-
-
[分享]ios objc 方法调用记录插件:iTracer v1.0
-
发表于: 2012-12-11 11:51
-
如果你想逆向 某些app的调用流程 或者 系统app的一些功能的 私有framework class api 调用流程, 可以试试此工具
只需要 配置需要挂接的 类名和app名, 就可以实时追踪 相关功能的 调用流程。 支持批量 hook n多个类名
一、安装方法:
1.配置需要挂接的应用,相关参数:
在mac下通过xcode打开 iTracer.plist ,就改 filter 下 bundles 列表,设置需要挂接的app名,具体设置可以参考
mobilesubstrate的相关文档:cedK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3W2H3K9r3!0F1k6h3c8W2N6Y4N6A6K9$3W2Q4x3X3g2F1k6i4c8Q4x3V1k6A6L8X3c8W2P5q4)9J5k6i4m8Z5M7q4)9J5c8V1#2G2j5X3W2D9k6g2y4#2j5Y4y4@1M7X3q4@1k6b7`.`.
例如要挂接SpringBoard(挂接这个一般比较危险,做好会白苹果的准备 = =!, 真白了 也没事: 同时按开机键+home, 之后再按 开机+音量+, 进入无插件模式,用itools吧对应的插件删了重启就行了):
Filter = {
Bundles = (com.apple.springboard);
};
2.配置需要挂接的 class 的 所有 api, 例如:
Trace = {
item0 = (UIView),
item1 = (UIViewController),
item2 = (UIApplication),
};
3.配置是否开启 打印api详细参数值功能(这个还有些不稳定,打印某些值会挂掉,不过通常情况下 够用了,先凑活着用吧 = =)
TraceArgs = YES/NO
如果不巧打印的时候 真挂了,就把这个功能禁用,仅仅 trace api的调用流程, 还是很稳定的。。
2.利用itool等工具,讲 iTracer.dylib 和 iTracer.plist 放到系统 mobilesubstrate 插件目录:
/Library/MobileSubstrate/DynamicLibraries
3.然后重启SpringBoard(可以通过PPHelper注销、或者ssh登上去 killall -9 SpringBoard)
二、下面是我 trace PPHelper的 一些log, 注: log 的实际输出在: Xcode-Organizer-Console 中:
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView _addSubview:positioned:relativeTo:]: <UIView: 0x95948d0; frame = (0 0; 0 0); alpha = 0.4; hidden = YES; userInteractionEnabled = NO; layer = <CALayer: 0x9594900>>: -1: null
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView superview]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView window]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView window]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView _shouldTryPromoteDescendantToFirstResponder]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView _isAncestorOfFirstResponder]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView description]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView frame]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView transform]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView clipsToBounds]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView layer]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView alpha]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView isHidden]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView isOpaque]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView autoresizingMask]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView autoresizesSubviews]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView isUserInteractionEnabled]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView tag]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView willMoveToSuperview:]: <SogouToolBarRootView: 0x9592560; frame = (0 0; 0 0); hidden = YES; layer = <CALayer: 0x9592660>>
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView _unsubscribeToScrollNotificationsIfNecessary:]: null
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView _makeSubtreePerformSelector:withObject:]: <type(:)>: null
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView _makeSubtreePerformSelector:withObject:withObject:copySublayers:]: <type(:)>: null: null: 0
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView _invalidateSubviewCache]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView actionForLayer:forKey:]: <CALayer: 0x9592660>: sublayers
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView description]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView frame]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView transform]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView clipsToBounds]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView layer]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView alpha]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView isHidden]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView isOpaque]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView autoresizingMask]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView autoresizesSubviews]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView isUserInteractionEnabled]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView tag]
Dec 11 10:50:46 unknown PPHelper[3090] <Warning>: [iTracer]: [UIView _subscribeToScrollNotificationsIfNecessary:]: <SogouToolBarRootView: 0x9592560; frame = (0 0; 0 0); hidden = YES; layer = <CALayer: 0x9592660>>
再比如 我 trace iTunes-U的 一些log:
Dec 11 11:03:56 unknown iTunesU[3393] <Warning>: [iTracer]: [SSAccountStore init]
Dec 11 11:03:56 unknown iTunesU[3393] <Warning>: [iTracer]: [SSAccountStore activeAccount]
