Theos tweak dylib 没有注入

菜鸟入门逆向

环境: Mac 10.15, iPhone 5s iOS 12.4.5
操作步骤: 按照书中一步步操作下来, make && make package install 成功了, MobileNotes也killed了, 但是启动note后无反应,
检查原因:
1, theos下已配置动态库: ~/theos/lib/libsubstrate.dylib
2, Makefile配置

THEOS_DEVICE_IP = 127.0.0.1
THEOS_DEVICE_PORT = 1025
SDKVERSION = 12.1

ARCHS = armv7 armv7s arm64
TARGET = iphone:clang:latest:8.0

INSTALL_TARGET_PROCESSES = MobileNotes

include $(THEOS)/makefiles/common.mk

TWEAK_NAME = AlertMessageProj

AlertMessageProj_FILES = Tweak.x
AlertMessageProj_FRAMEWORKS = UIKit

include $(THEOS_MAKE_PATH)/tweak.mk

after-install::
   install.exec "killall -9 SpringBoard"
3, 启动Notes无效后查看了可执行文件, 发现没有自己写的那个dylib
$ otool -L MobileNotes | grep ".dylib"
/usr/lib/libMobileGestalt.dylib (compatibility version 1.0.0, current version 1.0.0)
/usr/lib/libobjc.A.dylib (compatibility version 1.0.0, current version 228.0.0)
/usr/lib/libc++.1.dylib (compatibility version 1.0.0, current version 400.9.4)
/usr/lib/libSystem.B.dylib (compatibility version 1.0.0, current version 1252.250.1)
4, 查看日志, 觉得有嫌疑的两条
com.apple.xpc.launchd[1] (UIKitApplication:com.apple.mobilenotes[0x2e6a][63][2507]) <Notice>: Service exited due to SIGTERM | sent by killall[2528]
com.apple.xpc.launchd[1] (com.apple.mobilenotes.NotesImporter) <Error>: Disallowing environment variable: DYLD_FRAMEWORK_PATH
5, Tweak.x
#import <UIKit/UIKit.h>
%hook MobileNotes
- (_Bool)application:(id)arg1 openURL:(id)arg2 options:(id)arg3 {
	_Bool isCan = %orig(arg1, arg2, arg3);
	%log;
    UIAlertController *alert = [UIAlertController alertControllerWithTitle:@"hhhah" message:@"gggggg" preferredStyle:UIAlertControllerStyleAlert];
    [alert addAction:[UIAlertAction actionWithTitle:@"sure" style:UIAlertActionStyleDefault handler:^(UIAlertAction * _Nonnull action) { }]];
    [[[[UIApplication sharedApplication] keyWindow] rootViewController] presentViewController:alert animated:YES completion:^{ }];
    return isCan;
}
%end

__attribute__((constructor))
void testLogMethod() {
	NSLog(@"test_log_alert_message_project");
}

有点怀疑是不是因为mac 系统是10.15的关系, 因为这个, 安装IDA等软件是遇到好多坑, 求助, 不胜感激~

iOS上安装其他插件可以正常工作吗?

可以, 像Revel2Loader, cycript, 都是正常使用的

control和plist是怎么写的?
在log里搜AlertMessageProj有结果吗?
我很久没写tweak了,一些细节记不住了

control内容

Package: com.vinsent.alertmessageproj
Name: AlertMessageProj
Depends: mobilesubstrate
Version: 0.0.1
Architecture: iphoneos-arm
Description: An awesome MobileSubstrate tweak!
Maintainer: vinsent
Author: vinsent
Section: Tweaks

AlertMessageProj.plist内容

{ Filter = { Bundles = ( "com.apple.mobilenotes" ); }; }

log中没有 “AlertMessageProj” . . .

不知道,没看出来问题在哪;建议在github上下载个没问题的Theos工程,排查一下是不是机器的问题;不是的话再对照你的工程一点点调整,看是哪里出问题了

我在iOS9上注入成功


但在iOS13.2上面也没反应,lldb调试看我的dylib是有加载进去的,想着dump一下头文件看是不是我hook的类发生变化了,然后dump不了

解决了, 是CydiaSubstrate版本太高了. . .
Cydia中有降低版本选项