对 entrypoint和 mod_init_func表里面的函数都下了断点,想入口跟踪,为何lldb和gdb都断不下了。。
mach-o 有anti?
入口下了断点了。。 Hooper v3 版本,很好奇,如何做到这样的反调试的,求指点。。。程序头我已经去掉了PIE,,而且去掉了PIE居然无法运行,就想调试一下。。
xx-Pro:~ xx$ lldb “/Users/xx/Downloads/xx.app/Contents/MacOS/Hopper Disassembler v3”
(lldb) target create “/Users/xx/Downloads/xx.app/Contents/MacOS/Hopper Disassembler v3”
Current executable set to ‘/Users/xx/Downloads/xx.app/Contents/MacOS/Hopper Disassembler v3’ (x86_64).
(lldb) br set -a 00000001000066C0
Breakpoint 1: address = 0x00000001000066c0
(lldb) br set -a 0000000100112E10
Breakpoint 2: address = 0x0000000100112e10
(lldb) r
Process 2877 launched: ‘/Users/xx/Downloads/xx.app/Contents/MacOS/Hopper Disassembler v3’ (x86_64)
Process 2877 exited with status = 45 (0x0000002d)
(lldb)
这里有人做了相关的工作