In this case, it just gives away the password. It helps us so much in figuring out what this method is supposed to do. To check out the Pseudo code for this function, click on Pseudo Code on the top right.Īs you can see, Hopper provides you with a Pseudo code for this function. One kickass feature of Hopper is that it can provide Pseudo code for a function. Once we find the method, tap on it and it will take you to its disassembly. So lets search for it in the labels section. We know that the method that is important is loginButtonTapped. This includes labels to method implementations, constant strings, classes etc. If you select the labels section on the left, it will give you all the labels it was able to dump from the application. If you have read part 26 on this series, you will note that the password is also present in this list -). On the left hand side, if you select the Strings section, you will see all the constant strings that Hopper was able to dump from the binary. Hopper will now start dissasembling the application. Also make sure to quit Xcode but keep the simulator open. Give the location of the GDB-Demo binary. Now open Hopper app and go to File->Read Executable To Disassemble. This is the binary that we will provide to Hopper. Inside this folder, you will find the application binary with the name GDB-Demo. Go inside the folder GDB-Demo.app (this is the application bundle) by right clicking on it and choosing the option Show Package contents. Use the command open DirectoryName and this will open the directory in Finder. Using the command ls -al will give you the created date of these folders. Once you are in this directory, you have to find your application folder. In my case, the location is /Users/Prateek/Library/Application Support/iPhone Simulator 6.1/Applications/. If you run an application in Xcode, it will generate an application directory inside the folder /Users/$username/Library/Application Support/iPhone Simulator/$ios version of simulator/Applications/. Now our task is to find the location of the application binary on our system. This will install the application in the IOS simulator. Once you have downloaded the GDB-Demo application, run it using Xcode. Please note that in this article, we will be debugging and patching the application which is x86 architecture on a laptop, however you can do the same patching with ARM executable as well by copying the binary from the device. Our task is to patch this application in such a way that the application allows us to login even if the username/password combination is not correct. It accepts a certain username/password combination in order to allow us to login. Just to quickly recap, the GDB-Demo had a login form like this. I highly recommend that you read Part 26 before you proceeed with this article. In this article also, we will use the same demo application that we used in Part 26, the GDB-Demo application that you can download from my github profile. Anyways, once you download the Hopper app, this is the interface we are looking at. I would recommend you check out the demo version which lets you perform some tasks to get a feel of Hopper. I think it is an incredible price given the things we can do with this application. In this article, i am using a paid version of Hopper which cost about $60. Hopper is specialized in retrieving Objective-C information in the files you analyze, like selectors, strings and messages sent. Hopper is a reverse engineering tool for OS X, Linux and Windows, that lets you disassemble, decompile and debug (OS X only) your 32/64bits Intel Mac, Windows and iOS (ARM) executables! Take a look at the feature list below!Įven if Hopper can disassemble any kind of Intel executable, it does not forget its main platform.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |