dumpdecrypted 使用
公冶嘉茂
手机安装文件 openssh
app file Conduit
///查看 运行程序路径
ps -A
dumpdecrypted.dylib 编译
make 修改 make的
CFLAGS = -target arm64-apple-ios8.0
签名
ldid -S dumpdecrypted.dylib
放入路径文件中
放入var/root
///动态库在注入路径
DYLD_INSERT_LIBRARIES=dumpdecrypted.dylib /var/mobile/Applications/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/Scan.app/Scan
/// otool 查看脱壳
otool -l xxx.* | grep crypt
/// 提取 entitlements.plist
security cms -D -i xxxxx*p >temp.plist
/usr/libexec/PlistBuddy -x -c ‘Print :Entitlements’ temp.plist > entitlements.plist
瘦身
lipo -thin armv7 xxx.decrypted -output xxx_armv7.decrypted
类似资料: