- A brief introduction to class-dump
- How to use class-dump
A brief introduction to class-dump
class-dump is a tool that can export the declared information of Objective-C runtime. The essence is that you can export .h files. Use class-dump to export unencrypted app header files
Official website: http://stevenygard.com/projects/class-dump/
class-dump is a command line tool on the mac side, used to export Mach-O header files.
1 First we have to download
2 Double-click to open after downloading, we can see that it is a command line tool
3 Copy the executable file class-dump to the /usr/local/bin directory
4 Open the terminal to verify whether it is installed
xmldeMacBook-Pro:~ xml$ class-dump
class-dump 3.5 (64 bit)
Usage: class-dump [options] <mach-o-file>
where options are:
-a show instance variable offsets
-A show implementation addresses
--arch <arch> choose a specific architecture from a universal binary (ppc, ppc64, i386, x86_64, armv6, armv7, armv7s, arm64)
-C <regex> only display classes matching regular expression
-f <str> find string in method name
-H generate header files in current directory, or directory specified with -o
-I sort classes, categories, and protocols by inheritance (overrides -s)
-o <dir> output directory used for -H
-r recursively expand frameworks and fixed VM shared libraries
-s sort classes and categories by name
-S sort methods by name
-t suppress header in output, for testing
--list-arches list the arches in the file, then exit
--sdk-ios specify iOS SDK version (will look in /Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS<version>.sdk
--sdk-mac specify Mac OS X version (will look in /Developer/SDKs/MacOSX<version>.sdk
--sdk-root specify the full SDK root path (or use --sdk-ios/--sdk-mac for a shortcut)
xmldeMacBook-Pro:~ xml$
If the above information is output, it means the installation is complete. Why do you want to put it in /usr/local/bin? Needless to say, the Mac default environment variable configuration has this directory. If you type any command in the terminal, it will Go and find it in this directory. Well, the installation is that simple, let's see how to use it.
Two how to use class-dump
Class-dump is used to export Mach-O header files. What types of Mach-O files are there? What class-dump can export header files in Mach-O? I will specifically introduce Mach-O. I will briefly mention it at the end of the article Now we export the header file, mainly the header file of the binary executable file in the app.
1 Get the Mach-O file in ipa
We can download the ipa file online, unzip it, and take out the binary executable file inside. We can also export the binary executable file of the installed app from the jailbroken phone. Here I exported it from the phone.
I dragged a binary file of a calculator
2 Enter the executable file directory
Mac terminal enters the directory where Calculator is located
xmldeMacBook-Pro:~ xml$ cd /Users/xml/Documents/iOS学习/
3 Start to export the header file
xmldeMacBook-Pro:iOS学习 xml$ class-dump -H Calculator -o CalculatorHeader
2019-02-17 21:25:11.771 class-dump[6911:783784] Error: Cannot find offset for address 0x9000000001000626 in stringAtAddress:
I encountered this error at first, and finally solved the problem by changing the class-dump file. The final execution is as follows
xmldeMacBook-Pro:iOS学习 xml$ class-dump -H Calculator -o CalculatorHeader
2019-02-17 21:25:47.949 class-dump[6916:784064] Warning: Parsing instance variable type failed, window
2019-02-17 21:25:47.949 class-dump[6916:784064] Warning: Parsing instance variable type failed, controller
2019-02-17 21:25:47.951 class-dump[6916:784064] Warning: Parsing instance variable type failed, displayController
2019-02-17 21:25:47.952 class-dump[6916:784064] Warning: Parsing instance variable type failed, keypadController
2019-02-17 21:25:47.952 class-dump[6916:784064] Warning: Parsing instance variable type failed, model
2019-02-17 21:25:47.952 class-dump[6916:784064] Warning: Parsing instance variable type failed, soundsPreferencesDomain
2019-02-17 21:25:47.952 class-dump[6916:784064] Warning: Parsing instance variable type failed, soundsEnabled
2019-02-17 21:25:47.952 class-dump[6916:784064] Warning: Parsing instance variable type failed, isSizeTransitioning
2019-02-17 21:25:47.952 class-dump[6916:784064] Warning: Parsing instance variable type failed, keypadTapGestureRecognizer
2019-02-17 21:25:47.953 class-dump[6916:784064] Warning: Parsing instance variable type failed, darwinObserver
2019-02-17 21:25:47.953 class-dump[6916:784064] Warning: Parsing instance variable type failed, maxLandscapeDigits
2019-02-17 21:25:47.954 class-dump[6916:784064] Warning: Parsing instance variable type failed, value
2019-02-17 21:25:47.954 class-dump[6916:784064] Warning: Parsing instance variable type failed, userEntered
2019-02-17 21:25:47.955 class-dump[6916:784064] Warning: Parsing instance variable type failed, delegate
2019-02-17 21:25:47.956 class-dump[6916:784064] Warning: Parsing instance variable type failed, maximumDigitCount
2019-02-17 21:25:47.956 class-dump[6916:784064] Warning: Parsing instance variable type failed, isAllClearActive
2019-02-17 21:25:47.956 class-dump[6916:784064] Warning: Parsing instance variable type failed, displayValue
2019-02-17 21:25:47.956 class-dump[6916:784064] Warning: Parsing instance variable type failed, memoryValue
The finally exported header file
Finally, let me talk about how class-dump exports header files. In fact, Mach-O files have a fixed format, which contains a symbol table file. Class-dump exports the header file only by reading the symbol table file.
The class-dump tool is very simple to use, and it is also commonly used in reverse engineering. The Caculator file I was looking for is not shelled, so it can export the header file. If the shelled application cannot be exported, it needs Smash the shell first.