@wangdu wrote:
环境:iphone 5s, ios 8.1, optool, codesign, xcode 9, ios-deploy
练习文章来源:
http://www.vantagepoint.sg/blog/85-patching-and-re-signing-ios-apps
codesign指令如下:
/usr/bin/codesign --force --sign SDKLFJ4909543J34L3KL4J529455FJD03J3KL4J5L3 FridaGadget.dylib
/usr/bin/codesign --force --sign SDKLFJ4909543J34L3KL4J529455FJD03J3KL4J5L3 --entitlements entitlements.plist UnCrackable\ Level\ 1insert optool指令是如下:
~/Projects/optool/build/Release/optool install -c load -p "FridaGadget.dylib" -t UnCrackable\ Level\ 1安装指令如下:
ios-deploy --debug --bundle ../UnCrackable\ Level\ 1.app问题:按照群裡一篇教学文章的原连结文章,做了重签名的练习,但是在执行ios-deploy指令安装重签名的app到最后一步就会产生错误,错误讯息如下:
(lldb) connect (lldb) run success dyld: Library not loaded: FridaGadget.dylib Referenced from: /private/var/mobile/Containers/Bundle/Application/A1797A5D-81E9-43EB-8232-1E27E6E47C17/UnCrackable Level 1.app/UnCrackable Level 1 Reason: image not found Process 36082 stopped * thread #1, stop reason = EXC_BREAKPOINT (code=1, subcode=0x12003d088) frame #0: 0x000000012003d088 dyld`dyld_fatal_error dyld`dyld_fatal_error: -> 0x12003d088 <+0>: brk #0x3 dyld`dyldbootstrap::start: 0x12003d08c <+0>: stp x28, x27, [sp, #-0x60]! 0x12003d090 <+4>: stp x26, x25, [sp, #0x10] 0x12003d094 <+8>: stp x24, x23, [sp, #0x20] Target 0: (dyld) stopped.但我已经尽量按照英文原文版去实作所有细节,只要我optool uninstall 拿掉FridaGadget.dylib载入指令的话,app就可以正常被ios-deploy发佈在手机上。
我尝试过把get task allow 改成no 或者 yes,如果是yes那就会出现dylib image not found,如果是no一样会失败,错误讯息如下:
Platform: remote-ios Connected: no SDK Path: "/Users/wz/Library/Developer/Xcode/iOS DeviceSupport/8.1.2 (12B440)/Symbols" (lldb) target create "/Users/wz/Projects/owasp-mstg/Crackmes/iOS/Level_01/Payload/UnCrackable Level 1.app" Current executable set to '/Users/wz/Projects/owasp-mstg/Crackmes/iOS/Level_01/Payload/UnCrackable Level 1.app' (arm64). (lldb) script fruitstrap_device_app="/private/var/mobile/Containers/Bundle/Application/1BE9E452-AEBC-4068-AFDF-35483AB03CE7/UnCrackable Level 1.app" (lldb) script fruitstrap_connect_url="connect://127.0.0.1:64421" (lldb) target modules search-paths add /usr "/Users/wz/Library/Developer/Xcode/iOS DeviceSupport/8.1.2 (12B440)/Symbols/usr" /System "/Users/wz/Library/Developer/Xcode/iOS DeviceSupport/8.1.2 (12B440)/Symbols/System" "/private/var/mobile/Containers/Bundle/Application/1BE9E452-AEBC-4068-AFDF-35483AB03CE7" "/Users/wz/Projects/owasp-mstg/Crackmes/iOS/Level_01/Payload" "/var/mobile/Containers/Bundle/Application/1BE9E452-AEBC-4068-AFDF-35483AB03CE7" "/Users/wz/Projects/owasp-mstg/Crackmes/iOS/Level_01/Payload" /Developer "/Users/wz/Library/Developer/Xcode/iOS DeviceSupport/8.1.2 (12B440)/Symbols/Developer" (lldb) command script import "/tmp/5A99D8BC-DF4A-47A4-A06F-7BD9E01E8EF1/fruitstrap_212f3ab4ef6ddc90b21ad816a3e7cd5223b6af52.py" (lldb) command script add -f fruitstrap_212f3ab4ef6ddc90b21ad816a3e7cd5223b6af52.connect_command connect (lldb) command script add -s asynchronous -f fruitstrap_212f3ab4ef6ddc90b21ad816a3e7cd5223b6af52.run_command run (lldb) command script add -s asynchronous -f fruitstrap_212f3ab4ef6ddc90b21ad816a3e7cd5223b6af52.autoexit_command autoexit (lldb) command script add -s asynchronous -f fruitstrap_212f3ab4ef6ddc90b21ad816a3e7cd5223b6af52.safequit_command safequit (lldb) connect (lldb) run error: process launch failed: failed to get the task for process 36226 (lldb)感觉应该是要是YES才是正确的,但dylib image not found到底是什麽原因呢?能否请大神们给予小弟指点,万分感谢!
Posts: 4
Participants: 2
