lldd+debugserver启动APP时Segmentation fault: 11


#1

环境
ios 10.0.2 mac 10.13.2

重现步骤:
1 debugserver *:1234 xx. xxAPP被唤醒,停留在启动页面
2.在mac端,执行lldb
process connect connect://192.168.9.117:1234

出现错误:
Process 2190 stopped

  • thread #1, stop reason = signal SIGSTOP
    frame #0: 0x00000001027a9000
    -> 0x1027a9000: mov x28, sp
    0x1027a9004: and sp, x28, #0xfffffffffffffff0
    0x1027a9008: mov x0, #0x0
    0x1027a900c: mov x1, #0x0
    Target 0: (No executable module.) stopped.

请问如何破?

问题进化了,再提供一下信息出来

stonede-iPhone:~ root# debugserver -l debuglog.log -a 3343 *:1234
debugserver-@(#)PROGRAM:debugserver PROJECT:debugserver-360.0.26.1
for arm64.
Attaching to process 3343…
Segmentation fault: 11

log日志是:
1 +0.000000 sec [0d19/0403]: RNBRunLoopLaunchAttaching Attaching to pid 3343…
2 +0.005335 sec [0d19/0403]: MachProcess::MachProcess()
3 +0.000132 sec [0d19/0403]: (DebugNub) attaching to pid 3343…
4 +0.000987 sec [0d19/0403]: MachProcess::SetState(Unloaded) ignoring redundant state change…
5 +0.000224 sec [0d19/0403]: MachProcess::SetState(Attaching) upating state (previous state was Unloaded), event_mask = 0x00000001
6 +0.013284 sec [0d19/0403]: MachTask::StartExceptionThread ( )
7 +0.000304 sec [0d19/0403]: ::task_for_pid ( target_tport = 0x0103, pid = 3343, &task ) => err = 0x00000000 (success) err = 0x00000000
8 +0.000168 sec [0d19/0403]: ::task_info ( target_task = 0x0d07, flavor = TASK_BASIC_INFO, task_info_out => 0x16fdaa588, task_info_outCnt => 10 ) err = 0x00000000
9 +0.000107 sec [0d19/0403]: task_basic_info = { suspend_count = 0, virtual_size = 0x52861000, resident_size = 0x030bc000, user_time = 1.219109, system_time = 1.219109 }
10 +0.000220 sec [0d19/0403]: MachException::PortInfo::Save ( task = 0x0d07 )
11 +0.000157 sec [0d19/0403]: ::task_get_exception_ports ( task = 0x0d07, mask = 0x13fe, maskCnt => 1, ports, behaviors, flavors ) err = 0x00000000
12 +0.000171 sec [0d19/0403]: ::task_set_exception_ports ( task = 0x0d07, exception_mask = 0x000013fe, new_port = 0x1a07, behavior = 0x80000001, new_flavor = 0x00000005 ) err = 0x00000000


#2

可能 大概 大约 app做了反调试?


#3

看起来不是。没越狱设备没法分析就是了。


#4

有app的样本吗


#5

tongpingguo6:~ root# debugserver -l debuglog.log -a LiveStreaming *:1234
debugserver-@(#)PROGRAM:debugserver PROJECT:debugserver-320.2.89
for arm64.
Attaching to process LiveStreaming…
Segmentation fault: 11
我也是这个问题 ,请问你问题解决了么


#6

上午刚加您的群~~~ 在这里又看到您,再请教您一个问题,我在调试一个APP ,报这个错误,请问这是什么原因呀,我可以调成功其它的APP,是不是可以说明debugserver是没有问题的,只是和程序有关呢

peterde-iPhone:~ root# debugserver *:1234 -a 664 debugserver-@(#)PROGRAM:debugserver PROJECT:debugserver-320.2.89 for arm64. Attaching to process 664… Segmentation fault: 11


#7

ptrace反调试


#8

这样就说明是加了ptrace反调试吗,我在调同一个公司的两个APP,另一个就可以调通,这个就报这个错误,难道他一个保护一个不保护,如果是我能做到就都加保护了


#9

一般来说sf 11都是ptrace反调试。


#10

可以用HOOK工具写个tweak 解决这个反调试吗,我看到一个说法,可是不太清楚写的,您了解吗,请赐教~~


#11


自己在论坛搜一下…


#12

好用的,谢大神~~


#13

解决了,谢大神~~~