meAnalysis process

The reason I find assembly hard is because it’s boring, so you guys have to pull up your pants.

3. The cycle

• Next, brothers look at the cycle ~

3.1. do-whilecycle

• As usual, research this thing and I’ll see how it works

void funcLoop(a){
    
    int i = 1;
    do {
        i++;
    } while (i<10);
    printf("i==%d",i);
    
}
int main(int argc, char * argv[]) {
    funcLoop();
}
Copy the code

• assemblyAnalysis of the

This is add, then judge, then jump

This time and brothers line by line read, are about the same. (I took out the key points.)

3.2. whilecycle

• We look at thewhilethe

void funcLoop2(a){
    int i = 1;
    
    while (i<10) {
        i++;
    }
    printf("i==%d",i);
    
}
Copy the code

Let’s see what the similarities and differences are between them

whileThe loop is judged first, then added, before jumping

3.3. forcycle

• forLoops look a little bit more high-end. Let’s see

void funcLoop3(a){
    int i;
    for (i = 1; i < 10; i++) {
        
    }
    printf("i==%d",i);
}
Copy the code

• Continue toassembly

This logic is the same as the while loop, it all looks the same. Both are, judge first, add value after jump ~

4. To summarize

It’s time for summing up again

• 1. I didn’t figure it out this timeswitchStatement, I figured out must make a blog, let brothers point at 😆
• 2. This is the studyRestore pseudocode, will really work hard, mainly more boring, I cheer for the brothers
• 3. Finally, I hope to make progress together with my brothers. ⛽️ (this is the gas station 😆)