Money 最新的微信,发现LLDB 调试时候断点进不不了


#1

偏移
0] 0x000000000005c000 /var/containers/Bundle/Application/A90E391A-0B15-494D-883C-1197E9A82489/WeChat.app/WeChat(0x000000010005c000)

单聊 viewDidLoad 方法地址

_text:0000000101FC8200 ; void __cdecl -[BaseMsgContentViewController viewDidLoad](BaseMsgContentViewController *self, SEL)
__text:0000000101FC8200 __BaseMsgContentViewController_viewDidLoad_
__text:0000000101FC8200                                         ; DATA XREF: __objc_const:0000000103DE28E8↓o
__text:0000000101FC8200
__text:0000000101FC8200 var_F0          = -0xF0
__text:0000000101FC8200 var_E0          = -0xE0
__text:0000000101FC8200 var_B0          = -0xB0
__text:0000000101FC8200 var_80          = -0x80
__text:0000000101FC8200 var_78          = -0x78
__text:0000000101FC8200 var_70          = -0x70
__text:0000000101FC8200 var_60          = -0x60
__text:0000000101FC8200 var_50          = -0x50
__text:0000000101FC8200 var_40          = -0x40
__text:0000000101FC8200 var_30          = -0x30
__text:0000000101FC8200 var_20          = -0x20
__text:0000000101FC8200 var_10          = -0x10
__text:0000000101FC8200 var_s0          =  0
__text:0000000101FC8200
__text:0000000101FC8200                 SUB             SP, SP, #0x100
__text:0000000101FC8204                 STP             D11, D10, [SP,#0xF0+var_70]
__text:0000000101FC8208                 STP             D9, D8, [SP,#0xF0+var_60]
__text:0000000101FC820C                 STP             X28, X27, [SP,#0xF0+var_50]
__text:0000000101FC8210                 STP             X26, X25, [SP,#0xF0+var_40]
__text:0000000101FC8214                 STP             X24, X23, [SP,#0xF0+var_30]
__text:0000000101FC8218                 STP             X22, X21, [SP,#0xF0+var_20]
__text:0000000101FC821C                 STP             X20, X19, [SP,#0xF0+var_10]
__text:0000000101FC8220                 STP             X29, X30, [SP,#0xF0+var_s0]
__text:0000000101FC8224                 ADD             X29, SP, #0xF0
__text:0000000101FC8228                 MOV             X19, X0
__text:0000000101FC822C                 STR             X19, [SP,#0xF0+var_80]
__text:0000000101FC8230                 ADRP            X8, #classRef_BaseMsgContentVie

断点

0x102024200 = 0000000101FC8200  + 0x000000000005c000
(lldb) br s -a 0x102024200
Breakpoint 9: where = WeChat`ClearDataItem::compareTime(std::__1::shared_ptr<ClearDataItem> const&, std::__1::shared_ptr<ClearDataItem> const&) + 2927008, address = 0x0000000102024200
(lldb) c

问题:断点没有进去,难道微信做了防护吗?


#2

也可能是方法没被调用?


#4

ViewDidLoad 方法,BaseMsgContentViewController 这个是聊天的controller,不应该不调用


#7

断点地址不对吧


#8

你断个别的什么函数(比如 open)看看能不能命中不就知道了


#9

应该是断点的位置不对吧。我今天在越狱机上面砸壳了最新版的微信,然后把执行文件拖到IDA里面去,也是在BaseMsgContentViewController这个类这里,好像所有的的方法的断点都不起作用。后来我用了[BaseMsgContentViewController _shortMethodDescription]就看到方法和实际地址了。不过上述的偏移+基地址这样的算法算出来的地址并不等于那样打印出来的地址,不知道为什么。