Dec 11 11:03:56 unknown iTunesU[3393] <Warning>: [iTracer]: [SSAccountStore _reloadAccountsIfNeeded]
Dec 11 11:03:56 unknown iTunesU[3393] <Warning>: [iTracer]: [SSAccountStore _setAccounts:]: (
"<SSAccount: 0x1108d780>: (1096041240, xxxxxx@gmail.com)",
"<SSAccount: 0x11091c40>: (1264698560, xxxxxx@gmail.com)"
)
Dec 11 11:03:56 unknown iTunesU[3393] <Warning>: [iTracer]: [SSAccountStore activeAccount]
Dec 11 11:03:56 unknown iTunesU[3393] <Warning>: [iTracer]: [SSAccountStore _reloadAccountsIfNeeded]
Dec 11 11:03:56 unknown iTunesU[3393] <Warning>: [iTracer]: [SSAccountStore activeAccount]
Dec 11 11:03:56 unknown iTunesU[3393] <Warning>: [iTracer]: [SSAccountStore _reloadAccountsIfNeeded]
Dec 11 11:03:57 unknown wifid[22] <Error>: WiFi:[376887837.256361]: Client itunesstored is background application
Dec 11 11:03:57 unknown iTunesU[3393] <Warning>: [iTracer]: [SSDownloadManager _loadDownloadKindsUsingNetwork]
Dec 11 11:03:57 unknown iTunesU[3393] <Warning>: [iTracer]: [SSDownloadManager _copyDownloadKindsUsingNetwork]
Dec 11 11:03:57 unknown iTunesU[3393] <Warning>: [iTracer]: [SSDownloadManager _sendObserverConnection]
Dec 11 11:03:57 unknown iTunesU[3393] <Warning>: [iTracer]: [SSDownloadManagerOptions downloadKinds]
Dec 11 11:03:57 unknown iTunesU[3393] <Warning>: [iTracer]: [SSDownloadManager _newOptionsDictionary]
Dec 11 11:03:57 unknown iTunesU[3393] <Warning>: [iTracer]: [SSDownloadManagerOptions persistenceIdentifier]
Dec 11 11:03:57 unknown iTunesU[3393] <Warning>: [iTracer]: [SSDownloadManagerOptions shouldFilterExternalOriginatedDownloads]
Dec 11 11:03:57 unknown iTunesU[3393] <Warning>: [iTracer]: [SSDownloadManagerOptions prefetchedDownloadProperties]
Dec 11 11:03:57 unknown iTunesU[3393] <Warning>: [iTracer]: [SSDownloadManagerOptions prefetchedDownloadExternalProperties]
Dec 11 11:03:57 unknown iTunesU[3393] <Warning>: [iTracer]: [SSDownloadManager _handleMessage:fromServerConnection:]: <type(^v)>: <type(^{_xpc_connection_s=})>
Dec 11 11:03:57 unknown iTunesU[3393] <Warning>: [iTracer]: [SSDownloadManagerOptions downloadKinds]
>
Dec 11 11:03:57 unknown iTunesU[3393] <Warning>: [iTracer]: [SSDownloadManager _handleMessage:fromServerConnection:]: <type(^v)>: <type(^{_xpc_connection_s=})>
Dec 11 11:04:00 unknown iTunesU[3393] <Warning>: [iTracer]: [SSSoftwareUpdatesRequest handleFinishResponse:error:]: {
0 = "238CA706-D2B3-4B99-9CDE-7589471CBF4E";
2 = (
{
"artist-name" = "Chongqing Rumtel Communication Technology Co.,Ltd";
"artwork-urls" = (
{
"box-height" = 57;
"box-width" = 57;
"needs-shine" = 0;
url = "782K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3p5I4x3o6x3&6i4K6u0W2M7r3S2G2j5X3!0K6i4K6u0W2j5i4m8H3L8r3g2Q4x3X3g2U0L8$3#2Q4x3V1k6#2M7#2)9J5c8Y4t1I4x3o6l9H3i4K6u0r3x3o6j5J5i4K6u0r3f1s2g2J5M7r3I4W2i4K6u0r3N6U0c8Q4x3V1j5$3k6g2)9J5c8X3u0S2i4K6u0r3x3U0m8Q4x3V1j5$3k6h3u0S2x3U0m8S2y4q4)9J5k6o6R3H3j5e0g2Q4x3X3b7@1y4r3b7%4i4K6u0V1z5e0m8X3z5q4)9J5k6o6R3^5z5e0M7I4x3o6t1%4k6r3t1&6x3q4)9J5c8V1W2U0L8$3&6Q4x3X3g2H3L8X3M7`.";
},
{
"box-height" = 114;
"box-width" = 114;
"needs-shine" = 0;
scale = 2;
url = "5c4K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3p5%4y4U0u0Q4x3X3g2H3K9r3!0T1L8%4y4Q4x3X3g2S2M7s2m8D9k6g2)9J5k6h3y4G2L8g2)9J5c8Y4g2K6i4K6u0r3M7U0p5H3x3o6m8Q4x3V1j5H3z5o6c8Q4x3V1k6b7N6i4u0H3L8r3g2Q4x3V1k6$3y4q4)9J5c8U0x3K6i4K6u0r3j5K6q4Q4x3V1j5H3j5W2)9J5c8U0x3K6j5K6p5H3j5X3p5I4i4K6u0V1j5$3u0U0j5g2)9J5k6o6R3$3j5h3k6Q4x3X3b7^5x3K6j5K6i4K6u0V1j5h3x3^5x3$3q4T1y4K6u0W2x3o6g2T1i4K6u0r3N6r3g2E0M7q4)9J5k6g2)9J5k6h3&6@1K9%4k6@1M7h3c8H3i4K6u0W2x3e0p5@1P5o6p5I4y4q4)9J5k6o6M7#2i4K6u0W2K9Y4m8Y4";
}
);
"bundle-id" = "com.rumtel.WRADIO";
"item-id" = 379407006;
"link-type" = "software-update";
rating = {
"advisory-array" = (
);
description = "";
label = "4+";
rank = 100;
system = "itunes-games";
};
"release-date" = "2012-12-07 20:17:24 +0000";
"store-offers" = {
SWUPD = {
"action-display-name" = "\U5b89\U88c5";
"action-params" = "productType=C&salableAdamId=379407006&pricingParameters=SWUPD&price=0&appExtVrsId=12758142&ct-id=14";
"asset-flavors" = {
"10:purple" = {
size = 9500607;
};
};
"ds-ids" = (
1096041243
);
price = 0;
"price-display" = "\U514d\U8d39";
size = 9500607;
"supported-device-types" = (
{
"device-type-id" = 1;
"minimum-product-version" = "5.0";
"minimum-product-version-description" = "\U6b64 App \U9700\U8981 iOS 5.0 \U64cd\U4f5c\U7cfb\U7edf\U3002";
"minimum-product-version-title" = "\U9700\U8981\U66f4\U65b0";
}
);
"supported-devices" = (
1
);
};
};
这个只是应我个人需求,随便开发的插件,可能不是很稳定,大家有需要的就凑活着用吧。。
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课
|
|
|---|---|
|
|
|
|
|
顶一个,
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
