今天逆向系统录音功能的时候,处理PrivateFrameworks里的VoiceMemos中的函数
RCControlsView - (void)_recordingStateButtonPressed:(id)
用LLDB设置断点分析两个对象的地址情况如下:
VoiceMemos`-[RCControlsView _recordingStateButtonPressed:]:
-> 0x2cac78c8 <+0>: push {r4, r5, r6, r7, lr}
0x2cac78ca <+2>: add r7, sp, #0xc
0x2cac78cc <+4>: push.w {r8, r10, r11}
0x2cac78d0 <+8>: sub.w r4, sp, #0x40
(lldb) po $r0
<RCControlsView: 0x18e16bc0; frame = (0 294; 320 80); layer = <CALayer: 0x18e16b10>>
(lldb) p (char *) $r1
(char *) $2 = 0x2cafd568 "_recordingStateButtonPressed:"
(lldb) po $r2
<RCRecorderStateButton: 0x18e16c60; baseClass = UIButton; frame = (127 0; 66 66); opaque = NO; layer = <CALayer: 0x18e16d70>>
可是在Cycript上获取类对象并且查看地址时,情况时这样的:
[#"<RCControlsView: 0x156e4770; frame = (0 0; 320 90); hidden = YES; layer = <CALayer: 0x156e4810>>",#"<RCControlsView: 0x157328c0; frame = (0 294; 320 80); layer = <CALayer: 0x15732810>>"]
cy# choose(RCRecorderStateButton)
[#"<RCRecorderStateButton: 0x156ae100; baseClass = UIButton; frame = (127 10; 66 66); opaque = NO; layer = <CALayer: 0x156736a0>>",#"<RCRecorderStateButton: 0x15732960; baseClass = UIButton; frame = (127 0; 66 66); opaque = NO; layer = <CALayer: 0x15732a70>>"]
对比两者的属性可以确定哪个是我们所需要的对象,可是为神马分析出来的地址会不一样呢?