@wjk930726 wrote:
引言
昨天看完论坛里的五分钟搞不定新版Mac迅雷后成功依葫芦画瓢hook掉了一个Mac程序,今天很有成就感得准备再把Interface Inspector的15天测试干掉,结果屡屡受挫。就自己先写了个小demo测试一下,结果就有了下面这篇帖子……
小demo
一个非常简单的demo,大概就是软件正中一个按钮,点击之后alert("hi!")。核心代码如下:
#import "ViewController.h" @implementation ViewController - (void)viewDidLoad { [super viewDidLoad]; // Do any additional setup after loading the view. } - (IBAction)sayHi:(NSButton *)sender { NSAlert *alert = NSAlert.new; alert.messageText = @"hi!"; alert.alertStyle = NSAlertStyleInformational; [alert runModal]; } - (void)setRepresentedObject:(id)representedObject { [super setRepresentedObject:representedObject]; // Update the view, if already loaded. } @endhook过程再现
我 根据多年想像的编程经验 写了下面这个Logos:
%config(generator=internal) // You don't need to #include <substrate.h>, it will be done automatically, as will // the generation of a class list and an automatic constructor. #import <Foundation/Foundation.h> %hook ViewController // Hooking an instance method with an argument. - (void)sayHi:(id)argument { NSAlert *r15 = [[NSAlert alloc] init]; [r15 setMessageText:@"hello world!"]; [r15 setAlertStyle:0x1]; [r15 runModal]; } // Always make sure you clean up after yourself; Not doing so could have grave consequences! %end %ctor { NSLog(@"!!!!!!inject success!!!!!!!"); }想要实现的效果是点击了按钮之后say的不再是“hi!”而是“hello world!”
然后我就凭借我多年的编程经验在终端中输入了如下几个我根本不知道是在干什么的命名:$THEOS/bin/logos.pl ./Tweak.xm > ~/desktop/target/abc clang -shared -undefined dynamic_lookup -o ~/Desktop/SayHi/SayHi.app/Contents/MacOS/lib.dylib ~/desktop/target/abc ./optool install -c load -p @executable_path/lib.dylib -t ~/Desktop/SayHi/SayHi.app/Contents/MacOS/SayHi各位千万不要问我我在干什么,因为我也不知道这是在干什么,总之我就执行了上面一波操作,结果自然是:
当然这就很奇怪是不是,毕竟我注入Interface Inspector至少是直接闪退吧,这个什么都没有发生就很奇怪。所以我认为是我的Logos写错了,于是我修改了demo的代码,如下:#import "ViewController.h" @implementation ViewController - (void)viewDidLoad { [super viewDidLoad]; // Do any additional setup after loading the view. } - (NSString *)hi { return @"hi!"; } - (IBAction)sayHi:(NSButton *)sender { NSAlert *alert = [NSAlert.alloc init]; alert.messageText = [self hi]; alert.alertStyle = NSAlertStyleInformational; [alert runModal]; } - (void)setRepresentedObject:(id)representedObject { [super setRepresentedObject:representedObject]; // Update the view, if already loaded. } @end然后再次编写了一个我觉得再错我的智商估计要告别逆向界的Logos,如下:
%config(generator=internal) // You don't need to #include <substrate.h>, it will be done automatically, as will // the generation of a class list and an automatic constructor. #import <Foundation/Foundation.h> %hook ViewController // Hooking an instance method with an argument. - (NSString *)hi { return @"hello world!"; } // Always make sure you clean up after yourself; Not doing so could have grave consequences! %end %ctor { NSLog(@"!!!!!!inject success!!!!!!!"); }然后再次achieve了一个demo程序,再次执行下面的天书命令:
$THEOS/bin/logos.pl ./Tweak.xm > ~/desktop/target/abc clang -shared -undefined dynamic_lookup -o ~/Desktop/SayHi/SayHi.app/Contents/MacOS/lib.dylib ~/desktop/target/abc ./optool install -c load -p @executable_path/lib.dylib -t ~/Desktop/SayHi/SayHi.app/Contents/MacOS/SayHi结果当然是什么都没有发生,于是诞生了这个帖子,不知道给位大大能否告诉在下我到底是哪里错了,还有我是否应该就此退出 ~~逆向界~~
Posts: 3
Participants: 2