Another update to gdbinit for iOS and ARM support to ptool.pl and offset.pl

I have fixed some of the missing stuff in gdbinit for iOS. Now the jump conditions are displayed for ARM and Thumb modes and the stepo command is working for ARM and semi-working for Thumb (to be fixed in the next release). Also implemented minor cosmetic changes.

The tools to show Mach-O header information and calculate offsets to be patched were also updated to support ARM binaries. Offset.pl is by default interactive (you can choose from the available architectures in the binary, if fat), and ptool.pl is able to modify the entry point for the architecture you choose. Ptool.pl also supports two more options to display only the LC_UNIXTHREAD segment (where the entrypoint is shown) and the LC_ENCRYPTION_INFO (required information to manually dump iOS binaries). It’s time to learn some Objective-C/Cocoa and convert them in graphical apps, although I still prefer command line for day to day operations.

That’s it for now.
fG!

gdbinit-ios-v0.3.gz
SHA256(gdbinit-ios-v0.3.gz)= 90c7117aa33be72c87de66ac6b75d5c60e423539eb399e9faadcf0bd5569fb8b

The latest version can always be found here.

offset1.3.pl.gz
SHA256(offset1.3.pl.gz)= 2b091f2ea5fddce3ca22251b8d81578ba708811d4a3d2fdce8ae0c8a7972f1b3

ptool1.3.pl.gz
SHA256(ptool1.3.pl.gz)= 715481e62978c183ccd82311acb6ccced2d12cab76a0c9ffb0345d653bce37ba

Recommend

How to make an iPad connect thru a ssh SOCKS proxy + iOS "spyware"

My first crackme... from hell, I hope :-)

Blog migration to Hugo

Gone in 59 seconds: tips and tricks to bypass AppMinder’s Jailbreak detection

See you in Asia!

A new GDB frontend and some pics from the past

A memory dumper for Apple crypted binaries! Hurray !!!

Revisiting Mac OS X Kernel Rootkits Phrack article is finally out!

Using Apple’s sandbox feature for reversing purposes

gdbinit v8.0: simultaneous support for x86/x86_64 and ARM architectures!

About Joyk