| void dynamicMethodIMP(id self, SEL _cmd) { | |
| // implementation .... | |
| printf("执行了dynamicMethodIMP!!!!"); | |
| } | |
| //you can dynamically add it to a class as a method (called resolveThisMethodDynamically) using resolveInstanceMethod: like this: | |
| @implementation MyClass | |
| + (BOOL)resolveInstanceMethod:(SEL)aSEL | |
| { | |
| if (aSEL == @selector(resolveThisMethodDynamically)) { | |
| class_addMethod([self class], aSEL, (IMP) dynamicMethodIMP, "v@:"); |
| #!/usr/bin/env bash | |
| TABLENAME=symbols | |
| SYMBOL_DB_FILE="symbols" | |
| STRING_SYMBOL_FILE="func.list" | |
| HEAD_FILE="$PROJECT_DIR/$PROJECT_NAME/codeObfuscation.h" | |
| export LC_CTYPE=C | |
| #维护数据库方便日后作排重 | |
| createTable() |
| #!/usr/bin/env python2 | |
| # lrdcq | |
| # usage python2 unwxapkg.py filename | |
| import sys, os | |
| import struct | |
| class WxapkgFile(object): | |
| nameLen = 0 |
| var CryptoJS = require('crypto-js') | |
| var request = require('request-promise') | |
| /* | |
| * npm install crypto-js request-promise request | |
| * node wx_t1t_hack.js | |
| */ | |
| // export function testEncription(msg, fullKey) { | |
| // var fullKey = fullKey.slice(0, 16) |
| *************** | |
| *** 131,136 **** | |
| --- 131,158 ---- | |
| 0xFFFFFFF007194BBC, // KSYMBOL_SLEH_SYNC_EPILOG // look for xrefs to "Unsupported Class %u event code." | |
| }; | |
| + uint64_t ksymbols_ipad_mini_2_wifi_15b202[] = { | |
| + 0xFFFFFFF0074947EC, // KSYMBOL_OSARRAY_GET_META_CLASS, | |
| + 0xFFFFFFF007523A98, // KSYMBOL_IOUSERCLIENT_GET_META_CLASS | |
| + 0xFFFFFFF007525240, // KSYMBOL_IOUSERCLIENT_GET_TARGET_AND_TRAP_FOR_INDEX |
| #!/bin/bash | |
| # | |
| # Try to decode hidden protocol buffers message from binary | |
| size=$(wc -c < $1) | |
| for ((i=1; i<=$size; i++)) | |
| do | |
| # Skip $i bytes and decode | |
| dd if=$1 bs=1 skip=$i | protoc --decode_raw |
| #!/bin/bash | |
| # | |
| # NOTE: You need to `brew install gnu-sed` on Mac | |
| # | |
| # by @codecolorist | |
| # http://github.com/chichou | |
| # | |
| # fix some compilation error of headers generated by class-dump | |
| # | |
| # usage: fixheader.sh DIRECTORY |
| # Get decrypted kernelcache | |
| # URL for iOS 10 Beta 1 for iPhone 6s taken from http://pastebin.com/FRMfanmT | |
| wget -q http://apple.co/28R9rhS -O ios10beta1-iphone6s.zip | |
| mkdir ios10beta1 | |
| unzip -q ios10beta1-iphone6s.zip -d ios10beta1 | |
| cd ios10beta1 | |
| wget -q http://nah6.com/%7Eitsme/cvs-xdadevtools/iphone/tools/lzssdec.cpp | |
| g++ -o lzssdec lzssdec.cpp | |
| ./lzssdec -o 439 < AssetData/boot/kernelcache.release.n71 >kernelcache.decrypted # 439 is offset byte count to 0xFFCFFAEDFE header | |
| xxd kernelcache.decrypted | head -1 |
Update: https://www.cyanhall.com/posts/notes/7.homebrew-cheatsheet/#java
on El Capitan, after installing the brew...
$ brew update
$ brew tap caskroom/cask
$ brew install Caskroom/cask/java
And Java 8 will be installed at /Library/Java/JavaVirtualMachines/jdk1.8.xxx.jdk/
A complete gdb to lldb command map.
(lldb) po responseObject
(lldb) po [responseObject objectForKey@"state"]