Make install问题

hwjforios · 2014 年5 月 5 日 09:15

建了个xpc service的工程，还没打包就不小心执行了make install命令，之后所有的deb都无法安装上去了，提示错误

石头 2014/5/5 16:54:33

(Reading database … 13676 files and directories currently installed.)
Preparing to replace aspire 0.0.1-3 (using /tmp/_theos_install.deb) …
Could not open job overrides database at: /private/var/db/launchd.db/com.apple.launchd/overrides.plist: 2: No such file or directory
launchctl: Couldn’t stat("/Library/LaunchDaemons/Aspire.plist"): No such file or directory
nothing found to unload
dpkg: warning - old pre-removal script returned error exit status 1
dpkg - trying script from the new package instead …
dpkg: error processing /tmp/_theos_install.deb (–install):
there is no script in the new version of the package - giving up
Could not open job overrides database at: /private/var/db/launchd.db/com.apple.launchd/overrides.plist: 2: No such file or directory
launchctl: Couldn’t stat("/Library/LaunchDaemons/Aspire.plist"): No such file or directory
nothing found to load
dpkg: error while cleaning up:
subprocess post-installation script returned error exit status 1
Errors were encountered while processing:
/tmp/_theos_install.deb
make: *** [internal-install] Error 1
并且进入cydia就提示
The package xxx needs to be reinstalled,but I can not find an archive for it
xxx是我上面的工程名
求指教！

snakeninny · 2014 年5 月 6 日 01:47

你自己的工程显示在Cydia里没有？

hwjforios · 2014 年5 月 6 日 05:53

那是Cydia也出问题了，所有的已安装的软件包都看不到了，不过已经弄好了，这个和逆向没多大关系了。大神，我还想一下，我想监控一些api有没有被app调用，但是想写一个针对系统的插件而不是针对某个app，因为想对每个app都通用，所以我该是自己去hook某个framework吧？具体的是hook这个framework的某个class的方法，还是直接hook这个class，不用通过framework？

snakeninny · 2014 年5 月 6 日 06:34

hook你要监控的api，然后把bundle filter留空，像书上说的那样

hwjforios · 2014 年5 月 6 日 09:58

大神还得求助于你，很简单的东西，可是我就是弄不出来。。。。:mad:我要监控程序是否使用了地理位置，按道理我只需要看CLLocationManager这个class是否被初始化，是否有对象代理了，是否执行了startUpdatingLocation方法，于是对其hook
Tweak.xm:

#import <UIKit/UIKit.h>
%hook CLLocationManager
- (id)init
{
    UIAlertView *alertView=[UIAlertView alloc] initWithTitle:@"提示" message:@"程序初始化了CLLocationManager" delegate:self cancelButtonTitle:@"ok" otherButtonTitles:nil, nil];
    [alertView show];
    return %orig;
}
- (void)setDelegate:(id)arg1
{
    UIAlertView *alertView=[UIAlertView alloc] initWithTitle:@"提示" message:@"程序代理了CLLocationManagerDelegate" delegate:self cancelButtonTitle:@"ok" otherButtonTitles:nil, nil];
    [alertView show];
    %orig;
}
%end

Makefile:

THEOS_DEVICE_IP = 10.1.29.31
ARCHS = armv7
TARGET = iPhone:7.1:7.0
include theos/makefiles/common.mk

TWEAK_NAME = hooklocation
hooklocation_FILES = Tweak.xm
hooklocation_FRAMEWORKS = Foundation UIKit CoreLocation

include $(THEOS_MAKE_PATH)/tweak.mk

after-install::
        install.exec "killall -9 com.apple.mobilephone"

plist文件：Bundle空出来了
但是执行就是没有结果，感觉没调用，插件也安装上去了，我class_dump了微博的头文件

#import "NSObject.h"

#import "CLLocationManagerDelegate.h"

@class CLLocation, CLLocationManager;

__attribute__((visibility("hidden")))
@interface WBLocationManager : NSObject <CLLocationManagerDelegate>
{
    unsigned int locationManagerMode;
    CLLocationManager *locationManager;
    BOOL locating;
    double timeoutInterval;
    unsigned int retryTimes;
    CLLocation *bestEffortAtLocation;
    CLLocation *currentLocation;
    BOOL currentLocationOffset;
    CLLocation *previousLocation;
    BOOL previousLocationOffset;
    id <WBLocationManagerDelegate> delegate;
}

