想导出私有库头文件.虽然网络上有很多在线的.但是恰好没我手机这个系统的.所以想自己导出下.这个过程很曲折.可以说还没有成功!以下是我用SafariServices.framework/SafariServices做的一些尝试
2024-05-20 14:39:17.107 class-dump[43693:31954483] *** Assertion failure in -[CDObjectiveC2Processor protocolAtAddress:], /Users/monkey/Documents/iosreversecode/class-dump/Source/CDObjectiveC2Processor.m:75
2024-05-20 14:39:17.108 class-dump[43693:31954483] *** Terminating app due to uncaught exception 'NSInternalInconsistencyException', reason: 'Invalid parameter not satisfying: [cursor offset] != 0'
*** First throw call stack:
(
0 CoreFoundation 0x00007ff81132cbc2 __exceptionPreprocess + 242
1 libobjc.A.dylib 0x00007ff810e5475c objc_exception_throw + 48
2 Foundation 0x00007ff812163d08 -[NSCalendarDate initWithCoder:] + 0
3 class-dump 0x000000010468ff43 -[CDObjectiveC2Processor protocolAtAddress:] + 771
4 class-dump 0x000000010469049d -[CDObjectiveC2Processor protocolAtAddress:] + 2141
5 class-dump 0x000000010468f8ef -[CDObjectiveC2Processor loadProtocols] + 287
6 class-dump 0x000000010468b41e -[CDObjectiveCProcessor process] + 430
7 class-dump 0x00000001046546df -[CDClassDump processObjectiveCData] + 399
8 class-dump 0x000000010466f6af main + 4815
9 dyld 0x000000020499241f start + 1903
)
libc++abi: terminating due to uncaught exception of type NSException
Usage:
ipsw class-dump [<DSC> <DYLIB>|<MACHO>] [flags]
Aliases:
class-dump, cd
Flags:
--arch string Which architecture to use for fat/universal MachO
-a, --cat string Dump category (regex)
-c, --class string Dump class (regex)
--demangle Demangle symbol names (same as verbose)
--deps Dump imported private frameworks
--headers Dump ObjC headers
-h, --help help for class-dump
-o, --output string Folder to write headers to
-p, --proto string Dump protocol (regex)
--re RE verbosity (with addresses)
--refs Dump ObjC references too
-s, --spm 🚧 Generate a Swift Package for the dylib
--theme string Color theme (nord, github, etc) (default "nord")
-x, --xcfw 🚧 Generate a XCFramework for the dylib
Global Flags:
--color colorize output
--config string config file (default is $HOME/.config/ipsw/config.yaml)
--no-color disable colorize output
-V, --verbose verbose output
⨯ failed to read protocol at pointer 0x1d795f3c8 (converted 0x1d795f3c8); failed to read protocols vmaddr: failed to convert vmaddr: address 0x1d2dfd790 not within any segment's adress range
- 最新版本hopper的问题就是导出来头文件中的一部分类是缺失函数的如下所示.
/*****************************************************************/
@protocol NSObject
@property (readonly) unsigned long long hash;
@property (readonly) Class superclass;
@property (readonly,copy) NSString * description;
@property (readonly,copy) NSString * debugDescription;
- (id)self;
- (id)performSelector:(SEL)v1;
- (id)performSelector:(SEL)v1 withObject:(id)v2;
- (id)performSelector:(SEL)v1 withObject:(id)v2 withObject:(id)v3;
- (bool)isKindOfClass:(Class)v1;
- (Class)class;
- (unsigned long long)retainCount;
- (unsigned long long)hash;
- (id)retain;
- (id)description;
- (bool)respondsToSelector:(SEL)v1;
- (bool)isEqual:(id)v1;
- (bool)isProxy;
- (bool)isMemberOfClass:(Class)v1;
- (struct _NSZone *)zone;
- (Class)superclass;
- (oneway void)release;
- (bool)conformsToProtocol:(id)v1;
- (id)autorelease;
@optional
- (id)debugDescription;
@end
/*****************************************************************/
@protocol UIViewControllerTransitioningDelegate
@optional
- (id)interactionControllerForPresentation:(id)v1;
- (id)animationControllerForPresentedController:(id)v1 presentingController:(id)v2 sourceController:(id)v3;
- (id)interactionControllerForDismissal:(id)v1;
- (id)animationControllerForDismissedController:(id)v1;
- (id)presentationControllerForPresentedViewController:(id)v1 presentingViewController:(id)v2 sourceViewController:(id)v3;
@end
/*****************************************************************/
@interface SFKillSafariViewServiceActivity : _SFActivity
@end
/*****************************************************************/
@interface SFDownloadsUnifiedBarItem
@end
/*****************************************************************/
@interface SFDownloadsUnifiedBarItemView
@end
/*****************************************************************/
@interface _SFBarItemConfiguration
@end
/*****************************************************************/
@interface _SFBarManager
@end
/*****************************************************************/
@interface _SFVibrantSeparatorView
@end
/*****************************************************************/
@interface SFAutomaticPasswordInputView
@end
/*****************************************************************/
@interface SFAutomaticPasswordScrollViewContentView
@end
/*****************************************************************/
@interface SFAutomaticPasswordExplanationView
@end
/*****************************************************************/
@interface _SFFeatureAvailability
@end
/*****************************************************************/
@interface SFCustomActivityProxy
@end
/*****************************************************************/
@interface SFUnifiedBarRegistration
@end
/*****************************************************************/
@interface SFDismissButton
@end
/*****************************************************************/
@interface _SFSafariSharingExtensionController
@end
-
0x05 RuntimeBrowser
- 这个会闪退.屏蔽掉了很多导致闪退的库.后.还是没能导出来我想要的一些库的头文件.但是大部分其他库还是可以导出来的.最接近成功的一个项目
-
0x06
nmnm -a SafariServices | grep -这个应该可以导出来.但是我还是想要class-dump导出来的那种清晰的文件
-
0x07 https://developer.limneos.net/一个在线网站,对版本要求不高的可以看下.
。电池哥。