Kotani bald collection

  • The main purpose of this blog is:I hope brothers install less third-party cracked APP, it is possible to take away your information without anyone noticing

1. Dynamic library Framework-hook code

Today with a letter very simple demonstration, very simple ~

  • To prepare data

    • Cracked shell. Ipa

    • Preferably with a description file certificate (you can also use a free one)

    • Tools: Yololib, class-dump

    • Self-signed script (this can also be used on the web tools of any kind, the purpose is to re-sign)

    • Click the information address, password: UWg9

Originally I wrote a re-signed blog ~, after a while, now there are more tools, so I will not publish ~

1.1. To create a Framework

    1. Dynamic library injection flowchart

    1. joinloadMethods test

Load comes before main. So let’s write log and see if it goes

Well, it turns out he didn’t leave

1.2. Into the Framework

Before you inject code, explore MachO with your buddies

    1. theMachO binariesDragged intoMachOViewinside

I don’t know how far brothers understand Load Commands

According to the observation, we just need to inject the framework and Load Commands associated with it

    1. yololibuse
      1. Command:Yololib MachO Path Path of the framework
      1. Let’s add it to the script we wrote earlierappSign.shIn the

    1. Run the project

You can verify that the code injection was successful

2. hookIn a lettermethods

With Xcode can LLDB debugging, is very comfortable

2.1. The hooks, registration,button

Our goal: to invalidate the registration

    1. The landing pageviewDebugdebugging

    1. Click the register button to findClasses and methods

    1. Disable the register button by code

Using a very simple method to exchange ~

    1. Run the validation

Click the register button

Hook the registration button directly and replace it with your own

2.2. Login information acquisition

The main purpose of my writing is to remind you! Don’t install third-party jailbreaking apps! Have a risk!

    1. In order toAccount and Password LoginFor example, cut to the corresponding screen and take a look at the layout

    1. Thought analysis
      1. We are inClick loginTo get the password
      1. We need to findPassword input boxThe text of the

And we can see that. So what we’re looking for is this wcuit text field

    1. What we’re going to do isStatic analysisHere comes the next tool:class-dump)
      1. class-dumpThe header file toHeaderfolder
      • Class-dump -h MachO path -o Header
      1. withsublineorvscodeOpen theHeaderfolder
      1. Search relatedClasses and methods

    1. The code goes ~

    1. validation

3. Summary

    1. The main purpose of this article is:Try not to install third-party cracking apps. Have a risk!
    1. The main purpose of this article is:Try not to install third-party cracking apps. Have a risk!
    1. The main purpose of this article is:Try not to install third-party cracking apps. Have a risk!
    1. Don't log in with your own accountThat’s the idea and the validation. (If the title, Xiaogu’s guilt is big ~)
    1. This isTake the first step in reverse!