+ (void)showError:(id)arg1 withDelegate:(id)arg2;
+ (void)showError:(id)arg1;
+ (id)localizedDescriptionForErrorCode:(unsigned int)arg1;
+ (id)localizedFailureReasonForErrorCode:(unsigned int)arg1;
+ (id)errorWithCode:(unsigned int)arg1;
+ (id)sharedManager;
@property(nonatomic) BOOL previousLocationOffset; // @synthesize previousLocationOffset;
@property(retain, nonatomic) CLLocation *previousLocation; // @synthesize previousLocation;
@property(nonatomic) BOOL currentLocationOffset; // @synthesize currentLocationOffset;
@property(retain, nonatomic) CLLocation *currentLocation; // @synthesize currentLocation;
@property(retain, nonatomic) CLLocation *bestEffortAtLocation; // @synthesize bestEffortAtLocation;
@property(nonatomic) double timeoutInterval; // @synthesize timeoutInterval;
@property(nonatomic, getter=isLocating) BOOL locating; // @synthesize locating;
@property(retain, nonatomic) CLLocationManager *locationManager; // @synthesize locationManager;
@property(nonatomic) unsigned int locationManagerMode; // @synthesize locationManagerMode;
@property(nonatomic) id <WBLocationManagerDelegate> delegate; // @synthesize delegate;
- (void)markAsErrorOccurredWithErrorCode:(unsigned int)arg1;
- (void)markAsErrorOccurredWithError:(id)arg1;
- (void)markAsFinishedWithLocation:(id)arg1;
- (void)markAsFinishedWithLocation:(id)arg1 hasOffset:(BOOL)arg2;
- (void)markAsFinishedWithExternalLocation:(id)arg1 hasOffset:(BOOL)arg2;
- (void)markAsFinishedWithMapKitLocation:(id)arg1;
- (void)timeout;
- (void)locationManager:(id)arg1 didFailWithError:(id)arg2;
- (void)locationManager:(id)arg1 didUpdateToLocation:(id)arg2 fromLocation:(id)arg3;
- (void)stopUpdatingLocation;
- (void)startUpdatingLocation;
- (void)dealloc;
- (id)init;

@end

新浪微博是封装了一个NSObject的对象里面有个属性CLLocationManager 代理了CLLocationManagerDelegate，但不管怎么实现，它总会初始化CLLocationManager 代理delegate的吧？？虽然有好几个地方都代理了delegate。为什么我hook的没有反应了？？

hwjforios · 2014 年5 月 6 日 10:01

刚粘贴错了 Tweak.xm开头的地方多粘贴了个CLLocationManagerDelegate，我插件里是没这个的发帖的时候多粘贴了

snakeninny · 2014 年5 月 7 日 00:36

你的bundle filter是怎么写的？贴上来看看

hwjforios · 2014 年5 月 7 日 02:55

{
        Filter = {
                Bundles = (
                        "",
                );
        };
}

{
        Filter = {
                Bundles = ();
        };
}

{
        Filter = {};
}

这三种都写过

snakeninny · 2014 年5 月 7 日 03:30

第三种应该是可以的，你确定你的dylib被加载了吗？你hook一个微博的方法，比如applicationDidFinishLaunching之类的，然后UIAlertView一下看看？另外，插件安装好之后重启微博了吗？

hwjforios · 2014 年5 月 7 日 06:54

我凌乱了，确实是第三种，试第三种的时候动态库没装，我以为我试了，不好意思大神:3_54: 我还想问两个问题，为啥我hook住的方法里面NSLog的信息，在grep xxx /var/log/syslog 后看不到我就输出了一个字符串，而且确定hook了，因为alert可以出来，就是NSLog没有只打印出链接了这个动态库的进程
May 7 14:10:25 yangyingde-iPhone cplogd[959]: MS:Notice: Loading: /Library/MobileSubstrate/DynamicLibraries/hooklocation.dylib
May 7 14:12:21 yangyingde-iPhone DPScope[974]: MS:Notice: Loading: /Library/MobileSubstrate/DynamicLibraries/hooklocation.dylib
May 7 14:12:22 yangyingde-iPhone pasteboardd[975]: MS:Notice: Loading: /Library/MobileSubstrate/DynamicLibraries/hooklocation.dylib
May 7 14:12:40 yangyingde-iPhone App58ForIphone[977]: MS:Notice: Loading: /Library/MobileSubstrate/DynamicLibraries/hooklocation.dylib
May 7 14:17:01 yangyingde-iPhone backupd[978]: MS:Notice: Loading: /Library/MobileSubstrate/DynamicLibraries/hooklocation.dylib
May 7 14:17:01 yangyingde-iPhone lockbot[980]: MS:Notice: Loading: /Library/MobileSubstrate/DynamicLibraries/hooklocation.dylib
May 7 14:17:02 yangyingde-iPhone profiled[982]: MS:Notice: Loading: /Library/MobileSubstrate/DynamicLibraries/hooklocation.dylib

而且hook c的方法 printf的也没打印出来

第二个问题，每次安装为什么会将上一次动态库的覆盖，我是不同的工程啊，工程名也不同。

snakeninny · 2014 年5 月 7 日 13:12

为什么没有NSLog出来，如果确定hook的函数得到调用，那我觉得很可能是你自己的问题，你再检查一下。
如果是2个不同的工程，应该不会覆盖，你看看是不是2个工程写了同1个工程id，就是Theos创建工程时叫你输的identifier